A Model to Use Denied Internet Traffic to Indirectly Discover Internal Network Security Problems

Authors

Chet Langin, Southern Illinois University
Hongbo Zhou, Montclair State UniversityFollow
Shahram Rahimi, Southern Illinois University

Document Type

Conference Proceeding

Publication Date

12-1-2008

Journal / Book Title

Computing and Communications Conference

Abstract

We propose a model for using firewall log entries of denied inbound Internet traffic for indirect discovery of local IP addresses that have security problems. This method is used successfully to discover two computers on the network of Southern Illinois University which were infected with malicious feral software, as well as two more IP addresses on the university network with other security problems.

DOI

10.1109/PCCC.2008.4745091

Montclair State University Digital Commons Citation

Langin, Chet; Zhou, Hongbo; and Rahimi, Shahram, "A Model to Use Denied Internet Traffic to Indirectly Discover Internal Network Security Problems" (2008). Department of Computer Science Faculty Scholarship and Creative Works. 43.
https://digitalcommons.montclair.edu/compusci-facpubs/43

Published Citation

Langin, C., Zhou, H., & Rahimi, S. (2008, December). A model to use denied Internet traffic to indirectly discover internal network security problems. In 2008 IEEE International Performance, Computing and Communications Conference (pp. 486-490). IEEE.