Evading network-level emulation

[Nytro]

Evading network-level emulation

Piotr Bania

bania.piotr @ gmail.com

April 2009

Abstract

Recently more and more attention has been paid to

the intrusion detection systems (IDS) which don't

rely on signature based detection approach. Such

solutions try to increase their defense level by using

heuristics detection methods like network-level emulation.

This technique allows the intrusion detection

systems to stop unknown threats, which normally

couldn't be stopped by standard signature

detection techniques.

In this article author will describe general concepts

of network-level emulation technique including

its advantages and disadvantages (weak sides)

together with providing potential countermeasures

against this type of detection method.

Download:

http://piotrbania.com/all/articles/pbania-evading-nemu2009.pdf

[aaa1]

Vad ca nu merge linkul si nici siteul.Daca ai downloadat pdf-ul pune-l te rog direct.

[aelius]

Vad ca nu merge linkul si nici siteul.Daca ai downloadat pdf-ul pune-l te rog direct.

pdf: http://docs.rtfm.us/Incoming/pbania-evading-nemu2009.pdf