• 主题
高级搜索  >
历史搜索 清空历史
首页> 外文期刊>Parallel and Distributed Systems, IEEE Transactions on >An Invisible Localization Attack to Internet Threat Monitors
【24h】

An Invisible Localization Attack to Internet Threat Monitors

机译:对Internet威胁监视器的无形本地化攻击

获取原文
获取原文并翻译 | 示例
           
页面导航
  • 摘要
  • 著录项
  • 相似文献
  • 相关主题

摘要

Internet threat monitoring (ITM) systems have been deployed to detect widespread attacks on the Internet in recent years. However, the effectiveness of ITM systems critically depends on the confidentiality of the location of their monitors. If adversaries learn the monitor locations of an ITM system, they can bypass the monitors and focus on the uncovered IP address space without being detected. In this paper, we study a new class of attacks, the invisible LOCalization (iLOC) attack. The iLOC attack can accurately and invisibly localize monitors of ITM systems. In the iLOC attack, the attacker launches low-rate port-scan traffic, encoded with a selected pseudonoise code (PN-code), to targeted networks. While the secret PN-code is invisible to others, the attacker can accurately determine the existence of monitors in the targeted networks based on whether the PN-code is embedded in the report data queried from the data center of the ITM system. We formally analyze the impact of various parameters on attack effectiveness. We implement the iLOC attack and conduct the performance evaluation on a real-world ITM system to demonstrate the possibility of such attacks. We also conduct extensive simulations on the iLOC attack using real-world traces. Our data show that the iLOC attack can accurately identify monitors while being invisible to ITM systems. Finally, we present a set of guidelines to counteract the iLOC attack.
机译:近年来,已经部署了Internet威胁监视(ITM)系统来检测对Internet的广泛攻击。但是,ITM系统的有效性主要取决于其监视器位置的机密性。如果对手了解了ITM系统的监视器位置,他们可以绕过监视器并专注于未被发现的IP地址空间。在本文中,我们研究了一种新型的攻击,即隐形LOCaisation(iLOC)攻击。 iLOC攻击可以准确无形地定位ITM系统的监视器。在iLOC攻击中,攻击者向目标网络发起低速端口扫描流量,并使用选定的伪噪声代码(PN码)进行编码。当其他人看不到该PN码时,攻击者可以根据PN码是否嵌入在从ITM系统的数据中心查询的报告数据中,来准确确定目标网络中是否存在监视器。我们正式分析各种参数对攻击效果的影响。我们实施iLOC攻击,并在真实的ITM系统上进行性能评估,以证明发生此类攻击的可能性。我们还使用实际跟踪对iLOC攻击进行了广泛的模拟。我们的数据表明,iLOC攻击可以准确识别监视器,而ITM系统看不到它。最后,我们提出了一套应对iLOC攻击的指南。

著录项

相似文献

  • 外文文献
  • 中文文献
  • 专利
获取原文

客服邮箱:kefu@zhangqiaokeyan.com

京公网安备:11010802029741号 ICP备案号:京ICP备15016152号-6 六维联合信息科技 (北京) 有限公司©版权所有

  • 客服微信

  • 服务号