Intelligent Host - based Stepping Stone Detection Approach Mohd
نویسنده
چکیده
This paper intends to introduce an implementation of a novel Self-Organization Map (SOM) in Host-based Stepping Stone Detection (SSD). Previous works have introduced Artificial Intelligence (AI) approaches such as Artificial Neural Network (ANN), however we found that the approaches are complex due to the requirement of variable to be known and tested to detect a stepping stone. SOM provides unsupervised capability in learning process. This feature helps to decrease the complexity of the AI approach. Moreover, this paper uses packet arrival time instead of Round Trip Time (RTT), which in turn reduces CPU usage as well as improves network load balancing. Through a series of real-time experiment, we show that our novel SOM approach is able to detect the stepping stone by only looking into the number of involved connection chain. In addition, the usage of SOM in Network-based SSD had been proven can detect the stepping stone in our previous research paper.
منابع مشابه
Stepping-stone Detection Technique Forrecognizing Legitimate and Attack Connections
A stepping-stone connection has always been assumed as an intrusion since the first research on stepping-stone connections twenty years ago. However, not all stepping-stone connections are malicious. This paper proposes an enhanced stepping-stone detection (SSD) technique which is capable to identify legitimate connections from stepping-stone connections. Stepping-stone connections are identifi...
متن کاملIntelligent Network-Based Stepping Stone Detection Approach
This research intends to introduce a new usage of Artificial Intelligent (AI) approaches in Stepping Stone Detection (SSD) fields of research. By using Self-Organizing Map (SOM) approaches as the engine, through the experiment, it is shown that SOM has the capability to detect the number of connection chains that involved in a stepping stones. Realizing that by counting the number of connection...
متن کاملDropped Packet Problems in Stepping Stone Detection Method
This paper discusses one of the issues that are not covered by current stepping stone detection based researches. Although dropped packet problems are well-known problem in real network environment, all of the stepping stone detection researches just assume that dropped packet problems do not occur. Stepping stone detection research already in complex condition where each enhancement of the res...
متن کاملDetection of Interactive Stepping Stones: Algorithms and Conndence Bounds
Intruders on the Internet often prefer to launch network intrusions indirectly, i.e., using a chain of hosts on the Internet as relay machines using protocols such as Telnet or SSH. This type of attack is called a stepping-stone attack. In this paper, we propose and analyze algorithms for stepping-stone detection using ideas from Computational Learning Theory and the analysis of random walks. O...
متن کاملStepping-Stone Detection Via Request-Response Traffic Analysis
In this paper, we develop an algorithm that may be used as a stepping-stone detection tool. Our approach is based on analyzing correlations between the cumulative number of packets sent in outgoing connections and that of the incoming connections. We present a study of our method’s effectiveness with actual connections as well as simulations of time-jittering (introduction of inter-packet delay...
متن کامل