Sign In

Communications of the ACM

ACM TechNews

Researchers Identify Cybersecurity Approach to Protect Army Systems


View as: Print Mobile App Share: Send by email Share on reddit Share on StumbleUpon Share on Hacker News Share on Tweeter Share on Facebook
The U.S. Army logo and a locked data stream.

U.S. Army researchers have identified an approach to network security that will enhance the effectiveness and timeliness of protection against adversarial intrusion and evasion strategies.

Credit: U.S. Army/Shutterstock

Researchers at the University of California, Riverside and the U.S. Army Combat Capabilities Development Command's Army Research Laboratory (ARL) have developed an approach to protect Army systems from attack in ways that don't require massive amounts of manual intervention.

The approach, called SymTCP, can be used to identify previously unknown ways to bypass deep packet inspection (DPI) checks in networked devices.

Internet service providers often use DPI checks to prevent malicious attacks from being launched or to censor certain content.

The research provides an automated method to identify potential vulnerabilities in the Transmission Control Protocol (TCP) state machines of DPI implementation.

Said ARL's Kevin Chan, "This method is evaluated against several state-of-the-art DPI systems such as Zeek and Snort and identifies previously known evasion strategies in addition to new ones that were not previously documented."

From U.S. Army Research Laboratory
View Full Article

 

Abstracts Copyright © 2020 SmithBucklin, Washington, DC, USA


 

No entries found