Adversarial attacks against intrusion detection systems: Taxonomy, solutions and open issues
作者: Igino Corona , Giorgio Giacinto , Fabio Roli
DOI: 10.1016/J.INS.2013.03.022
关键词:
摘要: Intrusion Detection Systems (IDSs) are one of the key components for securing computing infrastructures. Their objective is to protect against attempts violate defense mechanisms. Indeed, IDSs themselves part infrastructure, and thus they may be attacked by same adversaries designed detect. This a relevant aspect, especially in safety-critical environments, such as hospitals, aircrafts, nuclear power plants, etc. To best our knowledge, this survey first work present an overview on adversarial attacks IDSs. In particular, paper will provide following original contributions: (a) general taxonomy attack tactics IDSs; (b) extensive description how can implemented exploiting IDS weaknesses at different abstraction levels; (c) each implementation, critical investigation proposed solutions open points. Finally, highlight most promising research directions design adversary-aware, harder-to-defeat solutions. end, we leverage experience field intrusion detection, well thorough related works published so far.
acm.org
core.ac.uk
elsevier.com
sci-hub.se 参考文章(155)
Marko Jahnke, Jens Tölle, Sascha Lettgen, Michael Bussmann, Uwe Weddige, A Robust SNMP Based Infrastructure for Intrusion Detection and Response in Tactical MANETs Detection of Intrusions and Malware & Vulnerability Assessment. pp. 164- 180 ,(2006) , 10.1007/11790754_10
Matthew Van Gundy, Giovanni Vigna, Davide Balzarotti, Catch me, if you can: evading network signatures with web-based polymorphic worms WOOT '07 Proceedings of the first USENIX workshop on Offensive Technologies. pp. 7- ,(2007)
Ulrich Flegel, Privacy-Respecting Intrusion Detection (Advances in Information Security) Springer-Verlag New York, Inc.. ,(2007)
Christopher Kruegel, Viktoria Felmetsger, Ludovico Cavedon, Giovanni Vigna, Toward automated detection of logic vulnerabilities in web applications usenix security symposium. pp. 10- 10 ,(2010)
Andreas Hess, Michael Jung, Günter Schäfer, Combining Multiple Intrusion Detection and Response Technologies in an Active Networking Based Architecture DFN-Arbeitstagung über Kommunikationsnetze. pp. 153- 165 ,(2003)
Martim Carbone, Matthew Conover, Bruce Montague, Wenke Lee, Secure and Robust Monitoring of Virtual Machines through Guest-Assisted Introspection Research in Attacks, Intrusions, and Defenses. pp. 22- 41 ,(2012) , 10.1007/978-3-642-33338-5_2
Richard A. Kemmerer, Christopher Krügel, Giovanni Vigna, William K. Robertson, Using Generalization and Characterization Techniques in the Anomaly-based Detection of Web Attacks. network and distributed system security symposium. ,(2006)
Richard A. Kemmerer, Christopher Kruegel, Darren Mutz, Giovanni Vigna, William Robertson, Reverse Engineering of Network Signatures ,(2005)
Vern Paxson, Mark Handley, Defending against network IDS evasion. recent advances in intrusion detection. ,(1999)
Samuel Patton, An Achilles Heel in Signature-Based IDS : Squealing False Positives in SNORT Proceedings of RAID2001, Davis, CA, USA. ,(2001)