Using Dynamic Programming Techniques to Detect Multi-Hop Stepping-Stone Pairs in a Connection Chain

被引：3

作者：

Kuo, Ying-Wei ^{[1
]}

Huang, Shou-Hsuan Stephen ^{[1
]}

Ding, Wei ^{[1
]}

Kern, Rebecca ^{[1
]}

Yang, Jianhua ^{[2
]}

机构：

[1] Univ Houston, Dept Comp Sci, Houston, TX 77204 USA

[2] Columbus State Univ, TSYS Schn Comp Sci, Columbus, GA 31907 USA

来源：

2010 24TH IEEE INTERNATIONAL CONFERENCE ON ADVANCED INFORMATION NETWORKING AND APPLICATIONS (AINA) | 2010年

基金：

美国国家科学基金会;

关键词：

Stepping-stone attack; network security; connection chain; intrusion detection; chaff; time skew; pattern recognition;

D O I：

10.1109/AINA.2010.132

中图分类号：

TP [自动化技术、计算机技术];

学科分类号：

0812 ;

摘要：

Stepping-stone attack in network intrusion detection are attackers who use a sequence of intermediate (or so called stepping-stone) hosts to initiate attacks in order to hide their origins. We investigate a number of dynamic programming based pattern recognition approaches and our novel algorithm for detecting correlation and similarity of two connections not only into and out of a single stepping stone host(consecutive streams), but also across multiple stepping-stone hosts. The goal of this paper is to find out which technique can be better adopted for detection applications. To evaluate their accuracy and efficiency, we conduct extensive experiments. We also evaluate how chaff packets and time skew may affect these methods. We compare the results from five methods with their false positive and false negative rates. We demonstrate that our proposed approach named OSSM returns very good performance even under a variety of complex circumstances.

引用

页码：198 / 205

页数：8

共 25 条

[1] Detecting Multi-Hop Stepping-Stone Pairs with Chaff and Clock Skew
Kuo, Ying-Wei
Huang, Shou-Hsuan Stephen
JOURNAL OF INFORMATION ASSURANCE AND SECURITY, 2011, 6 (06): : 452 - 461
[2] Detect Stepping-Stone Insider Attacks by Network Traffic Mining and Dynamic Programming
Yang, Jianhua
Ray, Lydia
Zhao, Guoqing
25TH IEEE INTERNATIONAL CONFERENCE ON ADVANCED INFORMATION NETWORKING AND APPLICATIONS (AINA 2011), 2011, : 151 - 158
[3] Detecting Stepping-Stone Connection using Association Rule Mining
Kuo, Ying-Wei
Huang, Shou-Hsuan Stephen
2009 INTERNATIONAL CONFERENCE ON AVAILABILITY, RELIABILITY, AND SECURITY (ARES), VOLS 1 AND 2, 2009, : 90 - 97
[4] Detect Stepping-stone Intrusion by Mining Network Traffic using k-Means Clustering
Wang, Lixin
Yang, Jianhua
Mccormick, Mary
Wan, Peng-Jun
Xu, Xiaohua
2020 IEEE 39TH INTERNATIONAL PERFORMANCE COMPUTING AND COMMUNICATIONS CONFERENCE (IPCCC), 2020,
[5] Theory and key techniques about multi-hop TCP connection based on XMPP
School of Computer, National University of Defense Technology, Changsha 410073, China
Beijing Gongye Daxue Xuebao J. Beijing Univ. Technol., 2008, SUPPL. 2 (32-35+78):
[6] Optimal Routing for Multi-User Multi-Hop Relay Networks Via Dynamic Programming
Dayarathna, Shalanika
Senanayake, Rajitha
Evans, Jamie
IEEE WIRELESS COMMUNICATIONS LETTERS, 2022, 11 (08) : 1713 - 1717
[7] DIRAC: A Dynamic Programming Approach to Rateless Coded Multi-hop Multi-Relay Transmission
Wang, Xijun
Chen, Wei
Cao, Zhigang
Sheng, Min
Li, Jiandong
2013 IEEE 24TH INTERNATIONAL SYMPOSIUM ON PERSONAL, INDOOR, AND MOBILE RADIO COMMUNICATIONS (PIMRC), 2013, : 2265 - 2269
[8] Dynamic Sparse Coded Multi-Hop Transmissions Using Reinforcement Learning
Gao, Ruifeng
Li, Ye
Wang, Jue
Quek, Tony Q. S.
IEEE COMMUNICATIONS LETTERS, 2020, 24 (10) : 2206 - 2210
[9] New Energy Efficient Multi-Hop Routing Techniques for Wireless Sensor Networks: Static and Dynamic Techniques
Alnawafa, Emad
Marghescu, Ion
SENSORS, 2018, 18 (06)
[10] Using rate balancing to improve throughput in a wireless multi-hop chain topology
Ngo, Binh
Gordon, Steven
Duong, Ha
TENCON 2005 - 2005 IEEE REGION 10 CONFERENCE, VOLS 1-5, 2006, : 311 - +

← 1 2 3 →