Detecting stepping stones by abnormal causality probability

Article


Wen, Sheng, Wu, Di, Li, Ping, Xiang, Yang, Zhou, Wanlei and Wei, Guiyi. 2015. "Detecting stepping stones by abnormal causality probability." Security and Communication Networks. 8 (10), pp. 1831-1844. https://doi.org/10.1002/sec.1037
Article Title

Detecting stepping stones by abnormal causality probability

ERA Journal ID39741
Article CategoryArticle
AuthorsWen, Sheng, Wu, Di, Li, Ping, Xiang, Yang, Zhou, Wanlei and Wei, Guiyi
Journal TitleSecurity and Communication Networks
Journal Citation8 (10), pp. 1831-1844
Number of Pages14
Year2015
PublisherHindawi Publishing Corporation
John Wiley & Sons
Place of PublicationUnited States
ISSN1939-0114
1939-0122
Digital Object Identifier (DOI)https://doi.org/10.1002/sec.1037
Web Address (URL)https://onlinelibrary.wiley.com/doi/full/10.1002/sec.1037
Abstract

Locating the real source of the Internet attacks has long been an important but difficult problem to be addressed. In the real world, attackers can easily hide their identities and evade punishment by relaying their attacks through a series of compromised systems or devices called stepping stones. Currently, researchers mainly use similar features from the network traffic, such as packet timestamps and frequencies, to detect stepping stones. However, these features can be easily destroyed by attackers using evasive techniques. In addition, it is also difficult to implement an appropriate threshold of similarity that can help justify the stepping stones. In order to counter these problems, in this paper, we introduce the consistent causality probability to detect the stepping stones. We formulate the ranges of abnormal causality probabilities according to the different network conditions, and on the basis of it, we further implement to self-adaptive methods to capture stepping stones. To evaluate our proposed detection methods, we adopt theoretic analysis and empirical studies, which demonstrate accuracy of the abnormal causality probability. Moreover, we compare our proposed methods with previous works. The result shows that our methods in this paper significantly outperform previous works in the accuracy of detection malicious stepping stones, even when evasive techniques are adopted by attackers.

Keywordsintrusion detection; causality probability; stepping stones
ANZSRC Field of Research 20204604. Cybersecurity and privacy
Public Notes

Files associated with this item cannot be displayed due to copyright restrictions.

Byline AffiliationsDeakin University
Zhejiang Gongshang University, China
Permalink -

https://research.usq.edu.au/item/z4y27/detecting-stepping-stones-by-abnormal-causality-probability

  • 2
    total views
  • 0
    total downloads
  • 2
    views this month
  • 0
    downloads this month

Export as

Related outputs

VPFL: A verifiable privacy-preserving federated learning scheme for edge computing systems
Zhang, Jiale, Liu, Yue, Wu, Di, Lou, Shuai, Chen, Bing and Yu, Shui. 2023. "VPFL: A verifiable privacy-preserving federated learning scheme for edge computing systems." Digital Communications and Networks. 9 (4), pp. 981-989. https://doi.org/10.1016/j.dcan.2022.05.010
Hybrid KD-NFT: A multi-layered NFT assisted robust Knowledge Distillation framework for Internet of Things
Wang, Nai, Chen, Junjun, Wu, Di, Yang, Wencheng, Xiang, Yong and Sajjanhar, Atul. 2023. "Hybrid KD-NFT: A multi-layered NFT assisted robust Knowledge Distillation framework for Internet of Things." Journal of Information Security and Applications. 75. https://doi.org/10.1016/j.jisa.2023.103483
On addressing the imbalance problem: a correlated KNN approach for network traffic classification
Wu, Di, Chen, Xiao, Chen, Chao, Zhang, Jun, Xiang, Yang and Zhou, Wanlei. 2015. "On addressing the imbalance problem: a correlated KNN approach for network traffic classification." NSS 2014: 8th International Conference on Network and System Security. Xi'an, China 15 - 17 Oct 2014 Switzerland . Springer. https://doi.org/10.1007/978-3-319-11698-3_11
A Survey on Latest Botnet Attack and Defense
Zhang, Lei, Yu, Shui, Wu, Di and Watters, Paul. 2011. "A Survey on Latest Botnet Attack and Defense ." 10th IEEE International Conference on Trust, Security and Privacy in Computing and Communications (TrustCom 2011). Changsha, China 16 - 18 Nov 2011 China. https://doi.org/10.1109/TrustCom.2011.11