A tale of two CTs: IP packets rejected by a firewall

Authors:
George Corser
Affiliations:
Oakland University, Rochester, MI
Venue:
Proceedings of the 2012 Information Security Curriculum Development Conference
Year:
2012

Citing 2
Cited 0

Advances and challenges in log analysis

Communications of the ACM
A comparative study of cyberattacks

Communications of the ACM

Quantified Score

Hi-index	0.00

Visualization

Abstract

Two distinct curve tendencies (CTs) characterize the flow of IP packets rejected by a firewall from specific source IP addresses. One flow model appears relatively flat and steady over time. The other manifests as a single sharp spike. This study examines a recent real-world firewall log which exhibits these two patterns.