Accession Number:
ADA578556
Title:
Internet Attack Traceback: Cross-Validation and Pebble-Trace
Descriptive Note:
Final rept. 1 Apr 2009-30 Nov 2012
Corporate Author:
OHIO STATE UNIV COLUMBUS DEPT OF COMPUTER SCIENCE AND ENGINEERING
Personal Author(s):
Report Date:
2013-02-28
Pagination or Media Count:
31.0
Abstract:
On the Internet, attackers often launch attacks through stepping-stones to steal confidential information from victims. Hiding behind stepping-stones, attackers thus avoid being traced back. In this project, the problem of Internet attack traceback was studied. A Pebbletrace scheme was proposed, which imbeds zero-day based Pebbleware in the stolen information and thereby enables one to trace back to the attackers machine which has the stolen information. A Pebbletrace prototype was built and focused on two cases 1 the attacker steals a PDF file and 2 the attacker steals sensitive information through Zeus botnets. In the two cases, the project showed how to create Pebbleware automatically based on zero-day vulnerabilities, and how Pebbletrace reveals attackers whose machines are vulnerable to these zero-days.
Descriptors:
Subject Categories:
- Computer Programming and Software
- Computer Systems Management and Standards