Stepping-stone detection technique for recognizing legitimate and attack connections
A stepping-stone connection has always been assumed as an intrusion since the first research on stepping-stone connections twenty years ago. However, not all stepping-stone connections are malicious.This paper proposes an enhanced stepping-stone detection (SSD) technique which is capable to identify...
| Main Authors: | , , |
|---|---|
| Format: | Conference or Workshop Item |
| Language: | English |
| Published: |
2015
|
| Subjects: | |
| Online Access: | https://repo.uum.edu.my/id/eprint/15597/1/PID189.pdf |
| _version_ | 1825803563858657280 |
|---|---|
| author | Daud, Ali Yusny Ghazali, Osman Omar, Mohd Nizam |
| author_facet | Daud, Ali Yusny Ghazali, Osman Omar, Mohd Nizam |
| author_sort | Daud, Ali Yusny |
| collection | UUM |
| description | A stepping-stone connection has always been assumed as an intrusion since the first research on stepping-stone connections twenty years ago. However, not all stepping-stone connections are malicious.This paper proposes an enhanced stepping-stone detection (SSD) technique which is capable to identify legitimate connections from stepping-stone connections.Stepping-stone connections are identified from raw network traffics using timing-based SSD approach.Then, they go through an anomaly detection technique to differentiate between legitimate and attack connections.This technique has a promising solution to accurately detecting intrusions from stepping-stone connections.It will prevent incorrect responses that punish legitimate users. |
| first_indexed | 2024-07-04T05:59:10Z |
| format | Conference or Workshop Item |
| id | uum-15597 |
| institution | Universiti Utara Malaysia |
| language | English |
| last_indexed | 2024-07-04T05:59:10Z |
| publishDate | 2015 |
| record_format | eprints |
| spelling | uum-155972016-04-27T02:27:49Z https://repo.uum.edu.my/id/eprint/15597/ Stepping-stone detection technique for recognizing legitimate and attack connections Daud, Ali Yusny Ghazali, Osman Omar, Mohd Nizam QA75 Electronic computers. Computer science A stepping-stone connection has always been assumed as an intrusion since the first research on stepping-stone connections twenty years ago. However, not all stepping-stone connections are malicious.This paper proposes an enhanced stepping-stone detection (SSD) technique which is capable to identify legitimate connections from stepping-stone connections.Stepping-stone connections are identified from raw network traffics using timing-based SSD approach.Then, they go through an anomaly detection technique to differentiate between legitimate and attack connections.This technique has a promising solution to accurately detecting intrusions from stepping-stone connections.It will prevent incorrect responses that punish legitimate users. 2015 Conference or Workshop Item PeerReviewed application/pdf en https://repo.uum.edu.my/id/eprint/15597/1/PID189.pdf Daud, Ali Yusny and Ghazali, Osman and Omar, Mohd Nizam (2015) Stepping-stone detection technique for recognizing legitimate and attack connections. In: 5th International Conference on Computing and Informatics (ICOCI) 2015, 11-13 August 2015, Istanbul, Turkey. http://www.icoci.cms.net.my/proceedings/2015/TOC.html |
| spellingShingle | QA75 Electronic computers. Computer science Daud, Ali Yusny Ghazali, Osman Omar, Mohd Nizam Stepping-stone detection technique for recognizing legitimate and attack connections |
| title | Stepping-stone detection technique for recognizing legitimate and attack connections |
| title_full | Stepping-stone detection technique for recognizing legitimate and attack connections |
| title_fullStr | Stepping-stone detection technique for recognizing legitimate and attack connections |
| title_full_unstemmed | Stepping-stone detection technique for recognizing legitimate and attack connections |
| title_short | Stepping-stone detection technique for recognizing legitimate and attack connections |
| title_sort | stepping stone detection technique for recognizing legitimate and attack connections |
| topic | QA75 Electronic computers. Computer science |
| url | https://repo.uum.edu.my/id/eprint/15597/1/PID189.pdf |
| work_keys_str_mv | AT daudaliyusny steppingstonedetectiontechniqueforrecognizinglegitimateandattackconnections AT ghazaliosman steppingstonedetectiontechniqueforrecognizinglegitimateandattackconnections AT omarmohdnizam steppingstonedetectiontechniqueforrecognizinglegitimateandattackconnections |