Free Online Productivity Tools
i2Speak
i2Symbol
i2OCR
iTex2Img
iWeb2Print
iWeb2Shot
i2Type
iPdf2Split
iPdf2Merge
i2Bopomofo
i2Arabic
i2Style
i2Image
i2PDF
iLatex2Rtf
Sci2ools
CCS
2003
ACM
2003
ACM
Robust correlation of encrypted attack traffic through stepping stones by manipulation of interpacket delays
Network based intruders seldom attack directly from their own hosts, but rather stage their attacks through intermediate “stepping stones” to conceal their identity and origin. To identify attackers behind stepping stones, it is necessary to be able to correlate connections through stepping stones, even if those connections are encrypted or perturbed by the intruder to prevent traceability. The timing-based approach is the most capable and promising current method for correlating encrypted connections. However, previous timing-based approaches are vulnerable to packet timing perturbations introduced by the attacker at stepping stones. In this paper, we propose a novel watermark-based correlation scheme that is designed specifically to be robust against timing perturbations. The watermark is introduced by slightly adjusting the timing of selected packets of the flow. By utilizing redundancy techniques, we have developed a robust watermark correlation framework that reveals a rather...
Real-time TrafficCCS 2003 | Packet Timing Perturbations | Security Privacy | Stepping Stones | Timing Perturbations |
| Added | 06 Jul 2010 |
| Updated | 06 Jul 2010 |
| Type | Conference |
| Year | 2003 |
| Where | CCS |
| Authors | Xinyuan Wang, Douglas S. Reeves |
Comments (0)
Researcher Info
|
