Free Online Productivity Tools
i2Speak
i2Symbol
i2OCR
iTex2Img
iWeb2Print
iWeb2Shot
i2Type
iPdf2Split
iPdf2Merge
i2Bopomofo
i2Arabic
i2Style
i2Image
i2PDF
iLatex2Rtf
Sci2ools
AINA
2010
IEEE
2010
IEEE
Resist Intruders' Manipulation via Context-Based TCP/IP Packet Matching
—Stepping-stone is the most popular way used to attack other computers. The reason is that intruders can be protected through a long connection chain involving some compromised computers called stepping-stones. Some intruders even manipulate a stepping-stone to evade steppingstone intrusion detection. Intruders’ evasion makes detecting stepping-stone intrusion more difficult. In this paper, we propose a new approach, context-based TCP/IP packet matching, to detect stepping-stone intrusion, as well as resisting intruders’ evasion. The analysis shows that this approach can resist intruders’ time-jittering evasion. The simulation results showed even an intruder could chaff a connection with chaff-rate as high as 100%, this approach can still match the two connections to detect the intrusion and to resist intruders’ chaff-perturbation evasion. Keywords- Network security; intrusion detection; timejittering; chaff-perturbation; stepping-stone; evasion; manipulation
Real-time Traffic| Added | 12 Jan 2011 |
| Updated | 12 Jan 2011 |
| Type | Journal |
| Year | 2010 |
| Where | AINA |
| Authors | Yongzhong Zhang, Jianhua Yang, Santhoshkumar Bediga, Stephen S. H. Huang |
Comments (0)
Researcher Info
|
