New IP address blacklist based on Web chatter

Traditionally, blacklists of malicious IP addresses are assembled using honeypots and intrusion detection systems but a new approach, analyzing chatter on the dark and open Web, can find malicious addresses that would have been otherwise missed.

According to Recorded Future, an analysis of 700,000 Web sources resulted in 67,563 IP addresses associated with at least one type of malware — and 1,521 particularly dangerous IP addresses that were associated with at least two types of malware.

Of these addresses, 91 percent of the smaller list and 98 percent of the larger list were new to security researchers, and did not show up on existing blacklists.

To read this article in full or to leave a comment, please click here