On effective localization attacks against Internet Threat monitors

Wei Yu, Sixiao Wei, Guanhui Ma, Xinwen Fu, Nan Zhang

Research output: Chapter in Book/Report/Conference proceedingConference contribution

9 Scopus citations

Abstract

Internet Threat Monitoring (ITM) systems have been widely deployed to detect and characterize dangerous Internet global threats such as botnet and malware propagation. Nonetheless, the effectiveness of ITM systems largely depends on the confidentiality of their monitor locations. In this paper, we investigate localization attacks aiming to identify ITM monitor location and propose the formal model of such attacks using communication channel theory. We also develop novel techniques that significantly increases the accuracy, efficiency, and secrecy of ITM localization attacks. Specifically, we introduce (i) a frequency-based modulation technique to effectively reduce the interference from the background traffic and achieve a high attack accuracy, (ii) both time and space hopping techniques to randomize signal pattern and make the attack hard to detect by the defender, and (iii) Multiple Input and Multiple Output (MIMO) based techniques to increase the attack efficiency of identifying multiple monitors simultaneously. We derive closed formulae for the performance analysis of our proposed techniques and conduct extensive simulations. Our data validate our theoretical findings and demonstrate that the adversary can identify ITM monitors accurately, efficiently, and secretly.

Original languageEnglish (US)
Title of host publication2013 IEEE International Conference on Communications, ICC 2013
PublisherInstitute of Electrical and Electronics Engineers Inc.
Pages2011-2015
Number of pages5
ISBN (Print)9781467331227
DOIs
StatePublished - 2013
Event2013 IEEE International Conference on Communications, ICC 2013 - Budapest, Hungary
Duration: Jun 9 2013Jun 13 2013

Publication series

NameIEEE International Conference on Communications
ISSN (Print)1550-3607

Other

Other2013 IEEE International Conference on Communications, ICC 2013
Country/TerritoryHungary
CityBudapest
Period6/9/136/13/13

All Science Journal Classification (ASJC) codes

  • Computer Networks and Communications
  • Electrical and Electronic Engineering

Cite this