Intrusion Detection System evasion techniques are modifications made to attacks in order to prevent detection by an Intrusion Detection System (IDS). Almost all published evasion techniques modify network attacks. The 1998 paper Insertion, Evasion, and Denial of Service: Eluding Network Intrusion Detection popularized IDS evasion, and discussed both evasion techniques and areas where the correct interpretation was ambiguous depending on the targeted computer system. The 'fragroute' and 'fragrouter' programs implement evasion techniques discussed in the paper. Many web vulnerability scanners, such as 'Nikto', 'whisker' and 'Sandcat', also incorporate IDS evasion techniques.
Most IDSs have been modified to detect or even reverse basic evasion techniques, but IDS evasion (and countering IDS evasion) are still active fields.
Read more about Intrusion Detection System Evasion Techniques: Obfuscating Attack Payload, Fragmentation and Small Packets, Overlapping Fragments, Protocol Violations, Inserting Traffic At The IDS, Denial of Service
Famous quotes containing the words system and/or techniques:
“In the end we beat them with Levi 501 jeans. Seventy-two years of Communist indoctrination and propaganda was drowned out by a three-ounce Sony Walkman. A huge totalitarian system ... has been brought to its knees because nobody wants to wear Bulgarian shoes.... Now they’re lunch, and we’re number one on the planet.”
—P.J. (Patrick Jake)
“It is easy to lose confidence in our natural ability to raise children. The true techniques for raising children are simple: Be with them, play with them, talk to them. You are not squandering their time no matter what the latest child development books say about “purposeful play” and “cognitive learning skills.””
—Neil Kurshan (20th century)