Abstract
The presence of personal financial data, intellectual property, and classified documents on University computer systems makes them particularly attractive to hackers, but not well prepared for their attacks. The University of Rhode Island (URI) is one of the few institutions collecting network traffic data (NetFlow) for inference and analysis of normal and potentially malicious activity. This research focuses on web-based traffic with client-server architecture and adopts simple probability-based transmission models to explore the vulnerability of the URI web-network to anticipated threats. The fact that the URI firewall captures only traffic data in- and out- of URI necessitates the modeling of internal un-observed traffic. Relying on a set of intuitive assumptions, we simulate the spread of infection on the dynamic bipartite graph inferred from observed external and modeled unobserved internal web-browsing traffic and evaluate the susceptibility of URI nodes to threats initiated by random clients and clients from specific countries. Overall, the results suggest higher rates of infection for client nodes compared to servers with maximum rates achieved when infection is initiated randomly. Remarkably, very similar rates are observed when infection is initiated from 100 different clients from each of selected countries (e.g., China, Germany, UK) or from one most active node from Denmark. Interestingly, the daily analysis over a three-month period reveals that the simulated infection rates that are not consistent with the intensity of the flow traffic may indicate the presence of compromised node activity and possible intrusion.
Access this chapter
Tax calculation will be finalised at checkout
Purchases are for personal use only
References
Kolaczyk, E.D.: Statistical Analysis of Network Data: Methods and Models. Springer Series in Statistics (2009)
Wang, Y.-M., Beck, D., Jiang, X., Roussev, R., Verbowski, C., Chen, S., King, S.: Automated web patrol with strider HoneyMonkeys. In: Proceedings of the Network and Distributed System Security Symposium (2006)
Savage, S., Voelker, G., Varghese, G., Paxson, V., Weaver, N.: NSF CyberTrust Center Proposal. Center for Internet Epidemiology and Defenses (2004)
Paxson, V., Adams, A., Mathis, M.: Experiences with NIMI. In: Proceedings of Passive/Active Measurement (PAM) (2000)
Wagstaff, K., Sottile, C.: Cyberattack 101: Why Hackers are Going After Universities. NBC News (2015)
Bing, C.: Universities, not health care systems, facing highest number of ransomware attacks. Fedscoop (2016)
Harris, C.E., Hammargren, L.R.: Higher Education’s Vulnerability to Cyber-Attacks. University Business (2016)
Provos, N., McNamee, D., Mavrommatis, P., Wang, K., Modadugu, N.: The ghost in the browser analysis of web-based malware. In: Proceedings of the First Workshop on Hot Topics in Understanding Botnets (2007)
Retrieved from “https://advisory.ey.com/cybersecurity/cyber-threats-higher-education-institutions”, EY Building a better working world
Newman, L.: The Biggest Cybersecurity Disasters of 2017 So Far. Security, Wired (2017)
Moshchuk, A., Bragin, T., Gribble, S.D., Levy, H.M.: A crawler-based study of Spyware on the Web. In: Proceedings of the Network and Distributed System Security Symposium, pp. 17–33 (2006)
Straub, K.M., Sengupta, A., Ernst, J.M., McGwier, R.W., Watchorn, M., Tilley, R., Marchany, R.: Malware Propagation in Fully Connected Networks: A Netflow-Based Analysis. IEEE (2016)
Gomez-Gardenes, J., Latora, V., Moreno, Y., Profumo, E.: Spreading of sexually transmitted diseases in heterosexual populations. In: Proceedings of National Academy of Sciences (PNAS) (2008)
Coughlan, S.: Top University under ransomeware cyber-attack. BBC Education and Family (2017)
Bisanzio, D., Bertolotti, L., Tomassone, L., Amore, G., Ragagli, C., Mannelli, A., Giacobini, M., Provero, P.: Modeling the spread of vector-borne diseases on bipartite networks. PLOS (2010)
Chang, J., Venkatasubramanian, K.K., West, A.G., Lee, I.: Analyzing and Defending Against Web-based Malware. ACM Survey (2013)
Tarissan, F., Quoitin, B., MéRindol, P., Donnet, B., Pansiot, Jean-Jacques, Latapy, Matthieu: Towards a bipartite graph modeling of the internet topology. Comput. Netw. 57(11), 2331–2347 (2013)
Author information
Authors and Affiliations
Corresponding author
Editor information
Editors and Affiliations
Rights and permissions
Copyright information
© 2018 Springer International Publishing AG
About this paper
Cite this paper
Jaladhanki, S., Katenka, N., DiPippo, L. (2018). Epidemiological Study of Browser-Based Malware for University Network with Partially Observed Flow Data. In: Cherifi, C., Cherifi, H., Karsai, M., Musolesi, M. (eds) Complex Networks & Their Applications VI. COMPLEX NETWORKS 2017. Studies in Computational Intelligence, vol 689. Springer, Cham. https://doi.org/10.1007/978-3-319-72150-7_55
Download citation
DOI: https://doi.org/10.1007/978-3-319-72150-7_55
Published:
Publisher Name: Springer, Cham
Print ISBN: 978-3-319-72149-1
Online ISBN: 978-3-319-72150-7
eBook Packages: EngineeringEngineering (R0)