Loading…

A Framework to Test Resistency of Detection Algorithms for Stepping-Stone Intrusion on Time-Jittering Manipulation

Hackers on the Internet usually send attacking packets using compromised hosts, called stepping-stones, in order to avoid being detected and caught. With stepping-stone attacks, an intruder remotely logins these stepping-stones using programs like SSH or telnet, uses a chain of Internet hosts as rel...

Full description

Saved in:
Bibliographic Details
Published in:Wireless communications and mobile computing 2021, Vol.2021 (1)
Main Authors: Wang, Lixin, Yang, Jianhua, Workman, Michael, Wan, Peng-Jun
Format: Article
Language:English
Subjects:
Citations: Items that this one cites
Items that cite this one
Online Access:Get full text
Tags: Add Tag
No Tags, Be the first to tag this record!
cited_by cdi_FETCH-LOGICAL-c337t-296c3698b1e8e4974bffb785746a8b6c2f8ded972609ed8e4f38bb951971591e3
cites cdi_FETCH-LOGICAL-c337t-296c3698b1e8e4974bffb785746a8b6c2f8ded972609ed8e4f38bb951971591e3
container_end_page
container_issue 1
container_start_page
container_title Wireless communications and mobile computing
container_volume 2021
creator Wang, Lixin
Yang, Jianhua
Workman, Michael
Wan, Peng-Jun
description Hackers on the Internet usually send attacking packets using compromised hosts, called stepping-stones, in order to avoid being detected and caught. With stepping-stone attacks, an intruder remotely logins these stepping-stones using programs like SSH or telnet, uses a chain of Internet hosts as relay machines, and then sends the attacking packets. A great number of detection approaches have been developed for stepping-stone intrusion (SSI) in the literature. Many of these existing detection methods worked effectively only when session manipulation by intruders is not present. When the session is manipulated by attackers, there are few known effective detection methods for SSI. It is important to know whether a detection algorithm for SSI is resistant on session manipulation by attackers. For session manipulation with chaff perturbation, software tools such as Scapy can be used to inject meaningless packets into a data stream. However, to the best of our knowledge, there are no existing effective tools or efficient algorithms to produce time-jittered network traffic that can be used to test whether an SSI detection method is resistant on intruders’ time-jittering manipulation. In this paper, we propose a framework to test resistency of detection algorithms for SSI on time-jittering manipulation. Our proposed framework can be used to test whether an existing or new SSI detection method is resistant on session manipulation by intruders with time-jittering.
doi_str_mv 10.1155/2021/1807509
format article
fullrecord <record><control><sourceid>proquest_cross</sourceid><recordid>TN_cdi_proquest_journals_2563359773</recordid><sourceformat>XML</sourceformat><sourcesystem>PC</sourcesystem><sourcerecordid>2563359773</sourcerecordid><originalsourceid>FETCH-LOGICAL-c337t-296c3698b1e8e4974bffb785746a8b6c2f8ded972609ed8e4f38bb951971591e3</originalsourceid><addsrcrecordid>eNp90E1LAzEQBuBFFKzVmz8g4FHXJpvm61iq1UpFsPW87MekTe1u1iRL6b93lxaPwsDM4WGGeaPoluBHQhgbJTghIyKxYFidRQPCKI4lF-L8b-bqMrryfosxph0eRG6CZi6rYG_dNwoWrcAH9Ane-AB1cUBWoycIUARjazTZra0zYVN5pK1DywBNY-p1vAy2BjSvg2t977pamQriNxMCuE6g96w2TbvL-jXX0YXOdh5uTn0Yfc2eV9PXePHxMp9OFnFBqQhxonhBuZI5AQljJca51rmQTIx5JnNeJFqWUCqRcKyg7IimMs8VI0oQpgjQYXR33Ns4-9N2f6Vb27q6O5kmjFPKlBC0Uw9HVTjrvQOdNs5UmTukBKd9qmmfanpKteP3R74xdZntzf_6F50Gd5o</addsrcrecordid><sourcetype>Aggregation Database</sourcetype><iscdi>true</iscdi><recordtype>article</recordtype><pqid>2563359773</pqid></control><display><type>article</type><title>A