“New Methods and Combinatorics for Bypassing Intrusion Prevention Technologies”
Stonesoft Press Release, Helsinki, Finland — November 30, 2010 — Stonesoft, an innovative provider of integrated network security and business continuity solutions, today announced the availability of a new technical paper on advanced evasion techniques, “New Methods and Combinatorics for Bypassing Intrusion Prevention Technologies.” The technical paper is available at http://www.antievasion.com/wp-content/uploads/2010/11/AET_Technical.pdf.
This paper is the first public release of technical details surrounding the company’s discovery of AETs, which was announced in October. The paper details the current state of evasions and intrusion detection and protection within network security. It also discusses the previous research on evasions leading up to the discovery of AETs, and how AETs are poised to be a dangerous threat to cyber security moving forward.
Since their discovery, AETs have received much attention and debate in the network security industry. While some network security experts believe them to be a mere extension of traditional evasion techniques, others – including ICSA Labs – have validated their credibility as a new category of cyber threats. Stonesoft’s technical paper aims to fully explain the mechanics and impact of AETs on network security as a whole.
Essentially, AETs allow cyber criminals and hackers to deliver any network security threat such as worms or viruses to vulnerable target systems without being detected by network security devices. Stonesoft has found that it is possible to evade many, if not all, commercially available commercial intrusion prevention systems (IPS) or other security devices (e.g. network firewalls). The national computer security incident response team CERT-FI has issued a vulnerability statement about advanced evasion techniques and continues to organize a global vulnerability coordination effort around the issue.
“At the time of this announcement, we are continuing to work with CERT-FI to disclose newly discovered AETs so the network security industry may collectively find a way to combat these threats. We will continue to release new research results and technical details within the boundaries of responsible disclosure,” said Juha Kivikoski, chief operating officer at Stonesoft.
For more information on advanced evasion techniques and to download the technical paper, please visit www.antievasion.com.