Insertion, Evasion, and Denial of Service: Eluding Network Intrusion Detection
作者: Timothy N. Newsham , Thomas H. Ptacek
DOI:
关键词: Anomaly-based intrusion detection system 、 Computer security 、 Protocol analysis 、 Intrusion detection system 、 Engineering 、 Denial-of-service attack 、 Computer network 、 Host-based intrusion detection system 、 Transmission Control Protocol 、 Evasion (network security) 、 Network security
摘要: … in packets read off the wire to correctly reconstruct what is occurring inside complex prot,ocol transactions, and next, that ID systems are inherently vulnerahlr to denial of service attacks. …
creangel.com 参考文章(9)
Alfonso Valdes, Phillip A. Porras, Live Traffic Analysis of TCP/IP Gateways. network and distributed system security symposium. ,(1998)
Vern Paxson, Bro: a system for detecting network intruders in real-time Computer Networks. ,vol. 31, pp. 2435- 2463 ,(1999) , 10.1016/S1389-1286(99)00112-7
Laurent Joncheray, A Simple active attack against TCP usenix security symposium. pp. 2- 2 ,(1995)
J. Postel, Transmission Control Protocol Internet Request for Comment (RFC793). ,vol. 793, pp. 1- 91 ,(1981)
V. Jacobson, D. Borman, R. Braden, TCP Extensions for High Performance TCP Extensions for High Performance. ,vol. 1323, pp. 1- 37 ,(1992)
Vern Paxson, End-to-end Internet packet dynamics acm special interest group on data communication. ,vol. 27, pp. 139- 152 ,(1997) , 10.1145/263105.263155
R. Atkinson, Security Architecture for the Internet Protocol Security Architecture for the Internet Protocol. ,vol. 1825, pp. 1- 101 ,(1995)
N.J. Puketza, K. Zhang, M. Chung, B. Mukherjee, R.A. Olsson, A methodology for testing intrusion detection systems IEEE Transactions on Software Engineering. ,vol. 22, pp. 719- 729 ,(1996) , 10.1109/32.544350
J. Postel, Internet Protocol ,(1981)