{"title":"Monitoring Network Traffic to Detect Stepping-Stone Intrusion","authors":"Jianhua Yang, Byong Lee, Stephen S. H. Huang","doi":"10.1109/WAINA.2008.30","DOIUrl":null,"url":null,"abstract":"Most network intruders tend to use stepping-stones to attack or to invade other hosts to reduce the risks of being discovered. There have been many approaches that were proposed to detect stepping-stone since 1995. One of those approaches proposed by A. Blum detects stepping-stone by checking if the difference between the number of the send packets of an incoming connection and the one of an outgoing connection is bounded. One weakness of this method is in resisting intruders' evasion, such as chaff perturbation. In this paper, we propose a method based on random walk theory to detect stepping-stone intrusion. Our theoretical analysis shows that the proposed method is more effective than Blum's approach in terms of resisting intruders' chaff perturbation.","PeriodicalId":170418,"journal":{"name":"22nd International Conference on Advanced Information Networking and Applications - Workshops (aina workshops 2008)","volume":"8 1","pages":"0"},"PeriodicalIF":0.0000,"publicationDate":"2008-03-25","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":"10","resultStr":null,"platform":"Semanticscholar","paperid":null,"PeriodicalName":"22nd International Conference on Advanced Information Networking and Applications - Workshops (aina workshops 2008)","FirstCategoryId":"1085","ListUrlMain":"https://doi.org/10.1109/WAINA.2008.30","RegionNum":0,"RegionCategory":null,"ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":null,"EPubDate":"","PubModel":"","JCR":"","JCRName":"","Score":null,"Total":0}
引用次数: 10
Abstract
Most network intruders tend to use stepping-stones to attack or to invade other hosts to reduce the risks of being discovered. There have been many approaches that were proposed to detect stepping-stone since 1995. One of those approaches proposed by A. Blum detects stepping-stone by checking if the difference between the number of the send packets of an incoming connection and the one of an outgoing connection is bounded. One weakness of this method is in resisting intruders' evasion, such as chaff perturbation. In this paper, we propose a method based on random walk theory to detect stepping-stone intrusion. Our theoretical analysis shows that the proposed method is more effective than Blum's approach in terms of resisting intruders' chaff perturbation.
京公网安备 11010802042870号
京ICP备2023020795号-1
分享
求助内容:
应助结果提醒方式:
扫码关注我们
