Vasilomanolakis, Emmanouil ; Stahn, Michael ; Garcia Cordero, Carlos ; Mühlhäuser, Max (2015)
Probe-response attacks on collaborative intrusion detection systems: effectiveness and countermeasures.
IEEE Conference on Communications and Network Security (CNS). Florence, Italy (28.-30. Sept. 2015)
doi: 10.1109/CNS.2015.7346892
Konferenzveröffentlichung, Bibliographie
Kurzbeschreibung (Abstract)
Over the last years the number of cyber-attacks has been constantly increasing. Since isolated Intrusion Detection Systems (IDSs) cannot cope with the number and sophistication of attacks, collaboration among the defenders is required. Collaborative IDSs (CIDSs) work by exchanging alert traffic to construct a holistic view of the monitored network. However, an adversary can utilize probe-response attacks to successfully detect CIDS's monitoring sensors. We discuss the practicability of such attacks, suggest improvements, and also propose novel techniques to reduce the effects of such attacks. Moreover, we present preliminary results in the applicability of the attacks and hints on performing such attacks in a well known CIDS.
| Typ des Eintrags: | Konferenzveröffentlichung |
|---|---|
| Erschienen: | 2015 |
| Autor(en): | Vasilomanolakis, Emmanouil ; Stahn, Michael ; Garcia Cordero, Carlos ; Mühlhäuser, Max |
| Art des Eintrags: | Bibliographie |
| Titel: | Probe-response attacks on collaborative intrusion detection systems: effectiveness and countermeasures |
| Sprache: | Englisch |
| Publikationsjahr: | September 2015 |
| Veranstaltungstitel: | IEEE Conference on Communications and Network Security (CNS) |
| Veranstaltungsort: | Florence, Italy |
| Veranstaltungsdatum: | 28.-30. Sept. 2015 |
| DOI: | 10.1109/CNS.2015.7346892 |
| Zugehörige Links: | |
| Kurzbeschreibung (Abstract): | Over the last years the number of cyber-attacks has been constantly increasing. Since isolated Intrusion Detection Systems (IDSs) cannot cope with the number and sophistication of attacks, collaboration among the defenders is required. Collaborative IDSs (CIDSs) work by exchanging alert traffic to construct a holistic view of the monitored network. However, an adversary can utilize probe-response attacks to successfully detect CIDS's monitoring sensors. We discuss the practicability of such attacks, suggest improvements, and also propose novel techniques to reduce the effects of such attacks. Moreover, we present preliminary results in the applicability of the attacks and hints on performing such attacks in a well known CIDS. |
| Freie Schlagworte: | - SSI - Area Secure Smart Infrastructures;Secure Services |
| ID-Nummer: | TUD-CS-2015-1182 |
| Fachbereich(e)/-gebiet(e): | 20 Fachbereich Informatik 20 Fachbereich Informatik > Telekooperation LOEWE LOEWE > LOEWE-Zentren LOEWE > LOEWE-Zentren > CASED – Center for Advanced Security Research Darmstadt |
| Hinterlegungsdatum: | 31 Dez 2016 12:59 |
| Letzte Änderung: | 14 Jun 2021 06:14 |
| PPN: | |
| Zugehörige Links: | |
| Export: | |
| Suche nach Titel in: | TUfind oder in Google |
 |
Frage zum Eintrag |
Optionen (nur für Redakteure)
 |
Redaktionelle Details anzeigen |
Drucken
Impressum