Sciweavers

Share
ICDCS
2009
IEEE

Characterization and Solution to a Stateful IDS Evasion

9 years 9 months ago
Characterization and Solution to a Stateful IDS Evasion
We identify a new type of stateful IDS evasion, named signature evasion. We formalize the signature evasion on those Stateful IDSs whose state can be modeled using Deterministic Finite State Automata (DFAs). We develop an efficient algorithm which operates on rule set DFAs and derives a minimal rectification of evasive paths. Finally, we evaluate our solution on Snort signatures, identify and rectify existing vulnerable flowbit rule sets 1
Issam Aib, Tung Tran, Raouf Boutaba
Added 08 Mar 2010
Updated 08 Mar 2010
Type Conference
Year 2009
Where ICDCS
Authors Issam Aib, Tung Tran, Raouf Boutaba
Comments (0)
books