Measurement of intrusions in a university environment
MetadataShow full item record
Managing traffic of a university is extremely challenging because of the large number and type of users. Every day an academic environment is exposed to a large number of intrusions coming from the outside internet. Measurement and analysis of these various types of intrusions is extremely crucial to gain an insight to the security of the network. We have measured the total number of intrusions coming and going out of the network of University of Georgia for a period of 12 weeks. We have calculated what percentage of the total attacks is inbound and what percentage is outbound. We have analyzed the attacks on the basis of risk severity and have measured what percentage of these attacks is blocked by the Intrusion Prevention System of UGA. We have further analyzed the blocked attacks on the basis of risk severity and have calculated how many of the high risk attacks are blocked by the Intrusion Prevention System. We have then identified those attacks in each risk category which occur frequently and have a very large attack count. We have further measured some frequently occurring attacks that have not been blocked and analyzed if not blocking them cause any serious threat to the security.