1,028 Hits in 3.3 sec

Monitoring Network Traffic to Detect Stepping-Stone Intrusion

Jianhua Yang, Byong Lee, Stephen S.H. Huang
2008 22nd International Conference on Advanced Information Networking and Applications - Workshops (aina workshops 2008)  
One weakness of this method is in resisting intruders' evasion, such as chaff perturbation. In this paper, we propose a method based on random walk theory to detect stepping-stone intrusion.  ...  Our theoretical analysis shows that the proposed method is more effective than Blum's approach in terms of resisting intruders' chaff perturbation.  ...  This fact makes Blum's method very weak in resisting to intruders' chaff evasion.  ... 
doi:10.1109/waina.2008.30 dblp:conf/aina/YangLH08 fatcat:wpusg5ea7rdype4r4ui45nds4q

A research survey in stepping-stone intrusion detection

Lixin Wang, Jianhua Yang
2018 EURASIP Journal on Wireless Communications and Networking  
Attackers on the Internet often launch network intrusions through compromised hosts, called stepping-stones, in order to reduce the chance of being detected.  ...  This paper provides a research survey in the area of stepping-stone intrusion detection.  ...  So innovative approaches are urgently needed to be proposed to match packets and resist intruders' chaff evasion effectively in stepping-stone intrusion detection and the issues are pressing.  ... 
doi:10.1186/s13638-018-1303-2 fatcat:gppnh2pvmvfrhejvmvoxrhcjqm

Applying MMD Data Mining to Match Network Traffic for Stepping-Stone Intrusion Detection

Jianhua Yang, Lixin Wang
2021 Sensors  
It is applicable to network-based stepping-stone intrusion detection.  ...  A long interactive TCP connection chain has been widely used by attackers to launch their attacks and thus avoid detection.  ...  Conflicts of Interest: The authors declare no conflict of interest.  ... 
doi:10.3390/s21227464 pmid:34833539 pmcid:PMC8618504 fatcat:uxu32ubhkjakndq56g4yph75vq

Host-based intrusion detection system

L. Vokorokos, A. Balaz
2010 2010 IEEE 14th International Conference on Intelligent Engineering Systems  
The goal of this research is to determine the applicability of current intrusion detection technology to the detection of host level intrusions.  ...  A host-based intrusion detection system (HIDS) is an intrusion detection system that focuses its monitoring and analysis on the internals of a computing system rather than on its external interfaces (as  ...  On the other hand, if the IDS resides in the network, it is more resistant to attack, but has a poor view of what is happening inside the host, making it more susceptible to evasion.  ... 
doi:10.1109/ines.2010.5483815 fatcat:o23dvxvnkfevjfvl2dukcizida

Classification of KDDCup99 Dataset for Intrusion Detection: A Survey

2017 International Journal of Recent Trends in Engineering and Research  
Detection of intrusion in network is necessary since the intrusion may create harm or attack any application which needs to be detected and prevented.  ...  Although there are various algorithms implemented for the detection of intrusions, but the classification of these intrusion is also an important concern since the type of attack depends on the intrusion  ...  Network intrusion detection system is used to detect any intruder which might have entered into the computer system In this paper, a multi agent based approach is used for network intrusion detection.  ... 
doi:10.23883/ijrter.2017.3327.eds6q fatcat:qptogod7czanffi64fwlpiitj4

An Overview of Intrusion Detection and Prevention Systems (IDPS) and Security Issues

Ahmad Sharifi, Freshteh Farokh Zad, Farnoosh Farokhmanesh, Akram Noorollahi, Jallaledin Sharif
2014 IOSR Journal of Computer Engineering  
Advanced technologies such as intrusion detection and prevention system (IDPS) and analysis tools have become prominent in the network environment while they involve with organizations to enhance the security  ...  Scanning and analyzing tools to pinpoint vulnerabilities, holes in security components, unsecured aspects of the network and deploying of IDPS technology are highlighted.  ...  Evasion: Changing format by an attacker to avoid from detecting by IDPS. False negative: Failure of detecting a real attack by IDPS, while the main function of IDPS is detect and respond to attacks.  ... 
doi:10.9790/0661-16114752 fatcat:zpqypyvr5rdhbpholropsxbm4m

An Analysis of Mechanisms for Making IDS Fault Tolerant

Perminder Kaur, Dhavleesh Rattan, Amit Kumar Bhardwaj
2010 International Journal of Computer Applications  
IDS are prone to various attacks and it becomes the natural primary target of hostile attacks with the aim of disabling the detection feature and allowing an attacker to operate without being detected.  ...  This paper suggests that intrusion detection system (IDS) must be fault tolerant; otherwise, the intruder may first subvert the IDS then attack the target system at will.  ...  Evasion of the detection. Several techniques have been developed to evade detection of an attack by intrusion-detection systems.  ... 
doi:10.5120/563-745 fatcat:xeic4jxphvcjfah75nbdpvtbfe

Improving Network Intrusion Detection Classifiers by Non-payload-Based Exploit-Independent Obfuscations: An Adversarial Approach [article]

