Loading…
A Framework to Test Resistency of Detection Algorithms for Stepping-Stone Intrusion on Time-Jittering Manipulation
Hackers on the Internet usually send attacking packets using compromised hosts, called stepping-stones, in order to avoid being detected and caught. With stepping-stone attacks, an intruder remotely logins these stepping-stones using programs like SSH or telnet, uses a chain of Internet hosts as rel...
Saved in:
Published in: | Wireless communications and mobile computing 2021, Vol.2021 (1) |
---|---|
Main Authors: | , , , |
Format: | Article |
Language: | English |
Subjects: | |
Citations: | Items that this one cites Items that cite this one |
Online Access: | Get full text |
Tags: |
Add Tag
No Tags, Be the first to tag this record!
|
cited_by | cdi_FETCH-LOGICAL-c337t-296c3698b1e8e4974bffb785746a8b6c2f8ded972609ed8e4f38bb951971591e3 |
---|---|
cites | cdi_FETCH-LOGICAL-c337t-296c3698b1e8e4974bffb785746a8b6c2f8ded972609ed8e4f38bb951971591e3 |
container_end_page | |
container_issue | 1 |
container_start_page | |
container_title | Wireless communications and mobile computing |
container_volume | 2021 |
creator | Wang, Lixin Yang, Jianhua Workman, Michael Wan, Peng-Jun |
description | Hackers on the Internet usually send attacking packets using compromised hosts, called stepping-stones, in order to avoid being detected and caught. With stepping-stone attacks, an intruder remotely logins these stepping-stones using programs like SSH or telnet, uses a chain of Internet hosts as relay machines, and then sends the attacking packets. A great number of detection approaches have been developed for stepping-stone intrusion (SSI) in the literature. Many of these existing detection methods worked effectively only when session manipulation by intruders is not present. When the session is manipulated by attackers, there are few known effective detection methods for SSI. It is important to know whether a detection algorithm for SSI is resistant on session manipulation by attackers. For session manipulation with chaff perturbation, software tools such as Scapy can be used to inject meaningless packets into a data stream. However, to the best of our knowledge, there are no existing effective tools or efficient algorithms to produce time-jittered network traffic that can be used to test whether an SSI detection method is resistant on intruders’ time-jittering manipulation. In this paper, we propose a framework to test resistency of detection algorithms for SSI on time-jittering manipulation. Our proposed framework can be used to test whether an existing or new SSI detection method is resistant on session manipulation by intruders with time-jittering. |
doi_str_mv | 10.1155/2021/1807509 |
format | article |
fullrecord | <record><control><sourceid>proquest_cross</sourceid><recordid>TN_cdi_proquest_journals_2563359773</recordid><sourceformat>XML</sourceformat><sourcesystem>PC</sourcesystem><sourcerecordid>2563359773</sourcerecordid><originalsourceid>FETCH-LOGICAL-c337t-296c3698b1e8e4974bffb785746a8b6c2f8ded972609ed8e4f38bb951971591e3</originalsourceid><addsrcrecordid>eNp90E1LAzEQBuBFFKzVmz8g4FHXJpvm61iq1UpFsPW87MekTe1u1iRL6b93lxaPwsDM4WGGeaPoluBHQhgbJTghIyKxYFidRQPCKI4lF-L8b-bqMrryfosxph0eRG6CZi6rYG_dNwoWrcAH9Ane-AB1cUBWoycIUARjazTZra0zYVN5pK1DywBNY-p1vAy2BjSvg2t977pamQriNxMCuE6g96w2TbvL-jXX0YXOdh5uTn0Yfc2eV9PXePHxMp9OFnFBqQhxonhBuZI5AQljJca51rmQTIx5JnNeJFqWUCqRcKyg7IimMs8VI0oQpgjQYXR33Ns4-9N2f6Vb27q6O5kmjFPKlBC0Uw9HVTjrvQOdNs5UmTukBKd9qmmfanpKteP3R74xdZntzf_6F50Gd5o</addsrcrecordid><sourcetype>Aggregation Database</sourcetype><iscdi>true</iscdi><recordtype>article</recordtype><pqid>2563359773</pqid></control><display><type>article</type><title>A