Detecting encrypted interactive stepping-stone connections

Ting He, Lang Tong

Research output: Chapter in Book/Report/Conference proceedingConference contribution

5 Scopus citations

Abstract

Network intraders often hide their identities by sending attacks through a chain of compromised hosts that are used as "stepping stones". The difficulty in defending against such attacks lies in detecting stepping-stone connections at the compromised hosts. In this paper, to distinguish normal from attacking connections, we consider strategies that do not depend on the content of the traffic so that they are applicable to encrypted traffic. We propose a low complexity detection algorithm that has no miss detection and an exponentially-decaying false alarm probability. A sequential strategy is then developed to reduce the required number of testing packets.

Original languageEnglish (US)
Title of host publication2006 IEEE International Conference on Acoustics, Speech, and Signal Processing - Proceedings
PagesIII816-III819
StatePublished - 2006
Event2006 IEEE International Conference on Acoustics, Speech and Signal Processing, ICASSP 2006 - Toulouse, France
Duration: May 14 2006May 19 2006

Publication series

NameICASSP, IEEE International Conference on Acoustics, Speech and Signal Processing - Proceedings
Volume3
ISSN (Print)1520-6149

Other

Other2006 IEEE International Conference on Acoustics, Speech and Signal Processing, ICASSP 2006
Country/TerritoryFrance
CityToulouse
Period5/14/065/19/06

All Science Journal Classification (ASJC) codes

  • Software
  • Signal Processing
  • Electrical and Electronic Engineering

Fingerprint

Dive into the research topics of 'Detecting encrypted interactive stepping-stone connections'. Together they form a unique fingerprint.

Cite this