Monitoring Network Traffic to Detect Stepping-Stone Intrusion

14 years 1 months ago

Download csc.colstate.edu

Most network intruders tend to use stepping-stones to attack or to invade other hosts to reduce the risks of being discovered. There have been many approaches that were proposed to detect stepping-stone since 1995. One of those approaches proposed by A. Blum detects stepping-stone by checking if the difference between the number of the send packets of an incoming connection and the one of an outgoing connection is bounded. One weakness of this method is in resisting intruders' evasion, such as chaff perturbation. In this paper, we propose a method based on random walk theory to detect stepping-stone intrusion. Our theoretical analysis shows that the proposed method is more effective than Blum's approach in terms of resisting intruders' chaff perturbation.

Jianhua Yang, Byong Lee, Stephen S. H. Huang

Real-time Traffic

AINA 2008 | Chaff Perturbation | Computer Networks | Most Network Intruders | Random Walk Theory |

claim paper

Post Info
More Details (n/a)

Added	12 Oct 2010
Updated	12 Oct 2010
Type	Conference
Year	2008
Where	AINA
Authors	Jianhua Yang, Byong Lee, Stephen S. H. Huang

Comments (0)

Sciweavers

Monitoring Network Traffic to Detect Stepping-Stone Intrusion

AINA 2008 | Chaff Perturbation | Computer Networks | Most Network Intruders | Random Walk Theory |

Explore & Download

Productivity Tools

Document Tools

Image Tools

Sciweavers