Public information server for tracing intruders in the internet

M. Asaka, T. Onabuta, Shigeki Goto

    Research output: Contribution to journalArticle

    4 Citations (Scopus)

    Abstract

    The number of computer break-ins from the outside of an organization has increased with the rapid growth of the Internet. Since many intruders from the outside of an organization employ stepping stones, it is difficult to trace back where the real origin of the attack is. Some research projects have proposed tracing methods for DoS attacks and detecting method of stepping stones. It is still difficult to locate the origin of an attack that uses stepping stones. We have developed IDA (Instrussion Detection Agent system), which has an intrusion tracing mechanism in a LAN environment. In this paper, we improve the tracing mechanism so that it can trace back stepping stones attack in the Internet. In our method, the information about tracing stepping stone is collected from hosts in a LAN effectively, and the information is made available at the public information server. A pursuer of stepping stone attack can trace back the intrusion based on the information available at the public information server on an intrusion route.

    Original languageEnglish
    Pages (from-to)3104-3112
    Number of pages9
    JournalIEICE Transactions on Communications
    VolumeE84-B
    Issue number12
    Publication statusPublished - 2001 Dec

    Keywords

    • Intrusion detection
    • Network security
    • Stepping stones
    • Tracing intruders

    ASJC Scopus subject areas

    • Electrical and Electronic Engineering
    • Computer Networks and Communications

    Fingerprint Dive into the research topics of 'Public information server for tracing intruders in the internet'. Together they form a unique fingerprint.

  • Cite this

    Asaka, M., Onabuta, T., & Goto, S. (2001). Public information server for tracing intruders in the internet. IEICE Transactions on Communications, E84-B(12), 3104-3112.