Holding intruders accountable on the Internet
SP '95 Proceedings of the 1995 IEEE Symposium on Security and Privacy
Matching TCP Packets and Its Application to the Detection of Long Connection Chains on the Internet
AINA '05 Proceedings of the 19th International Conference on Advanced Information Networking and Applications - Volume 1
A Clustering-Partitioning Algorithm to Find TCP Packet Round-Trip Time for Intrusion Detection
AINA '06 Proceedings of the 20th International Conference on Advanced Information Networking and Applications - Volume 01
SSYM'00 Proceedings of the 9th conference on USENIX Security Symposium - Volume 9
Detecting long connection Chains of interactive terminal sessions
RAID'02 Proceedings of the 5th international conference on Recent advances in intrusion detection
RAID'02 Proceedings of the 5th international conference on Recent advances in intrusion detection
Hi-index | 0.00 |
In this paper, we propose a cross-matching algorithm that can detect stepping-stone intrusion. The theoretical analysis of this algorithm shows that it can completely resist intruder's time-jittering evasion. The results of the experiments and the simulation show that this algorithm can also resist intruders' chaff-perturbation with chaff-rate up to 80%. Compared with A. Blum's approach, which can resist chaff-perturbation with every x inserted packets out of 8*(x+1), this approach has promising performance in terms of resistance to intruders' manipulation.