Nothing Special   »   [go: up one dir, main page]
Skip to main content
Springer Nature Link
Log in

Discovery of Unexpected Services and Communication Paths in Networked Systems

  • Chapter
  • First Online:
Automated Security Management

  • 618 Accesses

Abstract

Gaining a complete understanding of the active services and open communication paths present in recently created networked systems consisting of various servers and network devices is often difficult because of the rapidly expanding complexity of those services and their wide-ranging functions. Furthermore, the IT administrators of hand-designed systems often lack ways to identify and close unnecessary services and communication pathways. In this paper, we propose an automated approach to identifying and understanding the active services and the permitted communications on all servers and network devices. We then show how hand-designed networked systems containing such devices are prone to contain numerous unnecessary active services and communication paths, which exposes them to malicious actions such a service denial, information theft, and/or cyber espionage. An evaluation result shows the effectiveness of our proposed approach.

This is a preview of subscription content, log in via an institution to check access.

Access this chapter

Log in via an institution

Subscribe and save

Springer+ Basic
$34.99 /Month
  • Get 10 units per month
  • Download Article/Chapter or eBook
  • 1 Unit = 1 Article or 1 Chapter
  • Cancel anytime
Subscribe now

Buy Now

eBook
USD 15.99
Price excludes VAT (USA)
  • Available as EPUB and PDF
  • Read on any device
  • Instant download
  • Own it forever
Softcover Book
USD 54.99
Price excludes VAT (USA)
  • Compact, lightweight edition
  • Dispatched in 3 to 5 business days
  • Free shipping worldwide - see info
Hardcover Book
USD 54.99
Price excludes VAT (USA)
  • Durable hardcover edition
  • Dispatched in 3 to 5 business days
  • Free shipping worldwide - see info

Tax calculation will be finalised at checkout

Purchases are for personal use only

Institutional subscriptions

Similar content being viewed by others

References

  1. Breitbart, Y., Garofalakis, M., et al.: Topology discovery in heterogeneous IP networks: the NetInventory system. IEEE ACM Trans. Netw. 12(3), 401–414 (2004)

    Article  Google Scholar 

  2. Black, R., Donnelly, A., et al.: Ethernet topology discovery without network assistance. In: ICNP, Berlin, pp. 328–339 (2004)

    Google Scholar 

  3. Chen, X., Zhang, M., et al.: Automating network application dependency discovery: experiences, limitations, and new solutions. In: OSDI, San Diego, pp. 117–130 (2008)

    Google Scholar 

  4. Kanaoka, A., Katoh, M., et al.: Extraction of parameters from well managed networked system in access control. In: ICIMP, Venice/Mestre, pp. 56–61 (2009)

    Google Scholar 

Download references

Author information

Authors and Affiliations

  1. Internet Initiative Japan Inc., 1-105 Kanda jinbo-cho, Chiyoda-ku, Tokyo, Japan

    Ichita Higurashi & Masahiko Kato

  2. University of Tsukuba, 1-1-1 Tennodai, Tsukuba, Ibaraki, 305-8573, Japan

    Akira Kanaoka

  3. University of Tsukuba, 1-1-1 Tennodai, Tsukuba, Ibaraki, Japan

    Eiji Okamoto

Authors
  1. Ichita Higurashi
    View author publications

    You can also search for this author in PubMed Google Scholar

  2. Akira Kanaoka
    View author publications

    You can also search for this author in PubMed Google Scholar

  3. Masahiko Kato
    View author publications

    You can also search for this author in PubMed Google Scholar

  4. Eiji Okamoto
    View author publications

    You can also search for this author in PubMed Google Scholar

Corresponding author

Correspondence to Ichita Higurashi .

Editor information

Editors and Affiliations

  1. Department of Software and Information Systems, University of North Carolina Charlotte, Charlotte, North Carolina, USA

    Ehab Al-Shaer

  2. Computing and Information Sciences, Kansas State University, Manhattan, Kansas, USA

    Xinming Ou

  3. Department of Computer Science, Naval Postgraduate School, Monterey, California, USA

    Geoffrey Xie

Rights and permissions

Reprints and permissions

Copyright information

© 2013 Springer International Publishing Switzerland

About this chapter

Cite this chapter

Higurashi, I., Kanaoka, A., Kato, M., Okamoto, E. (2013). Discovery of Unexpected Services and Communication Paths in Networked Systems. In: Al-Shaer, E., Ou, X., Xie, G. (eds) Automated Security Management. Springer, Cham. https://doi.org/10.1007/978-3-319-01433-3_10

Download citation

  • DOI: https://doi.org/10.1007/978-3-319-01433-3_10

  • Published:

  • Publisher Name: Springer, Cham

  • Print ISBN: 978-3-319-01432-6

  • Online ISBN: 978-3-319-01433-3

  • eBook Packages: Computer ScienceComputer Science (R0)

Publish with us

Policies and ethics

Search

Navigation