Date Added: Aug 2009
Probing based approaches have been effectively used for network monitoring in the past. Probes such as ICMP pings provide an effective tool for detecting compromised nodes which try to delay or drop traffic. But an intelligent attacker may evade detection by giving preferential treatment to probe traffic. This is usually possible because probe packets have a different format from regular application packets and are easily distinguishable. The solution to this problem is to create stealthy probes which are indistinguishable from normal application traffic. In this paper, they build upon the earlier work on the design approaches for stealthy probing, and the authors propose a lightweight and effective scheme for generating stealthy probes.