Loading...
Loading...

Go to the content (press return)

Improving the resilience of an IDS against performance throttling attacks

Author
Sreekar Shenoy, G.; Tubella, J.; Gonzalez, A.
Type of activity
Presentation of work at congresses
Name of edition
8th International Conference on Security and Privacy in Communication Networks
Date of publication
2012
Presentation's date
2012-09-03
Book of congress proceedings
Security and Privacy in Communication Networks: 8th International ICST Conference, SecureComm 2012: Padua, Italy, September 3-5, 2012: revised selected papers
First page
167
Last page
184
Publisher
Springer
DOI
https://doi.org/10.1007/978-3-642-36883-7_11 Open in new window
Project funding
MICROARQUITECTURA I COMPILADORS (ARCO)
Repository
http://hdl.handle.net/2117/19515 Open in new window
Abstract
Intrusion Detection Systems (IDS) have emerged as one of the most promising ways to secure systems in the network. To be effective against evasion attempts, the IDS must provide tight bounds on performance. Otherwise an adversary can bypass the IDS by carefully crafting and sending packets that throttle it. This can render the IDS ineffective, thus resulting in the network becoming vulnerable. We present a performance throttling attack mounted against the computationally intensive string matchin...
Citation
Sreekar Shenoy, G.; Tubella, J.; González, A. Improving the resilience of an IDS against performance throttling attacks. A: International Conference on Security and Privacy in Communication Networks. "Security and Privacy in Communication Networks: 8th International ICST Conference, SecureComm 2012: Padua, Italy, September 3-5, 2012: revised selected papers". Sydney: Springer, 2012, p. 167-184.
Group of research
ARCO - Microarchitecture and Compilers

Participants