Download now Free registration required
In this paper, the authors study a new class of attacks, the invisible LOCalization (iLOC) attack, which can accurately and invisibly localize monitors of Internet Threat Monitoring (ITM) systems, a class of widely deployed facilities to characterize Internet threats, such as worm propagation, Denial-of-Service (DoS) attacks. In the iLOC attack, the attacker launches low-rate port-scan traffic, encoded with a selected Pseudo-Noise code (PNcode), to targeted networks. While the secret PN-code is invisible to others, the attacker can accurately determine the existence of monitors in the targeted networks based on whether the PN-code is embedded in the report data queried from the data center of the ITM system.
- Format: PDF
- Size: 219.3 KB