Geolocalization of proxied services and its application to fast-flux hidden servers

  title={Geolocalization of proxied services and its application to fast-flux hidden servers},
  author={Claude Castelluccia and Mohamed Ali K{\^a}afar and Pere Manils and Daniele Perito},
  booktitle={Internet Measurement Conference},
Fast-flux is a redirection technique used by cyber-criminals to hide the actual location of malicious servers. Its purpose is to evade identification and prevent or, at least delay, the shutdown of these illegal servers by law enforcement. This paper proposes a framework to geolocalize fast-flux servers, that is, to determine the physical location of the fast-flux networks roots (mothership servers) based on network measurements. We performed an extensive set of measurements on PlanetLab in… CONTINUE READING
Highly Cited
This paper has 18 citations. REVIEW CITATIONS


Publications citing this paper.
Showing 1-10 of 13 extracted citations

Semantic based DNS forensics

2012 IEEE International Workshop on Information Forensics and Security (WIFS) • 2012
View 1 Excerpt


Publications referenced by this paper.
Showing 1-3 of 3 references

Constraint-based geolocation of internet hosts

IEEE/ACM Trans. Netw. • 2006
View 10 Excerpts
Highly Influenced

AND HOLZ, T. As the net churns: Fast-flux botnet observations

In the 3rd International Conference on Malicious and Unwanted Software, • 2008
View 3 Excerpts
Highly Influenced

Similar Papers

Loading similar papers…