Some papers related to tracing through stepping stones:
- A. Blum, D. Song, and S. Venkataraman, "Detection of Interactive Stepping Stones: Algorithms and Confidence Bounds", to appear in Proc. of 7th International Symposium on Recent Advances in Intrusion Detection (RAID '04).
- Yang-Seo Choi, et al., " Network-Based Real-Time Connection Traceback System (NRCTS) with Packet Marking Technology", Computational Science and Its Applications (ICSA) 2003, Lecture Notes in Computer Science, Springer-Verlag, Volume 2668, August 2003, pp. 31 - 40. [PDF]
- D. Donoho, A.G. Flesia, U. Shanka, V. Paxson, J. Coit and S. Staniford. Multiscale Stepping Stone Detection: Detecting Pairs of Jittered Interactive Streams by Exploiting Maximum Tolerable Delay. In Proceedings of the 5th International Symposium on Recent Advances in Intrusion Detection (RAID 2002), October, 2002. Springer Verlag Lecture Notes in Computer Science, #2516. [CITESEER]
- F. Buchholz and C. Shields, "Providing Process Origin Information to Aid in Network Traceback", Proc. of Usenix Annual Technical Conf., pp. 261-274, June 2002. [HTML]
- K. Yoda and H. Etoh. Finding a Connection Chain for Tracing Intruders. In F. Guppens, Y. Deswarte, D. Gollmann and M. Waidner, editors, Proc. of 6th European Symposium on Research in Computer Security – ESORICS 2000, LNCS #1895, October 2000. [HTML]
- Y. Zhang and V. Paxson. Detecting Stepping Stones. In Proceedings of the 9th USENIX Security Symposium, 2000, pp. 171--184. [CITESEER]
- Staniford-Chen, S. and Heberlein, L.T. "Holding Intruders Accountable on the Internet", Proceedings of the 1995 IEEE Symposium on Security and Privacy, Oakland, CA. 1995. [ps]
- H. Jung, et al. "Caller Identification System in the Internet Environment", Proceedings of 4th USENIX Security Symposium, 1993.
- Snapp, Steven, et al. "DIDS (Distributed Intrusion Detection System) -- Motivation, Architecture, and Early Prototype", Proc. of 14th National Computer Security Conference, pp. 167-176, 1991. [PDF]