A model to use denied Internet traffic to indirectly discover internal network security problems

Chet Langin, Hongbo Zhou, Shahram Rahimi

Research output: Chapter in Book/Report/Conference proceedingConference contributionpeer-review

5 Scopus citations

Abstract

We propose a model for using firewall log entries of denied inbound Internet traffic for indirect discovery of local IP addresses that have security problems. This method is used successfully to discover two computers on the network of Southern Illinois University which were infected with malicious feral software, as well as two more IP addresses on the university network with other security problems.

Original languageEnglish
Title of host publication2008 IEEE International Performance Computing and Communications Conference, IPCCC 2008
Pages486-490
Number of pages5
DOIs
StatePublished - 2008
Event2008 IEEE International Performance Computing and Communications Conference, IPCCC 2008 - Austin, TX, United States
Duration: 7 Dec 20089 Dec 2008

Publication series

NameConference Proceedings of the IEEE International Performance, Computing, and Communications Conference

Conference

Conference2008 IEEE International Performance Computing and Communications Conference, IPCCC 2008
Country/TerritoryUnited States
CityAustin, TX
Period7/12/089/12/08

Fingerprint

Dive into the research topics of 'A model to use denied Internet traffic to indirectly discover internal network security problems'. Together they form a unique fingerprint.

Cite this