Characterization and Solution to a Stateful IDS Evasion

14 years 8 months ago

Download www.cs.sunysb.edu

We identify a new type of stateful IDS evasion, named signature evasion. We formalize the signature evasion on those Stateful IDSs whose state can be modeled using Deterministic Finite State Automata (DFAs). We develop an efﬁcient algorithm which operates on rule set DFAs and derives a minimal rectiﬁcation of evasive paths. Finally, we evaluate our solution on Snort signatures, identify and rectify existing vulnerable ﬂowbit rule sets 1

Issam Aib, Tung Tran, Raouf Boutaba

Real-time Traffic

Computer Science | ICDCS 2009 | Signature Evasion | Stateful Ids Evasion | Stateful IDSs |

claim paper

Post Info
More Details (n/a)

Added	08 Mar 2010
Updated	08 Mar 2010
Type	Conference
Year	2009
Where	ICDCS
Authors	Issam Aib, Tung Tran, Raouf Boutaba

Comments (0)

Sciweavers

Characterization and Solution to a Stateful IDS Evasion

Computer Science | ICDCS 2009 | Signature Evasion | Stateful Ids Evasion | Stateful IDSs |

Explore & Download

Productivity Tools

Document Tools

Image Tools

Sciweavers