The number of computer break-ins from the outside of an organization has increased with the rapid growth of the Internet. Since many intruders from the outside of an organization employ stepping stones, it is difficult to trace back where the real origin of the attack is. Some research projects have proposed tracing methods for DoS attacks and detecting method of stepping stones. It is still difficult to locate the origin of an attack that uses stepping stones. We have developed IDA (Intrusion Detection Agent system), which has an intrusion tracing mechanism in a LAN environment. In this paper, we improve the tracing mechanism so that it can trace back stepping stones attack in the Internet. In our method, the information about tracing stepping stone is collected from hosts in a LAN effectively, and the information is made available at the public information server. A pursuer of stepping stone attack can trace back the intrusion based on the information available at the public information server on an intrusion route.
The copyright of the original papers published on this site belongs to IEICE. Unauthorized use of the original or translated papers is prohibited. See IEICE Provisions on Copyright for details.
Copy
Midori ASAKA, Takefumi ONABUTA, Shigeki GOTO, "Public Information Server for Tracing Intruders in the Internet" in IEICE TRANSACTIONS on Communications,
vol. E84-B, no. 12, pp. 3104-3112, December 2001, doi: .
Abstract: The number of computer break-ins from the outside of an organization has increased with the rapid growth of the Internet. Since many intruders from the outside of an organization employ stepping stones, it is difficult to trace back where the real origin of the attack is. Some research projects have proposed tracing methods for DoS attacks and detecting method of stepping stones. It is still difficult to locate the origin of an attack that uses stepping stones. We have developed IDA (Intrusion Detection Agent system), which has an intrusion tracing mechanism in a LAN environment. In this paper, we improve the tracing mechanism so that it can trace back stepping stones attack in the Internet. In our method, the information about tracing stepping stone is collected from hosts in a LAN effectively, and the information is made available at the public information server. A pursuer of stepping stone attack can trace back the intrusion based on the information available at the public information server on an intrusion route.
URL: https://global.ieice.org/en_transactions/communications/10.1587/e84-b_12_3104/_p
Copy
@ARTICLE{e84-b_12_3104,
author={Midori ASAKA, Takefumi ONABUTA, Shigeki GOTO, },
journal={IEICE TRANSACTIONS on Communications},
title={Public Information Server for Tracing Intruders in the Internet},
year={2001},
volume={E84-B},
number={12},
pages={3104-3112},
abstract={The number of computer break-ins from the outside of an organization has increased with the rapid growth of the Internet. Since many intruders from the outside of an organization employ stepping stones, it is difficult to trace back where the real origin of the attack is. Some research projects have proposed tracing methods for DoS attacks and detecting method of stepping stones. It is still difficult to locate the origin of an attack that uses stepping stones. We have developed IDA (Intrusion Detection Agent system), which has an intrusion tracing mechanism in a LAN environment. In this paper, we improve the tracing mechanism so that it can trace back stepping stones attack in the Internet. In our method, the information about tracing stepping stone is collected from hosts in a LAN effectively, and the information is made available at the public information server. A pursuer of stepping stone attack can trace back the intrusion based on the information available at the public information server on an intrusion route.},
keywords={},
doi={},
ISSN={},
month={December},}
Copy
TY - JOUR
TI - Public Information Server for Tracing Intruders in the Internet
T2 - IEICE TRANSACTIONS on Communications
SP - 3104
EP - 3112
AU - Midori ASAKA
AU - Takefumi ONABUTA
AU - Shigeki GOTO
PY - 2001
DO -
JO - IEICE TRANSACTIONS on Communications
SN -
VL - E84-B
IS - 12
JA - IEICE TRANSACTIONS on Communications
Y1 - December 2001
AB - The number of computer break-ins from the outside of an organization has increased with the rapid growth of the Internet. Since many intruders from the outside of an organization employ stepping stones, it is difficult to trace back where the real origin of the attack is. Some research projects have proposed tracing methods for DoS attacks and detecting method of stepping stones. It is still difficult to locate the origin of an attack that uses stepping stones. We have developed IDA (Intrusion Detection Agent system), which has an intrusion tracing mechanism in a LAN environment. In this paper, we improve the tracing mechanism so that it can trace back stepping stones attack in the Internet. In our method, the information about tracing stepping stone is collected from hosts in a LAN effectively, and the information is made available at the public information server. A pursuer of stepping stone attack can trace back the intrusion based on the information available at the public information server on an intrusion route.
ER -