Categorizing the entire web with autonomous system numbers

Saeed Abu-Nimeh Websense Security Labs
Dan Hubbard Websense Security Labs

Recent research has utilized Autonomous System Numbers (ASN) to block spam and malware. However, due to the lack of web content classification, no studies have explored the idea of categorizing the content of the web using ASN intelligence. Additionally, attackers are utilizing good locations to spread their malicious code. Leveraging our real-time content classifiers we demonstrate a multi-dimensional ASN reputation architecture to categorize the content of the web and block malicious content as well. Each ASN is categorized into high level categories of content and risk profile.

We analyse the top one million domains in traffic provided by Alexa. Our experiments show that these one million domains resolve to almost 11,000 unique ASNs. 79% of these ASNs host business and information technology content, 16% host objectionable content, 63% host productivity, bandwidth, and mixed content, and 11% host malicious content.



twitter.png
fb.png
linkedin.png
hackernews.png
reddit.png

We have placed cookies on your device in order to improve the functionality of this site, as outlined in our cookies policy. However, you may delete and block all cookies from this site and your use of the site will be unaffected. By continuing to browse this site, you are agreeing to Virus Bulletin's use of data as outlined in our privacy policy.