Detection of Unexpected Services and Communication Paths in Networked Systems

Abstract

Gaining complete understanding of the active services and open communication paths is often difficult because of the rapidly expanding complexity of those services and their wide-ranging functions. Furthermore, the IT administrators of hand-designed systems often lack ways to identify and close unnecessary services and communication pathways. In this paper, firstly we propose an automated approach to discover all active services and the permitted communications paths in networked system. Secondly, we propose a method to detect all unexpected services and communication paths in networked system for IT system administrators. We then show how hand-designed networked systems containing such devices are prone to contain numerous unnecessary active services and communication paths, which are exploited by malicious actions such a service denial, information theft, and/or cyber espionage. The evaluation result shows the effectiveness of our proposed approach.