Framework to Test Resistency of Detection Algorithms for Stepping-Stone Intrusion on Time-Jittering Manipulation</title><source>Open Access: Wiley-Blackwell Open Access Journals</source><source>ProQuest Publicly Available Content database</source><creator>Wang, Lixin ; Yang, Jianhua ; Workman, Michael ; Wan, Peng-Jun</creator><contributor>Duan, Zhuojun ; Zhuojun Duan</contributor><creatorcontrib>Wang, Lixin ; Yang, Jianhua ; Workman, Michael ; Wan, Peng-Jun ; Duan, Zhuojun ; Zhuojun Duan</creatorcontrib><description>Hackers on the Internet usually send attacking packets using compromised hosts, called stepping-stones, in order to avoid being detected and caught. With stepping-stone attacks, an intruder remotely logins these stepping-stones using programs like SSH or telnet, uses a chain of Internet hosts as relay machines, and then sends the attacking packets. A great number of detection approaches have been developed for stepping-stone intrusion (SSI) in the literature. Many of these existing detection methods worked effectively only when session manipulation by intruders is not present. When the session is manipulated by attackers, there are few known effective detection methods for SSI. It is important to know whether a detection algorithm for SSI is resistant on session manipulation by attackers. For session manipulation with chaff perturbation, software tools such as Scapy can be used to inject meaningless packets into a data stream. However, to the best of our knowledge, there are no existing effective tools or efficient algorithms to produce time-jittered network traffic that can be used to test whether an SSI detection method is resistant on intruders’ time-jittering manipulation. In this paper, we propose a framework to test resistency of detection algorithms for SSI on time-jittering manipulation. Our proposed framework can be used to test whether an existing or new SSI detection method is resistant on session manipulation by intruders with time-jittering.</description><identifier>ISSN: 1530-8669</identifier><identifier>EISSN: 1530-8677</identifier><identifier>DOI: 10.1155/2021/1807509</identifier><language>eng</language><publisher>Oxford: Hindawi</publisher><subject>Algorithms ; Communications traffic ; Data transmission ; Internet ; Intrusion ; Literature reviews ; Packets (communication) ; Perturbation ; Random variables ; Sensors ; Software ; Software development tools ; Software utilities</subject><ispartof>Wireless communications and mobile computing, 2021, Vol.2021 (1)</ispartof><rights>Copyright © 2021 Lixin Wang et al.</rights><rights>Copyright © 2021 Lixin Wang et al. This work is licensed under http://creativecommons.org/licenses/by/4.0/ (the “License”). Notwithstanding the ProQuest Terms and Conditions, you may use this content in accordance with the terms of the License.</rights><lds50>peer_reviewed</lds50><oa>free_for_read</oa><woscitedreferencessubscribed>false</woscitedreferencessubscribed><citedby>FETCH-LOGICAL-c337t-296c3698b1e8e4974bffb785746a8b6c2f8ded972609ed8e4f38bb951971591e3</citedby><cites>FETCH-LOGICAL-c337t-296c3698b1e8e4974bffb785746a8b6c2f8ded972609ed8e4f38bb951971591e3</cites><orcidid>0000-0003-4965-5510</orcidid></display><links><openurl>$$Topenurl_article</openurl><openurlfulltext>$$Topenurlfull_article</openurlfulltext><thumbnail>$$Tsyndetics_thumb_exl</thumbnail><linktopdf>$$Uhttps://www.proquest.com/docview/2563359773/fulltextPDF?pq-origsite=primo$$EPDF$$P50$$Gproquest$$Hfree_for_read</linktopdf><linktohtml>$$Uhttps://www.proquest.com/docview/2563359773?pq-origsite=primo$$EHTML$$P50$$Gproquest$$Hfree_for_read</linktohtml><link.rule.ids>314,780,784,4024,25753,27923,27924,27925,37012,44590,75126</link.rule.ids></links><search><contributor>Duan, Zhuojun</contributor><contributor>Zhuojun