Browsed by
Author: olivier

Ph.D. student, DACS group, University of Twente
TIDE goes to FOSDEM (video available)

TIDE goes to FOSDEM (video available)

FOSDEM is a yearly event in the last weekend of Januari (or the first weekend of Februari). FOSDEM stands for Free Open-Source Developer Europe Meeting. At the event state of the art open-source software is discussed, presented and enjoyed. This year there is a DNS devroom. On sunday at 11:35 Olivier will hold a talk there titled ‘Melting the Snow: Using Active DNS Measurements to Detect Snowshoe Spam Domains’. Since the event is entirely free, be sure to visit! Update:…

Read More Read More

TIDE won first prize!

TIDE won first prize!

TIDE has won the CTIT Symposium Ph.D. “1 minute madness” event!!! During the CTIT Symposium 2017 “Internet of Things is ready. What about us?” there was the Ph.D. “1 minute madness” event. All of the winners from the previous round got the opportunity to present their work again in a single minute. It was quite a challenge to compress all you want to say into a single minute. However, the feedback I got after my presentation was great. I got the audience…

Read More Read More

Snowshoe Spam Detection Through DNS Measurements

Snowshoe Spam Detection Through DNS Measurements

  Snowshoe Spam   We started the TIDE project with Snowshoe Spam domain detection. But what is Snowshoe Spam? In Snowshoe Spam the spammer tries to spread the sending load over numerous hosts, and thus reducing the amount of spam each hosts sends. This makes each host separate hard to detect. It means that the spammer is less likely to end up on spam reputation lists (blacklists) and is therefore able to continue spamming for longer.

CTIT: Your Research, a poster presentation to kick-off this project

CTIT: Your Research, a poster presentation to kick-off this project

The CTIT’s annual event “Your Research @ CTIT” aims to bring together PhD/Postdoc researchers from all the 21 CTIT research groups from the University of Twente. Researchers will have the opportunity here to present their ongoing research project to their CTIT colleagues. The event this year will be held on 3 October 2017 from 15:00 till 18:00 at the Ravelijn Atrium. TIDE will be presenting the poster originally made for SIGcomm (see this post for details).

TIDE: Threat Identification Using Active DNS Measurements, poster submission to SIGCOMM 2017

TIDE: Threat Identification Using Active DNS Measurements, poster submission to SIGCOMM 2017

The Domain Name System contains a wealth of information about the security, stability and health of the Internet. Most research that leverages the DNS for detection of malicious activities does so by using passive measurements. The limitation of this approach, however, is that it is effective only once an attack is ongoing. In this paper, we explore a different approach. We advocate the use of active DNS measurements for pro-active (i.e., before the actual attack) identification of domains set up…

Read More Read More