Watch Your Step! Detecting Stepping Stones in Programmable Networks

Debopam Bhattacherjee, Andrei Gurtov, Tuomas Aura

Research output: Chapter in Book/Report/Conference proceedingConference contributionScientificpeer-review


Hackers hide behind compromised intermediate hosts and pose advanced persistent threats (APTs). The compromised hosts are used as stepping stones to launch real attacks, as is evident from an incident that shook the world in 2016 - Panama Papers Leak. The major attack would not go unnoticed if the compromised stepping stone, in this case an email server, could be identified in time. In this paper, we explore how today's programmable networks could be retrofitted with effective stepping stone detection mechanisms to correlate flows. We share initial results to prove that such a setup exists. Lastly, we analyze scalability issues associated with the setup and explore recent developments in network monitoring which have potential to address these issues.

Original languageEnglish
Title of host publication2019 IEEE International Conference on Communications, ICC 2019 - Proceedings
Number of pages7
ISBN (Electronic)9781538680889
Publication statusPublished - 1 May 2019
MoE publication typeA4 Article in a conference publication
EventIEEE International Conference on Communications - Shanghai, China
Duration: 20 May 201924 May 2019

Publication series

NameIEEE International Conference on Communications
ISSN (Print)1550-3607


ConferenceIEEE International Conference on Communications
Abbreviated titleICC

Fingerprint Dive into the research topics of 'Watch Your Step! Detecting Stepping Stones in Programmable Networks'. Together they form a unique fingerprint.

Cite this