A quick-response real-time stepping stone detection scheme
conference contribution
posted on 2010-01-01, 00:00 authored by Ping Li, Wanlei Zhou, Y YuStepping stone attacks are often used by network intruders to hide their identities. To detect and block stepping stone attacks, a stepping stone detection scheme should be able to correctly identify a stepping-stone in a very short time and in real-time. However, the majority of past research has failed to indicate how long or how many packets it takes for the monitor to detect a stepping stone. In this paper, we propose a novel quick-response real-time stepping stones detection scheme which is based on packet delay properties. Our experiments show that it can identify a stepping stone within 20 seconds which includes false positives and false negatives of less than 3%.
History
Event
IEEE International Conference on High Performance Computing and Communications (12th : 2010 : Melbourne, Vic.)Pagination
677 - 682Publisher
IEEELocation
Melbourne, Vic.Place of publication
Piscataway, N.J.Publisher DOI
Start date
2010-09-01End date
2010-09-03ISBN-13
9780769542140ISBN-10
076954214XLanguage
engNotes
This material is presented to ensure timely dissemination of scholarly and technical work. Copyright and all rights therein are retained by authors or by other copyright holders. All persons copying this information are expected to adhere to the terms and constraints invoked by each author's copyright. In most cases, these works may not be reposted without the explicit permission of the copyright holder.Publication classification
E1 Full written paper - refereedCopyright notice
2010, IEEETitle of proceedings
HPCC 2010 : Proceedings of the 12th IEEE International Conference on High Performance Computing and CommunicationsUsage metrics
Categories
No categories selectedKeywords
Licence
Exports
RefWorks
BibTeX
Ref. manager
Endnote
DataCite
NLM
DC