@inproceedings{fef01d6911814facb44f0012d6c588d8,
title = "Detecting encrypted interactive stepping-stone connections",
abstract = "Network intraders often hide their identities by sending attacks through a chain of compromised hosts that are used as {"}stepping stones{"}. The difficulty in defending against such attacks lies in detecting stepping-stone connections at the compromised hosts. In this paper, to distinguish normal from attacking connections, we consider strategies that do not depend on the content of the traffic so that they are applicable to encrypted traffic. We propose a low complexity detection algorithm that has no miss detection and an exponentially-decaying false alarm probability. A sequential strategy is then developed to reduce the required number of testing packets.",
author = "Ting He and Lang Tong",
year = "2006",
language = "English (US)",
isbn = "142440469X",
series = "ICASSP, IEEE International Conference on Acoustics, Speech and Signal Processing - Proceedings",
pages = "III816--III819",
booktitle = "2006 IEEE International Conference on Acoustics, Speech, and Signal Processing - Proceedings",
note = "2006 IEEE International Conference on Acoustics, Speech and Signal Processing, ICASSP 2006 ; Conference date: 14-05-2006 Through 19-05-2006",
}