Framework to Test Resistency of Detection Algorithms for Stepping-Stone Intrusion on Time-Jittering Manipulation</title><source>Open Access: Wiley-Blackwell Open Access Journals</source><source>ProQuest Publicly Available Content database</source><creator>Wang, Lixin ; Yang, Jianhua ; Workman, Michael ; Wan, Peng-Jun</creator><contributor>Duan, Zhuojun ; Zhuojun Duan</contributor><creatorcontrib>Wang, Lixin ; Yang, Jianhua ; Workman, Michael ; Wan, Peng-Jun ; Duan, Zhuojun ; Zhuojun Duan</creatorcontrib><description>Hackers on the Internet usually send attacking packets using compromised hosts, called stepping-stones, in order to avoid being detected and caught. With stepping-stone attacks, an intruder remotely logins these stepping-stones using programs like SSH or telnet, uses a chain of Internet hosts as relay machines, and then sends the attacking packets. A great number of detection approaches have been developed for stepping-stone intrusion (SSI) in the literature. Many of these existing detection methods worked effectively only when session manipulation by intruders is not present. When the session is manipulated by attackers, there are few known effective detection methods for SSI. It is important to know whether a detection algorithm for SSI is resistant on session manipulation by attackers. For session manipulation with chaff perturbation, software tools such as Scapy can be used to inject meaningless packets into a data stream. However, to the best of our knowledge, there are no existing effective tools or efficient algorithms to produce time-jittered network traffic that can be used to test whether an SSI detection method is resistant on intruders’ time-jittering manipulation. In this paper, we propose a framework to test resistency of detection algorithms for SSI on time-jittering manipulation. Our proposed framework can be used to test whether an existing or new SSI detection method is resistant on session manipulation by intruders with time-jittering.</description><identifier>ISSN: 1530-8669</identifier><identifier>EISSN: 1530-8677</identifier><identifier>DOI: 10.1155/2021/1807509</identifier><language>eng</language><publisher>Oxford: Hindawi</publisher><subject>Algorithms ; Communications traffic ; Data transmission ; Internet ; Intrusion ; Literature reviews ; Packets (communication) ; Perturbation ; Random variables ; Sensors ; Software ; Software development tools ; Software utilities</subject><ispartof>Wireless communications and mobile computing, 2021, Vol.2021 (1)</ispartof><rights>Copyright © 2021 Lixin Wang et al.</rights><rights>Copyright © 2021 Lixin Wang et al. This work is licensed under http://creativecommons.org/licenses/by/4.0/ (the “License”). Notwithstanding the ProQuest Terms and Conditions, you may use this content in accordance with the terms of the License.</rights><lds50>peer_reviewed</lds50><oa>free_for_read</oa><woscitedreferencessubscribed>false</woscitedreferencessubscribed><citedby>FETCH-LOGICAL-c337t-296c3698b1e8e4974bffb785746a8b6c2f8ded972609ed8e4f38bb951971591e3</citedby><cites>FETCH-LOGICAL-c337t-296c3698b1e8e4974bffb785746a8b6c2f8ded972609ed8e4f38bb951971591e3</cites><orcidid>0000-0003-4965-5510</orcidid></display><links><openurl>$$Topenurl_article</openurl><openurlfulltext>$$Topenurlfull_article</openurlfulltext><thumbnail>$$Tsyndetics_thumb_exl</thumbnail><linktopdf>$$Uhttps://www.proquest.com/docview/2563359773/fulltextPDF?pq-origsite=primo$$EPDF$$P50$$Gproquest$$Hfree_for_read</linktopdf><linktohtml>$$Uhttps://www.proquest.com/docview/2563359773?pq-origsite=primo$$EHTML$$P50$$Gproquest$$Hfree_for_read</linktohtml><link.rule.ids>314,780,784,4024,25753,27923,27924,27925,37012,44590,75126</link.rule.ids></links><search><contributor>Duan, Zhuojun</contributor><contributor>Zhuojun