TY - GEN
T1 - A model to use denied Internet traffic to indirectly discover internal network security problems
AU - Langin, Chet
AU - Zhou, Hongbo
AU - Rahimi, Shahram
PY - 2008/12/1
Y1 - 2008/12/1
N2 - We propose a model for using firewall log entries of denied inbound Internet traffic for indirect discovery of local IP addresses that have security problems. This method is used successfully to discover two computers on the network of Southern Illinois University which were infected with malicious feral software, as well as two more IP addresses on the university network with other security problems.
AB - We propose a model for using firewall log entries of denied inbound Internet traffic for indirect discovery of local IP addresses that have security problems. This method is used successfully to discover two computers on the network of Southern Illinois University which were infected with malicious feral software, as well as two more IP addresses on the university network with other security problems.
UR - http://www.scopus.com/inward/record.url?scp=62849116756&partnerID=8YFLogxK
U2 - 10.1109/PCCC.2008.4745091
DO - 10.1109/PCCC.2008.4745091
M3 - Conference contribution
AN - SCOPUS:62849116756
SN - 9781424433674
T3 - Conference Proceedings of the IEEE International Performance, Computing, and Communications Conference
SP - 486
EP - 490
BT - 2008 IEEE International Performance Computing and Communications Conference, IPCCC 2008
T2 - 2008 IEEE International Performance Computing and Communications Conference, IPCCC 2008
Y2 - 7 December 2008 through 9 December 2008
ER -