|
|
 |
| |
|
|
|
Combining the Capture-Recapture Method and Simple Linear Regression Analysis of the Malicious Domains Estimation |
|
|
|
PP: 425-433 |
|
|
|
Author(s) |
|
|
|
Tung-Ming Koo,
Hung-Chang Chang,
|
|
|
|
Abstract |
|
|
| Fast-flux service networks (FFSNs) are currently the greatest threat encountered in the computer networking field. This
technique hides attackers behind a network of proxy servers (agents), thereby avoiding detection by security personnel. FFSN benefits
criminal parties because it protects their Web sites and extends Web site life span. FFSN is becoming more dangerous, and estimating
the size of FFSN-agents is becoming increasingly difficult. Additionally, because flux-agents may represent bot nodes, we can estimate
the scale of FFSNs to determine the extent of threats. This study primarily estimates the population size of FFSNs. The flux-agent
population size was estimated using the joint hypergeometric maximum likelihood estimator (JHE) of capture-recapture methods
(CRMs). The results showed that the JHE and CRMestimated the population size more rapidly compared to general survey approaches. |
|
|
|
|
|
|
|