Duan</contributor><creatorcontrib>Wang, Lixin</creatorcontrib><creatorcontrib>Yang, Jianhua</creatorcontrib><creatorcontrib>Workman, Michael</creatorcontrib><creatorcontrib>Wan, Peng-Jun</creatorcontrib><title>A Framework to Test Resistency of Detection Algorithms for Stepping-Stone Intrusion on Time-Jittering Manipulation</title><title>Wireless communications and mobile computing</title><description>Hackers on the Internet usually send attacking packets using compromised hosts, called stepping-stones, in order to avoid being detected and caught. With stepping-stone attacks, an intruder remotely logins these stepping-stones using programs like SSH or telnet, uses a chain of Internet hosts as relay machines, and then sends the attacking packets. A great number of detection approaches have been developed for stepping-stone intrusion (SSI) in the literature. Many of these existing detection methods worked effectively only when session manipulation by intruders is not present. When the session is manipulated by attackers, there are few known effective detection methods for SSI. It is important to know whether a detection algorithm for SSI is resistant on session manipulation by attackers. For session manipulation with chaff perturbation, software tools such as Scapy can be used to inject meaningless packets into a data stream. However, to the best of our knowledge, there are no existing effective tools or efficient algorithms to produce time-jittered network traffic that can be used to test whether an SSI detection method is resistant on intruders’ time-jittering manipulation. In this paper, we propose a framework to test resistency of detection algorithms for SSI on time-jittering manipulation. Our proposed framework can be used to test whether an existing or new SSI detection method is resistant on session manipulation by intruders with time-jittering.</description><subject>Algorithms</subject><subject>Communications traffic</subject><subject>Data transmission</subject><subject>Internet</subject><subject>Intrusion</subject><subject>Literature reviews</subject><subject>Packets (communication)</subject><subject>Perturbation</subject><subject>Random variables</subject><subject>Sensors</subject><subject>Software</subject><subject>Software development tools</subject><subject>Software utilities</subject><issn>1530-8669</issn><issn>1530-8677</issn><fulltext>true</fulltext><rsrctype>article</rsrctype><creationdate>2021</creationdate><recordtype>article</recordtype><sourceid>PIMPY</sourceid><recordid>eNp90E1LAzEQBuBFFKzVmz8g4FHXJpvm61iq1UpFsPW87MekTe1u1iRL6b93lxaPwsDM4WGGeaPoluBHQhgbJTghIyKxYFidRQPCKI4lF-L8b-bqMrryfosxph0eRG6CZi6rYG_dNwoWrcAH9Ane-AB1cUBWoycIUARjazTZra0zYVN5pK1DywBNY-p1vAy2BjSvg2t977pamQriNxMCuE6g96w2TbvL-jXX0YXOdh5uTn0Yfc2eV9PXePHxMp9OFnFBqQhxonhBuZI5AQljJca51rmQTIx5JnNeJFqWUCqRcKyg7IimMs8VI0oQpgjQYXR33Ns4-9N2f6Vb27q6O5kmjFPKlBC0Uw9HVTjrvQOdNs5UmTukBKd9qmmfanpKteP3R74xdZntzf_6F50Gd5o</recordid><startdate>2021</startdate><enddate>2021</enddate><creator>Wang, Lixin</creator><creator>Yang, Jianhua</creator><creator>Workman, Michael</creator><creator>Wan, Peng-Jun</creator><general>Hindawi</general><general>Hindawi Limited</general><scope>RHU</scope><scope>RHW</scope><scope>RHX</scope><scope>AAYXX</scope><scope>CITATION</scope><scope>7SC</scope><scope>7SP</scope><scope>7XB</scope><scope>8FD</scope><scope>8FE</scope><scope>8FG</scope><scope>ABUWG</scope><scope>AFKRA</scope><scope>ARAPS</scope><scope>AZQEC</scope><scope>BENPR</scope><scope>BGLVJ</scope><scope>CCPQU</scope><scope>DWQXO</scope><scope>GNUQQ</scope><scope>HCIFZ</scope><scope>JQ2</scope><scope>K7-</scope><scope>L7M</scope><scope>L~C</scope><scope>L~D</scope><scope>M0N</scope><scope>P5Z</scope><scope>P62</scope><scope>PIMPY</scope><scope>PQEST</scope><scope>PQQKQ</scope><scope>PQUKI</scope><scope>PRINS</scope><scope>Q9U</scope><orcidid>https://orcid.org/0000-0003-4965-5510</orcidid></search><sort><creationdate>2021</creationdate><title>A