Sökning: onr:"swepub:oai:DiVA.org:kau-39058" >
Multipath TCP IDS E...
Multipath TCP IDS Evasion and Mitigation
-
- Afzal, Zeeshan, 1991- (författare)
- Karlstads universitet,Institutionen för matematik och datavetenskap (from 2013),PriSec
-
- Lindskog, Stefan, 1967- (författare)
- Karlstads universitet,Institutionen för matematik och datavetenskap (from 2013),PriSec
-
(creator_code:org_t)
- 2015-08-27
- 2015
- Engelska.
-
Ingår i: Information Security. - Cham : Springer. - 9783319233178 ; , s. 265-282
- Relaterad länk:
-
https://urn.kb.se/re...
-
visa fler...
-
https://doi.org/10.1...
-
visa färre...
Abstract
Ämnesord
Stäng
- The existing network security infrastructure is not ready for future protocols such as Multipath TCP (MPTCP). The outcome is that middleboxes are configured to block such protocols. This paper studies the security risk that arises if future protocols are used over unaware infrastructures. In particular, the practicality and severity of cross-path fragmentation attacks utilizing MPTCP against the signature-matching capability of the Snort intrusion detection system (IDS) is investigated. Results reveal that the attack is realistic and opens the possibility to evade any signature-based IDS. To mitigate the attack, a solution is also proposed in the form of the MPTCP Linker tool. The work outlines the importance of MPTCP support in future network security middleboxes.
Ämnesord
- NATURVETENSKAP -- Data- och informationsvetenskap -- Datavetenskap (hsv//swe)
- NATURAL SCIENCES -- Computer and Information Sciences -- Computer Sciences (hsv//eng)
Nyckelord
- Computer Science
- Datavetenskap
Publikations- och innehållstyp
- ref (ämneskategori)
- kon (ämneskategori)
Hitta via bibliotek
Till lärosätets databas