{"title":"Watch Your Step! Detecting Stepping Stones in Programmable Networks","authors":"Debopam Bhattacherjee, A. Gurtov, T. Aura","doi":"10.1109/ICC.2019.8761731","DOIUrl":null,"url":null,"abstract":"Hackers hide behind compromised intermediate hosts and pose advanced persistent threats (APTs). The compromised hosts are used as stepping stones to launch real attacks, as is evident from an incident that shook the world in 2016 — Panama Papers Leak. The major attack would not go unnoticed if the compromised stepping stone, in this case an email server, could be identified in time. In this paper, we explore how today's programmable networks could be retrofitted with effective stepping stone detection mechanisms to correlate flows. We share initial results to prove that such a setup exists. Lastly, we analyze scalability issues associated with the setup and explore recent developments in network monitoring which have potential to address these issues.","PeriodicalId":402732,"journal":{"name":"ICC 2019 - 2019 IEEE International Conference on Communications (ICC)","volume":"1 1","pages":"0"},"PeriodicalIF":0.0000,"publicationDate":"2019-07-15","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":"2","resultStr":null,"platform":"Semanticscholar","paperid":null,"PeriodicalName":"ICC 2019 - 2019 IEEE International Conference on Communications (ICC)","FirstCategoryId":"1085","ListUrlMain":"https://doi.org/10.1109/ICC.2019.8761731","RegionNum":0,"RegionCategory":null,"ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":null,"EPubDate":"","PubModel":"","JCR":"","JCRName":"","Score":null,"Total":0}
引用次数: 2
Abstract
Hackers hide behind compromised intermediate hosts and pose advanced persistent threats (APTs). The compromised hosts are used as stepping stones to launch real attacks, as is evident from an incident that shook the world in 2016 — Panama Papers Leak. The major attack would not go unnoticed if the compromised stepping stone, in this case an email server, could be identified in time. In this paper, we explore how today's programmable networks could be retrofitted with effective stepping stone detection mechanisms to correlate flows. We share initial results to prove that such a setup exists. Lastly, we analyze scalability issues associated with the setup and explore recent developments in network monitoring which have potential to address these issues.
京公网安备 11010802042870号
京ICP备2023020795号-1
分享
求助内容:
应助结果提醒方式:
扫码关注我们
