Title :
iLOC: An invisible LOCalization Attack to Internet Threat Monitoring Systems
Author :
Wang, Xun ; Yu, Wei ; Fu, Xinwen ; Xuan, Dong ; Zhao, Wei
Author_Institution :
Ohio State Univ., Columbus
Abstract :
In this paper, we study a new class of attacks, the invisible LOCalization (iLOC) attack, which can accurately and invisibly localize monitors of Internet threat monitoring (ITM) systems, a class of widely deployed facilities to characterize Internet threats, such as worm propagation, denial-of-service (DoS) attacks. In the iLOC attack, the attacker launches low-rate port-scan traffic, encoded with a selected pseudo-noise code (PN- code), to targeted networks. While the secret PN-code is invisible to others, the attacker can accurately determine the existence of monitors in the targeted networks based on whether the PN-code is embedded in the report data queried from the data center of the ITM system. We conduct extensive simulations on the iLOC attack using real-world traces. Our data demonstrate that the iLOC attack can accurately identify monitors while remaining invisible to the ITM. Finally, we present a set of guidelines to counteract the iLOC attack.
Keywords :
Internet; invasive software; pseudonoise codes; telecommunication security; Internet threat monitoring systems; denial of service attacks; invisible localization attack; low rate port scan traffic; pseudonoise code; worm propagation; Algorithm design and analysis; Communications Society; Computer crime; Computer displays; Computer science; Computer worms; Guidelines; Internet; Monitoring; Telecommunication traffic;
Conference_Titel :
INFOCOM 2008. The 27th Conference on Computer Communications. IEEE
Conference_Location :
Phoenix, AZ
Print_ISBN :
978-1-4244-2025-4
Electronic_ISBN :
0743-166X
DOI :
10.1109/INFOCOM.2008.257
