[Dshield] New DShield Feature: Highly Predictive Blacklists

Johannes B. Ullrich jullrich at sans.org
Tue Apr 17 14:35:48 GMT 2007


I am happy to announce an exciting new feature to DShield submitters.
Based on some research done by SRI International, we came up with an
algorithm to create better blacklists.

The short one paragraph summary: The algorithm compares your submissions
to others and finds groups of similar submitters. Next, it will generate
blacklists based on how close you are to these other submitters.

In other simulations, these blacklists have been far superior to regular
"global worst offender" or "local worst offender" lists.

For details, see http://www.dshield.org/hpbinfo.html



-- 
---------
Johannes Ullrich                        http://isc.sans.org

SANSFIRE 2007 July 25-August 2 in Washington, DC.  56 courses, SANS top
instructors, and a great tools and solutions expo. Register today!
http://www.sans.org/info/4651

PGP Key: https://secure.dshield.org/PGPKEYS

-------------- next part --------------
A non-text attachment was scrubbed...
Name: signature.asc
Type: application/pgp-signature
Size: 249 bytes
Desc: OpenPGP digital signature
Url : http://lists.sans.org/pipermail/list/attachments/20070417/0055f791/attachment.bin 


More information about the list mailing list