Kevin Bock, George Hughey, Xiao Qiang, and Dave Levin. 2019. Geneva: Evolving Censorship Evasion Strategies. In Proceedings of the 2019 ACM SIGSAC Conference on Computer and Communications Security (London, United Kingdom) (CCS '19). Association for Computing Machinery, New York, NY, USA, 2199--2214. https://doi.org/10.1145/3319535.3363189

Digital Library

Google Scholar

[2]

Vitaly Chipounov, Volodymyr Kuznetsov, and George Candea. 2011. S2E: A Platform for In-vivo Multi-path Analysis of Software Systems. In Proceedings of the Sixteenth International Conference on Architectural Support for Programming Languages and Operating Systems (Newport Beach, California, USA) (ASPLOS XVI). ACM, New York, NY, USA, 265--278. https://doi.org/10.1145/1950365. 1950396

Digital Library

Google Scholar

[3]

Volodymyr Kuznetsov, Johannes Kinder, Stefan Bucur, and George Candea. 2012. Efficient State Merging in Symbolic Execution. In Proceedings of the 33rd ACM SIGPLAN Conference on Programming Language Design and Implementation (Beijing, China) (PLDI '12). Association for Computing Machinery, New York, NY, USA, 193--204. https://doi.org/10.1145/2254064.2254088

Digital Library

Google Scholar

[4]

MAWI [n.d.]. MAWI Working Group Traffic Archive. https://mawi.wide.ad.jp/ mawi/

Google Scholar

[5]

Thomas H Ptacek and Timothy N Newsham. 1998. Insertion, evasion, and de- nial of service: Eluding network intrusion detection. Technical Report. SECURE NETWORKS INC CALGARY ALBERTA.

Google Scholar

[6]

Anantha Ramaiah, R Stewart, and Mitesh Dalal. 2010. Improving TCP's Robustness to Blind In-Window Attacks. RFC 5961. RFC Editor. 1--19 pages. https://www.rfc-editor.org/rfc/rfc5961.txt

Google Scholar

[7]

Zhongjie Wang, Yue Cao, Zhiyun Qian, Chengyu Song, and Srikanth V. Krishnamurthy. 2017. Your State is Not Mine: A Closer Look at Evading Stateful Internet Censorship. In Proceedings of the 2017 Internet Measurement Conference (London, United Kingdom) (IMC '17). ACM, New York, NY, USA, 114--127. https://doi.org/10.1145/3131365.3131374

Digital Library

Google Scholar

[8]

Zhongjie Wang, Shitong Zhu, Yue Cao, Zhiyun Qian, Chengyu Song, Srikanth V Krishnamurthy, Kevin S Chan, and Tracy D Braun. 2020. SymTCP: eluding stateful deep packet inspection with automated discrepancy discovery. In Network and Distributed System Security Symposium (NDSS).

Crossref

Google Scholar

[9]

Z3Prover/z3 [n.d.]. The Z3 Theorem Prover. https://github.com/Z3Prover/z3

Google Scholar

[10]

Zeek [n.d.]. The Zeek Network Security Monitor. https://zeek.org/

Google Scholar

[11]

Shitong Zhu, Shasha Li, Zhongjie Wang, Xun Chen, Zhiyun Qian, Srikanth V. Krishnamurthy, Kevin S. Chan, and Ananthram Swami. 2020. You Do (Not) Belong Here: Detecting DPI Evasion Attacks with Context Learning. In Proceedings of the 16th International Conference on Emerging Networking EXperiments and Technologies (Barcelona, Spain) (CoNEXT '20). Association for Computing Machinery, New York, NY, USA, 183--197. https://doi.org/10.1145/3386367.3431311

Digital Library

Google Scholar

Cited By

View all

Zhang ZYuan BYang KZou DJin H(2022)StateDiver: Testing Deep Packet Inspection Systems with State-Discrepancy GuidanceProceedings of the 38th Annual Computer Security Applications Conference10.1145/3564625.3564650(756-768)Online publication date: 5-Dec-2022
https://dl.acm.org/doi/10.1145/3564625.3564650

Index Terms

Themis: Ambiguity-Aware Network Intrusion Detection based on Symbolic Model Comparison
1. Security and privacy
  1. Intrusion/anomaly detection and malware mitigation
    1. Intrusion detection systems
2. Software and its engineering
  1. Software organization and properties
    1. Software functional properties
      1. Formal methods
        Dynamic analysis

