- Title
- A baseline study of potentially malicious activity across five network telescopes
- Creator
- Irwin, Barry V W
- Subject
- To be catalogued
- Date
- 2013
- Type
- text
- Type
- article
- Identifier
- http://hdl.handle.net/10962/429714
- Identifier
- vital:72634
- Identifier
- https://ieeexplore.ieee.org/abstract/document/6568378
- Description
- +This paper explores the Internet Background Radiation (IBR) observed across five distinct network telescopes over a 15 month period. These network telescopes consisting of a /24 netblock each and are deployed in IP space administered by TENET, the tertiary education network in South Africa covering three numerically distant /8 network blocks. The differences and similarities in the observed network traffic are explored. Two anecdotal case studies are presented relating to the MS08-067 and MS12-020 vulnerabilities in the Microsoft Windows platforms. The first of these is related to the Conficker worm outbreak in 2008, and traffic targeting 445/tcp remains one of the top constituents of IBR as observed on the telescopes. The case of MS12-020 is of interest, as a long period of scanning activity targeting 3389/tcp, used by the Microsoft RDP service, was observed, with a significant drop on activity relating to the release of the security advisory and patch. Other areas of interest are highlighted, particularly where correlation in scanning activity was observed across the sensors. The paper concludes with some discussion on the application of network telescopes as part of a cyber-defence solution.
- Format
- 8 pages, pdf
- Language
- English
- Relation
- International Conference on Cyber Conflict (CYCON), Irwin, B., 2013, June. A baseline study of potentially malicious activity across five network telescopes. In 2013 5th International Conference on Cyber Conflict (CYCON 2013) (pp. 1-17). IEEE, International Conference on Cyber Conflict (CYCON) volume 2013 number 1 1 17 2013 Conference
- Rights
- Publisher
- Rights
- Use of this resource is governed by the terms and conditions of the IEEE Xplore Terms of Use Statement (https://ieeexplore.ieee.org/Xplorehelp/overview-of-ieee-xplore/terms-of-use)
- Hits: 320
- Visitors: 197
- Downloads: 7
Thumbnail | File | Description | Size | Format | |||
---|---|---|---|---|---|---|---|
View Details Download | SOURCE1 | A baseline study of potentially malicious activity across five network telescopes.pdf | 656 KB | Adobe Acrobat PDF | View Details Download |