Real-Time Intruder Tracing through Self-Replication
作者: Heejin Jang , Sangwook Kim
关键词:
摘要: Since current internet intruders conceal their real identity by distributed or disguised attacks, it is not easy to deal with properly only an ex post facto chase. Therefore, needs trace the intruder in time. Existing real-time tracing systems has a spatial restriction. The security domain remains unchanged if there no system officer's intervention after installing system. It impossible respond attack which done out of domain. This paper proposes self-replication mechanism, new approach tracing, minimizing limitation traceable supports prompt response intrusion, detection target host and laundering hosts. also enhances possibility identification. Collected data during can be used generate hacking scenario database as legal evidence.
springer.com
sci-hub.st 参考文章(10)
Stephen E. Smaha, Terrance L. Goan, James Brentano, Daniel M. Teal, Karl N. Levitt, Biswanath Mukherjee, Steven R. Snapp, L. Todd Heberlein, Gihan V. Dias, Tim Grance, Che-Lin Ho, Doug Mansur, DIDS (distributed intrusion detection system)—motivation, architecture, and an early prototype Internet besieged. pp. 211- 227 ,(1997)
Kunikazu Yoda, Hiroaki Etoh, Finding a Connection Chain for Tracing Intruders european symposium on research in computer security. pp. 191- 205 ,(2000) , 10.1007/10722599_12
D. Schnackenberg, K. Djahandari, D. Sterne, Infrastructure for intrusion detection and response darpa information survivability conference and exposition. ,vol. 2, pp. 3- 11 ,(2000) , 10.1109/DISCEX.2000.821505
W Richard Stevens, Stephen A Rago, Dennis M Ritchie, None, Advanced Programming in the Unix Environment ,(1992)
Stuart G Staniford-Chen, Distributed Tracing of Intruders ,(1995)
M. Bishop, A model of security monitoring annual computer security applications conference. pp. 46- 52 ,(1989) , 10.1109/CSAC.1989.81024
M.R. Cornwell, A software engineering approach to designing trustworthy software ieee symposium on security and privacy. pp. 148- 156 ,(1989) , 10.1109/SECPRI.1989.36289
Gerhard Eschelbeck, Active Security A proactive approach for computer security systems Journal of Network and Computer Applications. ,vol. 23, pp. 109- 130 ,(2000) , 10.1006/JNCA.2000.0103
S. Staniford-Chen, L.T. Heberlein, Holding intruders accountable on the Internet ieee symposium on security and privacy. pp. 39- 49 ,(1995) , 10.1109/SECPRI.1995.398921
Heejin Jang, Sangwood Kim, A self-extension monitoring for security management annual computer security applications conference. pp. 196- 203 ,(2000) , 10.1109/ACSAC.2000.898873