NDLI: Iloc: an invisible localization attack to internet threat monitoring systems.

Please wait, while we are loading the content...

Iloc: an invisible localization attack to internet threat monitoring systems.

Content Provider	CiteSeerX
Author	Fu, Xinwen Xuan, Dong Zhao, Wei Yu, Wei Wang, Xun
Abstract	Abstract—Internet threat monitoring (ITM) systems have been deployed to detect widespread threats and attacks on the Internet in recent years. However, the integrity and functionality of these systems largely depend on the location anonymity of their monitors. If the locations of monitors are disclosed, the attacker can bypass the monitors or even abuse them, significantly jeopardizing the performance of ITM systems. In this paper, we study a new class of attacks, the invisible LOCalization (iLOC) attack. The iLOC attack can accurately and invisibly localize monitors of ITM systems. In the iLOC attack, the attacker launches low-rate port-scan traffic, encoded with a selected pseudo-noise code (PNcode), to targeted networks. While the secret PN-code is invisible to others, the attacker can accurately determine the existence of monitors in the targeted networks based on whether the PNcode is embedded in the report data queried from the data center of the ITM system. We implement the iLOC attack and conduct experiments on a real-world ITM system to validate the feasibility of such attacks. We also conduct extensive simulations on the iLOC attack using real-world traces. Our data demonstrate that the iLOC attack can accurately identify monitors while remaining invisible to the ITM. Finally, we present a set of guidelines to counteract the iLOC attack. Index Terms—Internet threat monitoring systems, Invisible localization attack, PN-code, Security
File Format	PDF
Access Restriction	Open
Subject Keyword	Conduct Experiment New Class Data Demonstrate Real-world Itm System Internet Threat Monitoring System Data Center Extensive Simulation Pseudo-noise Code Invisible Localization Targeted Network Real-world Trace Location Anonymity Low-rate Port-scan Traffic Invisible Localization Attack Localize Monitor Abstract Internet Threat Monitoring Widespread Threat Iloc Attack Index Term Internet Threat Itm System Recent Year Secret Pn-code Report Data
Content Type	Text

Central Library (ISO-9001:2015 Certified)
Indian Institute of Technology Kharagpur
Kharagpur, West Bengal, India | PIN - 721302

See location in the Map
03222 282435
Mail: support@ndl.gov.in

Sl.	Authority	Responsibilities	Communication Details
1	Ministry of Education (GoI), Department of Higher Education	Sanctioning Authority	https://www.education.gov.in/ict-initiatives
2	Indian Institute of Technology Kharagpur	Host Institute of the Project: The host institute of the project is responsible for providing infrastructure support and hosting the project	https://www.iitkgp.ac.in
3	National Digital Library of India Office, Indian Institute of Technology Kharagpur	The administrative and infrastructural headquarters of the project	Dr. B. Sutradhar bsutra@ndl.gov.in
4	Project PI / Joint PI	Principal Investigator and Joint Principal Investigators of the project	Dr. B. Sutradhar bsutra@ndl.gov.in Prof. Saswat Chakrabarti will be added soon
5	Website/Portal (Helpdesk)	Queries regarding NDLI and its services	support@ndl.gov.in
6	Contents and Copyright Issues	Queries related to content curation and copyright issues	content@ndl.gov.in
7	National Digital Library of India Club (NDLI Club)	Queries related to NDLI Club formation, support, user awareness program, seminar/symposium, collaboration, social media, promotion, and outreach	clubsupport@ndl.gov.in
8	Digital Preservation Centre (DPC)	Assistance with digitizing and archiving copyright-free printed books	dpc@ndl.gov.in
9	IDR Setup or Support	Queries related to establishment and support of Institutional Digital Repository (IDR) and IDR workshops	idr@ndl.gov.in