98,958 views
44 votes
44 votes
Explain three ways for the attacker to avoid raising alarms from intrusion detection systems.

User Mohammad Shahnawaz
by
2.6k points

2 Answers

13 votes
13 votes

The three ways for the attacker to avoid raising alarms from intrusion detection systems are

Step-by-step explanation:

Session splicing and fragmentation - involve breaking, slicing, and splitting packets into multiple pieces such that no single packet causes the IDS to trigger an alert.

Invalid packets - Sending invalid TCP packets is another way of evading an IDS.

Polymorphic shellcodes -Most IDS systems have a standard default set of intrusion signatures. Attackers can modify the attack payload so that it doesn’t match the default IDS signature and gets through it.

Hope it helps, any confusion you may ask!

User Jamesbtate
by
3.0k points
14 votes
14 votes

IDS or Intrusion detection system is very powerful but clever attack can make it reckless

#1

  • Use Insertion attack

It generally denotes to sending dummy intruders in multiple amount the IDS gets confused and attacker can go

#2

Using codewords or doing encoding and decoding(Obfuscating)

  • Its very useful technique

#3

Using shell codes

  • IDS will be failed if you successfully implement it
User Brandon Wilson
by
3.0k points