Publication: Modeling NIDS evasion with genetic programming
| dc.affiliation.dpto | UC3M. Departamento de Informática | es |
| dc.affiliation.grupoinv | UC3M. Grupo de Investigación: COSEC (Computer SECurity Lab) | es |
| dc.contributor.author | Pastrana, Sergio | |
| dc.contributor.author | Orfila, Agustín | |
| dc.contributor.author | Ribagorda Garnacho, Arturo | |
| dc.date.accessioned | 2010-11-17T12:31:44Z | |
| dc.date.available | 2010-11-17T12:31:44Z | |
| dc.date.issued | 2010-07 | |
| dc.description | Proceeding of: 9th International Conference on Security and Management (SAM 2010). Las Vegas, Nevada, USA, July 12-15 2010 | |
| dc.description.abstract | Nowadays, Network Intrusion Detection Systems are quickly updated in order to prevent systems against new attacks. This situation has provoked that attackers focus their efforts on new sophisticated evasive techniques when trying to attack a system. Unfortunately, most of these techniques are based on network protocols ambiguities [1], so NIDS designers must take them into account when updating their tools. In this paper, we present a new approach to improve the task of looking for new evasive techniques. The core of our work is to model existing NIDS using the Genetic Pro- gramming paradigm. Thus, we obtain models that simulate the behavior of NIDS with great precision, but with a much simpler semantics than the one of the NIDS. Looking for this easier semantics allows us to easily construct evasions on the model, and therefore on the NIDS, as their behavior is quite similar. Our results show how precisely GP can model a NIDS behavior. | |
| dc.description.status | Publicado | |
| dc.format.mimetype | application/octet-stream | |
| dc.format.mimetype | application/octet-stream | |
| dc.format.mimetype | application/pdf | |
| dc.identifier.bibliographicCitation | Proceedings of 9th International Conference on Security and Management (SAM 2010). Las Vegas, Nevada, USA. | |
| dc.identifier.isbn | 1-60132-162-7 | |
| dc.identifier.publicationtitle | Proceedings of 9th International Conference on Security and Management (SAM 2010) | |
| dc.identifier.uri | https://hdl.handle.net/10016/9673 | |
| dc.language.iso | eng | |
| dc.publisher | CSREA Press | |
| dc.relation.eventdate | July 12-15 2010 | |
| dc.relation.eventnumber | 9 | |
| dc.relation.eventplace | Las Vegas (Nevada, USA) | |
| dc.relation.eventtitle | International Conference on Security and Management (SAM 2010) | |
| dc.rights | © CSREA Press | |
| dc.rights.accessRights | open access | |
| dc.subject.eciencia | Informática | |
| dc.subject.other | Evasion | |
| dc.subject.other | Intrusion detection | |
| dc.subject.other | Network security | |
| dc.title | Modeling NIDS evasion with genetic programming | |
| dc.type | conference paper | * |
| dc.type.review | PeerReviewed | |
| dspace.entity.type | Publication |
Files
Original bundle
1 - 1 of 1
Loading...
- Name:
- Pastrana, Orfila, Ribagorda - 2010 - Modeling NIDS evasion with Genetic Programming - 9th In.pdf
- Size:
- 396.96 KB
- Format:
- Adobe Portable Document Format