Whowas: A platform for measuring web deployments on IaaS clouds

Proceedings of the ACM SIGCOMM Internet Measurement Conference, IMC

Volumn , Issue , 2014, Pages 101-113

  Wang, Liang ^a   Nappa, Antonio ^b,c   Caballero, Juan ^b   Ristenpart, Thomas ^a   Akella, Aditya ^a  

^a UNIVERSITY OF WISCONSIN MADISON   (United States)

^b IMDEA SOFTWARE INSTITUTE   (Spain)

^c UNIVERSIDAD POLITÉCNICA DE MADRID   (Spain)

Author keywords

Active measurement; Azure; Cloud computing; EC2; Web service

Indexed keywords

CLOUD COMPUTING; INTERNET PROTOCOLS; WEB SERVICES; WEBSITES; WINDOWS OPERATING SYSTEM;

ACTIVE MEASUREMENT; AZURE; MALICIOUS ACTIVITIES; MEASUREMENT STUDY; MEASUREMENTS OF; PAY AS YOU GO; PUBLIC CLOUDS; WEB SOFTWARE;

INFRASTRUCTURE AS A SERVICE (IAAS);

EID: 84910110465     PISSN: None     EISSN: None     Source Type: Conference Proceeding    
DOI: 10.1145/2663716.2663742     Document Type: Conference Paper

References (43)

