Abstract
The impact of a successfully performed intrusion can be very crucial. There exists a lot of space which needs research in order to improve detection capabilities of various types of intrusions. Therefore, many researchers and developers are encouraged to design new methods and approaches for detection of known and unknown (zero-day) network attacks. These facts are the most important reasons why Anomaly Detection Systems (ADS) intended for intrusion detection arose. Network ADS (further ADS) approaches attack detection by utilizing packets’ headers and communication behavior, not the content of the packets. Thus, basic principles of ADS open possibilities of an attacker to evade ADS detection by obfuscation techniques.
This is a preview of subscription content, log in via an institution to check access.
Access this chapter
Tax calculation will be finalised at checkout
Purchases are for personal use only
Similar content being viewed by others
References
RapidMiner: RapidMiner Studio. https://rapidminer.com/products/studio/
Boltz, M., Jalava, M., Walsh, J.: New Methods and Combinatorics for Bypassing Intrusion Prevention Technologies. Technical report Stonesoft (2010)
Handley, M., Paxson, V., Kreibich, C.: Network Intrusion Detection: Evasion, Traffic Normalization, and End-to-End Protocol Semantics. In: 10th USENIX Security Symposium, pp. 115–131 (2001)
Hemminger, S., et al.: Network Emulation with NetEm. In: Australia’s 6th National Linux Conference, pp. 18–23. Citeseer (2005)
Homoliak, I., Barabas, M., Chmelar, P., Drozd, M., Hanacek, P.: ASNM: Advanced Security Network Metrics for Attack Vector Description. In: Proceedings of the International Conference on Security and Management (SAM), pp. 350–358 (2013)
Ptacek, T.H., Newsham, T.N.: Insertion, Evasion, and Denial of Service: Eluding Network Intrusion Detection. Technical report, DTIC Document (1998)
Puppy, R.F.: A look at Whisker’s Anti-IDS Tactics (1999). http://www.ussrback.com/docs/papers/IDS/whiskerids.html
Acknowledgements
This article was created within the project Reliability and Security in IT (FIT-S-14-2486) and supported by The Ministry of Education, Youth and Sports from the National Programme of Sustainability (NPU II); project IT4Innovations excellence in science – LQ1602.
Author information
Authors and Affiliations
Corresponding author
Editor information
Editors and Affiliations
Rights and permissions
Copyright information
© 2017 ICST Institute for Computer Sciences, Social Informatics and Telecommunications Engineering
About this paper
Cite this paper
Homoliak, I., Teknos, M., Barabas, M., Hanacek, P. (2017). Exploitation of NetEm Utility for Non-payload-based Obfuscation Techniques Improving Network Anomaly Detection. In: Deng, R., Weng, J., Ren, K., Yegneswaran, V. (eds) Security and Privacy in Communication Networks. SecureComm 2016. Lecture Notes of the Institute for Computer Sciences, Social Informatics and Telecommunications Engineering, vol 198. Springer, Cham. https://doi.org/10.1007/978-3-319-59608-2_48
Download citation
DOI: https://doi.org/10.1007/978-3-319-59608-2_48
Published:
Publisher Name: Springer, Cham
Print ISBN: 978-3-319-59607-5
Online ISBN: 978-3-319-59608-2
eBook Packages: Computer ScienceComputer Science (R0)