Framework to Test Resistency of Detection Algorithms for Stepping-Stone Intrusion on Time-Jittering Manipulation</title><author>Wang, Lixin ; Yang, Jianhua ; Workman, Michael ; Wan, Peng-Jun</author></sort><facets><frbrtype>5</frbrtype><frbrgroupid>cdi_FETCH-LOGICAL-c337t-296c3698b1e8e4974bffb785746a8b6c2f8ded972609ed8e4f38bb951971591e3</frbrgroupid><rsrctype>articles</rsrctype><prefilter>articles</prefilter><language>eng</language><creationdate>2021</creationdate><topic>Algorithms</topic><topic>Communications traffic</topic><topic>Data transmission</topic><topic>Internet</topic><topic>Intrusion</topic><topic>Literature reviews</topic><topic>Packets (communication)</topic><topic>Perturbation</topic><topic>Random variables</topic><topic>Sensors</topic><topic>Software</topic><topic>Software development tools</topic><topic>Software utilities</topic><toplevel>peer_reviewed</toplevel><toplevel>online_resources</toplevel><creatorcontrib>Wang, Lixin</creatorcontrib><creatorcontrib>Yang, Jianhua</creatorcontrib><creatorcontrib>Workman, Michael</creatorcontrib><creatorcontrib>Wan, Peng-Jun</creatorcontrib><collection>Hindawi Publishing Complete</collection><collection>Hindawi Publishing Subscription Journals</collection><collection>Hindawi Publishing Open Access</collection><collection>CrossRef</collection><collection>Computer and Information Systems Abstracts</collection><collection>Electronics &amp; Communications Abstracts</collection><collection>ProQuest Central (purchase pre-March 2016)</collection><collection>Technology Research Database</collection><collection>ProQuest SciTech Collection</collection><collection>ProQuest Technology Collection</collection><collection>ProQuest Central (Alumni)</collection><collection>ProQuest Central</collection><collection>Advanced Technologies &amp; Aerospace Collection</collection><collection>ProQuest Central Essentials</collection><collection>ProQuest Central</collection><collection>Technology Collection</collection><collection>ProQuest One Community College</collection><collection>ProQuest Central</collection><collection>ProQuest Central Student</collection><collection>SciTech Premium Collection</collection><collection>ProQuest Computer Science Collection</collection><collection>Computer science database</collection><collection>Advanced Technologies Database with Aerospace</collection><collection>Computer and Information Systems Abstracts – Academic</collection><collection>Computer and Information Systems Abstracts Professional</collection><collection>Computing Database</collection><collection>ProQuest advanced technologies &amp; aerospace journals</collection><collection>ProQuest Advanced Technologies &amp; Aerospace Collection</collection><collection>ProQuest Publicly Available Content database</collection><collection>ProQuest One Academic Eastern Edition (DO NOT USE)</collection><collection>ProQuest One Academic</collection><collection>ProQuest One Academic UKI Edition</collection><collection>ProQuest Central China</collection><collection>ProQuest Central Basic</collection><jtitle>Wireless communications and mobile computing</jtitle></facets><delivery><delcategory>Remote Search Resource</delcategory><fulltext>fulltext</fulltext></delivery><addata><au>Wang, Lixin</au><au>Yang, Jianhua</au><au>Workman, Michael</au><au>Wan, Peng-Jun</au><au>Duan, Zhuojun</au><au>Zhuojun