Steps to Reducing Unwanted Traffic on the Internet Workshop Abstract
Pp. 4551 of the Proceedings
An Architecture for Developing Behavioral History
Mark Allman, International Computer Science Institute; Ethan Blanton, Purdue University; Vern Paxson, International Computer Science Institute
Abstract
We present an
architecture for large-scale sharing of past behavioral patterns
about network actors (e.g., hosts or email addresses) in
an effort to inform policy decisions about how to treat future
interactions. In our system, entities can submit reports of
certain observed behavior (particularly attacks)
to a distributed database. When deciding whether to provide
services to a given actor, users can then consult the database to
obtain a global history of the actor's past activity. Three
key elements of our system are: (i) we do not require a
hard-and-fast notion of identity, (ii) we presume that
users make local decisions regarding the
reputations developed by the
contributors to the system as the basis of the trust to place in
the information, (iii) we envision enabling witnesses
to attest that certain activity was observed without requiring
the witness to agree as to the behavioral meaning of the activity.
We sketch an architecture for such a
system that we believe the community could benefit from and
collectively build.
- View the full text of this paper in HTML and PDF, or the talk slides in PDF.
Until July 2006, you will need your USENIX membership identification in order to access the full papers. The Proceedings are published as a collective work, © 2005 by the USENIX Association. All Rights Reserved. Rights to individual papers remain with the author or the author's employer. Permission is granted for the noncommercial reproduction of the complete work for educational or research purposes. USENIX acknowledges all trademarks within this paper.
- If you need the latest Adobe Acrobat Reader, you can download it from Adobe's site.
|