TY - GEN
T1 - Evaluation of the Reliability Index of IP Addresses in Reputation Lists
AU - Miranda-García, Alberto
AU - Crespo-Martínez, Ignacio Samuel
AU - Guerrero-Higueras, Ángel Manuel
AU - Matellán-Olivera, Vicente
N1 - Publisher Copyright:
© 2023, The Author(s), under exclusive license to Springer Nature Switzerland AG.
PY - 2023
Y1 - 2023
N2 - IP address reputation lists are a collection of IP addresses that have been associated with malicious practices. Therefore, it is essential to evaluate the addresses’ reliability in this list to avoid false positives, regardless of the metrics that have been classified as malicious. Reliability is defined as the probability that such IP addresses are a significant threat due to their appearance on different reputation lists. Generating an evaluation index to evaluate the reliability of the elements in a global way allows us to evaluate IP addresses. Thus, a defined metric will be used based on appearances in external reputation lists, the dates they were added and last seen, and other variables such as severity and repetition in the list itself. The proposed system presents an IP address evaluation module composed of a series of asynchronous processes to evaluate the reliability of the elements.
AB - IP address reputation lists are a collection of IP addresses that have been associated with malicious practices. Therefore, it is essential to evaluate the addresses’ reliability in this list to avoid false positives, regardless of the metrics that have been classified as malicious. Reliability is defined as the probability that such IP addresses are a significant threat due to their appearance on different reputation lists. Generating an evaluation index to evaluate the reliability of the elements in a global way allows us to evaluate IP addresses. Thus, a defined metric will be used based on appearances in external reputation lists, the dates they were added and last seen, and other variables such as severity and repetition in the list itself. The proposed system presents an IP address evaluation module composed of a series of asynchronous processes to evaluate the reliability of the elements.
KW - Blacklists
KW - IP addresses
KW - Incident assessment
KW - Network traffic
KW - Reputation assessment
UR - https://www.scopus.com/pages/publications/85142721799
U2 - 10.1007/978-3-031-18409-3_15
DO - 10.1007/978-3-031-18409-3_15
M3 - Conference contribution
AN - SCOPUS:85142721799
SN - 9783031184086
T3 - Lecture Notes in Networks and Systems
SP - 149
EP - 158
BT - International Joint Conference 15th International Conference on Computational Intelligence in Security for Information Systems, CISIS 2022, 13th International Conference on EUropean Transnational Education, ICEUTE 2022 - Proceedings
A2 - García Bringas, Pablo
A2 - Pérez García, Hilde
A2 - Martínez de Pisón, Francisco Javier
A2 - Villar Flecha, José Ramón
A2 - de la Cal, Enrique A.
A2 - Troncoso Lora, Alicia
A2 - Herrero, Álvaro
A2 - Martínez Álvarez, Francisco
A2 - Psaila, Giuseppe
A2 - Quintián, Héctor
A2 - Corchado, Emilio
PB - Springer Science and Business Media Deutschland GmbH
T2 - 15th International Conference on Computational Intelligence in Security for Information Systems, CISIS 2022, and the 13th International Conference on EUropean Transnational Education, ICEUTE 2022
Y2 - 5 September 2022 through 7 September 2022
ER -