Your search keyword '"Russell Craig"' showing total 6 results

1. Analyzing Enterprise DNS Traffic to Classify Assets and Track Cyber-Health

Author

Lyu, Minzhao, Gharakheili, Hassan Habibi, Russell, Craig, and Sivaraman, Vijay

Subjects

Computer Science - Networking and Internet Architecture, Computer Science - Cryptography and Security

Abstract

The Domain Name System (DNS) is a critical service that enables domain names to be converted to IP addresses (or vice versa); consequently, it is generally permitted through enterprise security systems (e.g., firewalls) with little restriction. This has exposed organizational networks to DDoS, exfiltration, and reflection attacks, inflicting significant financial and reputational damage. Large organizations with loosely federated IT departments (e.g., Universities and Research Institutes) often do not even fully aware of all their DNS assets and vulnerabilities, let alone the attack surface they expose to the outside world. In this paper, we address the "DNS blind spot" by developing methods to passively analyze live DNS traffic, identify organizational DNS assets, and monitor their health on a continuous basis. Our contributions are threefold. First, we perform a comprehensive analysis of all DNS traffic in two large organizations (a University Campus and a Government Research Institute) for over a month, and identify key behavioral profiles for various asset types such as recursive resolvers, authoritative name servers, and mixed DNS servers. Second, we develop an unsupervised clustering method that classifies enterprise DNS assets using the behavioral attributes identified, and demonstrate that our method successfully classifies over 100 DNS assets across the two organizations. Third, our method continuously tracks various health metrics across the organizational DNS assets and identifies several instances of improper configuration, data exfiltration, DDoS, and reflection attacks. We believe the passive analysis methods in this paper can help enterprises monitor organizational DNS health in an automated and risk-free manner., Comment: This work has been submitted to the IEEE for possible publication

Published

2022

2. Results from a Black-Box Study for Digital Forensic Examiners

Author

Guttman, Barbara, primary, Laamanen, Mary T., additional, Russell, Craig, additional, Atha, Chris, additional, and Darnell, James, additional

Published

2022

3. Recommendation: closed circuit television (CCTV) digital video export profile - level 0 (revision 1)

Author

Nadel, Lawrence, primary, Laamanen, Mary, additional, Garris, Michael, additional, and Russell, Craig, additional

Published

2019

4. Assessment of closed circuit television digital video recording and export technologies

Author

Garris, Michael D, primary, Laamanen, Mary T, additional, Russell, Craig S, additional, and Nadel, Lawrence D, additional

Published

2017

5. Recommendation: closed circuit television (CCTV) digital video export profile - level 0

Author

Garris, Michael D, primary, Laamanen, Mary T, additional, Russell, Craig S, additional, and Nadel, Lawrence D, additional

Published

2016

6. Standard Generalized Markup Language test suite evaluation report

Author

Russell, Craig S, primary

Published

1995