1. Alexa. Alexa. http://alexa.com/2014.
2. Keqiang He, Alexis Fisher, Liang Wang, Aaron Gember, Aditya Akella, and Thomas Ristenpart. Next stop, the cloud: understanding modern web service deployment in EC2 and Azure. In IMC 2013, pages 177-190. ACM, 2013.
3. Whowas project. http://www.cloudwhowas.org/.
4. Amazon. Amazon EC2 instance IP addressing. http://docs.aws.amazon.com/AWSEC2/latest/UserGuide/using-instance-addressing.html#MultipleIP 2013.
5. Far sight Security. Passive DNS data. https://www.dnsdb.info/2014.
6. Way back machine. http://archive.org/web/.
7. Douglas E. Comer and John C. Lin. Probing TCP implementations. In USENIX Summer Technical Conference, Boston, MA, June 1994.
8. Niels Provos and Peter Honeyman. Scanssh - scanning the internet for ssh servers. Technical Report CITI TR 01-13, University of Michigan, October 2001.
9. Darcy Benoit and André Trudel. World's first web census. International Journal of Web Information System, 3, 2007.
10. David Dagon, Chris Lee, Wenke Lee, and Niels Provos. Corrupted Dns resolution paths: The rise of a malicious resolution authority. In Network and Distributed System Security Symposium, 2008.
11. Nadia Heninger, Zagir Durumeric, Eric Wustrow, and J.Alex Halderman. Mining your ps and qs: Detection of widespread weak keys in network devices. In USENIX Security Symposium, 2012.
12. Antonio Nappa, Zhaoyan Xu, M. Zubair Rafique, Juan Caballero, and Guofei Gu. Cyber probe: Towards internet-scale active detection of malicious servers. In Network and Distributed System Security Symposium, 2014.
13. Zhaoyan Xu, Antonio Nappa, Robert Baykov, Guangliang Yang, Juan Caballero, and Guofei Gu. Auto Probe: Towards Automatic Active Malicious Server Probing Using Dynamic Binary Analysis. In Proceedings of the 21st ACM Conference on Computer and Communication Security, Scottsdale, AZ, November 2014.
14. Zhaoyan Xu, Lingfen Chen, Guofei Gu, and Christopher Kruegel. Peerpress: Utilizing enemies' p2p strength against them. In ACM Conference on Computer and Communications Security, 2012.
15. Stuart Staniford, Vern Paxson, and Nicholas Weaver. How to own the internet in your spare time. In USENIX Security Symposium, San Francisco, CA, August 2002.
16. Luigi Rizzo. Netmap: A novel framework for fast packet i/o. In usenixatc, 2012.
17. Zakir Durumeric, Eric Wustrow, and J. Alex Halderman. ZMap: Fast Internet-wide scanning and its security applications. In Proceedings of the 22nd USENIX Security Symposium, August 2013.
18. D. Leonard and D. Loguinov. Demystifying service discovery: Implementing an internet-wide scanner. In Internet Measurement Conference. ACM, 2010.
19. M. Allman, V. Paxson, and J. Terrell. A brief history of scanning. In Internet Measurement Conference. ACM, 2007.
20. Marco Balduzzi, Jonas Zaddach, Davide Balzarotti, Engin Kirda, and Sergio Loureiro. A security analysis of amazon's elastic compute cloud service. In Proceedings of the 27th Annual ACM Symposium on Applied Computing, pages 1427-1434. ACM, 2012.
21. Davide Canali, Davide Balzarotti, and Aurelien Francillon. The Role of Web Hosting Providers in Detecting Compromised Websites. In Proceedings of the 22nd World Wide Web Conference, 2013.
22. Antonio Nappa, M. Zubair Rafique, and Juan Caballero. Driving in the cloud: An analysis of drive-by download operations and abuse reporting. In SIG SIDAR Conference on Detection of Intrusions and Malware & Vulnerability Assessment, 2013.
23. Amazon. Amazon EC2 public IP ranges. https://forums.aws.amazon.com/ann.jspa?annID=1701, 2013.
24. Microsoft. Azure datacenter IP ranges. http://msdn.microsoft.com/en-us/library/azure/dn175718.aspx 2013.
25. Kenneth Reitz. Requests: Http for humans. http://docs.python-requests.org/en/latest/2014.
26. Moses S Charikar. Similarity estimation techniques from rounding algorithms. In Proceedings of the thiry-fourth annual ACM symposium on Theory of computing, pages 380-388. ACM, 2002.
27. Monika Henzinger. Finding near-duplicate web pages: A large-scale evaluation of algorithms. In Proceedings of the 29th annual international ACM SIGIR conference on Research and development in information retrieval, pages 284-291. ACM, 2006.
28. Mat Kelcey. The simhash algorithm. http://matpalm.com/resemblance/simhash/2013.
29. Robert Tibshirani, Guenther Walther, and Trevor Hastie. Estimating the number of clusters in a data set via the gap statistic. Journal of the Royal Statistical Society: Series B (Statistical Methodology), 63(2):411-423, 2001.
30. Gurmeet Singh Manku, Arvind Jain, and Anish Das Sarma. Detecting near-duplicates for web crawling. In WWW 2007, pages 141-150. ACM, 2007.
31. Thomas Ristenpart, Eran Tromer, Hovav Shacham, and Stefan Savage. Hey, you, get off of my cloud: exploring information leakage in third-party compute clouds. In CCS 2009, pages 199-212. ACM, 2009.
32. Amazon. Public IP addresses and external DNS hostnames. http://docs.aws.amazon.com/AWSEC2/latest/UserGuide/using-instance-addressing.html, 2014.
33. Huan Liu. Amazon data center size. http://huanliu.wordpress.com/2012/03/13/amazon-data-center-size/, 2012.
34. Robot exclusion. http://www.robotstxt.org/faq/prevent.html.
35. Anonymization tools taxonomy. http://www.caida.org/tools/taxonomy/anonymization.xml.
36. Eamonn Keogh, Kaushik Chakrabarti, Michael Pazzani, and Sharad Mehrotra. Dimensionality reduction for fast similarity search in large time series databases. Knowledge and information Systems, 3(3):263-286, 2001.
37. Zhou Li, Sumayah Alrwais, Yinglian Xie, Fang Yu, and XiaoFeng Wang. Finding the linchpins of the dark web: A study on topologically dedicated hosts on malicious web infrastructures. In S&P 2013, pages 112-126. IEEE, 2013.
38. Fraser Howard. Black hole exploit kit analysis. http://nakedsecurity.sophos.com/exploring-the-blackhole-exploit-kit/, 2012.
39. tr.im. tr.im. http://tr.im, 2013.
40. SERT. Sert quarterly threat intelligence report q4 2013. Technical report, Solutionary Security Engineering Research Team, 2013.
41. CVE. Cve-2013-4338. http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2013-4338, 2013.
42. Jonathan R Mayer and John C Mitchell. Third-party web tracking: Policy and technology. In Security and Privacy (SP), 2012 IEEE Symposium on, pages 413-427. IEEE, 2012.
43. Google. Accounts and views. https://developers.google.com/analytics/resources/concepts/gaConceptsAccounts, 2013.