Resistance Analysis to Intruders’ Evasion of Detecting Intrusion

Jianhua Yang, Yongzhong Zhang and Shou-Hsuan Stephen Huang

View Related Documents

Book Chapter
Resistance Analysis to Intruders’ Evasion of a Novel Algorithm to Detect Stepping-Stone
Yongzhong Zhang, Jianhua Yang and Chunming Ye
Lecture Notes in Computer Science, 2006, Volume 4158, Autonomic and Trusted Computing, Pages 477-486
- Download PDF (255.4 KB)
Book Chapter
Detecting Stepping-Stone Intrusion and Resisting Evasion through TCP/IP Packets Cross-Matching
Jianhua Yang and Byong Lee
Lecture Notes in Computer Science, 2008, Volume 5060, Autonomic and Trusted Computing, Pages 2-12
- Download PDF (228.6 KB)
Book Chapter
Stepping-Stone Intrusion Detection Using Neural Networks Approach
Han-Ching Wu and Shou-Hsuan Stephen Huang
2008, Novel Algorithms and Techniques In Telecommunications, Automation and Industrial Electronics, Pages 358-363
- Download PDF (401.8 KB)
Book Chapter
Probabilistic Proof of an Algorithm to Compute TCP Packet Round-Trip Time for Intrusion Detection
Jianhua Yang and Yongzhong Zhang
Lecture Notes in Computer Science, 2006, Volume 3989, Applied Cryptography and Network Security, Pages 18-32
- Download PDF (329.1 KB)
Book Chapter
Stepping-Stone Detection Via Request-Response Traffic Analysis
Shou-Husan Stephen Huang, Robert Lychev and Jianhua Yang
Lecture Notes in Computer Science, 2007, Volume 4610, Autonomic and Trusted Computing, Pages 276-285
- Download PDF (237.3 KB)
Book Chapter
Packet Fluctuation Approach For Stepping-Stone Detection
Han-Ching Wu and Shou-Hsuan Stephen Huang
2008, Novel Algorithms and Techniques In Telecommunications, Automation and Industrial Electronics, Pages 365-369
- Download PDF (436.6 KB)
Book Chapter
Finding TCP Packet Round-Trip Time for Intrusion Detection: Algorithm and Analysis
Jianhua Yang, Byong Lee and Yongzhong Zhang
Lecture Notes in Computer Science, 2006, Volume 4301, Cryptology and Network Security, Pages 303-317
- Download PDF (347.0 KB)
Book Chapter
Detecting Long Connection Chains of Interactive Terminal Sessions
Kwong H. Yung
Lecture Notes in Computer Science, 2002, Volume 2516, Recent Advances in Intrusion Detection, Pages 1-16
- Download PDF (194.0 KB)
Book Chapter
Improved Thumbprint and Its Application for Intrusion Detection
Jianhua Yang and Shou-Hsuan Stephen Huang
Lecture Notes in Computer Science, 2005, Volume 3619, Networking and Mobile Computing, Pages 433-442
- Download PDF (226.3 KB)
Book Chapter
Constructing Correlations in Attack Connection Chains Using Active Perturbation
Qiang Li, Yan Lin, Kun Liu and Jiubin Ju
Lecture Notes in Computer Science, 2005, Volume 3521, Algorithmic Applications in Management, Page 765
- Download PDF (150.6 KB)

Abstract

Most network intruders launch their attacks through a chain of compromised hosts (stepping-stones) to reduce the risks of being detected or captured. Detecting such kind of attacks is important and difficult because of intruders’ evasion to detection, such as time perturbation, and chaff perturbation. In this paper, we propose a clustering algorithm to detect stepping-stone intrusion based on TCP packet round-trip time to estimate the downstream length of an interactive terminal session and give its resistibility to intruders’ evasion. The analysis and simulation results show that this algorithm can detect stepping-stone intrusion without false alarm, and low misdetection. It can resist to intruders’ time perturbation completely, as well as chaff perturbation to a certain extent.

Keywords Network security - intrusion detection - stepping-stone - evasion - time perturbation - chaff

Fulltext Preview

Image of the first page of the fulltext document

Frequently asked questions General info on journals and books Send us your feedback Impressum Contact us

SpringerLink

Resistance Analysis to Intruders’ Evasion of Detecting Intrusion

View Related Documents

Abstract

Fulltext Preview