Evolving TCP/IP packets: A case study of port scans
Created by W.Langdon from
gp-bibliography.bib Revision:1.2031
@InProceedings{LaRoche:2009:CISDA,
author = "Patrick LaRoche and Nur Zincir-Heywood and
Malcolm I. Heywood",
title = "Evolving {TCP}/{IP} packets: {A} case study of port
scans",
booktitle = "IEEE Symposium on Computational Intelligence for
Security and Defense Applications, CISDA 2009",
year = "2009",
month = jul,
pages = "1--8",
keywords = "genetic algorithms, genetic programming, IDS, TCP/IP
packets, fuzzing system, port scans, vulnerability
analysis, cryptographic protocols, fuzzy systems,
security of data, transport protocols",
doi = "
doi:10.1109/CISDA.2009.5356541",
abstract = "In this work, we investigate the ability of genetic
programming techniques to evolve valid network packets,
including all relevant header values, towards a
specific goal. We see this as a first step in building
a fuzzing system that can learn to adapt for
vulnerability analysis. By developing a system that
learns the packets that are required to be transmitted
towards targets, using feedback from an external
network source, we make a step towards having a system
that can intelligently explore the capabilities of a
given security system. In order to validate our
system's capabilities we evolve a variety of port scan
patterns while running the packets through an IDS, with
the goal to minimizes the alarms raised during the
scanning process. Results show that the system not only
successfully evolves valid TCP packets, but also
remains stealthy in its activity.",
notes = "Also known as \cite{5356541}",
}
Genetic Programming entries for
Patrick LaRoche
Nur Zincir-Heywood
Malcolm Heywood