You are here: silicon.com > Resources > White Papers > Security > Intrusion - Tampering > Network Security

Network Security White Papers

Network Intrusion Detection: Evasion, Traffic Normalization, and End-to-End Protocol Semantics

Tags:
network security

Overview A fundamental problem for network intrusion detection systems is the ability of a skilled attacker to evade detection by exploiting ambiguities in the traffic stream as seen by the monitor. This paper discusses the viability of addressing this problem by introducing a new network forwarding element called a traffic normalizer. The normalizer sits directly in the path of traffic into a site and patches up the packet stream to eliminate potential ambiguities before the traffic is seen by the monitor, removing evasion opportunities. The paper examines a number of tradeoffs in designing a normalizer, emphasizing the important question of the degree to which normalizations undermine end-to-end protocol semantics.

Further White Paper Details
Publisher	Technische Universitat Munchen	File Format	PDF
Date Published	May 2001
Format	White Papers
Topics	Network Security, Security Tools, Intrusion Detection Systems

Did you find this white paper useful? 1 out of 2 users found this white paper useful

Balancing Security Against Productivity

Publisher:
Novell

Security: New strides in preventing intrusions.

Publisher:
IBM

Novell Zenworks Endpoint Security Management: Total Control from a Single Console

Publisher:
Novell

Secure Desktop On-Demand Webcast

Publisher:
Novell

Woods Services Gains Advanced Web Filtering Technology with Bloxx

Publisher:
Bloxx

Tags:
network security

Logic of Logical rubbished

Zoning architecture will increase initial spend on IT, log traffic between zones generated by more firewalls and intrusion detection systems will quadruple. But Clifford added Logical has to be careful not to zone too much and cut the user off from...

Channel:
Security Strategy

Top ten tips to stop internal hackers

Implement architectural features to isolate, minimise and monitor internal user access abuses such as using packet sniffers to monitor internal traffic and host and/or a network-based intrusion detection system to identify internally-based attacks.

Channel:
Security Strategy

Catching wireless hackers in the act

The so-called Wireless Internet Security Experiment, or WISE, aims to "develop effective information security, intrusion detection, and incident response, and forensic methodologies for wireless networks," according to the project's web page.

Channel:
Security Strategy

Broadband 'increases security risk fivefold'

UK ISP Star Internet, which commissioned the report, says it is vital for firms to install a firewall to manage the flow of data in and out of their network, an antivirus product that should ideally monitor emails and Web traffic, and intrusion...

Cisco battles Juniper with worms

Platon said the company is also working to extend its intrusion detection technology, which is already shipping as an appliance and as a blade for the Catalyst 6500. Many intrusion prevention solutions have suffered from a high rate of false...

Channel:
Security Strategy

Cracked: The Great Firewall of China

The researchers found it was possible to circumvent the Chinese intrusion detection systems (IDS) by ignoring the forged TCP resets injected by the Chinese routers, which would normally force the endpoints to abandon the connection.

Live Webcast: Telecoms 2.0 - Where is telecoms heading?

In this webcast, our panel of experts will review where we are with next generation telecoms in the UK, working through the concept of 'Telecoms 2.0': - Realising the potential of Next Generation Networks - why it isn't just about the technology? - What attributes should firms be looking for in their telco partner? - Is the relationship between telco provider and customer changing? - What things need to happen to make next generation services a reality? - You say you want the supplier to change. Do you want to change too? - What is Telecoms 2.0?

Publisher:
ZDNet UK

Telecom 2.0: Mind over matter

ntl:Telewest Business believes that the role of the telco is evolving. Gone are the days when it was enough to simply focus on circuits and minutes, customers now need a far higher degree of interaction and look for suppliers who will talk business solutions with them.

Publisher:
ntl:Telewest Business

IBM Information Server Change Data Capture

In today's fast-paced world, access to real-time data has never been more important. To be successful, organizations need to be able to report and analyze corporate data quickly and easily, regardless of what applications created the data, what platform they're running on, or what database they're stored in.

Publisher:
IBM

An examination of server consolidation: the trends that can drive efficiencies and help businesses gain a competitive edge

This white paper provides a starting point for organizations contemplating server consolidation. It includes an overview of server consolidation concepts and techniques and provides guidance on methodologies. It also looks at the potential cost savings associated with server consolidation and offers information on how organizations can sustain the advantage they have gained by consolidating their servers.

Publisher:
IBM

Also on silicon.com

Site Navigation:

Network Security White Papers

Network Intrusion Detection: Evasion, Traffic Normalization, and End-to-End Protocol Semantics

Quick Sitemap Links:

About Us

Search

Blogs

Verticals

Advertising Features

CNET Networks in Europe

CNET Networks in the United States

CNET Networks in Asia Pacific