Duan</contributor><creatorcontrib>Wang, Lixin</creatorcontrib><creatorcontrib>Yang, Jianhua</creatorcontrib><creatorcontrib>Workman, Michael</creatorcontrib><creatorcontrib>Wan, Peng-Jun</creatorcontrib><title>A Framework to Test Resistency of Detection Algorithms for Stepping-Stone Intrusion on Time-Jittering Manipulation</title><title>Wireless communications and mobile computing</title><description>Hackers on the Internet usually send attacking packets using compromised hosts, called stepping-stones, in order to avoid being detected and caught. With stepping-stone attacks, an intruder remotely logins these stepping-stones using programs like SSH or telnet, uses a chain of Internet hosts as relay machines, and then sends the attacking packets. A great number of detection approaches have been developed for stepping-stone intrusion (SSI) in the literature. Many of these existing detection methods worked effectively only when session manipulation by intruders is not present. When the session is manipulated by attackers, there are few known effective detection methods for SSI. It is important to know whether a detection algorithm for SSI is resistant on session manipulation by attackers. For session manipulation with chaff perturbation, software tools such as Scapy can be used to inject meaningless packets into a data stream. However, to the best of our knowledge, there are no existing effective tools or efficient algorithms to produce time-jittered network traffic that can be used to test whether an SSI detection method is resistant on intruders’ time-jittering manipulation. In this paper, we propose a framework to test resistency of detection algorithms for SSI on time-jittering manipulation. Our proposed framework can be used to test whether an existing or new SSI detection method is resistant on session manipulation by intruders with time-jittering.</description><subject>Algorithms</subject><subject>Communications traffic</subject><subject>Data transmission</subject><subject>Internet</subject><subject>Intrusion</subject><subject>Literature reviews</subject><subject>Packets (communication)</subject><subject>Perturbation</subject><subject>Random variables</subject><subject>Sensors</subject><subject>Software</subject><subject>Software development tools</subject><subject>Software utilities</subject><issn>1530-8669</issn><issn>1530-8677</issn><fulltext>true</fulltext><rsrctype>article</rsrctype><creationdate>2021</creationdate><recordtype>article</recordtype><sourceid>PIMPY</sourceid><recordid>eNp90E1LAzEQBuBFFKzVmz8g4FHXJpvm61iq1UpFsPW87MekTe1u1iRL6b93lxaPwsDM4WGGeaPoluBHQhgbJTghIyKxYFidRQPCKI4lF-L8b-bqMrryfosxph0eRG6CZi6rYG_dNwoWrcAH9Ane-AB1cUBWoycIUARjazTZra0zYVN5pK1DywBNY-p1vAy2BjSvg2t977pamQriNxMCuE6g96w2TbvL-jXX0YXOdh5uTn0Yfc2eV9PXePHxMp9OFnFBqQhxonhBuZI5AQljJca51rmQTIx5JnNeJFqWUCqRcKyg7IimMs8VI0oQpgjQYXR33Ns4-9N2f6Vb27q6O5kmjFPKlBC0Uw9HVTjrvQOdNs5UmTukBKd9qmmfanpKteP3R74xdZntzf_6F50Gd5o</recordid><startdate>2021</startdate><enddate>2021</enddate><creator>Wang, Lixin</creator><creator>Yang, Jianhua</creator><creator>Workman, Michael</creator><creator>Wan, Peng-Jun</creator><general>Hindawi</general><general>Hindawi Limited</general><scope>RHU</scope><scope>RHW</scope><scope>RHX</scope><scope>AAYXX</scope><scope>CITATION</scope><scope>7SC</scope><scope>7SP</scope><scope>7XB</scope><scope>8FD</scope><scope>8FE</scope><scope>8FG</scope><scope>ABUWG</scope><scope>AFKRA</scope><scope>ARAPS</scope><scope>AZQEC</scope><scope>BENPR</scope><scope>BGLVJ</scope><scope>CCPQU</scope><scope>DWQXO</scope><scope>GNUQQ</scope><scope>HCIFZ</scope><scope>JQ2</scope><scope>K7-</scope><scope>L7M</scope><scope>L~C</scope><scope>L~D</scope><scope>M0N</scope><scope>P5Z</scope><scope>P62</scope><scope>PIMPY</scope><scope>PQEST</scope><scope>PQQKQ</scope><scope>PQUKI</scope><scope>PRINS</scope><scope>Q9U</scope><orcidid>https://orcid.org/0000-0003-4965-5510</orcidid></search><sort><creationdate>2021</creationdate><title>A