2020
DOI: 10.1109/access.2020.3034226
|View full text |Cite
|
Sign up to set email alerts
|

Hybrid Multilayer Network Traceback to the Real Sources of Attack Devices

Abstract: In recent years, multiple connected devices and diversified network services have made the Internet an indispensable part of people's daily lives. As a result, copious valuable or personal data are stored online, attracting many malicious attackers and causing serious security threats. However, because attackers can conceal their actual attack locations by spoofing IP addresses, law enforcement cannot easily track them. Therefore, a method to trace stealth attacks is required. However, the traceback methods de… Show more

Help me understand this report

Search citation statements

Order By: Relevance

Paper Sections

Select...
2
1
1

Citation Types

0
8
0

Year Published

2021
2021
2024
2024

Publication Types

Select...
6
1

Relationship

0
7

Authors

Journals

citations
Cited by 7 publications
(8 citation statements)
references
References 44 publications
0
8
0
Order By: Relevance
“…Next, we will present the findings and analysis of the research questions. Watering hole [3,28,79,84,88,99,101,102] Malware [1,3,88,89,[102][103][104][105] Application repackaging [106] Attacks on an Internet-facing server [3,83,89,101] Removable device [3,89,107] Drive-by download [96] Spoofing attack [7,82,108] SQL injection Execution [3,5,82,84,[86][87][88]90,94,97,101,[109][110][111][112][113][114] Zero day, known vulnerability [79,101,115] Remote code execution/Code injection ...…”
Section: Analysis and Findings Of Research Questionsmentioning
confidence: 99%
See 1 more Smart Citation
“…Next, we will present the findings and analysis of the research questions. Watering hole [3,28,79,84,88,99,101,102] Malware [1,3,88,89,[102][103][104][105] Application repackaging [106] Attacks on an Internet-facing server [3,83,89,101] Removable device [3,89,107] Drive-by download [96] Spoofing attack [7,82,108] SQL injection Execution [3,5,82,84,[86][87][88]90,94,97,101,[109][110][111][112][113][114] Zero day, known vulnerability [79,101,115] Remote code execution/Code injection ...…”
Section: Analysis and Findings Of Research Questionsmentioning
confidence: 99%
“…Credential access [28] Pass hash [79,82,83,117,118] Man-in-the-middle [119] Password cracking [120] Eavesdropping [78,[80][81][82]85,87,97,105,107,111,[121][122][123] Social engineering Discovery [124] Probe [100,125] Lateral/Internal spear-phishing emails Lateral movement [108] Data leakage Collection Cloud data leakage [126] Removable device C&C and Exfiltration Tunneling over protocol [3,76,79,81,92,97,111,115,[124][125][126][127][128][129][130] DOS Impact [4,82,131] Botnet [108] Software update Data fabrication In this section, the findings and analysis of Research Question 1 related to APT features are presented. APT is a hard-to-detect cyber threat group or campaign that may use familiar attacks (such as spear phishing, watering hole, appl...…”
Section: Analysis and Findings Of Research Questionsmentioning
confidence: 99%
“…The critical part of this technique is that it is hard to distinguish attack traffic from the traffic of normal users, to correctly redirect normal clients to the new IP address and avoid wrongly redirecting attack traffic to the new IP address. Another mitigation strategy is the IP traceback method [146], [147], in which the defense system traces the attack traffic back to the source that originated the malicious traffic. Honeypot is another mitigation strategy that has been deployed in modern networking environments in which the honeypot entity acts as a real server, aiming to collect, extract, and analyze suspicious activities to identify attack patterns.…”
Section: Ddos Attack Mitigation Techniquesmentioning
confidence: 99%
“…ere is not much value. Reference [17] traced the source from the network layer; this method is not suitable for blockchain [18].…”
Section: Introductionmentioning
confidence: 99%