Dismantling intrusion prevention systems
暂无分享,去创建一个
This paper introduces a serious security problem that people believe has been fixed, but which is still very much existing and evolving, namely evasions. We describe how protocols can still be misused to fool network security devices, such as intrusion prevention systems.
[1] Thomas Henry Ptacek,et al. Insertion, Evasion, and Denial of Service: Eluding Network Intrusion Detection , 1998 .
[2] Vern Paxson,et al. Shunting: a hardware/software architecture for flexible, high-performance network intrusion prevention , 2007, CCS '07.
[3] David Watson,et al. Protocol scrubbing: network security through transparent flow modification , 2004, IEEE/ACM Transactions on Networking.
[4] George Varghese,et al. Detecting evasion attacks at high speeds without reassembly , 2006, SIGCOMM 2006.