Threat Level: green Handler on Duty: Brad Duncan

SANS ISC: New DShield Feature: Highly Predictive Blocklists. SANS ISC InfoSec Forums

Watch ISC TV. Great for NOCs, SOCs and Living Rooms: https://isctv.sans.edu

Sign Up for Free!   Forgot Password?
Log In or Sign Up for Free!
New DShield Feature: Highly Predictive Blocklists.
I am happy to announce an exciting new feature to DShield submitters. Based on some research done by SRI International, we came up with an algorithm to create better blocklists.

The short one paragraph summary: The algorithm compares your submissions to others and finds groups of similar submitters. Next, it will generate blocklists based on how close you are to these other submitters.

In other simulations, these blocklists have been far superior to regular "global worst offender" or "local worst offender" lists.

For details, see http://www.dshield.org/hpbinfo.html

I will be teaching next: Defending Web Applications Security Essentials - SANS Cyber Defense Initiative 2020

Johannes

4005 Posts
ISC Handler
Apr 17th 2007

Sign Up for Free or Log In to start participating in the conversation!