Holding intruders accountable on the Internet

نویسندگان

  • Stuart Staniford-Chen
  • Todd L. Heberlein
چکیده

This paper addresses the problem of tracing intruders who obscure their identity by logging through a chain of multiple machines. After discussing previous approaches to this problem, we introduce thumbprints which are short summaries of the content of a connection. These can be compared to determine whether two connections contain the same text and are therefore likely to be part of the same connection chain. We enumerate the properties a thumbprint needs to have to work in practice, and then de ne a class of local thumbprints which have the desired properties. A methodology from multivariate statistics called principal component analysis is used to infer the best choice of thumbprinting parameters from data. Currently our thumbprints require 24 bytes per minute per connection. We develop an algorithm to compare these thumbprints which allows for the possibility that data may leak from one time-interval to the next. We present experimental data showing that our scheme works on a local area network.

برای دانلود رایگان متن کامل این مقاله و بیش از 32 میلیون مقاله دیگر ابتدا ثبت نام کنید

ثبت نام

اگر عضو سایت هستید لطفا وارد حساب کاربری خود شوید

منابع مشابه

Holding the Internet Accountable

Today’s IP network layer provides little to no protection against misconfiguration or malice. Despite some progress in improving the robustness and security of the IP layer, misconfigurations and attacks still occur frequently. We show how a network layer that provides accountability, i.e., the ability to associate each action with the responsible entity, provides a firm foundation for defenses...

متن کامل

Using Performance on the Job to Inform Teacher Tenure Decisions

policymakers. Well over a decade into the standards movement, the idea of holding schools accountable for results is being pushed to a logical, if controversial, end point: the implementation of policies aimed at holding individual teachers (not just schools) accountable for results. As a number of states begin to revamp their tenure-granting policies, the idea that high-stakes personnel decisi...

متن کامل

Effect of environmental enrichment upon resource holding power in fish in prior residence situations.

Resource holding power (RHP), as expressed by gaining dominance, can be affected by extrinsic and intrinsic factors. Extrinsic factors that increase the RHP include e.g. prior exposure to the contest area. The pay-off asymmetry hypothesis was tested according to which there is an asymmetry in the value the resident's territory has for the resident and intruders, i.e. the resident loses more tha...

متن کامل

Combined Wired and Wireless Network Intrusion Detection Using Statistical Data Streams and Clustering Method

The widespread usage of internet application through wireless medium along with the wired medium has made the internet server to be one for combined wired and wireless network. The criteria for adapting intrusion detection in wireless scenario are different from the traditional wired intrusion detection. The wired network routing and data transmission lies in the standard physical routing. Howe...

متن کامل

Cyber Security and the Internet of Things: Vulnerabilities,Threats, Intruders and Attacks

Internet of Things (IoT) devices are rapidly becoming ubiquitous while IoT services are becoming pervasive. Their success has not gone unnoticed and the number of threats and attacks against IoT devices and services are on the increase as well. Cyber-attacks are not new to IoT, but as IoT will be deeply interwoven in our lives and societies, it is becoming necessary to step up and take cyber de...

متن کامل

ذخیره در منابع من


  با ذخیره ی این منبع در منابع من، دسترسی به آن را برای استفاده های بعدی آسان تر کنید

عنوان ژورنال:

دوره   شماره 

صفحات  -

تاریخ انتشار 1995