A quick-response real-time stepping stone detection scheme
Contribuinte(s) |
[Unknown] |
---|---|
Data(s) |
01/01/2010
|
Resumo |
Stepping stone attacks are often used by network intruders to hide their identities. To detect and block stepping stone attacks, a stepping stone detection scheme should be able to correctly identify a stepping-stone in a very short time and in real-time. However, the majority of past research has failed to indicate how long or how many packets it takes for the monitor to detect a stepping stone. In this paper, we propose a novel quick-response real-time stepping stones detection scheme which is based on packet delay properties. Our experiments show that it can identify a stepping stone within 20 seconds which includes false positives and false negatives of less than 3%. |
Identificador | |
Idioma(s) |
eng |
Publicador |
IEEE |
Relação |
http://dro.deakin.edu.au/eserv/DU:30033639/zhou-aquick-2010.pdf http://dro.deakin.edu.au/eserv/DU:30033639/zhou-hpccproceedingsreview-2010.pdf http://dx.doi.org/10.1109/HPCC.2010.17 |
Direitos |
2010, IEEE |
Tipo |
Conference Paper |