RESEARCH COMMONS
LIBRARY

Evading Existing Stepping Stone Detection Methods Using Buffering

ResearchCommons/Manakin Repository

Evading Existing Stepping Stone Detection Methods Using Buffering

Show full item record

Title: Evading Existing Stepping Stone Detection Methods Using Buffering
Author: Venkateshaiah, Madhu
Abstract: To gain anonymity and complicate their apprehension, attackers launch attacks not from their own systems but from previously compromised systems called stepping stones. An effective way to detect stepping stones is by comparing of incoming and outgoing connections in a network to find correlations. For the sake of simplicity, earlier approaches ignore that an attacker can add chaff to a traffic stream. But in reality, the attacker may be able to modify applications to use cover traffic. We loosen some assumptions made by earlier researchers and propose a simple buffering technique that could be used by an attacker to evade detection. In our technique, packets are buffered, and chaff packets added to generate constant rate traffic. To test the effectiveness of our technique, we choose a watermark based correlation scheme designed to correlate constant rate traffic streams and perform simulations to show that our buffering technique can successfully evade detection.
URI: http://hdl.handle.net/10106/378
Date: 2007-08-23
External Link: https://www.uta.edu/ra/real/editprofile.php?onlyview=1&pid=215

Files in this item

Files Size Format View
umi-uta-1573.pdf 190.0Kb PDF View/Open
190.0Kb PDF View/Open

This item appears in the following Collection(s)

Show full item record

Browse

My Account

Statistics

About Us