Sniffing and chaffing network traffic in stepping-stone intrusion detection
Proceedings - 32nd IEEE International Conference on Advanced Information Networking and Applications Workshops, WAINA 2018
Intrusion detection, Network security, Network traffic, Packet chaffing, Packet sniffing, Stepping stone intrusion
© 2018 IEEE. Since stepping-stones were widely used to launch attacks over the targets in the Internet, many approaches have been developed to detect stepping-stone intrusion. We found that most of the approaches need to sniff and analyze computer network traffic to detect stepping-stone intrusion. In this paper, we introduce how to make a code to sniff TCP/IP packet. But some intruders can evade detection using TCP/IP session manipulation, such as chaff-perturbation. In order to help researchers understand how a session is manipulated and develop more advanced approaches not only detecting stepping-stone intrusion, but also resisting intruders' manipulation, we present a tool Fragroute which can be used to inject meaningless packets into a TCP/IP session across the Internet.
Yang, Jianhua; Zhang, Yongzhong; King, Robert; and Tolbert, Tim, "Sniffing and chaffing network traffic in stepping-stone intrusion detection" (2018). Faculty Bibliography. 2855.