Framework to Test Resistency of Detection Algorithms for Stepping-Stone Intrusion on Time-Jittering Manipulation</title><author>Wang, Lixin ; Yang, Jianhua ; Workman, Michael ; Wan, Peng-Jun</author></sort><facets><frbrtype>5</frbrtype><frbrgroupid>cdi_FETCH-LOGICAL-c337t-296c3698b1e8e4974bffb785746a8b6c2f8ded972609ed8e4f38bb951971591e3</frbrgroupid><rsrctype>articles</rsrctype><prefilter>articles</prefilter><language>eng</language><creationdate>2021</creationdate><topic>Algorithms</topic><topic>Communications traffic</topic><topic>Data transmission</topic><topic>Internet</topic><topic>Intrusion</topic><topic>Literature reviews</topic><topic>Packets (communication)</topic><topic>Perturbation</topic><topic>Random variables</topic><topic>Sensors</topic><topic>Software</topic><topic>Software development tools</topic><topic>Software utilities</topic><toplevel>peer_reviewed</toplevel><toplevel>online_resources</toplevel><creatorcontrib>Wang, Lixin</creatorcontrib><creatorcontrib>Yang, Jianhua</creatorcontrib><creatorcontrib>Workman, Michael</creatorcontrib><creatorcontrib>Wan, Peng-Jun</creatorcontrib><collection>Hindawi Publishing Complete</collection><collection>Hindawi Publishing Subscription Journals</collection><collection>Hindawi Publishing Open Access</collection><collection>CrossRef</collection><collection>Computer and Information Systems Abstracts</collection><collection>Electronics & Communications Abstracts</collection><collection>ProQuest Central (purchase pre-March 2016)</collection><collection>Technology Research Database</collection><collection>ProQuest SciTech Collection</collection><collection>ProQuest Technology Collection</collection><collection>ProQuest Central (Alumni)</collection><collection>ProQuest Central</collection><collection>Advanced Technologies & Aerospace Collection</collection><collection>ProQuest Central Essentials</collection><collection>ProQuest Central</collection><collection>Technology Collection</collection><collection>ProQuest One Community College</collection><collection>ProQuest Central</collection><collection>ProQuest Central Student</collection><collection>SciTech Premium Collection</collection><collection>ProQuest Computer Science Collection</collection><collection>Computer science database</collection><collection>Advanced Technologies Database with Aerospace</collection><collection>Computer and Information Systems Abstracts Academic</collection><collection>Computer and Information Systems Abstracts Professional</collection><collection>Computing Database</collection><collection>ProQuest advanced technologies & aerospace journals</collection><collection>ProQuest Advanced Technologies & Aerospace Collection</collection><collection>ProQuest Publicly Available Content database</collection><collection>ProQuest One Academic Eastern Edition (DO NOT USE)</collection><collection>ProQuest One Academic</collection><collection>ProQuest One Academic UKI Edition</collection><collection>ProQuest Central China</collection><collection>ProQuest Central Basic</collection><jtitle>Wireless communications and mobile computing</jtitle></facets><delivery><delcategory>Remote Search Resource</delcategory><fulltext>fulltext</fulltext></delivery><addata><au>Wang, Lixin</au><au>Yang, Jianhua</au><au>Workman, Michael</au><au>Wan, Peng-Jun</au><au>Duan, Zhuojun</au><au>Zhuojun