A model to use denied Internet traffic to indirectly discover internal network security problems

Chet Langin, Hongbo Zhou, Shahram Rahimi

Research output: Chapter in Book/Report/Conference proceedingConference contributionResearchpeer-review

Abstract

We propose a model for using firewall log entries of denied inbound Internet traffic for indirect discovery of local IP addresses that have security problems. This method is used successfully to discover two computers on the network of Southern Illinois University which were infected with malicious feral software, as well as two more IP addresses on the university network with other security problems.

Original languageEnglish
Title of host publication2008 IEEE International Performance Computing and Communications Conference, IPCCC 2008
Pages486-490
Number of pages5
DOIs
StatePublished - 1 Dec 2008
Event2008 IEEE International Performance Computing and Communications Conference, IPCCC 2008 - Austin, TX, United States
Duration: 7 Dec 20089 Dec 2008

Publication series

NameConference Proceedings of the IEEE International Performance, Computing, and Communications Conference

Conference

Conference2008 IEEE International Performance Computing and Communications Conference, IPCCC 2008
CountryUnited States
CityAustin, TX
Period7/12/089/12/08

Fingerprint

Computer system firewalls
Network security
Internet
Malware

Cite this

Langin, C., Zhou, H., & Rahimi, S. (2008). A model to use denied Internet traffic to indirectly discover internal network security problems. In 2008 IEEE International Performance Computing and Communications Conference, IPCCC 2008 (pp. 486-490). [4745091] (Conference Proceedings of the IEEE International Performance, Computing, and Communications Conference). https://doi.org/10.1109/PCCC.2008.4745091
Langin, Chet ; Zhou, Hongbo ; Rahimi, Shahram. / A model to use denied Internet traffic to indirectly discover internal network security problems. 2008 IEEE International Performance Computing and Communications Conference, IPCCC 2008. 2008. pp. 486-490 (Conference Proceedings of the IEEE International Performance, Computing, and Communications Conference).
@inproceedings{d35edb499b70460992ae984554c222ba,
title = "A model to use denied Internet traffic to indirectly discover internal network security problems",
abstract = "We propose a model for using firewall log entries of denied inbound Internet traffic for indirect discovery of local IP addresses that have security problems. This method is used successfully to discover two computers on the network of Southern Illinois University which were infected with malicious feral software, as well as two more IP addresses on the university network with other security problems.",
author = "Chet Langin and Hongbo Zhou and Shahram Rahimi",
year = "2008",
month = "12",
day = "1",
doi = "10.1109/PCCC.2008.4745091",
language = "English",
isbn = "9781424433674",
series = "Conference Proceedings of the IEEE International Performance, Computing, and Communications Conference",
pages = "486--490",
booktitle = "2008 IEEE International Performance Computing and Communications Conference, IPCCC 2008",

}

Langin, C, Zhou, H & Rahimi, S 2008, A model to use denied Internet traffic to indirectly discover internal network security problems. in 2008 IEEE International Performance Computing and Communications Conference, IPCCC 2008., 4745091, Conference Proceedings of the IEEE International Performance, Computing, and Communications Conference, pp. 486-490, 2008 IEEE International Performance Computing and Communications Conference, IPCCC 2008, Austin, TX, United States, 7/12/08. https://doi.org/10.1109/PCCC.2008.4745091

A model to use denied Internet traffic to indirectly discover internal network security problems. / Langin, Chet; Zhou, Hongbo; Rahimi, Shahram.

2008 IEEE International Performance Computing and Communications Conference, IPCCC 2008. 2008. p. 486-490 4745091 (Conference Proceedings of the IEEE International Performance, Computing, and Communications Conference).

Research output: Chapter in Book/Report/Conference proceedingConference contributionResearchpeer-review

TY - GEN

T1 - A model to use denied Internet traffic to indirectly discover internal network security problems

AU - Langin, Chet

AU - Zhou, Hongbo

AU - Rahimi, Shahram

PY - 2008/12/1

Y1 - 2008/12/1

N2 - We propose a model for using firewall log entries of denied inbound Internet traffic for indirect discovery of local IP addresses that have security problems. This method is used successfully to discover two computers on the network of Southern Illinois University which were infected with malicious feral software, as well as two more IP addresses on the university network with other security problems.

AB - We propose a model for using firewall log entries of denied inbound Internet traffic for indirect discovery of local IP addresses that have security problems. This method is used successfully to discover two computers on the network of Southern Illinois University which were infected with malicious feral software, as well as two more IP addresses on the university network with other security problems.

UR - http://www.scopus.com/inward/record.url?scp=62849116756&partnerID=8YFLogxK

U2 - 10.1109/PCCC.2008.4745091

DO - 10.1109/PCCC.2008.4745091

M3 - Conference contribution

SN - 9781424433674

T3 - Conference Proceedings of the IEEE International Performance, Computing, and Communications Conference

SP - 486

EP - 490

BT - 2008 IEEE International Performance Computing and Communications Conference, IPCCC 2008

ER -

Langin C, Zhou H, Rahimi S. A model to use denied Internet traffic to indirectly discover internal network security problems. In 2008 IEEE International Performance Computing and Communications Conference, IPCCC 2008. 2008. p. 486-490. 4745091. (Conference Proceedings of the IEEE International Performance, Computing, and Communications Conference). https://doi.org/10.1109/PCCC.2008.4745091

Access to Document