Free Online Productivity Tools
i2Speak
i2Symbol
i2OCR
iTex2Img
iWeb2Print
iWeb2Shot
i2Type
iPdf2Split
iPdf2Merge
i2Bopomofo
i2Arabic
i2Style
i2Image
i2PDF
iLatex2Rtf
Sci2ools
AINA
2009
IEEE
2009
IEEE
Correlating TCP/IP Interactive Sessions with Correlation Coefficient to Detect Stepping-Stone Intrusion
-- Most network intruders launch their attacks through stepping-stones to reduce the risks of being discovered. To uncover such intrusions, one prevalent, challenging, and critical way is to compare an incoming connection with outgoing connections to determine if a computer is used as a stepping-stone. In this paper, we present a way by using signal processing technology-correlation coefficient, such as Spearman Rank, Kendall Tau Rank, and Pearson ProductMoment, to correlate two sessions to identify stepping-stone intrusions. The contribution of this paper is that we are the first one to apply correlation coefficient to stepping-stone intrusion detection, and more importantly, it is not necessary to monitor a session for a long time to conclude a steppingstone intrusion. The experiment results showed that a stepping-stone intrusion can be detected while an intruder input the username and password. Further work needs to be done to test if this approach could resist intruders’ evasion....
Real-time TrafficAINA 2009 | Computer Networks | Correlation Coefficient | Intrusion Detection | Stepping-stone Intrusion |
| Added | 09 Jul 2010 |
| Updated | 09 Jul 2010 |
| Type | Conference |
| Year | 2009 |
| Where | AINA |
| Authors | Guoqing Zhao, Jianhua Yang, Gurdeep S. Hura, Long Ni, Shou-Hsuan Stephen Huang |
Comments (0)
Researcher Info
|
