| Publisher | Illinois State University | ||
|---|---|---|---|
| Format | 31.0KB PDF | Date added | 11 Aug 2001 |
| Topics | Digital Signatures, Security Tools, Intrusion Detection Systems | ||
| Downloads | 78 | ||
This paper reports a vulnerability to network signature-based IDS which has been tested using Snort and is called "Squealing". This vulnerability has significant implications since it can easily be generalized to any IDS. The vulnerability of signature-based IDS to high false positive rates has been well-documented but one goes further to show (at a high level) how packets can be crafted to match attack signatures such that a alarms on a target IDS can be conditioned or disabled and then exploited. This is the first academic treatment of this vulnerability that has already been reported to the CERT Coordination Center and the National Infrastructure Protection Center. Independently, other tools based on "Squealing" are poised to appear that, while validating our ideas, also gives cause for concern.
Related white papers
Efficient Byzantine Broadcast in Wireless Ad-Hoc Networks
This paper presents an overlay based Byzantine tolerant broadcast protocol for wireless ad-hoc networks. The use of an overlay results in a significant reduction in the number of messages. The...
Delivering Intelligent Network Access through Identity-Driven Management
Download this ProCurve Networking white paper from HP to read up on identity-driven management (IDM), a next-generation approach to access control that significantly improves network security. The paper explains how...
Extended Validation SSL Digital Certificate Research Study
Late in 2006, the industry standards body called the CA/Browser Forum released its specification for a new class of SSL Certificate called an Extended Validation (EV) SSL Certificate. Because these...
Technical Brief: Identity-Driven Management
This white paper introduces ProCurve Identity Driven Manager 2.0 (IDM 2.0), a next-generation solution from HP that enables companies to dramatically improve information security, network resiliency, and overall business efficiency....
The Value of Authentication: Authentication + Encryption + Certification Authority = Trust
One of the biggest problems facing your Internet business today is the thorny issue of trust and security. People simply don't trust the Web, fearing that their transactions might not...
Trusted Computing – Getting Started In Three Easy Steps
It is a reality in today’s business environment that enterprise and government data is vulnerable to attack. Critical incidents are reported by the media daily including identity theft, information leakage,...
Trusted Computing: Trusted Platform Management and Key Recovery
The computer industry offers a variety of PCs and desktop boards equipped with a Trusted Computing Module (TPM), a dedicated microchip enabled for security capabilities. Specifications for the TPM have...





