Article ID Journal Published Year Pages File Type
488456 Procedia Computer Science 2016 11 Pages PDF
Abstract

The way attackers execute attacks is incredible, they execute attacking commands form intermediate compromised host to remain anonymous instead from their own computers. These intermediate hosts are called as stepping stone host and attacks that attackers perform using stepping stones are called as stepping stone attacks. One solution to the problem of stepping stone attack is to detect stepping stone host so that we can break attacking path created and used by the attacker. In this paper, we propose a stepping stone detection approach which analyses the traffic flowing through the host to find out whether this is a stepping stone host or normal host. Our approach classifies traffic into two categories Stepping Stone Traffic and Normal Traffic using Neural Network. If the traffic flowing through the host belongs to the class of stepping Stone Traffic this indicates that host whose traffic is being tested is a stepping stone host otherwise it is a normal host. Our approach allows attacker to insert chaff packets and fixed delay, reshuffling of packet, padding, and encryption of attacking traffic.

Keywords
Related Topics
Physical Sciences and Engineering Computer Science Computer Science (General)
Authors
, ,