Abstract
This chapter introduces stepping-stone intrusion and its detection techniques and integrates eight stepping-stone intrusion detection techniques into cybersecurity curriculum. Eight hands-on labs are designed to enhance students’ learning experience on stepping-stone intrusion detection techniques.
This is a preview of subscription content, log in via an institution to check access.
Access this chapter
Tax calculation will be finalised at checkout
Purchases are for personal use only
References
Y. Zhang, and V. Paxson, Detecting Stepping-Stones, in Proc. the 9th USENIX Security Symposium, Denver, CO, 2000, pp. 67–81
K. H. Yung, Detecting Long Connecting Chains of Interactive Terminal Sessions, in Proc. the International Symposium on Recent Advance in Intrusion Detection, Zurich, Switzerland, 2002, pp.1–16
S. Staniford-Chen, and L. T. Heberlein, Holding Intruders Accountable on the Internet, in Proc. IEEE Symposium on Security and Privacy, Oakland, CA, 1995, pp. 39–49
K. Yoda, and H. Etoh, Finding Connection Chain for Tracing Intruders, in Proc. 6 th European Symposium on Research in Computer Security, Toulouse, France, Lecture Notes in Computer Science, vol. 1985, 2000, pp. 31–42
A. Blum, D. Song, and S. Venkataraman, Detection of Interactive Stepping-Stones: Algorithms and Confidence Bounds, in Proc. of International Symposium on Recent Advance in Intrusion Detection, Sophia Antipolis, France, 2004, pp. 20–35
D. L. Donoho Detecting Pairs of Jittered Interactive Streams by Exploiting Maximum Tolerable Delay, in Proc. The 5 th International Symposium on Recent Advances in Intrusion Detection, Zurich, Switzerland, 2002, pp. 45–59
T. He, L. Tong, Detecting encrypted stepping-stone connections. IEEE Transaction on Signal Processing 55(5), 1612–1623 (2007)
X. Wang, D.S. Reeves, S.F. Wu, and J. Yu, Sleepy Watermark Tracing: An Active Network-Based Intrusion Response Framework, in Proc. The 16 th International Conference on Information security, USA, 2001, pp. 369–384
X. Wang and D.S. Reeves, Robust Correlation of Encrypted Attack Traffic Through Stepping Stones by Manipulation of Inter-packet Delays, in Proc. The 10 th ACM Conference on Computer and Communications Security, USA, 2003, pp. 20–29
X. Wang, The Loop Fallacy and Serialization in Tracing Intrusion Connections through Stepping Stones, in Proc. the 2004 ACM Symposium on Applied Computing, USA, 2004, pp. 404–411
J. Yang, S.-H. S. Huang, A Real-Time Algorithm to Detect Long Connection Chains of Interactive Terminal Sessions, in Proc. the 3 rd ACM International Conference on Information Security, China, 2004, pp. 198–203
J. Yang, S.S.-H. Huang, Mining TCP/IP packets to detect stepping-stone intrusion. Journal of Computers and Security, Elsevier Ltd 26, 479–484 (2007)
J. Yang, and Y. Zhang, RTT-based Random Walk Approach to Detect Stepping-Stone Intrusion, in Proc. the 29 th IEEE International Conference on Advanced Information Networking and Applications, Gwangju, South Korea, 2015, pp.558–563
J. Yang, Resistance to Chaff Attack through TCP/IP Packet Cross-Matching and RTT-based Random Walk, in Proc. the 30 th IEEE International Conference on Advanced Information Networking and Applications, Crans-Montana, Switzerland, 2016, pp. 784–789
Z. Trabelsi, W. Ibrahim, A hands-on approach for teaching denial of service attacks: A case study. Journal of Information Technology Education: Innovations in Practice 12, 299–319 (2013)
A. McGettrick, Toward Curricular Guidelines for Cybersecurity, Report of a Workshop on Cybersecurity Education and Training, (2013)
J. Yang, and S.-H.S. Huang, Matching TCP Packets and Its Application to the Detection of Long Connection Chains, in Proc. the19th IEEE International Conference on Advanced Information Networking and Applications, Taiwan, China, 2005, pp. 1005–1010
Internet World Stats, Internet users distribution in the world-mid-year (2019). www.internetworldstats.com/stats.htm. Accessed 4 Dec 2019
Internet Society, Cyber incident & breach trends report (2018). https://www.internetsociety.org/wp-content/uploads/2019/07/OTA-Incident-Breach-Trends-Report_2019.pdf. Accessed 4 Dec 2019
Cybersecurity Job openings, http://cyberseek.org/heatmap.htm. Accessed 7 Dec 2019
Emerging Threats, 10 Cyber security facts and statistics for 2018, Norton by Symantec. www.us.norton.com/internetsecurity-emerging-threats.htm. Accessed 4 Dec 2019
Author information
Authors and Affiliations
Corresponding author
Editor information
Editors and Affiliations
Rights and permissions
Copyright information
© 2020 Springer Nature Switzerland AG
About this chapter
Cite this chapter
Yang, J. (2020). Stepping-Stone Intrusion Detection and its Integration into Cybersecurity Curriculum. In: Daimi, K., Francia III, G. (eds) Innovations in Cybersecurity Education. Springer, Cham. https://doi.org/10.1007/978-3-030-50244-7_13
Download citation
DOI: https://doi.org/10.1007/978-3-030-50244-7_13
Published:
Publisher Name: Springer, Cham
Print ISBN: 978-3-030-50243-0
Online ISBN: 978-3-030-50244-7
eBook Packages: EducationEducation (R0)