Enhancing enterprise security through cost-effective and highly customizable network monitoring

Joshua Regenold, Kai Wang, Gary Smith, Quingzhong Liu, Lei Chen, Qingzhong Liu

Research output: Contribution to book or proceedingConference articlepeer-review

1 Scopus citations

Abstract

Network monitoring and network traffic analysis software are common tools used in an enterprise, giving IT administrators valuable insight into the status of their servers and network devices. Limited research has been done to highlight the security benefits of low-level network traffic logging and analysis, though much of it involves testing the network activity of malicious software in lab environments, using cost-prohibitive software to analyze traffic for a pre-determined amount of time. This is a useful way to isolate network activity to only the malicious software, but it also eliminates valuable baseline traffic information for an enterprise network. There are significant security benefits to be gained from analyzing how malware reacts in - or alters - an enterprise network. This paper provides techniques for getting a baseline of enterprise network traffic and analyzes how different types of malware can affect this baseline. Using only low- and no-cost software and services, we analyze the storage requirements for historical network traffic data and present techniques to filter out much of the noise, significantly reducing the amount of data that must be stored and analyzed. The results of our technique are compared against traditional anti-malware and network traffic analysis methods, revealing our approach to be a cost-effective, highly customizable and effective.

Original languageEnglish
Title of host publicationMOBIMEDIA 2017 - 10th EAI International Conference on Mobile Multimedia Communications
EditorsHonggang Wang, Qianbin Chen, Yanbing Liu, Dapeng Wu, Nirwan Ansari, Lei Chen, Dalei Wu
PublisherICST
Pages133-142
Number of pages10
ISBN (Print)9781631901560
DOIs
StatePublished - 2017
Event10th EAI International Conference on Mobile Multimedia Communications, MOBIMEDIA 2017 - Chongqing, China
Duration: Jul 13 2017Jul 14 2017

Publication series

NameInternational Conference on Mobile Multimedia Communications (MobiMedia)
Volume2017-July
ISSN (Electronic)2413-094X

Conference

Conference10th EAI International Conference on Mobile Multimedia Communications, MOBIMEDIA 2017
Country/TerritoryChina
CityChongqing
Period07/13/1707/14/17

Scopus Subject Areas

  • Computer Networks and Communications
  • Computer Science Applications
  • Emergency Medicine
  • Media Technology
  • Modeling and Simulation

Fingerprint

Dive into the research topics of 'Enhancing enterprise security through cost-effective and highly customizable network monitoring'. Together they form a unique fingerprint.

Cite this