The original paper is in English. Non-English content has been machine-translated and may contain typographical errors or mistranslations. ex. Some numerals are expressed as "XNUMX".
Copyrights notice
The original paper is in English. Non-English content has been machine-translated and may contain typographical errors or mistranslations. Copyrights notice
O número de invasões de computadores provenientes de fora de uma organização aumentou com o rápido crescimento da Internet. Como muitos invasores de fora de uma organização empregam trampolins, é difícil rastrear onde está a verdadeira origem do ataque. Alguns projetos de pesquisa propuseram métodos de rastreamento para ataques DoS e métodos de detecção de trampolins. Ainda é difícil localizar a origem de um ataque que utiliza trampolins. Desenvolvemos o IDA (sistema Intrusion Detection Agent), que possui um mecanismo de rastreamento de intrusão em ambiente LAN. Neste artigo, melhoramos o mecanismo de rastreamento para que ele possa rastrear ataques de trampolim na Internet. Em nosso método, as informações sobre o trampolim de rastreamento são coletadas de maneira eficaz dos hosts em uma LAN e as informações são disponibilizadas no servidor de informações públicas. Um perseguidor de um ataque trampolim pode rastrear a intrusão com base nas informações disponíveis no servidor de informações públicas em uma rota de intrusão.
The copyright of the original papers published on this site belongs to IEICE. Unauthorized use of the original or translated papers is prohibited. See IEICE Provisions on Copyright for details.
Copiar
Midori ASAKA, Takefumi ONABUTA, Shigeki GOTO, "Public Information Server for Tracing Intruders in the Internet" in IEICE TRANSACTIONS on Communications,
vol. E84-B, no. 12, pp. 3104-3112, December 2001, doi: .
Abstract: The number of computer break-ins from the outside of an organization has increased with the rapid growth of the Internet. Since many intruders from the outside of an organization employ stepping stones, it is difficult to trace back where the real origin of the attack is. Some research projects have proposed tracing methods for DoS attacks and detecting method of stepping stones. It is still difficult to locate the origin of an attack that uses stepping stones. We have developed IDA (Intrusion Detection Agent system), which has an intrusion tracing mechanism in a LAN environment. In this paper, we improve the tracing mechanism so that it can trace back stepping stones attack in the Internet. In our method, the information about tracing stepping stone is collected from hosts in a LAN effectively, and the information is made available at the public information server. A pursuer of stepping stone attack can trace back the intrusion based on the information available at the public information server on an intrusion route.
URL: https://global.ieice.org/en_transactions/communications/10.1587/e84-b_12_3104/_p
Copiar
@ARTICLE{e84-b_12_3104,
author={Midori ASAKA, Takefumi ONABUTA, Shigeki GOTO, },
journal={IEICE TRANSACTIONS on Communications},
title={Public Information Server for Tracing Intruders in the Internet},
year={2001},
volume={E84-B},
number={12},
pages={3104-3112},
abstract={The number of computer break-ins from the outside of an organization has increased with the rapid growth of the Internet. Since many intruders from the outside of an organization employ stepping stones, it is difficult to trace back where the real origin of the attack is. Some research projects have proposed tracing methods for DoS attacks and detecting method of stepping stones. It is still difficult to locate the origin of an attack that uses stepping stones. We have developed IDA (Intrusion Detection Agent system), which has an intrusion tracing mechanism in a LAN environment. In this paper, we improve the tracing mechanism so that it can trace back stepping stones attack in the Internet. In our method, the information about tracing stepping stone is collected from hosts in a LAN effectively, and the information is made available at the public information server. A pursuer of stepping stone attack can trace back the intrusion based on the information available at the public information server on an intrusion route.},
keywords={},
doi={},
ISSN={},
month={December},}
Copiar
TY - JOUR
TI - Public Information Server for Tracing Intruders in the Internet
T2 - IEICE TRANSACTIONS on Communications
SP - 3104
EP - 3112
AU - Midori ASAKA
AU - Takefumi ONABUTA
AU - Shigeki GOTO
PY - 2001
DO -
JO - IEICE TRANSACTIONS on Communications
SN -
VL - E84-B
IS - 12
JA - IEICE TRANSACTIONS on Communications
Y1 - December 2001
AB - The number of computer break-ins from the outside of an organization has increased with the rapid growth of the Internet. Since many intruders from the outside of an organization employ stepping stones, it is difficult to trace back where the real origin of the attack is. Some research projects have proposed tracing methods for DoS attacks and detecting method of stepping stones. It is still difficult to locate the origin of an attack that uses stepping stones. We have developed IDA (Intrusion Detection Agent system), which has an intrusion tracing mechanism in a LAN environment. In this paper, we improve the tracing mechanism so that it can trace back stepping stones attack in the Internet. In our method, the information about tracing stepping stone is collected from hosts in a LAN effectively, and the information is made available at the public information server. A pursuer of stepping stone attack can trace back the intrusion based on the information available at the public information server on an intrusion route.
ER -