Abstract
Computer security, whether protecting from external or internal attacks, is a major concern with our reliance on networks for the flow of information between users and organisations. This paper summarises research into the threat to an internal network. The case study, which includes a denial of service attack and a worm infection, allows us to address the effectiveness of our security countermeasures and how they are affected when an incident takes place in the wild. Through the lessons learned, we can address our security to provide better defence mechanisms for the future. This research also provides us with new research opportunities, such as the problems of key security components as attack targets or the use of traffic monitoring to provide defences against particular network-based attacks.
The original version of this chapter was revised: The copyright line was incorrect. This has been corrected. The Erratum to this chapter is available at DOI: 10.1007/978-0-387-35586-3_46
Chapter PDF
Similar content being viewed by others
Keywords
- Transmission Control Protocol
- Network Traffic
- Intrusion Detection System
- Internal Network
- User Datagram Protocol
These keywords were added by machine and not by the authors. This process is experimental and the keywords may be updated as the learning algorithm improves.
References
Baltatu, M., Lioy, A., Maino, F. & Mazzocchi, D., “Security Issues in Control, Management and Routing Protocols,” Computer Networks, vol. 34, pp. 881–894, 2000.
Bellovin, S. M., “Security Problems in the TCP/IP Protocol Suite,” Computer Communications Review, vol. 19, pp. 32–48, 1989.
CERT, “CERT Advisory CA-2001-19 Code Red Worm Exploiting Buffer Overflow in IIS Indexing Service DLL,” CERT Advisory, http://www.cert.org/advisories/CA-2001-19.html, download 2001, 2001.
Howard, S., “Stick and Network Signature Based Intrusion Detection”, SANS Institute Info Sy Reading Room Technical Report, http://www.sans.org/infosecFAQ/threats/stick.htm, download 2001, 11 April 2001.
Lin, A. & Brown, R., “The application of security policy to role-based access control and the common data security architecture,” Computer Communications, vol. 23, pp. 1584–1593, 2000.
Mansfield, G., Ohta, K., Takei, Y., Kato, N., & Nemoto, Y., “Towards trapping wily intruders in the large,” Computer Networks, vol. 34, pp. 659–670, 2000.
Muftic, S., Patel, A., Sanders, P., Colon, R., Heijnsdijk, J. & Pulkkinen, U., Security Architecture in Open Distributed Systems, John Wiley & Sons, Bath, UK, 1993.
Northcutt, S., Network Intrusion An Analyst’s Handbook, New Rider Publishing, USA, 1999.
Postel, J., “RFC792 Internet Control Message Protocol,” The Internet Society Technical Report,http://www.cis.ohio-state.edu/htbin/rfc/rfc792.html, download 2000, 1981.
Power, R., “2001 CSI/FBI Computer Crime and Security Survey”, Computer Security Institute/Federal Bureau of Investigation Technical Report, vol. 7, no. 1, Spring 2001.
Proctor, P. E., The Practical Intrusion Detection Handbook, Prentice Hall, Upper Saddle River, NJ, 2001.
Ptacek, T. H. & Newsham, T. N., “Insertion, Evasion, and Denial of Service: Eluding Network Intrusion Detection,” Secure Networks Inc. Technical Report, http://www.clark.net/~roesch/idspaper.html, download 2001, January, 1998.
Author information
Authors and Affiliations
Editor information
Editors and Affiliations
Rights and permissions
Copyright information
© 2002 IFIP International Federation for Information Processing
About this chapter
Cite this chapter
Haggerty, J., Shi, Q., Merabti, M. (2002). The Threat from within — An Analysis of Attacks on an Internal Network. In: Ghonaimy, M.A., El-Hadidi, M.T., Aslan, H.K. (eds) Security in the Information Society. IFIP Advances in Information and Communication Technology, vol 86. Springer, Boston, MA. https://doi.org/10.1007/978-0-387-35586-3_10
Download citation
DOI: https://doi.org/10.1007/978-0-387-35586-3_10
Publisher Name: Springer, Boston, MA
Print ISBN: 978-1-4757-1026-7
Online ISBN: 978-0-387-35586-3
eBook Packages: Springer Book Archive