State of the art
We are witnessing a constant increase in the use of mobile Internet-ready devices, allowing for mobile users to seamlessly roam among different networks. Node mobility and roaming is supported by most of the commonly deployed wireless access point. Moreover, specific protocols (like MipV4) are able to extend the pervasive IPv4 network by providing support for node mobility.
While representing a useful feature, node mobility can also be abused by attackers to generate stealth network attacks, undetectable by commonly deployed network intrusion detection systems.
Michele Colajanni, Luca Dal Zotto, Mirco Marchetti, Michele Messori, "The problem of NIDS evasion in mobile networks". In Proceedings of the 4th IFIP International Conference on New Twchnologies, Mobility and Security (NTMS 2011), Paris, France, February 2011.
The paper and the traffic traces are attached to this page and freely available.
|Network traffic captured by the Mobile Node||8.15 KB|
|Network traffic captured by the Correspondent Node||4.22 KB|
|Network traffic captured by the Home NIDS||4.08 KB|
|Network traffic captured by the Foreign NIDS||3.73 KB|
|The problem of NIDS evasion in mobile networks||479.63 KB|