Design Approaches for Stealthy Probing Mechanisms in Battlefield Networks

Report No. ARL-RP-0227
Authors: Shriram Ganesh, Maitreya Natu, Adarshpal Sethi, Rommie Hardy, and Richard Gopaul
Date/Pages: September 2008; 12 pages
Abstract: Various approaches have been proposed in the past for monitoring a network to diagnose failures and performance bottlenecks. One such approach for efficient and effective monitoring is probing. Probes such as ICMP pings are an effective tool for detecting network nodes that have been compromised by an attacker who tries to delay or drop traffic passing through the captured node. However, an intelligent attacker may evade detection by giving preferential treatment to probe traffic. This is usually possible because probe packets have a different format from regular application packets and are easily distinguishable. Hence, it is important to probe in a stealthy manner so as to avoid identification of probes by an attacker and to ensure the collection of accurate system health statistics. In this report, we review design approaches for generating stealthy probes and describe various possible mechanisms that can be used for such a design. These approaches are evaluated according to the design criteria and we identify what may be feasible solutions for stealthy probing in battlefield ad-hoc wireless networks.
Distribution: Approved for public release
  Download Report ( 0.164 MBytes )
If you are visually impaired or need a physical copy of this report, please visit and contact DTIC.
 

Last Update / Reviewed: September 1, 2008