Evasion Techniques Efficiency Over The IPS/IDS Technology

Citations Over TimeTop 12% of 2019 papers

Abstract

Intrusion Prevention Systems (IPS) and Intrusion Detection Systems (IDS) are the first line of the defense of cyber-environment. This technology is made for capturing and preventing breaches and attacks. Evading of an IPS/IDS system creates a large gap in cyber-security. This research examines seven common evasion techniques and success rates of these over the IPS/IDS system. These techniques are TTL evasion, fragmentation with MTU modification evasion, tampering time - agent name and port name evasion, encoding and obfuscation evasion, bad checksum evasion, file header manipulation evasion, file and path change evasion. The last version of Snort IPS/IDS system was used to test attacks and evasion techniques. The whole attack and evasion dataset created by contemporary attack techniques during the research. Test results demonstrate that the IPS/IDS system can be bypassed with evasion techniques.

Related Papers

• → A dynamic honeypot design for intrusion detection(2004)66 cited
• → Experiences with Honeypot Systems: Development, Deployment, and Analysis(2006)48 cited
• → A dynamic honeypot design for intrusion detection(2004)34 cited
• Honeypot Technique and its Applications: a Survey(2007)
• → Study on Application and Design of Honeypot Technology(2015)