Article

An experience of monitoring university network security using a commercial service and DIY monitoring

Authors:

Masato Masuya,

Takashi Yamanoue,

Shinichiro KubotaAuthors Info & Claims

SIGUCCS '06: Proceedings of the 34th annual ACM SIGUCCS fall conference: expanding the boundaries

Pages 225 - 230

https://doi.org/10.1145/1181216.1181267

Published: 05 November 2006 Publication History

Get Access

Abstract

Monitoring network security of a university is one of the most important jobs for the network managers. Without the monitoring, it is hard to keep the network safe. It is common that the security policy of a university has the term which states that monitoring network security is a mandate. However it is very hard to monitor every part of a university's network by the limited number of staff and a limited amount of time and expense. In order to cope with these problems, we bought a commercial network security monitoring service for the doorway of our campus network and we are doing Do It Yourself (DIY) monitoring with free software for the inside of the network. By the commercial monitoring service, we could reach 24 hours a day and 365 days a year monitoring at the doorway. By the DIY monitoring, we could realize the precise monitoring of inside network, which is hard to realize by the commercial monitoring, because there are Network Address Translations (NATs). If an incident was found by the combination of these monitoring, we could deal with it as fast as we can. By these efforts, there was no serious incident such as unauthorized manipulation of important web pages by crackers and leaking serious personal information by using P2P file sharing software last year. In this paper, we report the experience of our monitoring.

References

[1]

ACM SIGUCCS Networking Taskforce: Connecting to the Internet, What Connecting Institutions Should Anticipate, RFC1359, Aug. 1992.]]

Digital Library

Google Scholar

[2]

The Electronic Frontier Foundation: Universities Should Resist Network Monitoring Demands, http://www.eff.org/IP/P2P/university-monitoring.pdf]]

Google Scholar

[3]

Rotenberg, M., Hoofnagle, C., Kessel, A., Agrawal, R.: EPIC letter on P2P Monitoring to Colleges and Universities, The Electronic Privacy Information Center(EPIC), 6 Nov. 2002.]]

Google Scholar

[4]

Walton, J. P.: Developing an Enterprise Information Security Policy, Proceedings of the 30th annual ACM SIGUCCS conference on User services, pp.153--156, Rhode Island, US. 20-23 Nov. 2002.]]

Digital Library

Google Scholar

[5]

Madigan, E. M., Petrulich, C., Motuk, K.: The cost of non-compliance: when policies fail, Proceedings of the 32nd annual ACM SIGUCCS conference on User services, pp.47--51, Baltimore, MD, US. 10-13 Oct. 2004.]]

Digital Library

Google Scholar

[6]

Japanese Chief Cabinet Secretary called attention to Winny, http://en.wikinews.org/wiki/Japanese_Chief_Cabinet_Secretary_called_attention_to_Winny, 15 Mar. 2006.]]

Google Scholar

[7]

The Asahi Shimbun: Personal data on 4,400 leaked on Internet, http://www.asahi.com/ english/ Herald-asahi/ TKY200603210130.htm, 21 Mar. 2006.]]

Google Scholar

[8]

Michael Ingram: 66,000 Names and Personal Details Leaked on P2P, http://www.slyck.com/news.php?story=1169, 29 Apr. 2006.]]

Google Scholar

Cited By

View all

Yamanoue TLyon CDietiker KWiesemann C(2017)Monitoring Servers, With a Little Help from my BotsProceedings of the 2017 ACM SIGUCCS Annual Conference10.1145/3123458.3123461(173-180)Online publication date: 1-Oct-2017
https://dl.acm.org/doi/10.1145/3123458.3123461
Yamanoue TFuruya TShimozono KMasuya MOda KMori KBrown LFox LTagliamonte J(2013)Enhancing information security of a university using computer ethics video clips, managed security service and an information security management systemProceedings of the 41st annual ACM SIGUCCS conference on User services10.1145/2504776.2504816(101-104)Online publication date: 3-Nov-2013
https://dl.acm.org/doi/10.1145/2504776.2504816
Ding ADan W(2012)The Security Experience of Wireless Local Area Network at Ningbo UniversityAdvanced Materials Research10.4028/www.scientific.net/AMR.488-489.1603488-489(1603-1608)Online publication date: 15-Mar-2012
https://doi.org/10.4028/www.scientific.net/AMR.488-489.1603

Index Terms

An experience of monitoring university network security using a commercial service and DIY monitoring
1. Security and privacy
2. Social and professional topics
  1. Computing / technology policy
    1. Computer crime

Recommendations

Visual security monitoring gadgets
InfoSecCD '08: Proceedings of the 5th annual conference on Information security curriculum development

Security monitoring is the process of maintaining vigilance over the integrity of Information Technology resources: infrastructure and data.

