Analyzing Distribution of Packet Round-Trip Times using Fast Fourier Transformation

Q1 Computer Science Journal of Wireless Mobile Networks, Ubiquitous Computing, and Dependable Applications Pub Date : 2023-09-30 DOI:10.58346/jowua.2023.i3.009
Dr. Lixin Wang, Dr. Jianhua Yang, Maochang Qin
{"title":"Analyzing Distribution of Packet Round-Trip Times using Fast Fourier Transformation","authors":"Dr. Lixin Wang, Dr. Jianhua Yang, Maochang Qin","doi":"10.58346/jowua.2023.i3.009","DOIUrl":null,"url":null,"abstract":"Hackers usually send attacking commands through compromised hosts, called stepping-stones, for the purpose of decreasing the chance of being discovered. An effective approach for stepping-stone intrusion detection (SSID) is to estimate the length of a connection chain. This type of detection method is referred to as the network-based SSID (NSSID). All the existing NSSID approaches use the distribution of packet round-trip times (RTTs) to estimate the length of a connection chain. In this paper, we explore a novel approach – Fast Fourier Transformation (FFT) to analyze the distribution of packet RTTs. We first capture network packets from different stepping-stones in a connection chain, identify and match the Send and Echo packets in each stepping-stone. Packet RTTs can be obtained from matched pairs of packets. We then apply the FFT interpolation method to obtain a RTT time function and finally conduct FFT transformation to the RTT function in each stepping-stone host. Finally, we conduct a complete FFT analysis for the distribution of packet RTTs and present the FFT analysis results in this paper.","PeriodicalId":38235,"journal":{"name":"Journal of Wireless Mobile Networks, Ubiquitous Computing, and Dependable Applications","volume":"42 1","pages":"0"},"PeriodicalIF":0.0000,"publicationDate":"2023-09-30","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":"0","resultStr":null,"platform":"Semanticscholar","paperid":null,"PeriodicalName":"Journal of Wireless Mobile Networks, Ubiquitous Computing, and Dependable Applications","FirstCategoryId":"1085","ListUrlMain":"https://doi.org/10.58346/jowua.2023.i3.009","RegionNum":0,"RegionCategory":null,"ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":null,"EPubDate":"","PubModel":"","JCR":"Q1","JCRName":"Computer Science","Score":null,"Total":0}
引用次数: 0

Abstract

Hackers usually send attacking commands through compromised hosts, called stepping-stones, for the purpose of decreasing the chance of being discovered. An effective approach for stepping-stone intrusion detection (SSID) is to estimate the length of a connection chain. This type of detection method is referred to as the network-based SSID (NSSID). All the existing NSSID approaches use the distribution of packet round-trip times (RTTs) to estimate the length of a connection chain. In this paper, we explore a novel approach – Fast Fourier Transformation (FFT) to analyze the distribution of packet RTTs. We first capture network packets from different stepping-stones in a connection chain, identify and match the Send and Echo packets in each stepping-stone. Packet RTTs can be obtained from matched pairs of packets. We then apply the FFT interpolation method to obtain a RTT time function and finally conduct FFT transformation to the RTT function in each stepping-stone host. Finally, we conduct a complete FFT analysis for the distribution of packet RTTs and present the FFT analysis results in this paper.
查看原文
分享 分享
微信好友 朋友圈 QQ好友 复制链接
本刊更多论文
用快速傅里叶变换分析分组往返时间分布
黑客通常通过被入侵的主机(称为踏脚石)发送攻击命令,目的是降低被发现的几率。一种有效的入侵检测方法是估计连接链的长度。这种类型的检测方法被称为基于网络的SSID (NSSID)。现有的所有NSSID方法都使用分组往返时间(rtt)分布来估计连接链的长度。在本文中,我们探索了一种新的方法-快速傅立叶变换(FFT)来分析分组rtt的分布。我们首先捕获来自连接链中不同踏脚石的网络数据包,识别并匹配每个踏脚石中的Send和Echo数据包。报文rtt可以从匹配的报文对中获得。然后应用FFT插值方法得到RTT时间函数,最后对每个踏脚石主机中的RTT函数进行FFT变换。最后,我们对分组rtt的分布进行了完整的FFT分析,并在本文中给出了FFT分析结果。
本文章由计算机程序翻译,如有差异,请以英文原文为准。
求助全文
约1分钟内获得全文 去求助
来源期刊
Journal of Wireless Mobile Networks, Ubiquitous Computing, and Dependable Applications
Journal of Wireless Mobile Networks, Ubiquitous Computing, and Dependable Applications Computer Science-Computer Science (miscellaneous)
CiteScore
4.40
自引率
0.00%
发文量
0
期刊介绍: JoWUA is an online peer-reviewed journal and aims to provide an international forum for researchers, professionals, and industrial practitioners on all topics related to wireless mobile networks, ubiquitous computing, and their dependable applications. JoWUA consists of high-quality technical manuscripts on advances in the state-of-the-art of wireless mobile networks, ubiquitous computing, and their dependable applications; both theoretical approaches and practical approaches are encouraged to submit. All published articles in JoWUA are freely accessible in this website because it is an open access journal. JoWUA has four issues (March, June, September, December) per year with special issues covering specific research areas by guest editors.
期刊最新文献
Trust based Routing – A Novel Approach for Data Security in WSN based Data Critical Applications Performance Evaluation of Collision Avoidance for Multi-node LoRa Networks based on TDMA and CSMA Algorithm Human-Centric AI : Enhancing User Experience through Natural Language Interfaces A Study on the Implementation of a Network Function for Real-time False Base Station Detection for the Next Generation Mobile Communication Environment Investigating the Secrets, New Challenges, and Best Forensic Methods for Securing Critical Infrastructure Networks
×
引用
GB/T 7714-2015
复制
MLA
复制
APA
复制
导出至
BibTeX EndNote RefMan NoteFirst NoteExpress
×
×
提示
您的信息不完整,为了账户安全,请先补充。
现在去补充
×
提示
您因"违规操作"
具体请查看互助需知
我知道了
×
提示
现在去查看 取消
×
提示
确定
0
微信
客服QQ
Book学术公众号 扫码关注我们
反馈
×
意见反馈
请填写您的意见或建议
请填写您的手机或邮箱
已复制链接
已复制链接
快去分享给好友吧!
我知道了
×
扫码分享
扫码分享
Book学术官方微信
Book学术文献互助
Book学术文献互助群
群 号:481959085
Book学术
文献互助 智能选刊 最新文献 互助须知 联系我们:info@booksci.cn
Book学术提供免费学术资源搜索服务,方便国内外学者检索中英文文献。致力于提供最便捷和优质的服务体验。
Copyright © 2023 Book学术 All rights reserved.
ghs 京公网安备 11010802042870号 京ICP备2023020795号-1