@inproceedings{4c02e1210bd647ef8ab2c8bb7a28fe3e,
title = "Authentix: Detecting anonymized attacks via automated authenticity profiling",
abstract = "In the modern era of cyber-security attackers are persistent in their attempts to hide and mask the origin of their attacks. In many cases, attacks are launched from spoofed or unknown Internet addresses, which makes investigation a challenging task. While protection from anonymized attacks is an important goal, detection of anonymized traffic is also important in its own right, because it allows defenders to take necessary preventative and defensive steps at an early stage, even before the attack itself has begun. In this paper we present AuthentIx, a system which measures the authenticity of the sources of Internet traffic. In order to measure the authenticity of traffic sources, our system uses passive and active profiling techniques, which are employed in both the network and the application protocols. We also show that performing certain cross-views between different communications layers can uncover inconsistencies and find clients which are suspicious. We present our system design and describe its implementation, and evaluate AuthentIx on traffic from authentic and non-authentic sources. Results show that our system can successfully detect anonymous and impersonated attackers, and furthermore, can be used as a general framework to cope with new anonymization and hiding techniques.",
keywords = "Anonymization, Attacks, IP profiling, Onion routing, Proxy, VPN",
author = "Mordechai Guri and Matan Monitz and Yuval Elovici",
note = "Publisher Copyright: {\textcopyright} Springer International Publishing AG 2016.; 2nd International Conference on Future Network Systems and Security, FNSS 2016 ; Conference date: 23-11-2016 Through 25-11-2016",
year = "2016",
month = jan,
day = "1",
doi = "10.1007/978-3-319-48021-3_1",
language = "English",
isbn = "9783319480206",
series = "Communications in Computer and Information Science",
publisher = "Springer Verlag",
pages = "1--11",
editor = "Wei Zhou and Selwyn Piramuthu and Robin Doss",
booktitle = "Future Network Systems and Security - 2nd International Conference, FNSS 2016, Proceedings",
address = "Germany",
}