Modeling NIDS evasion with genetic programming

Repositorio e-Archivo

Mostrar el registro sencillo del ítem

dc.contributor.author Pastrana, Sergio
dc.contributor.author Orfila, Agustín
dc.contributor.author Ribagorda, Arturo
dc.date.accessioned 2010-11-17T12:31:44Z
dc.date.available 2010-11-17T12:31:44Z
dc.date.issued 2010-07
dc.identifier.bibliographicCitation Proceedings of 9th International Conference on Security and Management (SAM 2010). Las Vegas, Nevada, USA.
dc.identifier.isbn 1-60132-162-7
dc.identifier.uri http://hdl.handle.net/10016/9673
dc.description Proceeding of: 9th International Conference on Security and Management (SAM 2010). Las Vegas, Nevada, USA, July 12-15 2010
dc.description.abstract Nowadays, Network Intrusion Detection Systems are quickly updated in order to prevent systems against new attacks. This situation has provoked that attackers focus their efforts on new sophisticated evasive techniques when trying to attack a system. Unfortunately, most of these techniques are based on network protocols ambiguities [1], so NIDS designers must take them into account when updating their tools. In this paper, we present a new approach to improve the task of looking for new evasive techniques. The core of our work is to model existing NIDS using the Genetic Pro- gramming paradigm. Thus, we obtain models that simulate the behavior of NIDS with great precision, but with a much simpler semantics than the one of the NIDS. Looking for this easier semantics allows us to easily construct evasions on the model, and therefore on the NIDS, as their behavior is quite similar. Our results show how precisely GP can model a NIDS behavior.
dc.format.mimetype application/octet-stream
dc.format.mimetype application/octet-stream
dc.format.mimetype application/pdf
dc.language.iso eng
dc.publisher CSREA Press
dc.rights © CSREA Press
dc.subject.other Evasion
dc.subject.other Intrusion detection
dc.subject.other Network security
dc.title Modeling NIDS evasion with genetic programming
dc.type bookPart
dc.type conferenceObject
dc.type.review PeerReviewed
dc.description.status Publicado
dc.subject.eciencia Informática
dc.rights.accessRights openAccess
dc.relation.eventdate July 12-15 2010
dc.relation.eventnumber 9
dc.relation.eventplace Las Vegas (Nevada, USA)
dc.relation.eventtitle International Conference on Security and Management (SAM 2010)
dc.relation.eventtype proceeding
dc.identifier.publicationtitle Proceedings of 9th International Conference on Security and Management (SAM 2010)
 Find Full text

Ficheros en el ítem

*Click en la imagen del fichero para previsualizar.(Los elementos embargados carecen de esta funcionalidad)


Este ítem aparece en la(s) siguiente(s) colección(es)

Mostrar el registro sencillo del ítem