Network Radar: Surveillance and Tracking in Computer Networks

Period of Performance: 07/31/1996 - 12/31/1996

$98.1K

Phase 1 STTR

Recipient Firm

NET Squared, Inc.
4324 Vista Way
Davis, CA 95616
Principal Investigator
Firm POC

Research Institution

University of California, Berkeley
Sponsored Projects Office
Berkeley, CA 94704
Institution POC

Abstract

This proposal addresses two fundamental gaps in network security: the security administrator's inability to know what is happening on his network and the ease by which attackers can circumvent existing network monitoring tools such as the Network Security Monitor (NSM). Without filling these gaps, we cannot claim that we have control over, or integrity within, our computer and communication infrastructure. We introduce three broad classes of threats: new servers, rogue servers, and masquerading servers; and demonstrate how easily they can be introduced into your environment and how they easily compromise the integrity of firewalls, network monitors, and TCP wrapper. We then discuss how Network Radar can be used to fill these gaps and reestablish integrity within your network.