Title :
A Generation Framework of Multiple Evasions on IDS
Author :
Dong Lipeng ; Chen Xingyuan ; Tang Huilin ; Shi Wang
Author_Institution :
Henan Province Key Lab. of Inf. Security, Zhengzhou Inf. Sci. & Technol. Inst., Zhengzhou, China
Abstract :
Intrusion detection technology aimed at identifying hidden illegal intrusion by the analysis of network traffic. To an attacker, if he wants to send malicious code to a protected host in the internal network, he has to firstly evade the detection of the intrusion detection system (IDS). The IDS evasion techniques enable IDS produce omission or misstatement, can greatly increase the probability of success attacks. But after years of the contest between evasion and anti-evasion, individual evasions and random combined evasions is difficult to implement and also inefficient. This paper is committed to providing a systematic and scientific generation method for multiple evasions. Using this framework, we are able to design a complete system for IDS anti-evasion testing, and provide recommendations for giving IDS policies.
Keywords :
computer network security; telecommunication traffic; transport protocols; IDS antievasion testing; IDS evasion techniques; IDS policies; hidden illegal intrusion identification; internal network; intrusion detection technology; malicious code; multiple evasions generation framework; network traffic analysis; protected host; randomly-combined evasions; success attack probability; systematic scientific generation method; Encoding; IP networks; Intrusion detection; Payloads; Protocols; Testing; IDS; generation framework; multiple evasions;
Conference_Titel :
Instrumentation, Measurement, Computer, Communication and Control (IMCCC), 2013 Third International Conference on
Conference_Location :
Shenyang
DOI :
10.1109/IMCCC.2013.124
