Accession Number : ADA578556


Title :   Internet Attack Traceback: Cross-Validation and Pebble-Trace


Descriptive Note : Final rept. 1 Apr 2009-30 Nov 2012


Corporate Author : OHIO STATE UNIV COLUMBUS DEPT OF COMPUTER SCIENCE AND ENGINEERING


Personal Author(s) : Lee, David ; Lai, Ten H


Full Text : https://apps.dtic.mil/dtic/tr/fulltext/u2/a578556.pdf


Report Date : 28 Feb 2013


Pagination or Media Count : 31


Abstract : On the Internet, attackers often launch attacks through stepping-stones to steal confidential information from victims. Hiding behind stepping-stones, attackers thus avoid being traced back. In this project, the problem of Internet attack traceback was studied. A Pebbletrace scheme was proposed, which imbeds zero-day based Pebbleware in the stolen information and thereby enables one to trace back to the attacker's machine which has the stolen information. A Pebbletrace prototype was built and focused on two cases: (1) the attacker steals a PDF file and (2) the attacker steals sensitive information through Zeus botnets. In the two cases, the project showed how to create Pebbleware automatically based on zero-day vulnerabilities, and how Pebbletrace reveals attackers whose machines are vulnerable to these zero-days.


Descriptors :   *HACKING(COMPUTER SECURITY) , *INTERNET , *VULNERABILITY , ATTACK , CASE STUDIES , COMPUTER FILES , IDENTIFICATION , INFORMATION SECURITY


Subject Categories : Computer Programming and Software
      Computer Systems Management and Standards


Distribution Statement : APPROVED FOR PUBLIC RELEASE