Academic institutes' networks, like commercial networks, have confidential and valuable information that attracts hackers. From 6 October 2000 to 29 March 2001, the authors collected data on possible attacks and probes against East Tennessee State University's campus network. The number of suspicious activities detected daily varied from 200,000 to more than 2,000,000, with ICMP-based attacks accounting for more than 81% of all attacks. While ICMP-based attacks were reasonably harmless, these activities as a whole depleted network bandwidth significantly. Severe attacks were detected daily. Port scans and host scans that involving 2 or more /24 subnets were detected every week. Attacks and probes were distributed throughout a typical day and week. Our research results suggested policy makers in academic institutions like ETSU should adopt standard measures to secure campus networks, including firewalls, intrusion detection systems, server management, and risk assessment.
| Identifer | oai:union.ndltd.org:ETSU/oai:dc.etsu.edu:etd-1821 |
| Date | 01 May 2002 |
| Creators | Cui, Zhiqiang |
| Publisher | Digital Commons @ East Tennessee State University |
| Source Sets | East Tennessee State University |
| Detected Language | English |
| Type | text |
| Format | application/pdf |
| Source | Electronic Theses and Dissertations |
| Rights | Copyright by the authors. |
Page generated in 0.0017 seconds