Detecting Stepping-Stone with Chaff Perturbations

Niagara Falls, Ontario, Canada May 21-May 23

DOI Bookmark:

http://doi.ieeecomputersociety.org/10.1109/AINAW.2007.151

21st International Conference on Adva ...

	This Article
	PURCHASE ARTICLE: $19 PDF HTML IEEE Xplore Subscribers
	Share
	Email this Article to a friend
	Bibliographic References
	ASCII Text BibTex RefWorks Procite/RefMan/Endnote
	Add to:
	Digg Furl Spurl Blink Simpy Google Del.icio.us Y!MyWeb
	Search
	Similar Articles Articles by Han-Ching Wu Articles by Shou-Hsuan Stephen Huang

	ASCII Text	x
	Han-Ching Wu, Shou-Hsuan Stephen Huang, "Detecting Stepping-Stone with Chaff Perturbations," Advanced Information Networking and Applications Workshops, International Conference on, vol. 1, pp. 85-90, 21st International Conference on Advanced Information Networking and Applications Workshops (AINAW'07), 2007.

	BibTex	x
	@article{ 10.1109/AINAW.2007.151, author = {Han-Ching Wu and Shou-Hsuan Stephen Huang}, title = {Detecting Stepping-Stone with Chaff Perturbations}, journal ={Advanced Information Networking and Applications Workshops, International Conference on}, volume = {1}, year = {2007}, isbn = {0-7695-2847-3}, pages = {85-90}, doi = {http://doi.ieeecomputersociety.org/10.1109/AINAW.2007.151}, publisher = {IEEE Computer Society}, address = {Los Alamitos, CA, USA}, }

	RefWorks Procite/RefMan/Endnote	x
	TY - CONF JO - Advanced Information Networking and Applications Workshops, International Conference on TI - Detecting Stepping-Stone with Chaff Perturbations SN - 0-7695-2847-3 SP85 EP90 A1 - Han-Ching Wu, A1 - Shou-Hsuan Stephen Huang, PY - 2007 KW - Stepping-stone Detection KW - Intrusion Detection KW - Random Walk KW - Traceback KW - Chaff Perturbation. VL - 1 JA - Advanced Information Networking and Applications Workshops, International Conference on ER -

Han-Ching Wu, University of Houston, USA

Shou-Hsuan Stephen Huang, University of Houston, USA

Attackers on the Internet like to indirectly launch network intrusions by using stepping-stones. In this paper, we propose a novel approach to decrease the packet bound by performing a transformation of packet difference of two streams of a host in order to distinguish stepping-stone connections. The adjustment is critical in the case of chaff perturbation by the intruder. Previous work requires the assumption that the total chaff packets be limited by a given number. We replaced the assumption by using a given chaff rate. It is found that after transformation, the bound range is much smaller for attacking connection, resulting in smaller probability of false negative detection.

Index Terms:

Stepping-stone Detection, Intrusion Detection, Random Walk, Traceback, Chaff Perturbation.

Citation:

Han-Ching Wu, Shou-Hsuan Stephen Huang, "Detecting Stepping-Stone with Chaff Perturbations," ainaw, vol. 1, pp.85-90, 21st International Conference on Advanced Information Networking and Applications Workshops (AINAW'07), 2007

Peer Review Notice | Give Us Feedback

Usage of this product signifies your acceptance of the Terms of Use.