A Functional Framework to Evade Network IDS
Created by W.Langdon from
gp-bibliography.bib Revision:1.7954
- @InProceedings{Pastrana:2011:HICSS,
-
author = "Sergio Pastrana and Agustin Orfila and
Arturo Ribagorda",
-
title = "A Functional Framework to Evade Network IDS",
-
booktitle = "44th Hawaii International Conference on System
Sciences (HICSS), 2011",
-
year = "2011",
-
month = jan,
-
abstract = "Signature based Network Intrusion Detection Systems
(NIDS) apply a set of rules to identify hostile traffic
in network segments. Currently they are so effective
detecting known attacks that hackers seek new
techniques to go unnoticed. Some of these techniques
consist of exploiting network protocols ambiguities.
Nowadays NIDS are prepared against most of these
evasive techniques, as they are recognised and sorted
out. The emergence of new evasive forms may cause NIDS
to fail. In this paper we present an innovative
functional framework to evade NIDS. Primary, NIDS are
modelled accurately by means of Genetic Programming
(GP). Then, we show that looking for evasions on models
is simpler than directly trying to understand the
behaviour of NIDS. We present a proof of concept
showing how to evade a self-built NIDS regarding two
publicly available datasets. Our framework can be used
to audit NIDS.",
-
keywords = "genetic algorithms, genetic programming, network IDS,
network intrusion detection systems, network protocols,
network segments, signature based NIDS, cryptographic
protocols, digital signatures, security of data",
-
DOI = "doi:10.1109/HICSS.2011.12",
-
ISSN = "1530-1605",
-
notes = "Also known as \cite{5718700}",
- }
Genetic Programming entries for
Sergio Pastrana Portillo
Agustin Orfila Diaz-Pabon
D Arturo Ribagorda Garnacho
Citations