Measured Features for Detecting Attacks

Discussion in 'Computer Security' started by simon, Jun 19, 2008.

  1. simon

    simon Guest

    Hi, I find that many network attacks can be detected by measuring one
    single feature. For example, the SYN Flood can be detected by counting
    the number of SYN packets sent to a destination address. The measured
    feature is the number of SYN packets.

    Is there an attack that should be detected by at least two features?
    Can anyone give me an example and the relevant features?

    Thanks a lot!

    Simon
     
    simon, Jun 19, 2008
    #1
    1. Advertising

  2. simon <> wrote:

    > Hi, I find that many network attacks can be detected by measuring one
    > single feature. For example, the SYN Flood can be detected by counting
    > the number of SYN packets sent to a destination address. The measured
    > feature is the number of SYN packets.
    >
    > Is there an attack that should be detected by at least two features?
    > Can anyone give me an example and the relevant features?


    You should be more accurate as to what a "feature" is, but I can give
    you two examples of attacks, which require measuring as many features as
    possible.

    1. Man in the middle (MITM) attack: A perfect MITM attack against a
    non-authenticated cryptosystem is impossible to detect. All features
    you measure only give evidences.

    2. Side channel attack: In an ideal case for the attacker, a side
    channel attack is impossible to detect. All features you measure only
    give evidences.


    Greets,
    Ertugrul.


    --
    http://ertes.de/
     
    Ertugrul Söylemez, Jun 20, 2008
    #2
    1. Advertising

Want to reply to this thread or ask your own question?

It takes just 2 minutes to sign up (and it's free!). Just click the sign up button to choose a username and then you can ask your own questions on the forum.
Similar Threads
  1. Lance
    Replies:
    0
    Views:
    739
    Lance
    Oct 31, 2004
  2. Christiaan

    SKILLS BEING MEASURED exam 70-306

    Christiaan, Feb 7, 2004, in forum: MCSD
    Replies:
    5
    Views:
    581
    UAError
    Feb 10, 2004
  3. Stan
    Replies:
    4
    Views:
    2,188
    Chris Mullins
    Feb 28, 2006
  4. Au79
    Replies:
    5
    Views:
    791
    Fuzzy Logic
    Mar 15, 2007
  5. Giuen
    Replies:
    0
    Views:
    968
    Giuen
    Sep 12, 2008
Loading...

Share This Page