Recommendations

Themis: Ambiguity-Aware Network Intrusion Detection based on Symbolic Model Comparison
CCS '21: Proceedings of the 2021 ACM SIGSAC Conference on Computer and Communications Security

Network intrusion detection systems (NIDS) can be evaded by carefully crafted packets that exploit implementation-level discrepancies between how they are processed on the NIDS and at the endhosts. These discrepancies arise due to the plethora of ...
Hardware implementation for network intrusion detection rules with regular expression support
SAC '08: Proceedings of the 2008 ACM symposium on Applied computing

Signature-based network intrusion detection systems (NIDSs), such as Snort and Bro, rely on a rule database that describes traffic patterns for known attacks. They examine each packets flowing through a network segment and report suspicious packets to ...
Modified Apriori Approach for Evade Network Intrusion Detection System
ICIT '14: Proceedings of the 2014 International Conference on Information Technology

Intrusion Detection System (IDS) is a software or hardware tool that repeatedly scans and monitors events that took place in a computer or a network. A set of rules are used by Signature based Network Intrusion Detection Systems (NIDS) to detect hostile ...

Comments

Information & Contributors

Information

Published In

MTD '21: Proceedings of the 8th ACM Workshop on Moving Target Defense

November 2021

48 pages

ISBN:9781450386586

DOI:10.1145/3474370

Program Chairs:
Trent Jaeger
Penn State University, USA
,
Zhiyun Qian
University of California, Riverside, USA

Permission to make digital or hard copies of part or all of this work for personal or classroom use is granted without fee provided that copies are not made or distributed for profit or commercial advantage and that copies bear this notice and the full citation on the first page. Copyrights for third-party components of this work must be honored. For all other uses, contact the Owner/Author.

Publisher

Association for Computing Machinery

New York, NY, United States

Publication History

Published: 15 November 2021

Check for updates

Author Tags

Qualifiers

Invited-talk

Funding Sources

Conference

CCS '21

Sponsor:

SIGSAC

CCS '21: 2021 ACM SIGSAC Conference on Computer and Communications Security

November 15, 2021

Virtual Event, Republic of Korea

Acceptance Rates

Overall Acceptance Rate 40 of 92 submissions, 43%

Upcoming Conference

ICSE 2025

2025 IEEE/ACM 46th International Conference on Software Engineering

April 26 - May 3, 2025

Ottawa , ON , Canada

Contributors

Other Metrics

View Article Metrics

Bibliometrics & Citations

Bibliometrics

Article Metrics

1
Total Citations
View Citations
397
Total Downloads

Downloads (Last 12 months)105
Downloads (Last 6 weeks)13

Reflects downloads up to 05 Mar 2025

Other Metrics

View Author Metrics

Citations

Cited By

View all

Zhang ZYuan BYang KZou DJin H(2022)StateDiver: Testing Deep Packet Inspection Systems with State-Discrepancy GuidanceProceedings of the 38th Annual Computer Security Applications Conference10.1145/3564625.3564650(756-768)Online publication date: 5-Dec-2022
https://dl.acm.org/doi/10.1145/3564625.3564650

View Options

View options

PDF

View or Download as a PDF file.

PDF

eReader

View online with eReader.

eReader

Login options

Check if you have access through your login credentials or your institution to get full access on this article.

Cited By

Index Terms

Recommendations

Themis: Ambiguity-Aware Network Intrusion Detection based on Symbolic Model Comparison

Hardware implementation for network intrusion detection rules with regular expression support

Modified Apriori Approach for Evade Network Intrusion Detection System

Comments

Published In

Sponsors

Publisher

Publication History

Check for updates

Author Tags

Qualifiers

Funding Sources

Conference

Acceptance Rates

Upcoming Conference

Other Metrics

Article Metrics

Other Metrics

Cited By

PDF

eReader

Login options

Full Access

Abstract

Supplementary Material

References

Cited By

Index Terms

Recommendations

Themis: Ambiguity-Aware Network Intrusion Detection based on Symbolic Model Comparison

Hardware implementation for network intrusion detection rules with regular expression support

Modified Apriori Approach for Evade Network Intrusion Detection System

Comments

Information

Published In

Sponsors

Publisher

Publication History

Check for updates

Author Tags

Qualifiers

Funding Sources

Conference

Acceptance Rates

Upcoming Conference

Contributors

Other Metrics

Bibliometrics

Article Metrics

Other Metrics

Citations

Cited By

View options

PDF

eReader

Login options

Full Access

Share

Share this Publication link

Share on social media

Affiliations