• DocumentCode
    2311469
  • Title

    A Model to Use Denied Internet Traffic to Indirectly Discover Internal Network Security Problems

  • Author

    Langin, Chet ; Zhou, Hongbo ; Rahimi, Shahram

  • Author_Institution
    Inf. Technol., Southern Illinois Univ., Carbondale, IL
  • fYear
    2008
  • fDate
    7-9 Dec. 2008
  • Firstpage
    486
  • Lastpage
    490
  • Abstract
    We propose a model for using firewall log entries of denied inbound Internet traffic for indirect discovery of local IP addresses that have security problems. This method is used successfully to discover two computers on the network of Southern Illinois University which were infected with malicious feral software, as well as two more IP addresses on the university network with other security problems.
  • Keywords
    IP networks; Internet; authorisation; telecommunication security; telecommunication traffic; denied inbound Internet traffic; firewall log entry; internal network security problem; local IP address; Command and control systems; Computer networks; Computer security; IP networks; Information security; Internet; Intrusion detection; Military computing; Telecommunication traffic; Traffic control;
  • fLanguage
    English
  • Publisher
    ieee
  • Conference_Titel
    Performance, Computing and Communications Conference, 2008. IPCCC 2008. IEEE International
  • Conference_Location
    Austin, Texas
  • ISSN
    1097-2641
  • Print_ISBN
    978-1-4244-3368-1
  • Electronic_ISBN
    1097-2641
  • Type

    conf

  • DOI
    10.1109/PCCC.2008.4745091
  • Filename
    4745091
    • Link To Document
    https://search.isc.ac/dl/search/defaultta.aspx?DTC=49&DC=2311469