Check out the new USENIX Web site.

USENIX Home . About USENIX . Events . membership . Publications . Students
Steps to Reducing Unwanted Traffic on the Internet Workshop — Abstract

Pp. 45–51 of the Proceedings

An Architecture for Developing Behavioral History

Mark Allman, International Computer Science Institute; Ethan Blanton, Purdue University; Vern Paxson, International Computer Science Institute

Abstract

We present an architecture for large-scale sharing of past behavioral patterns about network actors (e.g., hosts or email addresses) in an effort to inform policy decisions about how to treat future interactions. In our system, entities can submit reports of certain observed behavior (particularly attacks) to a distributed database. When deciding whether to provide services to a given actor, users can then consult the database to obtain a global history of the actor's past activity. Three key elements of our system are: (i) we do not require a hard-and-fast notion of identity, (ii) we presume that users make local decisions regarding the reputations developed by the contributors to the system as the basis of the trust to place in the information, (iii) we envision enabling witnesses to attest that certain activity was observed without requiring the witness to agree as to the behavioral meaning of the activity. We sketch an architecture for such a system that we believe the community could benefit from and collectively build.
  • View the full text of this paper in HTML and PDF, or the talk slides in PDF.

    Click here if you have forgotten your password Until July 2006, you will need your USENIX membership identification in order to access the full papers. The Proceedings are published as a collective work, © 2005 by the USENIX Association. All Rights Reserved. Rights to individual papers remain with the author or the author's employer. Permission is granted for the noncommercial reproduction of the complete work for educational or research purposes. USENIX acknowledges all trademarks within this paper.

  • If you need the latest Adobe Acrobat Reader, you can download it from Adobe's site.
To become a USENIX Member, please see our Membership Information.

?Need help? Use our Contacts page.

Last changed: 17 Aug. 2005 ch
Technical Program
SRUTI '05 Home
USENIX home