An Approach to Detect and Prevent Cybercrime in Large Complex Networks

Andre Sorensen, Maxime Jerome Remy, Nicolaj Kjettrup, Rasmi Vlad Mahmoud, Jens Myrup Pedersen

Research output: Contribution to book/anthology/report/conference proceedingArticle in proceedingResearchpeer-review

Abstract

Recently, the Danish defense department announced that research institutions are prominent targets for cybercrime. To better protect these organizations, an approach to prevent and detect cybercrime in large complex computer networks is needed. This paper contributes by a proof of concept of such an approach, based on a combination of Penetration test (Pen test) and Domain Name System (DNS) analysis. Pen test is a method to assess a network's current security state, by detecting vulnerabilities and misconfigurations before they are being abused. On the other hand, DNS traffic analysis can be used to detect ongoing cybercriminal/suspicious activities. The combination of the Pen test and DNS analysis can give an administrator a crucial overview of the vulnerabilities present in the system as well as already compromised parts. The methods were tested on the network of Aalborg University, and they were both able to identify ongoing cybercrime or vulnerabilities. While the feasibility was demonstrated, further developments are needed before it can be implemented on a larger scale.

Original languageEnglish
Title of host publication2018 International Conference on Cyber Security and Protection of Digital Services, Cyber Security 2018
Number of pages8
PublisherIEEE
Publication date4 Dec 2018
Article number8560687
ISBN (Print)978-1-5386-4684-7
ISBN (Electronic)978-1-5386-4683-0
DOIs
Publication statusPublished - 4 Dec 2018
Event4th International Conference on Cyber Security and Protection of Digital Services, Cyber Security 2018 - Glasgow, Scotland, United Kingdom
Duration: 11 Jun 201812 Jun 2018

Conference

Conference4th International Conference on Cyber Security and Protection of Digital Services, Cyber Security 2018
Country/TerritoryUnited Kingdom
CityGlasgow, Scotland
Period11/06/201812/06/2018
SponsorSecudit
SeriesInternational Conference On Cyber Security And Protection Of Digital Services (Cyber Security). Proceedings.

Keywords

  • Blacklist
  • Cybercrime
  • Detection
  • DNS Analysis
  • Failed DNS Requests
  • Penetration Testing
  • Prevention

Fingerprint

Dive into the research topics of 'An Approach to Detect and Prevent Cybercrime in Large Complex Networks'. Together they form a unique fingerprint.

Cite this