Getting the real-time precise round-trip time for stepping stone detection
conference contribution
posted on 2010-01-01, 00:00authored byPing Li, Wanlei Zhou, Yini Wang
Stepping stone attacks are often used by network intruders to hide their identities. The Round Trip Times (RTT) between the send packets and corresponding echo packets for the connection chains of stepping stones are critical for detecting such attacks. In this paper, we propose a novel real-time RTT getting algorithm for stepping stones which is based on the estimation of the current RTT value. Our experiments show that it is far more precise than the previous real-time RTT getting algorithms. We also present the probability analysis which shows that our algorithm has a high matching rate and a high accurate rate.
History
Event
International Conference on Network and System Security (4th : 2010 : Melbourne, Vic.)
This material is presented to ensure timely dissemination of scholarly and technical work. Copyright and all rights therein are retained by authors or by other copyright holders. All persons copying this information are expected to adhere to the terms and constraints invoked by each author's copyright. In most cases, these works may not be reposted without the explicit permission of the copyright holder.
Publication classification
E1 Full written paper - refereed
Copyright notice
2010, IEEE
Editor/Contributor(s)
Y Xiang, P Samarati, J Hu, W Zhou, A Sadeghi
Title of proceedings
NSS 2010 : Proceedings of the 4th International Conference on Network and System Security