A model to use denied Internet traffic to indirectly discover internal network security problems

Chet Langin; Hongbo Zhou; Shahram Rahimi

doi:10.1109/PCCC.2008.4745091

A model to use denied Internet traffic to indirectly discover internal network security problems

Chet Langin, Hongbo Zhou, Shahram Rahimi

Computer Science

Research output: Chapter in Book/Report/Conference proceeding › Conference contribution › peer-review

5 Scopus citations

Abstract

We propose a model for using firewall log entries of denied inbound Internet traffic for indirect discovery of local IP addresses that have security problems. This method is used successfully to discover two computers on the network of Southern Illinois University which were infected with malicious feral software, as well as two more IP addresses on the university network with other security problems.

Original language	English
Title of host publication	2008 IEEE International Performance Computing and Communications Conference, IPCCC 2008
Pages	486-490
Number of pages	5
DOIs	https://doi.org/10.1109/PCCC.2008.4745091
State	Published - 2008
Event	2008 IEEE International Performance Computing and Communications Conference, IPCCC 2008 - Austin, TX, United States Duration: 7 Dec 2008 → 9 Dec 2008

Publication series

Name	Conference Proceedings of the IEEE International Performance, Computing, and Communications Conference

Conference

Conference	2008 IEEE International Performance Computing and Communications Conference, IPCCC 2008
Country/Territory	United States
City	Austin, TX
Period	7/12/08 → 9/12/08

Access to Document

10.1109/PCCC.2008.4745091

Cite this

Langin, C., Zhou, H., & Rahimi, S. (2008). A model to use denied Internet traffic to indirectly discover internal network security problems. In 2008 IEEE International Performance Computing and Communications Conference, IPCCC 2008 (pp. 486-490). Article 4745091 (Conference Proceedings of the IEEE International Performance, Computing, and Communications Conference). https://doi.org/10.1109/PCCC.2008.4745091

@inproceedings{d35edb499b70460992ae984554c222ba,

title = "A model to use denied Internet traffic to indirectly discover internal network security problems",

abstract = "We propose a model for using firewall log entries of denied inbound Internet traffic for indirect discovery of local IP addresses that have security problems. This method is used successfully to discover two computers on the network of Southern Illinois University which were infected with malicious feral software, as well as two more IP addresses on the university network with other security problems.",

author = "Chet Langin and Hongbo Zhou and Shahram Rahimi",

year = "2008",

doi = "10.1109/PCCC.2008.4745091",

language = "English",

isbn = "9781424433674",

series = "Conference Proceedings of the IEEE International Performance, Computing, and Communications Conference",

pages = "486--490",

booktitle = "2008 IEEE International Performance Computing and Communications Conference, IPCCC 2008",

note = "2008 IEEE International Performance Computing and Communications Conference, IPCCC 2008 ; Conference date: 07-12-2008 Through 09-12-2008",

}

Langin, C, Zhou, H & Rahimi, S 2008, A model to use denied Internet traffic to indirectly discover internal network security problems. in 2008 IEEE International Performance Computing and Communications Conference, IPCCC 2008., 4745091, Conference Proceedings of the IEEE International Performance, Computing, and Communications Conference, pp. 486-490, 2008 IEEE International Performance Computing and Communications Conference, IPCCC 2008, Austin, TX, United States, 7/12/08. https://doi.org/10.1109/PCCC.2008.4745091

A model to use denied Internet traffic to indirectly discover internal network security problems. / Langin, Chet; Zhou, Hongbo; Rahimi, Shahram.
2008 IEEE International Performance Computing and Communications Conference, IPCCC 2008. 2008. p. 486-490 4745091 (Conference Proceedings of the IEEE International Performance, Computing, and Communications Conference).

Research output: Chapter in Book/Report/Conference proceeding › Conference contribution › peer-review

TY - GEN

T1 - A model to use denied Internet traffic to indirectly discover internal network security problems

AU - Langin, Chet

AU - Zhou, Hongbo

AU - Rahimi, Shahram

PY - 2008

Y1 - 2008

N2 - We propose a model for using firewall log entries of denied inbound Internet traffic for indirect discovery of local IP addresses that have security problems. This method is used successfully to discover two computers on the network of Southern Illinois University which were infected with malicious feral software, as well as two more IP addresses on the university network with other security problems.

AB - We propose a model for using firewall log entries of denied inbound Internet traffic for indirect discovery of local IP addresses that have security problems. This method is used successfully to discover two computers on the network of Southern Illinois University which were infected with malicious feral software, as well as two more IP addresses on the university network with other security problems.

UR - http://www.scopus.com/inward/record.url?scp=62849116756&partnerID=8YFLogxK

U2 - 10.1109/PCCC.2008.4745091

DO - 10.1109/PCCC.2008.4745091

M3 - Conference contribution

AN - SCOPUS:62849116756

SN - 9781424433674

T3 - Conference Proceedings of the IEEE International Performance, Computing, and Communications Conference

SP - 486

EP - 490

BT - 2008 IEEE International Performance Computing and Communications Conference, IPCCC 2008

T2 - 2008 IEEE International Performance Computing and Communications Conference, IPCCC 2008

Y2 - 7 December 2008 through 9 December 2008

ER -

Langin C, Zhou H, Rahimi S. A model to use denied Internet traffic to indirectly discover internal network security problems. In 2008 IEEE International Performance Computing and Communications Conference, IPCCC 2008. 2008. p. 486-490. 4745091. (Conference Proceedings of the IEEE International Performance, Computing, and Communications Conference). doi: 10.1109/PCCC.2008.4745091

A model to use denied Internet traffic to indirectly discover internal network security problems

Abstract

Publication series

Conference

Access to Document

Other files and links

Fingerprint

Cite this