Issue No.06 - November/December (2006 vol.4)
Richard A. Raines , US Air Force Institute of Technology
Rusty O. Baldwin , US Air Force Institute of Technology
Barry E. Mullins , US Air Force Institute of Technology
DOI Bookmark: http://doi.ieeecomputersociety.org/10.1109/MSP.2006.159
In this article, the authors describe common intrusion detection techniques, NIDS evasion methods, and how NIDSs detect intrusions. Additionally, we introduce new evasion methods, present test results for confirming attack outcomes based on server responses, and propose a methodology for confirming response validity.
intrusion detection, NIDS, network forensics, evasion techniques, polymorphic shellcode
Richard A. Raines, Rusty O. Baldwin, Barry E. Mullins, "Network Intrusion Detection: Automated and Manual Methods Prone to Attack and Evasion", IEEE Security & Privacy, vol.4, no. 6, pp. 36-43, November/December 2006, doi:10.1109/MSP.2006.159