attacker
RSS attackerAttestation-Based Policy Enforcement for Remote Access
White Paper At present, no confidentiality or integrity guarantees about the remote access clients are made, so it is possible that an attacker may have compromised a client process and is now downloading or modifying corporate data. [18 Jul 2008]
MSDN Webcast: Know Your Options for Data Validation (Level 300)
White Paper Data streams are the most popular vector to carry an attacker's payload. A scan of any vulnerability database will reveal that the cause of most application security faults can be traced to ineffective data validation. [10 Jul 2008]
Intrusion Detection Evasion: How Attackers Get Past the Burglar Alarm
White Paper With techniques like obfuscation, fragmentation, Denial of Service, and application hijacking the attacker can pass traffic under the nose of IDS to prevent their detection. The purpose of this paper is to show methods that attackers can use to... [10 Jul 2008]
Microsoft Executive Circle Webcast: Advanced Web Server Security With IIS 6.0 and Windows Server 2003
White Paper Web Service Extensions, which prohibits any executable from running unless it is specifically allowed, makes it very difficult for an attacker to launch malicious applications on the server. IIS 6.0 provides vastly improved security for Web servers. [10 Jul 2008]
A Bayesian Game Approach for Intrusion Detection in Wireless Ad Hoc Networks
White Paper It studies the achievable Nash equilibrium for the attacker/defender game in both static and dynamic scenarios. In wireless ad hoc networks, although defense strategies such as Intrusion Detection Systems (IDSs) can be deployed at each mobile node... [09 Jul 2008]
Microsoft warns of ActiveX attack
News This would provide the attacker with as much access to and rights on the computer as the logged-in user has. An attacker would have to lure a victim, via a link in an email for example, to a specially crafted web page that could exploit the... [08 Jul 2008]
A Cryptanalysis of the High-Bandwidth Digital Content Protection System
White Paper If an attacker can recover 40 public/private key pairs that span the module of public keys, then the authority's master secret can be recovered in a few seconds. With the master secret, an attacker can eavesdrop on communications between any two... [08 Jul 2008]
A Game Theoretic Analysis of Intrusion Detection in Access Control Systems
White Paper A security game between the attacker and the intrusion detection system is investigated both in finite and continuous-kernel versions, where in the latter case players are associated with specific cost functions. [05 Jul 2008]
Strategic Alert Throttling for Intrusion Detection Systems
White Paper Alert flood attacks may be used to conceal malicious activity by hiding it among a deluge of false alerts sent by the attacker. Network intrusion detection systems are themselves becoming targets of attackers. [05 Jul 2008]
Adaptive Alert Throttling for Intrusion Detection Systems
White Paper If this channel can become overwhelmed with bogus data, an attacker can quickly achieve complete neutralisation of intrusion detection capability. Each time an intrusion detection system raises an alert it must make some attempt to communicate the... [05 Jul 2008]
Dynamic Best Practices of Vulnerability Management
White Paper Once vulnerability is discovered, it is only a matter of time before an attacker develops the worm, virus or intrusion that can take advantage of the defect. The goal of the security team is to reduce risks by identifying and eliminating weaknesses... [03 Jul 2008]
A Target-Centric Ontology for Intrusion Detection
White Paper The ontology is based upon an analysis of over 4,000 classes of computer intrusions and their corresponding attack strategies and is categorized according to: system component targeted, means of attack, consequence of attack and location of attacker. [02 Jul 2008]
Undermining an Anomaly-Based Intrusion Detection System Using Common Exploits
White Paper To date, however, there appears to be no study which has identified a systematic method that could be used by an attacker to undermine an anomaly-based intrusion detection system. It presents a method that identifies the weaknesses of an anomaly... [01 Jul 2008]
Analysis of Distributed Intrusion Detection Systems Using Bayesian Methods
White Paper However, it is not the attack but rather the attacker against which the networks must be defended. In computer and network security, standard approaches to intrusion detection and response attempt to detect and prevent individual attacks. [01 Jul 2008]
Using Independent Auditors as Intrusion Detection Systems
White Paper Integrity tools to date rely on the operating system to function correctly, so once the operating system is compromised even a novice attacker can easily defeat these tools. A basic method in computer security is to perform integrity checks on the... [30 Jun 2008]
