Academic Journals Database
Disseminating quality controlled scientific knowledge

A SURVEY OF RESEARCH IN STEPPING-STONE DETECTION

ADD TO MY LIST
 
Author(s): Robert Shullich | Jie Chu | Ping Ji | Weifeng Chen

Journal: International Journal of Electronic Commerce Studies
ISSN 2073-9729

Volume: 2;
Issue: 2;
Start page: 103;
Date: 2011;
Original page

Keywords: Network Security | Intrusion Detection | Stepping-Stone | Connection Chain | Chaff | Watermarking | Information Flow Detection | Flow Correlation | Stepping-Stone Intrusion

ABSTRACT
Stepping-stone is a method that directs network connections from an attacker to a victim through one or more intermediate compromised systems or devices. The objective of this scheme is to hide the attacker’s identity (provide anonymity) and make traceback either difficult or impossible. Evasion techniques that are used to hide this process include encryption, introduction of dummy packets (chaff) into the stream, introducing delay into the timing of the packet stream, using multiple compromised hosts in long connection chains (many hops), and intermixing command and control traffic with multimedia traffic to mask traffic characteristics. This paper provides a survey that focuses on characteristic based, interactive stepping-stone detection and analysis techniques. An overview of the field of research is presented with critique of some of the methods used. We also provide some interesting topics for additional research.
Why do you need a reservation system?      Affiliate Program