Visual tools to monitor the state of system security provide additional instruments that can alleviate the ...
Network monitoring for security and forensics
ICISS'06: Proceedings of the Second international conference on Information Systems Security

Networked environment has grown hostile over the years. In order to guarantee the security of networks and the resources attached to networks it is necessary to constantly monitor and analyze network traffic. Increasing network bandwidth, however, ...
Monitoring Resources Allocation for Service Composition Under Different Monitoring Mechanisms
CISIS '11: Proceedings of the 2011 International Conference on Complex, Intelligent, and Software Intensive Systems

As availability of web service has become a great concern in SOA, monitoring mechanism is often deployed to detect and recover failures for service composition. While monitoring mechanism could improve the availability to an extent, it may cost more ...

Comments

Information & Contributors

Information

Published In

SIGUCCS '06: Proceedings of the 34th annual ACM SIGUCCS fall conference: expanding the boundaries

November 2006

478 pages

ISBN:1595934383

DOI:10.1145/1181216

General Chair:
Alex Nagorski
University of Alberta
,
Program Chairs:
Gordana Brouilette
University of Alberta
,
Carol Rhodes
Indiana University

Permission to make digital or hard copies of all or part of this work for personal or classroom use is granted without fee provided that copies are not made or distributed for profit or commercial advantage and that copies bear this notice and the full citation on the first page. Copyrights for components of this work owned by others than ACM must be honored. Abstracting with credit is permitted. To copy otherwise, or republish, to post on servers or to redistribute to lists, requires prior specific permission and/or a fee. Request permissions from [email protected]

Publisher

Association for Computing Machinery

New York, NY, United States

Publication History

Published: 05 November 2006

Permissions

Request permissions for this article.

Request Permissions

Check for updates

Author Tags

Qualifiers

Article

Conference

SIGUCCS Fall06

Sponsor:

SIGUCCS Fall06: ACM SIGUCCS Fall Conference:Expanding the Boundaries

November 5 - 8, 2006

Alberta, Edmonton, Canada

Acceptance Rates

Overall Acceptance Rate 192 of 261 submissions, 74%

Contributors

Other Metrics

View Article Metrics

Bibliometrics & Citations

Bibliometrics

Article Metrics

3
Total Citations
View Citations
605
Total Downloads

Downloads (Last 12 months)3
Downloads (Last 6 weeks)1

Reflects downloads up to 01 Mar 2025

Other Metrics

View Author Metrics

Citations

Cited By

View all

Yamanoue TLyon CDietiker KWiesemann C(2017)Monitoring Servers, With a Little Help from my BotsProceedings of the 2017 ACM SIGUCCS Annual Conference10.1145/3123458.3123461(173-180)Online publication date: 1-Oct-2017
https://dl.acm.org/doi/10.1145/3123458.3123461
Yamanoue TFuruya TShimozono KMasuya MOda KMori KBrown LFox LTagliamonte J(2013)Enhancing information security of a university using computer ethics video clips, managed security service and an information security management systemProceedings of the 41st annual ACM SIGUCCS conference on User services10.1145/2504776.2504816(101-104)Online publication date: 3-Nov-2013
https://dl.acm.org/doi/10.1145/2504776.2504816
Ding ADan W(2012)The Security Experience of Wireless Local Area Network at Ningbo UniversityAdvanced Materials Research10.4028/www.scientific.net/AMR.488-489.1603488-489(1603-1608)Online publication date: 15-Mar-2012
https://doi.org/10.4028/www.scientific.net/AMR.488-489.1603

View Options

Login options

Check if you have access through your login credentials or your institution to get full access on this article.

Full Access

Get this Publication

View options

PDF

View or Download as a PDF file.

PDF

eReader

View online with eReader.

eReader

Abstract

References

Cited By

Index Terms

Recommendations

Visual security monitoring gadgets

Network monitoring for security and forensics

Monitoring Resources Allocation for Service Composition Under Different Monitoring Mechanisms

Comments

Information

Published In

Sponsors

Publisher

Publication History

Permissions

Check for updates

Author Tags

Qualifiers

Conference

Acceptance Rates

Contributors

Other Metrics

Bibliometrics

Article Metrics

Other Metrics

Citations

Cited By

Login options

Full Access

View options

PDF

eReader

Share

Share this Publication link

Share on social media

Affiliations