Tracing back attacks against encrypted protocols

IWCMC 2007: Proceedings of the 2007 International Wireless Communications and Mobile Computing Conference

Volumn , Issue , 2007, Pages 121-126

  Taleb, Tarik ^a   Fadlullah, Zubair Md ^a   Hashimoto, Kazuo ^a   Nemoto, Yoshiaki ^a   Kato, Nei ^a  

^a TOHOKU UNIVERSITY   (Japan)

Author keywords

Encryption; Intrusion detection system (IDS); Traceback

Indexed keywords

COMPUTER SIMULATION; CRYPTOGRAPHY; FEATURE EXTRACTION; INTRUSION DETECTION; TELECOMMUNICATION TRAFFIC; TOPOLOGY;

ENCRYPTED PROTOCOLS; MONITORING STUBS (MS); TRACING BACK;

NETWORK PROTOCOLS;

EID: 36849007415     PISSN: None     EISSN: None     Source Type: Conference Proceeding    
DOI: 10.1145/1280940.1280966     Document Type: Conference Paper

References (18)

1. A. Blum, D. Song, and S. Venkataraman, "Detection of Interactive Stepping Stones: Algorithms and Confidence Bounds," in Proc. Recent Advance in Intrusion Detection (RAID), Sophia Antipolis, French Riviera, France, Sep. 2004.
2. Z. M. Fadiullah, T. Taleb, N. Ansari, K. Hashimoto, Y. Miyake, Y. Nemoto, and N. Kato, "Combating Attacks Against Encrypted Protocols," in Proc. ICC 2007, Glasgow, Scotland, Jun. 2007.
3. D. Song and A. Perrig, "Advanced and Authenticated Marking Schemes for IP Traceback," in Proc. IEEE INFOCOM, Anchorage, Alaska, USA, Apr. 2001.
4. W. Lee and K. Park, "On the Effectiveness of Probabilistic Packet Marking for IP Traceback under Denial of Service Attack," in Proc. IEEE INFOCOM, Anchorage, Alaska, USA, Apr. 2001.
5. S. Bellovin, "ICMP Traceback Messages," IETF Internet Draft, Mar. 2000.
6. Z. Gao and N. Ansari, "Tracing Cyber Attacks from the Practical Perspective," IEEE Commun. Mag., Vol. 43, No. 5, May 2005, pp. 123-131.
7. S. Savage, D. Wetherall, A. R. Karlin, and T. Anderson, "Practical Network Support for IP Traceback," in Proc. SIGCOMM, Stockholm, Sweden, Sep. 2000.
8. th European Symposium on Research in Computer Security (ESORICS), Zurich, Switzerland, Oct. 2002.
9. S. C. Lee and C. Shields, "Tracing the Source of Network Attack: A Technical, Legal and Societal Problem," in Proc. 2001 IEEE Workshop on Information Assurance and Security, New York, USA, Jun. 2001.
10. G. Mansfield, K. Ohta, Y. Takei, N. Kato, and Y. Nemoto, "Towards trapping wily intruders in the large," Computer Networks, Vol. 34, No. 4, Oct. 2000, pp. 659-670.
11. S. P. Joglekar and S. R. Tate, "ProtoMon: Embedded Monitors for Cryptographic Protocol Intrusion Detection and Prevention," J. Universal Computer Science (JUCS), Vol. 11, No. 1, Jan. 2005, pp. 83-103.
12. th USENIX Security Symposium, Washington DC, USA, Aug. 2003.
13. R. Oppliger, R. Hauser, and D. Basin, "SSL/TLS session-aware user authentication - OR how to effectively thwart the man-in-the-middle," Computer Communications, Vol. 29, No. 12, Aug. 2006, pp. 2238-2246.
14. Available at CERT, "OpenSSL servers contain a buffer overflow during the SSL2 handshake process," CERT Vulnerability Note #102795, Jul. 2002.
15. Available at CERT, "OpenSSL servers contain a remotely exploitable buffer overflow vulnerability during the SSL3 handshake process," CERT Vulnerability Note #561275, Jul. 2002.
16. K. Sakaguchi, K. Ohta, Y. Waizumi, N. Kato, and Y. Nemoto, "Tracing DDoS Attacks by Comparing Traffic patterns Based on Quadratic Programming Methods," The Transactions of IEICE B (Japanese Edition), Vol. J85-B, No. 8, 2002, pp. 1295-1303.
17. Network Simulator-ns(version 2). http://isl.edu/nsna.rn/ns
18. Brite, http://www.cs.bu.edu/brite/