Tuesday, 26 April 2016

On 02:05 by admin   No comments
Finnish security firm Stonesoft claims to have developed 163 new attack methods that can evade network intrusion detection and prevention systems (IDPS) over multiple communication protocols including IPv4, IPv6, TCP and HTTP.

The company calls these methods advanced evasion techniques (AETs), a term it coined last year when it released a similar set of samples.

Stonesoft’s new AETs consist of 54 unique evasions and 109 combinations that have been confirmed to bypass the signatures of multiple IDPS products currently available on the market.

Intrusion detection and prevention systems consist of software applications commonly running on dedicated hardware, that monitor network traffic with the purpose of detecting malicious activity and blocking it.

Similar to antivirus products which use malware definitions to block threats, IDPS solutions use attack signatures to detect network intrusion attempts.

It’s been known for a long time that signature-based implementations can be defeated by determined attackers; that’s the reason why modern antivirus products provide multiple layers of protection.

0 comments:

Post a comment