Duan</au><format>journal</format><genre>article</genre><ristype>JOUR</ristype><atitle>A Framework to Test Resistency of Detection Algorithms for Stepping-Stone Intrusion on Time-Jittering Manipulation</atitle><jtitle>Wireless communications and mobile computing</jtitle><date>2021</date><risdate>2021</risdate><volume>2021</volume><issue>1</issue><issn>1530-8669</issn><eissn>1530-8677</eissn><abstract>Hackers on the Internet usually send attacking packets using compromised hosts, called stepping-stones, in order to avoid being detected and caught. With stepping-stone attacks, an intruder remotely logins these stepping-stones using programs like SSH or telnet, uses a chain of Internet hosts as relay machines, and then sends the attacking packets. A great number of detection approaches have been developed for stepping-stone intrusion (SSI) in the literature. Many of these existing detection methods worked effectively only when session manipulation by intruders is not present. When the session is manipulated by attackers, there are few known effective detection methods for SSI. It is important to know whether a detection algorithm for SSI is resistant on session manipulation by attackers. For session manipulation with chaff perturbation, software tools such as Scapy can be used to inject meaningless packets into a data stream. However, to the best of our knowledge, there are no existing effective tools or efficient algorithms to produce time-jittered network traffic that can be used to test whether an SSI detection method is resistant on intruders’ time-jittering manipulation. In this paper, we propose a framework to test resistency of detection algorithms for SSI on time-jittering manipulation. Our proposed framework can be used to test whether an existing or new SSI detection method is resistant on session manipulation by intruders with time-jittering.</abstract><cop>Oxford</cop><pub>Hindawi</pub><doi>10.1155/2021/1807509</doi><orcidid>https://orcid.org/0000-0003-4965-5510</orcidid><oa>free_for_read</oa></addata></record>
fulltext fulltext
identifier ISSN: 1530-8669
ispartof Wireless communications and mobile computing, 2021, Vol.2021 (1)
issn 1530-8669
1530-8677
language eng
recordid cdi_proquest_journals_2563359773
source Open Access: Wiley-Blackwell Open Access Journals; ProQuest Publicly Available Content database
subjects Algorithms
Communications traffic
Data transmission
Internet
Intrusion
Literature reviews
Packets (communication)
Perturbation
Random variables
Sensors
Software
Software development tools
Software utilities
title A Framework to Test Resistency of Detection Algorithms for Stepping-Stone Intrusion on Time-Jittering Manipulation
url http://sfxeu10.hosted.exlibrisgroup.com/loughborough?ctx_ver=Z39.88-2004&ctx_enc=info:ofi/enc:UTF-8&ctx_tim=2024-12-24T16%3A40%3A44IST&url_ver=Z39.88-2004&url_ctx_fmt=infofi/fmt:kev:mtx:ctx&rfr_id=info:sid/primo.exlibrisgroup.com:primo3-Article-proquest_cross&rft_val_fmt=info:ofi/fmt:kev:mtx:journal&rft.genre=article&rft.atitle=A%20Framework%20to%20Test%20Resistency%20of%20Detection%20Algorithms%20for%20Stepping-Stone%20Intrusion%20on%20Time-Jittering%20Manipulation&rft.jtitle=Wireless%20communications%20and%20mobile%20computing&rft.au=Wang,%20Lixin&rft.date=2021&rft.volume=2021&rft.issue=1&rft.issn=1530-8669&rft.eissn=1530-8677&rft_id=info:doi/10.1155/2021/1807509&rft_dat=%3Cproquest_cross%3E2563359773%3C/proquest_cross%3E%3Cgrp_id%3Ecdi_FETCH-LOGICAL-c337t-296c3698b1e8e4974bffb785746a8b6c2f8ded972609ed8e4f38bb951971591e3%3C/grp_id%3E%3Coa%3E%3C/oa%3E%3Curl%3E%3C/url%3E&rft_id=info:oai/&rft_pqid=2563359773&rft_id=info:pmid/&rfr_iscdi=true