Ivan Homoliak, Martin Teknos, Martín Ochoa, Dominik Breitenbacher, Saeid Hosseini, Petr Hanacek
2018 arXiv   pre-print
Machine-learning based intrusion detection classifiers are able to detect unknown attacks, but at the same time, they may be susceptible to evasion by obfuscation techniques.  ...  experiments to evaluate the effectiveness of intrusion detection classifiers against obfuscated attacks.  ...  However, to the best of our knowledge, there are no studies on non-payload-based intrusion detection and obfuscationbased adversarial evasion.  ... 
arXiv:1805.02684v1 fatcat:543fpbov6bdi5oh2lk6b776faq

CAN-LOC: Spoofing Detection and Physical Intrusion Localization on an In-Vehicle CAN Bus Based on Deep Features of Voltage Signals [article]

Efrat Levy and Asaf Shabtai and Bogdan Groza and Pal-Stefan Murvay and Yuval Elovici
2021 arXiv   pre-print
The first mechanism uses data augmentation and deep learning to detect and locate physical intrusions when the vehicle starts; this mechanism can detect and locate intrusions, even when the connected malicious  ...  To address this type of threat, we propose a security hardening system for in-vehicle networks.  ...  Thus, our system is more robust to detection evasion related to other detection solutions like timing-based and payload-based solutions.  ... 
arXiv:2106.07895v1 fatcat:evbntmlvrzhofd36l6m4ghnt7q

Detecting Anomalies in Active Insider Stepping Stone Attacks

Giovanni Di Crescenzo, Abhrajit Ghosh, Abhinay Kampasi, Rajesh Talpade, Yin Zhang
2011 Journal of Wireless Mobile Networks, Ubiquitous Computing, and Dependable Applications  
resistant to evasion.  ...  We have developed three anomaly detection algorithms to detect the presence of jitter and chaff in interactive connections, based on response time, edit distance and causality.  ...  Research on timing-based stepping stone detection has then focused on making the algorithm more resistant to evasions like timing perturbation and chaffs.  ... 
doi:10.22667/jowua.2011.03.31.103 dblp:journals/jowua/CrescenzoGKTZ11 fatcat:msq5qh6nh5d7ji7clvt65c72ey

Systematic Literature Review over IDPS, Classification and Application in its Different Areas

Shehroz Afzal, Jamil Asim
Evaluation of available IDS datasets discussing the challenges of evasion techniques.  ...  Numerous intrusion detection methods have been proposed in the literature to tackle computer security threats, which can be broadly classified into Signature-based Intrusion Detection Systems (SIDS) and  ...  Acknowledgement Authors are thankful to the Editorial Team for their constructive support.  ... 
doi:10.52700/scir.v3i2.58 fatcat:xrczlxjg5ncclf2ftxyw3y5zce

Passive visual fingerprinting of network attack tools

Gregory Conti, Kulsoom Abdullah
2004 Proceedings of the 2004 ACM workshop on Visualization and data mining for computer security - VizSEC/DMSEC '04  
This research explores the application of several visualization techniques and their usefulness toward identification of attack tools, without the typical automated intrusion detection system's signatures  ...  of zero-day attacks can be rapidly detected and analyzed using similar techniques.  ...  The views expressed in this article are those of the authors and do not reflect the official policy or position of the United States Military Academy, the Department of the Army, the Department of Defense  ... 
doi:10.1145/1029208.1029216 dblp:conf/vizsec/ContiA04 fatcat:kz4fivxqarfcpa3dfp5wn4zzlq

A Practical Approach for SQL Injection Prevention Attacks Using IPS
IJARCCE - Computer and Communication Engineering

2014 IJARCCE  
The IPS technique has been proposed to prevent the intruder"s attack.  ...  The history of transactions with user id is also tracked for advance analysis but it would require more memory. The SQL Injection attack has been prevented and there will be no loss of information.  ...  In this paper first they described the nature of SQL injection attack, then they analyzed current SQL injection detection evasion techniques and how they can bypass the detection filters, afterward they  ... 
doi:10.17148/ijarcce.2014.31008 fatcat:qm7ypny3hvbgxlpxugcrwtbyca

MAD: A Middleware Framework for Multi-step Attack Detection

Panagiotis Papadopoulos, Thanasis Petsas, Giorgos Christou, Giorgos Vasiliadis
2015 2015 4th International Workshop on Building Analysis Datasets and Gathering Experience Returns for Security (BADGERS)  
Signature-based network intrusion detection systems (NIDS) are one of the most popular tools used to detect and stop malicious attacks or unwanted actions.  ...  Our approach will offer the ability to analyze and correlate multiple security activities, as well as, in terms of forensic analysis, to perform post-mortem incident analysis in order to asses the given  ...  Thus, detection of such threats requires a different approach, not constrained by the observation of a single event. Evasiveness.  ... 
doi:10.1109/badgers.2015.012 dblp:conf/badgers/PapadopoulosPCV15 fatcat:yxqx7u74nne6dkln7rpllrus74


Jiejun Kong, Xiaoyan Hong
2003 Proceedings of the 4th ACM international symposium on Mobile ad hoc networking & computing - MobiHoc '03  
Allowing adversaries to trace network routes and infer the motion pattern of nodes at the end of those routes may pose a serious threat to covert operations.  ...  We use simulations and implementation to validate the effectiveness of our design.  ...  More details of this design is available in our technical report [14] .  ... 
doi:10.1145/778445.778449 fatcat:demee6rsbnckfbzviy7zb6w5ha
« Previous Showing results 1 — 15 out of 1,028 results