models of internet attacks.

[Sharath Malladi <sharath_malladi () yahoo com>]

hi,
I have heard a lot of talk in research papers about modeling internet
attacks. Such attacks are launched through a series of connections
across hosts. The intent is either to mislead the ids or to attack
the target machine through a series of steps with increasing privileges
in each step.

Modeling such attacks gives a provision for creating a 'signature' of
the attack. Thus the signature is not a set of bytes but a series of
connections accross hosts. Various components of the ids can then
communicate to identify such intrusion patterns.

I have heard of such attacks in research papers but not heard of any
real-life incidents. Can anyone please provide information of such attacks
in real life.

thanks,
sharath.

-----------------------------------------------------------
Does your IDS have Intelligent Attack Profiling?
If not, see what you're missing.
Download a free 15-day trial of StillSecure Border Guard.
http://www.securityfocus.com/stillsecure