Free Online Productivity Tools
i2Speak
i2Symbol
i2OCR
iTex2Img
iWeb2Print
iWeb2Shot
i2Type
iPdf2Split
iPdf2Merge
i2Bopomofo
i2Arabic
i2Style
i2Image
i2PDF
iLatex2Rtf
Sci2ools
IEEEIAS
2009
IEEE
2009
IEEE
Detecting Stepping-Stone Intruders with Long Connection Chains
: A common technique hacker use is to route their traffic through a chain of stepping-stone hosts. It is generally agreed that there is no valid reason to use a long connection chain for remote login such as SSH connection. Most of the stepping-stone detection algorithms installed on a stepping-stone host were designed to protect the victim of a third party downstream from where the algorithm is running. It is much more important for a host to protect it from being a victim. This project uses an approximated round-trip time to distinguish a long connection chain from a short one. Several measures were studied to distinguish long chains from short ones. An estimated roundtrip time was defined to measure the chain length. Preliminary result suggests shows that the proposed algorithm can distinguish long connection chains from short ones with relatively low false rate.
Real-time TrafficRelated Content
| Added | 24 May 2010 |
| Updated | 24 May 2010 |
| Type | Conference |
| Year | 2009 |
| Where | IEEEIAS |
| Authors | Wei Ding, Matthew J. Hausknecht, Shou-Hsuan Stephen Huang, Zach Riggle |
Comments (0)
Researcher Info
|
