Watch Your Step! Detecting Stepping Stones in Programmable Networks

Debopam Bhattacherjee; Andrei Gurtov; Tuomas Aura

doi:10.1109/ICC.2019.8761731

Watch Your Step! Detecting Stepping Stones in Programmable Networks

Debopam Bhattacherjee, Andrei Gurtov, Tuomas Aura

Research output: Chapter in Book/Report/Conference proceeding › Conference contribution › Scientific › peer-review

Abstract

Hackers hide behind compromised intermediate hosts and pose advanced persistent threats (APTs). The compromised hosts are used as stepping stones to launch real attacks, as is evident from an incident that shook the world in 2016 - Panama Papers Leak. The major attack would not go unnoticed if the compromised stepping stone, in this case an email server, could be identified in time. In this paper, we explore how today's programmable networks could be retrofitted with effective stepping stone detection mechanisms to correlate flows. We share initial results to prove that such a setup exists. Lastly, we analyze scalability issues associated with the setup and explore recent developments in network monitoring which have potential to address these issues.

Original language	English
Title of host publication	2019 IEEE International Conference on Communications, ICC 2019 - Proceedings
Publisher	IEEE
Number of pages	7
ISBN (Electronic)	9781538680889
DOIs	https://doi.org/10.1109/ICC.2019.8761731
Publication status	Published - 1 May 2019
MoE publication type	A4 Article in a conference publication
Event	IEEE International Conference on Communications - Shanghai, China Duration: 20 May 2019 → 24 May 2019

Publication series

Name	IEEE International Conference on Communications
Publisher	IEEE
Volume	2019-May
ISSN (Print)	1550-3607

Conference

Conference	IEEE International Conference on Communications
Abbreviated title	ICC
Country	China
City	Shanghai
Period	20/05/2019 → 24/05/2019

Access to Document

10.1109/ICC.2019.8761731

Link to publication in Scopus

Fingerprint Dive into the research topics of 'Watch Your Step! Detecting Stepping Stones in Programmable Networks'. Together they form a unique fingerprint.

Cite this

@inproceedings{e035d0887d484728b0fd5e8f94634ccb,

title = "Watch Your Step! Detecting Stepping Stones in Programmable Networks",

abstract = "Hackers hide behind compromised intermediate hosts and pose advanced persistent threats (APTs). The compromised hosts are used as stepping stones to launch real attacks, as is evident from an incident that shook the world in 2016 - Panama Papers Leak. The major attack would not go unnoticed if the compromised stepping stone, in this case an email server, could be identified in time. In this paper, we explore how today's programmable networks could be retrofitted with effective stepping stone detection mechanisms to correlate flows. We share initial results to prove that such a setup exists. Lastly, we analyze scalability issues associated with the setup and explore recent developments in network monitoring which have potential to address these issues.",

author = "Debopam Bhattacherjee and Andrei Gurtov and Tuomas Aura",

year = "2019",

month = may,

day = "1",

doi = "10.1109/ICC.2019.8761731",

language = "English",

series = "IEEE International Conference on Communications",

publisher = "IEEE",

booktitle = "2019 IEEE International Conference on Communications, ICC 2019 - Proceedings",

address = "United States",

note = "IEEE International Conference on Communications, ICC ; Conference date: 20-05-2019 Through 24-05-2019",

}

Bhattacherjee, D, Gurtov, A & Aura, T 2019, Watch Your Step! Detecting Stepping Stones in Programmable Networks. in 2019 IEEE International Conference on Communications, ICC 2019 - Proceedings., 8761731, IEEE International Conference on Communications, vol. 2019-May, IEEE, IEEE International Conference on Communications, Shanghai, China, 20/05/2019. https://doi.org/10.1109/ICC.2019.8761731

Watch Your Step! Detecting Stepping Stones in Programmable Networks. / Bhattacherjee, Debopam; Gurtov, Andrei; Aura, Tuomas.

2019 IEEE International Conference on Communications, ICC 2019 - Proceedings. IEEE, 2019. 8761731 (IEEE International Conference on Communications; Vol. 2019-May).

Research output: Chapter in Book/Report/Conference proceeding › Conference contribution › Scientific › peer-review

TY - GEN

T1 - Watch Your Step! Detecting Stepping Stones in Programmable Networks

AU - Bhattacherjee, Debopam

AU - Gurtov, Andrei

AU - Aura, Tuomas

PY - 2019/5/1

Y1 - 2019/5/1

N2 - Hackers hide behind compromised intermediate hosts and pose advanced persistent threats (APTs). The compromised hosts are used as stepping stones to launch real attacks, as is evident from an incident that shook the world in 2016 - Panama Papers Leak. The major attack would not go unnoticed if the compromised stepping stone, in this case an email server, could be identified in time. In this paper, we explore how today's programmable networks could be retrofitted with effective stepping stone detection mechanisms to correlate flows. We share initial results to prove that such a setup exists. Lastly, we analyze scalability issues associated with the setup and explore recent developments in network monitoring which have potential to address these issues.

AB - Hackers hide behind compromised intermediate hosts and pose advanced persistent threats (APTs). The compromised hosts are used as stepping stones to launch real attacks, as is evident from an incident that shook the world in 2016 - Panama Papers Leak. The major attack would not go unnoticed if the compromised stepping stone, in this case an email server, could be identified in time. In this paper, we explore how today's programmable networks could be retrofitted with effective stepping stone detection mechanisms to correlate flows. We share initial results to prove that such a setup exists. Lastly, we analyze scalability issues associated with the setup and explore recent developments in network monitoring which have potential to address these issues.

UR - http://www.scopus.com/inward/record.url?scp=85070221544&partnerID=8YFLogxK

U2 - 10.1109/ICC.2019.8761731

DO - 10.1109/ICC.2019.8761731

M3 - Conference contribution

AN - SCOPUS:85070221544

T3 - IEEE International Conference on Communications

BT - 2019 IEEE International Conference on Communications, ICC 2019 - Proceedings

PB - IEEE

T2 - IEEE International Conference on Communications

Y2 - 20 May 2019 through 24 May 2019

ER -