Asee peer logo

Teaching Network Security through Signature Analysis of Computer Network Attacks

Download Paper |

Conference

2012 ASEE Annual Conference & Exposition

Location

San Antonio, Texas

Publication Date

June 10, 2012

Start Date

June 10, 2012

End Date

June 13, 2012

ISSN

2153-5965

Conference Session

Topics in Computer Science and Programming

Tagged Division

Computers in Education

Page Count

13

Page Numbers

25.1253.1 - 25.1253.13

DOI

10.18260/1-2--22010

Permanent URL

https://peer.asee.org/22010

Download Count

243

Request a correction

Paper Authors

biography

Te-Shun Chou East Carolina University

visit author page

Te-Shun Chou received his bachelor's degree in electronics engineering from Feng Chia University, Taiwan, R.O.C. in 1989, and the master's degree and doctoral degree both in electrical engineering from Florida International University, Miami, Fla., in 1992 and 2007, respectively. In 2008, he joined East Carolina University, Greenville, N.C., where he is currently an Assistant Professor with the Department of Technology Systems. His research interests include soft computing, wireless sensor network, and network security, especially intrusion detection and incident response.

visit author page

Download Paper |

Abstract

Teaching Network Security Through Signature Analysis of Computer Network AttacksWith the rapid growth of Internet based technology, applications of computer networks such asweb service, file transfer, and voice IP are extensively being used. In the meantime, the networksinevitably become as the targets of computer attacks and the attacks can easily cause millions ofdollars worth of damage to an organization. To introduce to students the behavior of novelattacks in the real world becomes an important task to those students who want to pursue careersin information assurance and security. Therefore, this paper presents an investigation on fourcategories of network attacks, which are: Denial of Service (DoS) attacks: Attackers disrupt a host or network service in order to make legitimate users not be able to have an access to a machine; Probe attacks: Attackers use programs to automatically scan networks for gathering information or finding known vulnerabilities; User to Root (U2R) attacks: Local users get access to root access of a system without authorization and then exploit the machine’s vulnerabilities; and Remote to Local (R2L) attacks: Unauthorized attackers gain local access from a remote machine and then exploit the machine’s vulnerabilities.In order to build an experimental network environment, virtualization technology is used. Twovirtual machines are configured, where one is used to launch attacks and the other acts as avictim host. A variety of network tools are installed for generation, collection and analysis ofattack traffic traces. In each attack category, one real world attack is simulated. They are bufferoverflow attack, TCP SYN scanning attack, backdoors attack, and guessing username andpassword attack. Finally, the attack traffic traces are analyzed and their attack signatures areextracted.

Chou, T. (2012, June), Teaching Network Security through Signature Analysis of Computer Network Attacks Paper presented at 2012 ASEE Annual Conference & Exposition, San Antonio, Texas. 10.18260/1-2--22010

ASEE holds the copyright on this document. It may be read by the public free of charge. Authors may archive their work on personal websites or in institutional repositories with the following citation: © 2012 American Society for Engineering Education. Other scholars may excerpt or quote from these materials with the same citation. When excerpting or quoting from Conference Proceedings, authors should, in addition to noting the ASEE copyright, list all the original authors and their institutions and name the host city of the conference. - Last updated April 1, 2015