Paper Info
Title
Monitoring Network Traffic to Detect Stepping-Stone Intrusion
Abstract
Most network intruders tend to use stepping-stones to attack or to invade other hosts to reduce the risks of being discovered. There have been many approaches that were proposed to detect stepping-stone since 1995. One of those approaches proposed by A. Blum detects stepping-stone by checking if the difference between the number of the send packets of an incoming connection and the one of an outgoing connection is bounded. One weakness of this method is in resisting intruders' evasion, such as chaff perturbation. In this paper, we propose a method based on random walk theory to detect stepping-stone intrusion. Our theoretical analysis shows that the proposed method is more effective than Blum's approach in terms of resisting intruders' chaff perturbation.
Year
DOI
Venue
2008
10.1109/WAINA.2008.30
AINA Workshops
Keywords
Field
DocType
network intruder,stepping-stone intrusion detection,random processes,resist-ing intruder,network traffic monitoring,chaff perturbation,theoretical analysis,monitoring network traffic,detect stepping-stone intrusion,send packets,out-going connection,network intruders,computer networks,evasion,incoming connection,network traffic,blum detects stepping-stone,telecommunication security,intrusion detection,stepping-stone intrusion,intruder evasion,security of data,outgoing connection,random walk theory,application software,computer science,random walk,cryptography,tcpip
Intrusion,Computer security,Random walk,Computer science,Network packet,Computer network,Telecommunication security,Stochastic process,Intrusion detection system,Distributed computing,Bounded function
Conference
ISBN
Citations 
PageRank 
978-0-7695-3096-3
7
0.55
References 
Authors
4
3
Name
Order
Citations
PageRank
Jianhua Yang1355.49
Byong Lee270.55
Shou-hsuan Stephen Huang317459.88