You are here: silicon.com > Resources > White Papers > Networking and Communications > Network Technologies > TCP - IP

TCP - IP White Papers

Matching TCP/IP Packets to Detect Stepping-Stone Intrusion

Tags:
tcp - ip

Overview This paper proposes a "Step-Function" method to detect network attackers from using a long connection chain to hide their identities when they launch attacks. The objective of the method is to estimate the length of a connection chain based on the changes in packet round trip times. The key point to compute the round trip time of a connection chain is to match a Send and its corresponding Echo packet. The paper propose a conservative and a greedy matching algorithm to match TCP/IP packets in real-time. The first algorithm matches fewer packets but the quality of the matching is high. The second one matches more packets with some uncertainty on the correctness.

Further White Paper Details
Publisher	University of Houston	File Format	PDF
Date Published	October 2006
Format	White Papers
Topics	TCP - IP, Intrusion Detection Systems

Did you find this white paper useful?

Sprint IPVoice Connect Fact Sheet

Publisher:
Sprint

Integrated Trade Systems, Inc. Is Able to Track and Ensure Timely Purchase Order Delivery by Using Biscom Delivery Server to Send Files Securely

Publisher:
Biscom

Stewart Title Guaranty Company Reduces Courier and FTP Costs Using Biscom Delivery Server for Timely, Accurate, and Trackable Distribution of Software to Their Customers

Publisher:
Biscom

Tags:
tcp - ip

By Using Biscom Delivery Server to Send Large Files Both Internally and to Their Clients, John Wieland Homes and Neighborhoods Reduces Help Desk Calls, Eliminates Dependency on Email Attachments, and Secures Company Data

Publisher:
Biscom

Tags:
tcp - ip

Cracked: The Great Firewall of China

If you drop all the reset packets at both ends of the connection, which is relatively trivial to do, the web page is transferred just fine. If an attacker generated 100 triggering packets per second, and each packet caused 20 minutes of disruption...

Can I be your MSN Messenger buddy? And look at your hard drive too…

If an attacker sent a particular sequence of packets to a server running Media Services 4.1, it could interrupt any video streams. However, most people block that function, so random attacks will likely be rare, he said.

Channel:
Desktops

Slammer time - SQL worm brings net to its knees over weekend

And all this in just 376 bytes of code, meaning the entire SQL Slammer worm code is about half the length of this paragraph. Anti-virus firm F-Secure said the effects were so marked because the worm generates massive amounts of network packets...

Channel:
Security Strategy

What are IP VPNs good for?

Because IPSec encrypts data before forwarding it over the IP VPN and then decrypting it, there's a delay that makes using these apps together tough, and practically prohibits voice packets. SSL is an economy solution that provides a basic level of...

Where is the mysterious internet code coming from?

Until someone comes up with analysis that matches what I am seeing, I'm going to wait," he said. That would leave us to believe that there is something out there that is creating the [data] packets that isn't this Trojan.

Channel:
LANs
Tags:
mysterious,
iana,
lurhq,
iss

Signing up the competition - have digital signatures met their match?

If it finds a signature that matches, it sounds a hacker alert. It certainly takes longer to detect a hack than a virus, because viruses are spread between machines and they usually crash them. Marc Dacier, manager of IBM's Global Security Analysis...

Channel:
Comment & Analysis

Featured White Papers

IDC reports on Novell's Secure Desktop Solution: A Modern-Day Marriage of Business Benefit and Risk Reduction

This IDC whitepaper examines how companies are turning to integrated security solutions, such as Novell Secure Desktop Solution, to deal with the vulnerability of mobile assets and implement a comprehensive security strategy.

Publisher:
Novell

Green IT: Reducing your Carbon Footprint with Citrix

Going green has become an imperative, not an option, for companies facing the new reality of balancing business objectives with dwindling environmental resources. Read on to learn how Citrix products can help bring environmental and organizational objectives into alignment by alleviating the energy impact of equipment needed to serve both the datacenter and the desktop.

Publisher:
Citrix Systems

Identity and Security Management and Strong Information Technology Goverance

A total identity and access management (IAM) – driven goverance, risk and compliance (GRC) solution should ensure foolproof and accurate measurements of policies and practises across the enterprise. This IDC white paper examines identity and security management (ISM) solutions and how these integrated offerings can play a key role in enforcing security compliance.