Duan</au><format>journal</format><genre>article</genre><ristype>JOUR</ristype><atitle>A Framework to Test Resistency of Detection Algorithms for Stepping-Stone Intrusion on Time-Jittering Manipulation</atitle><jtitle>Wireless communications and mobile computing</jtitle><date>2021</date><risdate>2021</risdate><volume>2021</volume><issue>1</issue><issn>1530-8669</issn><eissn>1530-8677</eissn><abstract>Hackers on the Internet usually send attacking packets using compromised hosts, called stepping-stones, in order to avoid being detected and caught. With stepping-stone attacks, an intruder remotely logins these stepping-stones using programs like SSH or telnet, uses a chain of Internet hosts as relay machines, and then sends the attacking packets. A great number of detection approaches have been developed for stepping-stone intrusion (SSI) in the literature. Many of these existing detection methods worked effectively only when session manipulation by intruders is not present. When the session is manipulated by attackers, there are few known effective detection methods for SSI. It is important to know whether a detection algorithm for SSI is resistant on session manipulation by attackers. For session manipulation with chaff perturbation, software tools such as Scapy can be used to inject meaningless packets into a data stream. However, to the best of our knowledge, there are no existing effective tools or efficient algorithms to produce time-jittered network traffic that can be used to test whether an SSI detection method is resistant on intruders’ time-jittering manipulation. In this paper, we propose a framework to test resistency of detection algorithms for SSI on time-jittering manipulation. Our proposed framework can be used to test whether an existing or new SSI detection method is resistant on session manipulation by intruders with time-jittering.</abstract><cop>Oxford</cop><pub>Hindawi</pub><doi>10.1155/2021/1807509</doi><orcidid>https://orcid.org/0000-0003-4965-5510</orcidid><oa>free_for_read</oa></addata></record> |
fulltext | fulltext |
identifier | ISSN: 1530-8669 |
ispartof | Wireless communications and mobile computing, 2021, Vol.2021 (1) |
issn | 1530-8669 1530-8677 |
language | eng |
recordid | cdi_proquest_journals_2563359773 |
source | Open Access: Wiley-Blackwell Open Access Journals; ProQuest Publicly Available Content database |
subjects | Algorithms Communications traffic Data transmission Internet Intrusion Literature reviews Packets (communication) Perturbation Random variables Sensors Software Software development tools Software utilities |
title | A Framework to Test Resistency of Detection Algorithms for Stepping-Stone Intrusion on Time-Jittering Manipulation |
url | http://sfxeu10.hosted.exlibrisgroup.com/loughborough?ctx_ver=Z39.88-2004&ctx_enc=info:ofi/enc:UTF-8&ctx_tim=2024-12-24T16%3A40%3A44IST&url_ver=Z39.88-2004&url_ctx_fmt=infofi/fmt:kev:mtx:ctx&rfr_id=info:sid/primo.exlibrisgroup.com:primo3-Article-proquest_cross&rft_val_fmt=info:ofi/fmt:kev:mtx:journal&rft.genre=article&rft.atitle=A%20Framework%20to%20Test%20Resistency%20of%20Detection%20Algorithms%20for%20Stepping-Stone%20Intrusion%20on%20Time-Jittering%20Manipulation&rft.jtitle=Wireless%20communications%20and%20mobile%20computing&rft.au=Wang,%20Lixin&rft.date=2021&rft.volume=2021&rft.issue=1&rft.issn=1530-8669&rft.eissn=1530-8677&rft_id=info:doi/10.1155/2021/1807509&rft_dat=%3Cproquest_cross%3E2563359773%3C/proquest_cross%3E%3Cgrp_id%3Ecdi_FETCH-LOGICAL-c337t-296c3698b1e8e4974bffb785746a8b6c2f8ded972609ed8e4f38bb951971591e3%3C/grp_id%3E%3Coa%3E%3C/oa%3E%3Curl%3E%3C/url%3E&rft_id=info:oai/&rft_pqid=2563359773&rft_id=info:pmid/&rfr_iscdi=true |