Tips for Securely Implementing Evasion Prevention

1 | 2 | 3 | 4 | 5 | 6 | 7 | 8 | 9 | 10 | 11
Next Tips for Securely Implementing Evasion Prevention-7 Next

Defeating AETs involves utilizing a data stream-based approach with layered protocol analysis. All data traffic must be recorded and analyzed with the utmost precision. Doing this requires multiple parallel and sequential state machines through which the data stream is fed and all data traffic is analyzed by default.

The lower protocol layers must be examined, with the security device only passing slightly modified or non-modified TCP segments and IP fragments. Those that contain overlapping data or conflicting data are not passed through, resulting in an effective normalization. This process ensures network traffic passing through the IPS is interpreted and the data stream reconstructed for inspection and analysis in the upper layers. Secondly, it is essential the TCP layer is inspected as a reassembled data stream, rather than in segments. Assembling the data transmitted in a TCP connection into a data stream provides detection of attacks in the stream that individual segment inspection may miss if the attack stretches across TCP segment boundaries. Finally, the higher protocol layer inspection must have the capability to inspect certain protocol elements in greater detail. This can be done by inspecting those elements as separate data streams and then normalizing them as per the protocol.

One of the most worrisome and potentially crippling threats to next-generation infrastructures is Advanced Evasion Techniques (AETs), which are being used more and more by cyber criminals because AETs leave no trace to current management and monitoring systems, logs or reports – leaving the devices blind and creating an illusion of continued security. Since their discovery, many companies have not taken the proper security measures to effectively thwart AETs. Still, the threat posed by AETs is real and there are steps that must be taken to protect your environment. This slideshow features nine tips, provided by Stonesoft, to help you secure against AETs.


Related Topics : Unisys, Stimulus Package, Security Breaches, Symantec, Electronic Surveillance

More Slideshows

PAM PAM Solutions: Critical to Securing Privileged Access

To protect the company from those insiders who abuse their privileged access and from hackers with stolen credentials, many companies are turning to a privileged access management (PAM) solution. ...  More >>

Fake news How Can We Fix the Fake News Problem?

Is fake news a security issue? Some say yes, as it can be used as a social engineering tool to spread disinformation and conceivably to get unsuspecting users to click on malicious links. ...  More >>

blockchain The World According to Blockchain

Blockchain comes with many costs and is surrounded by confusion. Here, we examine realistic use cases, drawbacks and the potential of blockchain. ...  More >>

Subscribe Daily Edge Newsletters

Sign up now and get the best business technology insights direct to your inbox.