Backtracking Algorithmic Complexity Attacks against a NIDS

14 years 5 months ago

Download www.acsac.org

Network Intrusion Detection Systems (NIDS) have become crucial to securing modern networks. To be effective, a NIDS must be able to counter evasion attempts and operate at or near wire-speed. Failure to do so allows malicious packets to slip through a NIDS undetected. In this paper, we explore NIDS evasion through algorithmic complexity attacks. We present a highly effective attack against the Snort NIDS, and we provide a practical algorithmic solution that successfully thwarts the attack. This attack exploits the behavior of rule matching, yielding inspection times that are

Randy Smith, Cristian Estan, Somesh Jha

Real-time Traffic

ACSAC 2006 | Network Intrusion Detection | NIDS Evasion | Security Privacy | Snort NIDS |

claim paper

Post Info
More Details (n/a)

Added	10 Jun 2010
Updated	10 Jun 2010
Type	Conference
Year	2006
Where	ACSAC
Authors	Randy Smith, Cristian Estan, Somesh Jha

Comments (0)

Sciweavers

Backtracking Algorithmic Complexity Attacks against a NIDS

ACSAC 2006 | Network Intrusion Detection | NIDS Evasion | Security Privacy | Snort NIDS |

Explore & Download

Productivity Tools

Document Tools

Image Tools

Sciweavers