DocumentCode :
2311469
Title :
A Model to Use Denied Internet Traffic to Indirectly Discover Internal Network Security Problems
Author :
Langin, Chet ; Zhou, Hongbo ; Rahimi, Shahram
Author_Institution :
Inf. Technol., Southern Illinois Univ., Carbondale, IL
fYear :
2008
fDate :
7-9 Dec. 2008
Firstpage :
486
Lastpage :
490
Abstract :
We propose a model for using firewall log entries of denied inbound Internet traffic for indirect discovery of local IP addresses that have security problems. This method is used successfully to discover two computers on the network of Southern Illinois University which were infected with malicious feral software, as well as two more IP addresses on the university network with other security problems.
Keywords :
IP networks; Internet; authorisation; telecommunication security; telecommunication traffic; denied inbound Internet traffic; firewall log entry; internal network security problem; local IP address; Command and control systems; Computer networks; Computer security; IP networks; Information security; Internet; Intrusion detection; Military computing; Telecommunication traffic; Traffic control;
fLanguage :
English
Publisher :
ieee
Conference_Titel :
Performance, Computing and Communications Conference, 2008. IPCCC 2008. IEEE International
Conference_Location :
Austin, Texas
ISSN :
1097-2641
Print_ISBN :
978-1-4244-3368-1
Electronic_ISBN :
1097-2641
Type :
conf
DOI :
10.1109/PCCC.2008.4745091
Filename :
4745091
Link To Document :
https://search.ricest.ac.ir/dl/search/defaultta.aspx?DTC=49&DC=2311469
بازگشت