search query: @keyword Network Security / total: 17
reference: 7 / 17
Author: | Singh, Gurvinder |
Title: | Detection of intermediatry hosts trough TCP latency propagation |
Publication type: | Master's thesis |
Publication year: | 2009 |
Pages: | (9+) 101 Language: eng |
Department/School: | Tietotekniikan laitos |
Main subject: | Tietokoneverkot (T-110) |
Supervisor: | MjĂžlsnes, Stig F. ; Tarkoma, Sasu |
Instructor: | Willassen, Svein Y. |
OEVS: | Electronic archive copy is available via Aalto Thesis Database.
Instructions Reading digital theses in the closed network of the Aalto University Harald Herlin Learning CentreIn the closed network of Learning Centre you can read digital and digitized theses not available in the open network. The Learning Centre contact details and opening hours: https://learningcentre.aalto.fi/en/harald-herlin-learning-centre/ You can read theses on the Learning Centre customer computers, which are available on all floors.
Logging on to the customer computers
Opening a thesis
Reading the thesis
Printing the thesis
|
Location: | P1 Ark Aalto | Archive |
Keywords: | network security stepping-stone detection manual intrusion detection tor usage detection spam detection and digital forensics investigation |
Abstract (eng): | The popularity and potential of internet attracts users with illegal intentions as well. The attackers generally establish a connection by logging in to a number of intermediary hosts before launching an attack at the victim host. These intermediary hosts are called as stepping-stones. On the victim side, it becomes hard to detect that. the peer communicating with the victim is whether a real originator of the connection or it is merely acting as an intermediary host in the connection chain, This master dissertation proposed an approach based on Interarrival packet time to distinguish an incoming connection from a connection coming via some intermediary hosts. The proposed approach uses information available at the receiving end and applicable to encrypted traffic too. The approach was successfully tested for SSH, Telnet, FTP, HTTP and SMTP protocols and implemented in to an intrusion detection system for corresponding protocols. The main applications for the proposed approach are Manual intrusion detection, Tor usage detection and Spam messages detection. The approach is also applicable for the digital forensics investigations. |
ED: | 2009-09-08 |
INSSI record number: 38301
+ add basket
INSSI