Researchers at the University of California, Riverside and the U.S. Army Combat Capabilities Development Command's Army Research Laboratory (ARL) have developed an approach to protect Army systems from attack in ways that don't require massive amounts of manual intervention.
The approach, called SymTCP, can be used to identify previously unknown ways to bypass deep packet inspection (DPI) checks in networked devices.
Internet service providers often use DPI checks to prevent malicious attacks from being launched or to censor certain content.
The research provides an automated method to identify potential vulnerabilities in the Transmission Control Protocol (TCP) state machines of DPI implementation.
Said ARL's Kevin Chan, "This method is evaluated against several state-of-the-art DPI systems such as Zeek and Snort and identifies previously known evasion strategies in addition to new ones that were not previously documented."
From U.S. Army Research Laboratory
View Full Article
Abstracts Copyright © 2020 SmithBucklin, Washington, DC, USA
No entries found