Skip to main content
SpringerLink
Log in
Book cover

International Conference on Security and Privacy in Communication Systems

SecureComm 2016: Security and Privacy in Communication Networks pp 770–773Cite as

Exploitation of NetEm Utility for Non-payload-based Obfuscation Techniques Improving Network Anomaly Detection

  • Conference paper
  • First Online:

Abstract

The impact of a successfully performed intrusion can be very crucial. There exists a lot of space which needs research in order to improve detection capabilities of various types of intrusions. Therefore, many researchers and developers are encouraged to design new methods and approaches for detection of known and unknown (zero-day) network attacks. These facts are the most important reasons why Anomaly Detection Systems (ADS) intended for intrusion detection arose. Network ADS (further ADS) approaches attack detection by utilizing packets’ headers and communication behavior, not the content of the packets. Thus, basic principles of ADS open possibilities of an attacker to evade ADS detection by obfuscation techniques.

This is a preview of subscription content, log in via an institution.

Chapter
USD   29.95
Price excludes VAT (USA)
  • Available as PDF
  • Read on any device
  • Instant download
  • Own it forever
eBook
USD   39.99
Price excludes VAT (USA)
  • Available as EPUB and PDF
  • Read on any device
  • Instant download
  • Own it forever
Softcover Book
USD   54.99
Price excludes VAT (USA)
  • Compact, lightweight edition
  • Dispatched in 3 to 5 business days
  • Free shipping worldwide - see info

Tax calculation will be finalised at checkout

Purchases are for personal use only

Learn about institutional subscriptions

References

  1. RapidMiner: RapidMiner Studio. https://rapidminer.com/products/studio/

  2. Boltz, M., Jalava, M., Walsh, J.: New Methods and Combinatorics for Bypassing Intrusion Prevention Technologies. Technical report Stonesoft (2010)

    Google Scholar 

  3. Handley, M., Paxson, V., Kreibich, C.: Network Intrusion Detection: Evasion, Traffic Normalization, and End-to-End Protocol Semantics. In: 10th USENIX Security Symposium, pp. 115–131 (2001)

    Google Scholar 

  4. Hemminger, S., et al.: Network Emulation with NetEm. In: Australia’s 6th National Linux Conference, pp. 18–23. Citeseer (2005)

    Google Scholar 

  5. Homoliak, I., Barabas, M., Chmelar, P., Drozd, M., Hanacek, P.: ASNM: Advanced Security Network Metrics for Attack Vector Description. In: Proceedings of the International Conference on Security and Management (SAM), pp. 350–358 (2013)

    Google Scholar 

  6. Ptacek, T.H., Newsham, T.N.: Insertion, Evasion, and Denial of Service: Eluding Network Intrusion Detection. Technical report, DTIC Document (1998)

    Google Scholar 

  7. Puppy, R.F.: A look at Whisker’s Anti-IDS Tactics (1999). http://www.ussrback.com/docs/papers/IDS/whiskerids.html

Download references

Acknowledgements

This article was created within the project Reliability and Security in IT (FIT-S-14-2486) and supported by The Ministry of Education, Youth and Sports from the National Programme of Sustainability (NPU II); project IT4Innovations excellence in science – LQ1602.

Author information

Authors and Affiliations

  1. Faculty of Information Technology, Brno University of Technology, Bozetechova 1/2, 612 66, Brno, Czech Republic

    Ivan Homoliak, Martin Teknos, Maros Barabas & Petr Hanacek

Authors
  1. Ivan Homoliak
    View author publications

    You can also search for this author in PubMed Google Scholar

  2. Martin Teknos
    View author publications

    You can also search for this author in PubMed Google Scholar

  3. Maros Barabas
    View author publications

    You can also search for this author in PubMed Google Scholar

  4. Petr Hanacek
    View author publications

    You can also search for this author in PubMed Google Scholar

Corresponding author

Correspondence to Ivan Homoliak .

Editor information

Editors and Affiliations

  1. Singapore Management University, Singapore, Singapore

    Robert Deng

  2. Jinan University, Guangzhou, Guangdong, China

    Jian Weng

  3. University at Buffalo, Buffalo, New York, USA

    Kui Ren

  4. SRI International, Menlo Park, California, USA

    Vinod Yegneswaran

Rights and permissions

Reprints and permissions

Copyright information

© 2017 ICST Institute for Computer Sciences, Social Informatics and Telecommunications Engineering

About this paper

Cite this paper

Homoliak, I., Teknos, M., Barabas, M., Hanacek, P. (2017). Exploitation of NetEm Utility for Non-payload-based Obfuscation Techniques Improving Network Anomaly Detection. In: Deng, R., Weng, J., Ren, K., Yegneswaran, V. (eds) Security and Privacy in Communication Networks. SecureComm 2016. Lecture Notes of the Institute for Computer Sciences, Social Informatics and Telecommunications Engineering, vol 198. Springer, Cham. https://doi.org/10.1007/978-3-319-59608-2_48

Download citation

  • DOI: https://doi.org/10.1007/978-3-319-59608-2_48

  • Published:

  • Publisher Name: Springer, Cham

  • Print ISBN: 978-3-319-59607-5

  • Online ISBN: 978-3-319-59608-2

  • eBook Packages: Computer ScienceComputer Science (R0)

Publish with us

Policies and ethics

Search

Navigation