The Infona portal uses cookies, i.e. strings of text saved by a browser on the user's device. The portal can access those files and use them to remember the user's data, such as their chosen settings (screen view, interface language, etc.), or their login data. By using the Infona portal the user accepts automatic saving and using this information for portal operation purposes. More information on the subject can be found in the Privacy Policy and Terms of Service. By closing this window the user confirms that they have read the information on cookie usage, and they accept the privacy policy and the way cookies are used by the portal. You can change the cookie settings in your browser.
Stepping-stone is the most popular way used to attack other computers. The reason is that intruders can be protected through a long connection chain involving some compromised computers called stepping-stones. Some intruders even manipulate a stepping-stone to evade stepping-stone intrusion detection. Intruders' evasion makes detecting stepping-stone intrusion more difficult. In this paper, we propose...
Most researchers do not distinguish stepping-stone detection and stepping-stone intrusion detection, thus introduce more false positive errors in detecting stepping-stone intrusion. Those approaches proposed to detect stepping-stone intrusion are vulnerable to intruders' evasion. In this paper we analyze the problems of the current model used to detect stepping-stone, and propose a new model based...
Most network intruders launch their attacks through stepping-stones to reduce the risks of being discovered. To uncover such intrusions, one prevalent, challenging, and critical way is to compare an incoming connection with outgoing connections to determine if a computer is used as a stepping-stone. In this paper, we present a way by using signal processing technology-correlation coefficient, such...
The traffic generated by the hypertext transfer protocol has a dominating position in current Internet traffic. The analyzing and characterizing of HTTP traffic is significant for understanding the nature of Internet traffic. Many studies on HTTP traffic were carried out when HTTP 1.1 appeared. Along with the prevailing of Web 2.0 the research on new features of HTTP traffic becomes a new issue in...
There have been many approaches proposed to detect stepping-stone Intrusion. Besides having the problem of being vulnerable to intruder's time and chaff perturbation, those approaches have high false alarm because they predict an intrusion based on detecting stepping-stone. Being a stepping-stone does not necessarily mean an intrusion because some applications using stepping-stones are legitimate...
Most network intruders tend to use stepping-stones to attack or invade other hosts to reduce the risks of being discovered. There have been many approaches proposed to detect stepping-stone since 1995. Among them, the most popular one is the method proposed by Blum, which detects stepping-stone by checking whether the difference between the number of the send packets of an incoming connection and...
Complexity and diversity of Internet traffic are constantly growing. Networking researchers become aware of the need to constantly monitor and reevaluate their assumptions in order to ensure that the conceptual models correctly represent reality. Using the dataset collected by NetTurbo from three different bidirectional OC-48 links in metro area networks at the two biggest ISPs of China, this paper...
Set the date range to filter the displayed results. You can set a starting date, ending date or both. You can enter the dates manually or choose them from the calendar.