IDS mailing list archives
Re: Behavior anomaly IDS attacks
From: Stefano Zanero <zanero () elet polimi it>
Date: Fri, 01 Apr 2005 19:49:15 +0200
Drew Simonis wrote:
Hello, Some time ago, I read an interesting bit of research proposing an attack against a behavior baseline/anomaly IDS system that slowly altered traffic with the intent of incorporating the attack into the baseline. I wonder if anyone here might have also read that and would be familiar with the title. I've lost it.
The attack is called "semantic/conceptual drift", and it's a common phaenomenon in learning systems Google for this ;) Stefano -------------------------------------------------------------------------- Test Your IDS Is your IDS deployed correctly? Find out quickly and easily by testing it with real-world attacks from CORE IMPACT. Go to http://www.securityfocus.com/sponsor/CoreSecurity_focus-ids_040708 to learn more. --------------------------------------------------------------------------
Current thread:
- Re: Behavior anomaly IDS attacks Stefano Zanero (Apr 01)