踏脚石入侵检测中的嗅探和欺骗网络流量

2018 32nd International Conference on Advanced Information Networking and Applications Workshops (WAINA) Pub Date : 2018-05-16 DOI:10.1109/WAINA.2018.00137

Jianhua Yang, Yongzhong Zhang, R. King, T. Tolbert

{"title":"踏脚石入侵检测中的嗅探和欺骗网络流量","authors":"Jianhua Yang, Yongzhong Zhang, R. King, T. Tolbert","doi":"10.1109/WAINA.2018.00137","DOIUrl":null,"url":null,"abstract":"Since stepping-stones were widely used to launch attacks over the targets in the Internet, many approaches have been developed to detect stepping-stone intrusion. We found that most of the approaches need to sniff and analyze computer network traffic to detect stepping-stone intrusion. In this paper, we introduce how to make a code to sniff TCP/IP packet. But some intruders can evade detection using TCP/IP session manipulation, such as chaff-perturbation. In order to help researchers understand how a session is manipulated and develop more advanced approaches not only detecting stepping-stone intrusion, but also resisting intruders' manipulation, we present a tool Fragroute which can be used to inject meaningless packets into a TCP/IP session across the Internet.","PeriodicalId":296466,"journal":{"name":"2018 32nd International Conference on Advanced Information Networking and Applications Workshops (WAINA)","volume":"4 1","pages":"0"},"PeriodicalIF":0.0000,"publicationDate":"2018-05-16","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":"6","resultStr":"{\"title\":\"Sniffing and Chaffing Network Traffic in Stepping-Stone Intrusion Detection\",\"authors\":\"Jianhua Yang, Yongzhong Zhang, R. King, T. Tolbert\",\"doi\":\"10.1109/WAINA.2018.00137\",\"DOIUrl\":null,\"url\":null,\"abstract\":\"Since stepping-stones were widely used to launch attacks over the targets in the Internet, many approaches have been developed to detect stepping-stone intrusion. We found that most of the approaches need to sniff and analyze computer network traffic to detect stepping-stone intrusion. In this paper, we introduce how to make a code to sniff TCP/IP packet. But some intruders can evade detection using TCP/IP session manipulation, such as chaff-perturbation. In order to help researchers understand how a session is manipulated and develop more advanced approaches not only detecting stepping-stone intrusion, but also resisting intruders' manipulation, we present a tool Fragroute which can be used to inject meaningless packets into a TCP/IP session across the Internet.\",\"PeriodicalId\":296466,\"journal\":{\"name\":\"2018 32nd International Conference on Advanced Information Networking and Applications Workshops (WAINA)\",\"volume\":\"4 1\",\"pages\":\"0\"},\"PeriodicalIF\":0.0000,\"publicationDate\":\"2018-05-16\",\"publicationTypes\":\"Journal Article\",\"fieldsOfStudy\":null,\"isOpenAccess\":false,\"openAccessPdf\":\"\",\"citationCount\":\"6\",\"resultStr\":null,\"platform\":\"Semanticscholar\",\"paperid\":null,\"PeriodicalName\":\"2018 32nd International Conference on Advanced Information Networking and Applications Workshops (WAINA)\",\"FirstCategoryId\":\"1085\",\"ListUrlMain\":\"https://doi.org/10.1109/WAINA.2018.00137\",\"RegionNum\":0,\"RegionCategory\":null,\"ArticlePicture\":[],\"TitleCN\":null,\"AbstractTextCN\":null,\"PMCID\":null,\"EPubDate\":\"\",\"PubModel\":\"\",\"JCR\":\"\",\"JCRName\":\"\",\"Score\":null,\"Total\":0}","platform":"Semanticscholar","paperid":null,"PeriodicalName":"2018 32nd International Conference on Advanced Information Networking and Applications Workshops (WAINA)","FirstCategoryId":"1085","ListUrlMain":"https://doi.org/10.1109/WAINA.2018.00137","RegionNum":0,"RegionCategory":null,"ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":null,"EPubDate":"","PubModel":"","JCR":"","JCRName":"","Score":null,"Total":0}

引用次数: 6

摘要

自从踏脚石入侵被广泛用于对网络目标发起攻击以来，人们开发了许多检测踏脚石入侵的方法。我们发现大多数方法都需要嗅探和分析计算机网络流量来检测入侵。本文介绍了如何编写一个嗅探TCP/IP数据包的代码。但是一些入侵者可以使用TCP/IP会话操作来逃避检测，例如箔条扰动。为了帮助研究人员了解会话是如何被操纵的，并开发更先进的方法，不仅可以检测入侵的跳板，而且可以抵抗入侵者的操纵，我们提出了一个工具Fragroute，它可以用来在互联网上向TCP/IP会话注入无意义的数据包。

本文章由计算机程序翻译，如有差异，请以英文原文为准。

查看原文

微信好友朋友圈 QQ好友复制链接

本刊更多论文

Sniffing and Chaffing Network Traffic in Stepping-Stone Intrusion Detection

Since stepping-stones were widely used to launch attacks over the targets in the Internet, many approaches have been developed to detect stepping-stone intrusion. We found that most of the approaches need to sniff and analyze computer network traffic to detect stepping-stone intrusion. In this paper, we introduce how to make a code to sniff TCP/IP packet. But some intruders can evade detection using TCP/IP session manipulation, such as chaff-perturbation. In order to help researchers understand how a session is manipulated and develop more advanced approaches not only detecting stepping-stone intrusion, but also resisting intruders' manipulation, we present a tool Fragroute which can be used to inject meaningless packets into a TCP/IP session across the Internet.

求助全文

通过发布文献求助，成功后即可免费获取论文全文。去求助

来源期刊

2018 32nd International Conference on Advanced Information Networking and Applications Workshops (WAINA)

自引率

0.00%

发文量

期刊最新文献

Multi-agent Based Simulations of Block-Free Distributed Ledgers Mobility Management Architecture in Different RATs Based Network Slicing Apply Scikit-Learn in Python to Analyze Driver Behavior Based on OBD Data Proposal of Static Body Object Detection Methods with the DTN Routing for Life Safety Information Systems Resource Allocation Scheme in 5G Network Slices