IDS mailing list archives
models of internet attacks.
From: Sharath Malladi <sharath_malladi () yahoo com>
Date: 20 Feb 2003 18:30:17 -0000
hi, I have heard a lot of talk in research papers about modeling internet attacks. Such attacks are launched through a series of connections across hosts. The intent is either to mislead the ids or to attack the target machine through a series of steps with increasing privileges in each step. Modeling such attacks gives a provision for creating a 'signature' of the attack. Thus the signature is not a set of bytes but a series of connections accross hosts. Various components of the ids can then communicate to identify such intrusion patterns. I have heard of such attacks in research papers but not heard of any real-life incidents. Can anyone please provide information of such attacks in real life. thanks, sharath. ----------------------------------------------------------- Does your IDS have Intelligent Attack Profiling? If not, see what you're missing. Download a free 15-day trial of StillSecure Border Guard. http://www.securityfocus.com/stillsecure
Current thread:
- models of internet attacks. Sharath Malladi (Feb 20)