The Infona portal uses cookies, i.e. strings of text saved by a browser on the user's device. The portal can access those files and use them to remember the user's data, such as their chosen settings (screen view, interface language, etc.), or their login data. By using the Infona portal the user accepts automatic saving and using this information for portal operation purposes. More information on the subject can be found in the Privacy Policy and Terms of Service. By closing this window the user confirms that they have read the information on cookie usage, and they accept the privacy policy and the way cookies are used by the portal. You can change the cookie settings in your browser.
Cyber criminals often use a sequence of intermediate "stepping-stone" hosts to attack a target machine in order to maintain anonymity. This type of attack of using a connection chain is called stepping-stone attack. Most existing algorithms to detect such attack is to use timing-based correlation on the connections. However, these timing-based approaches are vulnerable if the intruders add...
The problem of determining whether a set of periodic tasks can be assigned to a set of heterogeneous processors without deadline violations has been shown, in general, to be NP-hard. This paper presents a new algorithm based on ant colony optimization (ACO) metaheuristic for solving this problem. A local search heuristic that can be used by various metaheuristics to improve the assignment solution...
Stepping-stone attacks in network intrusion detection are attackers who use a sequence of stepping-stone hosts to initiate attacks in order to hide their origins. The goal of this paper is to find algorithms to correctly detect the attacks and have the ability to tolerate the clock skew or/and chaff while exhibiting low time complexity. We propose three novel algorithms for detecting correlation and...
Stepping-stone attack in network intrusion detection are attackers who use a sequence of intermediate (or so called stepping-stone) hosts to initiate attacks in order to hide their origins. We investigate a number of dynamic programming based pattern recognition approaches and our novel algorithm for detecting correlation and similarity of two connections not only into and out of a single stepping...
A main concern for network intrusion detection systems is the ability of an intruder to evade the detection by routing through a chain of intermediate stepping-stone hosts. The intruders have developed some evasion techniques such as injecting chaff packets or timing jitter. Such evasion techniques cause most of the previous timing-based detection algorithms to fail. In this paper, we address these...
A major concern for network intrusion detection systems is the ability of an intruder to evade the detection by routing through a chain of the intermediate hosts to attack a target machine and maintain the anonymity. Such an intermediate host is called a stepping-stone. The intruders have developed some evasion techniques such as injecting chaff packets. A number of algorithms have been proposed to...
Network intruders commonly use stolen passwords or other means to log into legitimate users' computer accounts. To prevent this from happening, it is important that we are able to distinguish a user as a true user or a masquerader. Uniqueness of user command has been used in the past as signature of users. This project explores the high frequency commands to see if they work well as signatures. Experimental...
Intruders often do not attack victim hosts directly from their own hosts so as not to reveal their identity. Instead, intruders perform their attacks through a sequence of intermediary hosts before attacking the target. This type of attack is known as a "stepping-stone attack". Stepping-stone detection is to determine if a host machine is being used as a stepping-stone by attackers. In this...
Set the date range to filter the displayed results. You can set a starting date, ending date or both. You can enter the dates manually or choose them from the calendar.