Applying Signal Processing Technology to Stepping-Stone Intrusion Detection

Author

Zhang, Yongzhong ; Ye, Chunming ; Yang, Jianhua

Author_Institution

Coll. of Manage., Univ. of Shanghai for Sci. & Technol. Shanghai, Shanghai

Volume

1

fYear

2008

fDate

20-22 Dec. 2008

Firstpage

375

Lastpage

379

Abstract

Most network intruders launch their attacks through stepping-stones to reduce the risks of being discovered. To uncover such intrusions, one prevalent, challenging, and critical way is to compare an incoming connection with an outgoing connection to determine if a computer is used as stepping-stone. In this paper, we present four models to describe stepping-stone intrusion. We also propose the idea applying signal processing technology to stepping-stone intrusion detection. We present the preliminary results of applying correlation coefficients to detecting stepping-stone intrusion. The contribution of this paper is that we are the first to apply correlation coefficient to stepping-stone detection, and more importantly, it does not have to monitor a session for a long time to conclude if there is a stepping-stone intrusion. Applying DFT and Z-transform to stepping-stone detection is under way.

Keywords

correlation methods; security of data; signal processing; telecommunication security; DFT transform; Z-transform; correlation coefficient; network intrusion; signal processing technology; stepping-stone intrusion detection; Application software; Computer network management; Educational institutions; Information technology; Intelligent networks; Intrusion detection; Monitoring; Multidimensional signal processing; Risk management; Signal processing;

fLanguage

English

Publisher

ieee

Conference_Titel

Intelligent Information Technology Application, 2008. IITA '08. Second International Symposium on

Conference_Location

Shanghai

Print_ISBN

978-0-7695-3497-8

Type

conf

DOI

10.1109/IITA.2008.245

Filename

4739598