Efficient Detection of Delay-Constrained Relay Nodes

10 years 8 months ago
Efficient Detection of Delay-Constrained Relay Nodes
Relay nodes are a potential threat to networks since they are used in many malicious situations like stepping stone attacks, botnet communication, peer-to-peer streaming etc. Quick and accurate detection of relay nodes in a network can significantly improve security policy enforcement. There has been significant work done and novel solutions proposed for the problem of identifying relay flows active within a node in the network. However, these solutions require quadratic number of comparisons in the number of flows. In this paper, a related problem of identifying relay nodes is investigated where a relay node is defined as a node in the network that has an active relay flow. The problem is formulated as a variance estimation problem and a statistical approach is proposed for the solution. The proposed solution requires linear time and space in the number of flows and therefore can be employed in large scale implementations. It can be used on its own to identify relay nodes or as a fir...
Baris Coskun, Nasir D. Memon
Added 12 Aug 2010
Updated 12 Aug 2010
Type Conference
Year 2007
Authors Baris Coskun, Nasir D. Memon
Comments (0)