"Packet Scheduling against Stepping Stone Attacks with Chaff" P. Venkitasubramaniam, T. He and L. Tong 2006 IEEE MILCOM, Washington D.C., Oct. 2006.
We consider scheduling packet transmissions in a network so that the efficiency of stepping-stone attacks can be severely restrained with the help of stepping-stone monitors. We allow the attacker to encrypt and pad the packets, perturb the timing of packets, and insert chaff packets, but the timing perturbation is subject to a maximum delay constraint. We show that if we randomize packet transmissions, then the attacker has to insert a large amount of chaff to evade detection completely. In particular, if all transmissions are scheduled as Poisson processes, then the fraction of attacking packets in the attacker's traffic decreases exponentially with the length of the intrusion path.