On effective localization attacks against Internet Threat monitors

Wei Yu, Sixiao Wei, Guanhui Ma, Xinwen Fu, Nan Zhang

Research output: Chapter in Book/Report/Conference proceedingConference contribution

9 Scopus citations


Internet Threat Monitoring (ITM) systems have been widely deployed to detect and characterize dangerous Internet global threats such as botnet and malware propagation. Nonetheless, the effectiveness of ITM systems largely depends on the confidentiality of their monitor locations. In this paper, we investigate localization attacks aiming to identify ITM monitor location and propose the formal model of such attacks using communication channel theory. We also develop novel techniques that significantly increases the accuracy, efficiency, and secrecy of ITM localization attacks. Specifically, we introduce (i) a frequency-based modulation technique to effectively reduce the interference from the background traffic and achieve a high attack accuracy, (ii) both time and space hopping techniques to randomize signal pattern and make the attack hard to detect by the defender, and (iii) Multiple Input and Multiple Output (MIMO) based techniques to increase the attack efficiency of identifying multiple monitors simultaneously. We derive closed formulae for the performance analysis of our proposed techniques and conduct extensive simulations. Our data validate our theoretical findings and demonstrate that the adversary can identify ITM monitors accurately, efficiently, and secretly.

Original languageEnglish (US)
Title of host publication2013 IEEE International Conference on Communications, ICC 2013
PublisherInstitute of Electrical and Electronics Engineers Inc.
Number of pages5
ISBN (Print)9781467331227
StatePublished - 2013
Event2013 IEEE International Conference on Communications, ICC 2013 - Budapest, Hungary
Duration: Jun 9 2013Jun 13 2013

Publication series

NameIEEE International Conference on Communications
ISSN (Print)1550-3607


Other2013 IEEE International Conference on Communications, ICC 2013

All Science Journal Classification (ASJC) codes

  • Computer Networks and Communications
  • Electrical and Electronic Engineering


Dive into the research topics of 'On effective localization attacks against Internet Threat monitors'. Together they form a unique fingerprint.

Cite this