Automatically evading IDS using GP authored attacks

被引:8
|
作者
Kayacik, H. Guenes [1 ]
Zincir-Heywood, A. Nur [1 ]
Heywood, Malcolm I. [1 ]
机构
[1] Dalhousie Univ, Fac Comp Sci, 6050 Univ Ave, Halifax, NS B3H 1W5, Canada
来源
2007 IEEE SYMPOSIUM ON COMPUTATIONAL INTELLIGENCE IN SECURITY AND DEFENSE APPLICATIONS | 2007年
基金
加拿大自然科学与工程研究理事会;
关键词
D O I
10.1109/CISDA.2007.368148
中图分类号
TP18 [人工智能理论];
学科分类号
081104 ; 0812 ; 0835 ; 1405 ;
摘要
A mimicry attack is a type of attack where the basic steps of a minimalist 'core' attack are used to design multiple attacks achieving the same objective from the same application. Research in mimicry attacks is valuable in determining and eliminating weaknesses of detectors. In this work, we provide a genetic programming based automated process for designing all components of a mimicry attack relative to the Stide detector under a vulnerable Traceroute application. Results indicate that the automatic process is able to generate mimicry attacks that reduce the alarm rate from similar to 65% of the original attack, to similar to 2.7%, effectively making the attack indistinguishable from normal behaviors.
引用
收藏
页码:153 / +
页数:3
相关论文
共 50 条
  • [31] IDS modelling and evaluation in WANETs against black/grey-hole attacks using stochastic models
    Entezari-Maleki, Reza
    Gharib, Mohammed
    Khosravi, Maryam
    Movaghar, Ali
    INTERNATIONAL JOURNAL OF AD HOC AND UBIQUITOUS COMPUTING, 2018, 27 (03) : 171 - 186
  • [32] IDS-MA: Intrusion Detection System for IoT MQTT Attacks Using Centralized and Federated Learning
    Omotosho, Adebayo
    Qendah, Yaman
    Hammer, Christian
    2023 IEEE 47TH ANNUAL COMPUTERS, SOFTWARE, AND APPLICATIONS CONFERENCE, COMPSAC, 2023, : 678 - 688
  • [33] IDS modelling and evaluation in WANETs against black/grey-hole attacks using stochastic models
    Entezari-Maleki R.
    Gharib M.
    Khosravi M.
    Movaghar A.
    Entezari-Maleki, Reza (entezari@ipm.ir), 2018, Inderscience Publishers (27) : 171 - 186
  • [34] Evading Anomaly Detection through Variance Injection Attacks on PCA (Extended Abstract)
    Rubinstein, Benjamin I. P.
    Nelson, Blaine
    Huang, Ling
    Joseph, Anthony D.
    Lau, Shing-hon
    Taft, Nina
    Tygar, J. D.
    RECENT ADVANCES IN INTRUSION DETECTION, RAID 2008, 2008, 5230 : 394 - +
  • [35] Evading Userland API Hooking, Again: Novel Attacks and a Principled Defense Method
    Assaiante, Cristian
    Nicchi, Simone
    D'Elia, Daniele Cono
    Querzoni, Leonardo
    DETECTION OF INTRUSIONS AND MALWARE, AND VULNERABILITY ASSESSMENT, DIMVA 2024, 2024, 14828 : 150 - 173
  • [36] IPv6 DoS Attacks Detection Using Machine Learning Enhanced IDS in SDN/NFV Environment
    Tseng, Chia-Wei
    Wu, Li-Fan
    Hsu, Shih-Chun
    Yu, Sheng-Wang
    APNOMS 2020: 2020 21ST ASIA-PACIFIC NETWORK OPERATIONS AND MANAGEMENT SYMPOSIUM (APNOMS), 2020, : 263 - 266
  • [37] Automated and Improved Detection of Cyber Attacks via an Industrial IDS Probe
    Toure, Almamy
    Imine, Youcef
    Delot, Thierry
    Gallais, Antoine
    Semnont, Alexis
    Giraudo, Robin
    ICT SYSTEMS SECURITY AND PRIVACY PROTECTION, IFIP SEC 2023, 2024, 679 : 191 - 206
  • [38] Specification-based IDS for securing RPL from topology attacks
    Le, Anhtuan
    Loo, Jonathan
    Luo, Yuan
    Lasebae, Aboubaker
    2011 IFIP WIRELESS DAYS (WD), 2011,
  • [39] Adaptive IDS Alerts Correlation according to the traffic type and the attacks properties
    Sourour, Meharouech
    Adel, Bouhoula
    Tarek, Abbes
    2009 IEEE INTERNATIONAL ADVANCE COMPUTING CONFERENCE, VOLS 1-3, 2009, : 1652 - 1657
  • [40] Host based IDS for NDP related attacks: NS and NA Spoofing
    Kumar, N.
    Bansal, G.
    Biswas, S.
    Nandi, S.
    2013 ANNUAL IEEE INDIA CONFERENCE (INDICON), 2013,
12345