International Journal of Electrical, Electronics and Computer Engineering (IJEECE)
In a network system many times it is seen that network intruders to hide their origin, they attacks through intermediate hosts called stepping stones. It is very important to observe and to correlate the flows of a stepping stone between the incoming and outgoing traffic, to identify the source of the attack behind the stepping stones. Sometimes it is possible that intruder encrypt the connection traffic to avoid attempts at correlation. In this paper, the correlation scheme based on watermarked signature is introduce.