Internet Attack Traceback: Cross-Validation and Pebble-Trace

Abstract

On the Internet, attackers often launch attacks through stepping-stones to steal confidential information from victims. Hiding behind stepping-stones, attackers thus avoid being traced back. In this project, the problem of Internet attack traceback was studied. A Pebbletrace scheme was proposed, which imbeds zero-day based Pebbleware in the stolen information and thereby enables one to trace back to the attacker's machine which has the stolen information. A Pebbletrace prototype was built and focused on two cases: (1) the attacker steals a PDF file and (2) the attacker steals sensitive information through Zeus botnets. In the two cases, the project showed how to create Pebbleware automatically based on zero-day vulnerabilities, and how Pebbletrace reveals attackers whose machines are vulnerable to these zero-days.

Open PDF

Document Details

Document Type
Technical Report
Publication Date
Feb 28, 2013
Accession Number
ADA578556

Entities

People

  • David Lee
  • Ten H. Lai

Organizations

  • Ohio State University

Tags

DTIC Thesaurus Topics

  • Air Force
  • Air Force Research Laboratories
  • Case Studies
  • Communications Protocols
  • Computer Network Security
  • Computer Programs
  • Computer Science
  • Contracts
  • Control Panels
  • Cyberattacks
  • Electronic Messaging
  • Information Security
  • Internet
  • Network Protocols
  • Security
  • Social Engineering
  • Validation

Fields of Study

  • Computer science

Readers

  • Cybersecurity.
  • Marksmanship and Weaponry.