| | |
Summary: A Survey of Connection-Chains Detection
Techniques
Ahmad Almulhem and Issa Traore
Electrical and Computer Enginerring Department, University of Victoria, CANADA
e-mails: {almulhem, itraore}@ece.uvic.ca
Abstract--A connection-chain is a set of connections created
by sequentially logging into a series of hosts, known as stepping-
stones. It provides an effective scheme for attackers to manually
interact with a victim machine without disclosing their true
origin. The victim will only identify the last host in the chain,
while the true origin is hidden behind a series of stepping-stones.
Addressing connection-chains poses challenges for researchers in
the field of computer security. Accordingly, several approaches
have been proposed in the literature. In this paper, we review
those approaches and classify them according to a proposed
taxonomy.
I. INTRODUCTION
hacker
victim
a series of stepping stones
|
