Tracking the role of adversaries in measuring unwanted traffic

Authors:
Mark Allman;Paul Barford;Balachander Krishnamurthy;Jia Wang
Affiliations:
ICSI;University of Wisconsin;AT&T Labs-Research;AT&T Labs-Research
Venue:
SRUTI'06 Proceedings of the 2nd conference on Steps to Reducing Unwanted Traffic on the Internet - Volume 2
Year:
2006

Citing 8
Cited 2

Mohonk: mobile honeypots to trace unwanted traffic early

Proceedings of the ACM SIGCOMM workshop on Network troubleshooting: research, theory and operations practice meet malfunctioning reality
The Spread of the Witty Worm

IEEE Security and Privacy
A framework for malicious workload generation

Proceedings of the 4th ACM SIGCOMM conference on Internet measurement
Snort - Lightweight Intrusion Detection for Networks

LISA '99 Proceedings of the 13th USENIX conference on System administration
Network intrusion detection: evasion, traffic normalization, and end-to-end protocol semantics

SSYM'01 Proceedings of the 10th conference on USENIX Security Symposium - Volume 10
Denial of service via algorithmic complexity attacks

SSYM'03 Proceedings of the 12th conference on USENIX Security Symposium - Volume 12
A virtual honeypot framework

SSYM'04 Proceedings of the 13th conference on USENIX Security Symposium - Volume 13
Bro: a system for detecting network intruders in real-time

SSYM'98 Proceedings of the 7th conference on USENIX Security Symposium - Volume 7

Vortex: enabling cooperative selective wormholing for network security systems

RAID'07 Proceedings of the 10th international conference on Recent advances in intrusion detection
Adversarial attacks against intrusion detection systems: Taxonomy, solutions and open issues

Information Sciences: an International Journal

Quantified Score

Hi-index	0.00

Visualization

Abstract

Measurements related to security are being carried out on many sites on the Internet at network ingress points, between specific points on the Internet, and across the wide area Internet. The goals range from identifying sources of and possibly filtering unwanted traffic, to characterizing and coming up with new mechanisms for deterring attacks. Most of the measurements do not systematically consider adversarial traffic aimed at their measurement system. We explore the role adversaries can play and present a taxonomy on the potential impact of unwanted traffic on measurement systems. Our goal is to both enhance the robustness of such systems and spur development of tools that can alter the playing field by increasing the cost to adversaries.