Evolving TCP/IP packets: A case study of port scans

Created by W.Langdon from gp-bibliography.bib Revision:1.8051

@InProceedings{LaRoche:2009:CISDA,

• author = "Patrick LaRoche and Nur Zincir-Heywood and Malcolm I. Heywood",
• title = "Evolving TCP/IP packets: A case study of port scans",
• booktitle = "IEEE Symposium on Computational Intelligence for Security and Defense Applications, CISDA 2009",
• year = "2009",
• month = jul,
• pages = "1--8",
• keywords = "genetic algorithms, genetic programming, IDS, TCP/IP packets, fuzzing system, port scans, vulnerability analysis, cryptographic protocols, fuzzy systems, security of data, transport protocols",
• DOI = "doi:10.1109/CISDA.2009.5356541",
• abstract = "In this work, we investigate the ability of genetic programming techniques to evolve valid network packets, including all relevant header values, towards a specific goal. We see this as a first step in building a fuzzing system that can learn to adapt for vulnerability analysis. By developing a system that learns the packets that are required to be transmitted towards targets, using feedback from an external network source, we make a step towards having a system that can intelligently explore the capabilities of a given security system. In order to validate our system's capabilities we evolve a variety of port scan patterns while running the packets through an IDS, with the goal to minimizes the alarms raised during the scanning process. Results show that the system not only successfully evolves valid TCP packets, but also remains stealthy in its activity.",
• notes = "Also known as \cite{5356541}",

}

Genetic Programming entries for Patrick LaRoche Nur Zincir-Heywood Malcolm Heywood

Citations