Abstract
Cyber-attacks are steadily increasing in both their size and sophistication. To cope with this, Intrusion Detection Systems (IDSs) are considered mandatory for the protection of critical infrastructure. Furthermore, research is currently focusing on collaborative architectures for IDSs, creating a Collaborative IDS (CIDS). In such a system a number of IDS monitors work together towards creating a holistic picture of the monitored network. Nevertheless, a class of attacks exists, called probe-response, which can assist adversaries to detect the network position of CIDS monitors. This can significantly affect the advantages of a CIDS. In this paper, we introduce PREPARE, a framework for deploying probe-response attacks and also for studying methods for their mitigation. Moreover, we present significant improvements on both the effectiveness of probe-response attacks as well as on mitigation techniques for detecting them. We evaluate our approach via an extensive simulation and a real-world attack deployment that targets two CIDSs. Our results show that our framework can be practically utilized, that our proposals significantly improve probe-response attacks and, lastly, that the introduced detection and mitigation techniques are effective.
Original language | English |
---|---|
Title of host publication | 2016 IEEE Conference on Communications and Network Security, CNS 2016 |
Number of pages | 8 |
Publisher | IEEE |
Publication date | 21 Feb 2017 |
Pages | 279-286 |
Article number | 7860495 |
ISBN (Electronic) | 9781509030651 |
DOIs | |
Publication status | Published - 21 Feb 2017 |
Externally published | Yes |
Event | 2016 IEEE Conference on Communications and Network Security, CNS 2016 - Philadelphia, United States Duration: 17 Oct 2016 → 19 Oct 2016 |
Conference
Conference | 2016 IEEE Conference on Communications and Network Security, CNS 2016 |
---|---|
Country/Territory | United States |
City | Philadelphia |
Period | 17/10/2016 → 19/10/2016 |
Series | 2016 IEEE Conference on Communications and Network Security, CNS 2016 |
---|
Bibliographical note
Publisher Copyright:© 2016 IEEE.