The Countermeasure for IP Fragment Attacks in Intrusion Detection

机译：入侵检测中IP碎片攻击的对策

获取原文

获取原文并翻译 | 示例

页面导航

摘要
著录项
相似文献
相关主题

摘要

Intrusion detection has become an essential component of computer security in recent years. The role of an IDS (intrusion detection systems) is to warn administrators of suspicious and potentially malicious computer activity. Security administrators are complementing existing security measures with IDSs to achieve defense in depth. But most IDSs can not handle with IP fragmentation reassembly at all. An attacker can completely evade the IDS by fragmenting every packet she sends across the network. So it is important to understand the principle of fragment and how it works. This paper descripts the attacks aimed at the fragment and how to deal with the problem.

机译：近年来，入侵检测已成为计算机安全的重要组成部分。 IDS（入侵检测系统）的作用是警告管理员可疑的和潜在的恶意计算机活动。安全管理员正在使用IDS补充现有的安全措施，以实现深度防御。但是大多数IDS根本无法处理IP分片重组。攻击者可以通过分段整个网络上发送的每个数据包来完全逃避IDS。因此，了解片段的原理及其工作原理非常重要。本文描述了针对碎片的攻击以及如何处理该问题。

著录项

来源
《International Symposium on Magnetic Industry(ISMI'04) amp; International Symposium on Physics and IT Industry(ISPITI'04); 20041004-08; Shenyang(CN)》|2004年|P.275-277|共3页
会议地点 Shenyang(CN)
作者
Zhong Luo; Feng Shan; Shen Qi;
展开▼
作者单位

School of Computer Science and Technology, WuHan University of Technology, HuBei, 430070, China;

展开▼
会议组织
原文格式 PDF
正文语种 eng
中图分类磁性材料、铁氧体;
关键词

相似文献

外文文献
中文文献
专利

1. Multi-agent technologies for computer network security: Attack simulation, intrusion detection and intrusion detection learning [J] . Vladimir Gorodetski, Igor Kotenko, Oleg Karsaev International Journal of Computer Systems Science & Engineering . 2003,第4期

机译：用于计算机网络安全的多代理技术：攻击模拟，入侵检测和入侵检测学习
2. Improving Attack Detection Rate in Network Intrusion Detection Using Adaboost Algorithm with Multiple Weak Classifiers [J] . P. Natesan, P. Balasubramanie, G. Gowrison Journal of information and computational science . 2012,第8期

机译：使用多个弱分类器的Adaboost算法提高网络入侵检测中的攻击检测率
3. A Dual Attack Detection Technique to Identify Black and Gray Hole Attacks Using an Intrusion Detection System and a Connected Dominating Set in MANETs [J] . Zulfiqar Ali Zardari, Jingsha He, Nafei Zhu, Future Internet . 2019,第3期

机译：MANET中使用入侵检测系统和连接的控制集来识别黑洞和灰洞攻击的双重攻击检测技术
4. The Countermeasure for IP Fragment Attacks in Intrusion Detection [C] . Zhong Luo, Feng Shan, Shen Qi International Symposium on Magnetic Industry . 2005

机译：IP片段攻击在入侵检测中的对策
5. A novel Intrusion Detection System (IDS) architecture: Attack detection based on Snort for multistage attack scenarios in a multi-cores environment [D] . Pagna Disso de Muila, Jules Ferdinand 2010

机译：一种新颖的入侵检测系统（IDS）架构：基于Snort的攻击检测可在多核环境中进行多阶段攻击
6. Fusion of Heterogeneous Intrusion Detection Systems for Network Attack Detection [O] . Jayakumar Kaliappan, Revathi Thiagarajan, Karpagam Sundararajan 2015

机译：融合用于网络攻击检测的异构入侵检测系统
7. Attacks against intrusion detection networks: evasion, reverse engineering and optimal countermeasures [O] . Pastrana Portillo Sergio 2014

机译：针对入侵检测网络的攻击：规避，逆向工程和最佳对策
8. Evaluating Intrusion Detection Systems Without Attacking Your Friends: The 1998 DARPA Intrusion Detection Evaluation [R] . Cunningham, R. K., Lippmann, R. P., Fried, D. J., 1999

机译：在不攻击你的朋友的情况下评估入侵检测系统：1998年DaRpa入侵检测评估

The Countermeasure for IP Fragment Attacks in Intrusion Detection

摘要

著录项

相似文献

相关主题

期刊订阅