attacker
RSS attackerUnchecked Buffer in SNMP Service Could Enable Arbitrary Code to be Run
White Paper By sending a specially malformed management request to a system running an affected version of the SNMP service, an attacker could cause a denial of service. This could potentially give the attacker the... [03 Jul 2008]
Using Independent Auditors as Intrusion Detection Systems
White Paper Integrity tools to date rely on the operating system to function correctly, so once the operating system is compromised even a novice attacker can easily defeat these tools. A basic method in computer security is to... [30 Jun 2008]
Corporations riddled with security holes
News Some OpenSSL versions are known to contain several vulnerabilities that could allow an attacker to carry out a denial of service attack or execute arbitrary code on web servers. Successful exploitation of this issue... [19 Jun 2008]
A Game Theoretic Analysis of Intrusion Detection in Access Control Systems
White Paper A security game between the attacker and the intrusion detection system is investigated both in finite and continuous-kernel versions, where in the latter case players are associated with specific cost functions. [19 Jun 2008]
Adaptive Alert Throttling for Intrusion Detection Systems
White Paper If this channel can become overwhelmed with bogus data, an attacker can quickly achieve complete neutralisation of intrusion detection capability. Each time an intrusion detection system raises an alert it must make some... [19 Jun 2008]
Strategic Alert Throttling for Intrusion Detection Systems
White Paper Alert flood attacks may be used to conceal malicious activity by hiding it among a deluge of false alerts sent by the attacker. Network intrusion detection systems are themselves becoming targets of attackers. [18 Jun 2008]
A Bayesian Game Approach for Intrusion Detection in Wireless Ad Hoc Networks
White Paper It studies the achievable Nash equilibrium for the attacker/defender game in both static and dynamic scenarios. In wireless ad hoc networks, although defense strategies such as Intrusion Detection Systems (IDSs) can be... [18 Jun 2008]
A Target-Centric Ontology for Intrusion Detection
White Paper The ontology is based upon an analysis of over 4,000 classes of computer intrusions and their corresponding attack strategies and is categorized according to: system component targeted, means of attack, consequence of attack and location... [12 Jun 2008]
Mimicry Attacks on Host-Based Intrusion Detection Systems
White Paper First, it introduces the notion of a mimicry attack, which allows a sophisticated attacker to cloak their intrusion to avoid detection by the Intrusion Detection Systems (IDS). This paper examines several host-based... [03 Jun 2008]
Mimicry Attacks on Host-Based Intrusion Detection Systems
First, it introduces the notion of a mimicry attack, which allows a sophisticated attacker to cloak their intrusion to avoid detection by the Intrusion Detection Systems (IDS). This paper examines several host-based... [03 Jun 2008]
FireCracker: A Framework for Inferring Firewall Policies Using Smart Probing
White Paper It shows how an attacker can reconstruct a firewall's policy by probing the firewall with tailored packets into a network and forming an idea of what the policy looks like. A firewall policy that is correct and complete... [31 May 2008]
Security 2.0
White Paper Many of today's threats are designed to gather information that has financial value to the attacker. Security 2.0 is not a new service or application. Rather, it is an integration of software, services, and partnerships... [30 May 2008]
Network Intrusion Detection: Evasion, Traffic Normalization, and End-to-End Protocol Semantics
White Paper A fundamental problem for network intrusion detection systems is the ability of a skilled attacker to evade detection by exploiting ambiguities in the traffic stream as seen by the monitor. This paper discusses the... [21 May 2008]
TechNet Webcast: Securing Services and Critical Accounts (Level 300)
White Paper However, these applications often require service accounts to be configured to run with the highest possible privileges, a security risk that can enable an attacker to gain unrestricted access to the computer, domain, or... [01 May 2008]
Firewall Policy Reconstruction by Active Probing: An Attacker's View
White Paper This paper shows how an attacker can reconstruct a firewall's policy by probing the firewall by sending tailored packets into a network and forming an idea of what the policy looks like. Having a firewall policy that is... [23 Apr 2008]
