Detecting Long Connection Chains of Interactive Terminal Sessions

  title={Detecting Long Connection Chains of Interactive Terminal Sessions},
  author={Kwong H. Yung},
To elude detection and capture, hackers chain many computers together to attack the victim computer from a distance. This report proposes a new strategy for detecting suspicious remote sessions, used as part of a long connection chain. Interactive terminal sessions behave differently on long chains than on direct connections. The time gap between a client request and the server delayed acknowledgment estimates the round-trip time to the nearest server. Under the same conditions, the time gap… CONTINUE READING
Highly Cited
This paper has 63 citations. REVIEW CITATIONS

4 Figures & Tables



Citations per Year

63 Citations

Semantic Scholar estimates that this publication has 63 citations based on the available data.

See our FAQ for additional information.