Mitigating Multiple Advanced Evasion Technique Attacks

Mitigating Multiple Advanced Evasion Technique Attacks

Aspects of the invention relate to a method of identifying a potential attack in network traffic that includes payload data transmitted to a host entity in the network. The method includes: monitoring and checking said traffic on route to said host entity for intrusion attacks at a network entity ac...

Ausführliche Beschreibung

Gespeichert in:
Bibliographische Detailangaben
1. Verfasser: HENTUNEN Daavid
Format: Patent
Sprache:eng
Schlagworte:
ELECTRIC COMMUNICATION TECHNIQUE
ELECTRICITY
TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHICCOMMUNICATION
Online-Zugang:Volltext bestellen
Tags: Tag hinzufügen
Keine Tags, Fügen Sie den ersten Tag hinzu!
Beschreibung
Zusammenfassung:Aspects of the invention relate to a method of identifying a potential attack in network traffic that includes payload data transmitted to a host entity in the network. The method includes: monitoring and checking said traffic on route to said host entity for intrusion attacks at a network entity acting as a proxy server; performing a first data-check on one or more data bytes of the payload data at the network entity acting as a proxy server; performing a second data-check, equivalent to the first data-check, on data of the network equivalent to the one or more bytes of payload data at a network entity acting as an Intrusion Detection System/Intrusion Protection System (IDS/IPS); and comparing the results of the first and second data-checks to determine if there is a mismatch, any mismatch being an indication that said step of monitoring and checking said traffic is unreliable.