| Internet + era is the era of Internet,digital information and Internet of things.Its development trend is that everything is connected to the Internet,and it is especially important to protect the network security.With the advancement of various network security technologies,the methods and technologies of cyber attacks have also been introduced.Intrusion attacks on the network will not only lead to the loss of data,will lead to major accidents,to the country a significant loss of life and property.According to the latest U.S.official survey,the frequency of cyber attacks is increasing and the economic losses caused by them are also getting bigger and bigger.Therefore,checking system security has become an integral part of protecting information security.But the latest advanced evasion technology avoids the detection of Network Intrusion Detection/Prevention Systems(NIDS/IPS)and intrudes on target systems and networks.Evasion technology is a technology that tries to avoid being detected and blocked by the cyber security system by trying to hide or disguise it.Evasion technology can be applied to normal traffic and attacks.Attacks include a delivery mechanism and a malicious load(for example,code executed by the compromised computer).If the delivery mechanism successfully accesses the compromised computer,the attack is considered successful regardless of whether the network intrusion detection/prevention system(NIDS/IPS)detects or responds to the attack.Evasion techniques fall into the following categories:They are defined in the specification and used according to the specification(eg IP fragmentation);they are regulated but can be accepted by the compromised computer system(eg TCP overlap).This article first elaborates the background and significance of the topic,the current research status of evasion technology at home and abroad,the development of advanced evasion technology and the harm it brings.Then,this paper analyzes and studies the main means of evasion technology,and then studies the defense and escaping technology.From the perspective of rule matching and machine learning,this paper transforms the detection of evasion behavior into the classification problem of network data flow.With the aid of deep learning technology which has obtained the great success in recent years,to achieve accurate identification of evasion behavior.The results of this paper will greatly improve the recognition accuracy of evasion behavior and complement each other with Intrusion Detection/Prevention System(NIDS/IPS)to enhance the security of the Internet,industrial control networks and even smart grids. |
PDF Full Text Request