The Infona portal uses cookies, i.e. strings of text saved by a browser on the user's device. The portal can access those files and use them to remember the user's data, such as their chosen settings (screen view, interface language, etc.), or their login data. By using the Infona portal the user accepts automatic saving and using this information for portal operation purposes. More information on the subject can be found in the Privacy Policy and Terms of Service. By closing this window the user confirms that they have read the information on cookie usage, and they accept the privacy policy and the way cookies are used by the portal. You can change the cookie settings in your browser.
In this paper, we first introduce stepping-stone intrusion, and summarize the most popular techniques to detect stepping-stone attacks. Upon summarizing stepping-stone intrusion detection techniques, five modules are proposed and integrated into cybersecurity curriculum. Ten labs which span from making stepping-stone intrusion, collecting TCP/IP packets, matching Send and Echo packets, comparing thumbprint,...
Many approaches have been proposed to detect stepping-stone intrusion, but few of them can effectively be resistant to intruders' manipulation, such as chaff perturbation, and time-jittering evasion techniques. In this paper, we propose a new approach to not only detect stepping-stone intrusion, but also resist intruders' chaff attack evasion through TCP/IP packet cross-matching and random walk. Unlike...
Detecting Stepping-stone intrusion, especially resisting in intruders evasion has been widely and deeply studied and explored since 1995. In this paper, we propose a method by counting matched TCP/IP packets to detect stepping-stone intrusion. Our study shows that this approach not only can detect stepping-stone intrusion with an improved performance, but also can resist in intruders' evasion, such...
More and more intruders are used to using stepping-stone to launch the attacks on their interested targets because exploiting stepping-stones can hide them deeply and make them feel safe. Clustering-Partitioning approach was proposed to detect stepping-stone intrusion and resist intruders' evasion. The biggest issue of this approach is that it mines network traffic in a very inefficient way. Double...
Stepping-stone is the most popular way used to attack other computers. The reason is that intruders can be protected through a long connection chain involving some compromised computers called stepping-stones. Some intruders even manipulate a stepping-stone to evade stepping-stone intrusion detection. Intruders' evasion makes detecting stepping-stone intrusion more difficult. In this paper, we propose...
Stepping-stone attack in network intrusion detection are attackers who use a sequence of intermediate (or so called stepping-stone) hosts to initiate attacks in order to hide their origins. We investigate a number of dynamic programming based pattern recognition approaches and our novel algorithm for detecting correlation and similarity of two connections not only into and out of a single stepping...
Most researchers do not distinguish stepping-stone detection and stepping-stone intrusion detection, thus introduce more false positive errors in detecting stepping-stone intrusion. Those approaches proposed to detect stepping-stone intrusion are vulnerable to intruders' evasion. In this paper we analyze the problems of the current model used to detect stepping-stone, and propose a new model based...
Most network intruders launch their attacks through stepping-stones to reduce the risks of being discovered. To uncover such intrusions, one prevalent, challenging, and critical way is to compare an incoming connection with outgoing connections to determine if a computer is used as a stepping-stone. In this paper, we present a way by using signal processing technology-correlation coefficient, such...
Most network intruders launch their attacks through stepping-stones to reduce the risks of being discovered. To uncover such intrusions, one prevalent, challenging, and critical way is to compare an incoming connection with an outgoing connection to determine if a computer is used as stepping-stone. In this paper, we present four models to describe stepping-stone intrusion. We also propose the idea...
Most network intruders tend to use stepping-stones to attack or to invade other hosts to reduce the risks of being discovered. There have been many approaches that were proposed to detect stepping-stone since 1995. One of those approaches proposed by A. Blum detects stepping-stone by checking if the difference between the number of the send packets of an incoming connection and the one of an outgoing...
Set the date range to filter the displayed results. You can set a starting date, ending date or both. You can enter the dates manually or choose them from the calendar.