Date Added: Aug 2009
Most network intruders launch their attacks through stepping-stones to reduce the risks of being discovered. To uncover such intrusions, one prevalent, challenging, and critical way is to compare an incoming connection with an outgoing connection to determine if a computer is used as stepping-stone. This paper presents four models to describe stepping-stone intrusion. It also proposes the idea applying signal processing technology to stepping-stone intrusion detection. It presents the preliminary results of applying correlation coefficients to detecting stepping-stone intrusion.