On Emulation-Based Network Intrusion Detection Systems

Emulation-based network intrusion detection systems have been devised to detect the presence of shellcode in network traffic by trying to execute (portions of) the network packet payloads in an instrumented environment and checking the execution traces for signs of shellcode activity. Emulation-based network intrusion detection systems are regarded as a significant step forward with regards to traditional signature-based systems, as they allow detecting polymorphic (i.e., encrypted) shellcode.

Provided by: SecurityTube.net Topic: Security Date Added: Dec 2014 Format: Webcast

Find By Topic