Blacklist Ecosystem Analysis: July - December 2017
• White Paper
Software Engineering Institute
This report is the latest in a series of works dedicated to documenting and exploring the blacklist ecosystem. Whereas previous full reports [1, 2, 3] were comprised partly of updates and partly of fresh analysis, we have decided to address those two goals in separate reports henceforth. These smaller update reports are dedicated strictly to updating the previously implemented methods with the latest data. For an incremental view of the accumulation of the results, see the previous update reports [4, 5, 6]. Separate full reports introduce novel analyses as they are developed. When those novel analyses yield results that warrant continual updating, those analyses are added to the spectrum covered by the update reports. The update reports are planned for release in conjunction with every six months' worth of data collection. This update covers the data collected from July 1, 2017, through December 31, 2017. Because the aim of the semi-annual updates is the efficient communication of the latest data, and because all of the methods implemented in this report remain identical to the methods employed in previous reports, we have omitted the "Method" section that appeared in the previous full reports. In lieu of that section, for each analysis type, we direct the reader to the previous reports, which contain the full method for each analysis type. The references, too, are restricted merely to the previous full reports and update reports. Full details of relevant literature for each analysis method can be found within the previous full reports.
Additionally, to facilitate consistent treatment of the data, we have reprocessed the data from the first three annual reports into uniform 6-month sets for the results presented in the Persistence in Blacklists analysis (Section 2.5).