Themis Deep Packet Inspection (DPI) Evasion Detection

Abstract

Open-source network intrusion detection systems (NIDS) such as Snort, Suricata, and Zeek rely primarily on signature- and anomaly-based detection techniques. These systems also deploy deep packet inspection (DPI) to analyze the data as it would be used by its final application layer. Malicious actors often use evasion techniques to avoid these NIDS. This study analyzed several DPI methods versus Themis DPI and Zeek detection capabilities.

Open PDF

Document Details

Document Type
Technical Report
Publication Date
Feb 27, 2024
Accession Number
AD1222787

Entities

People

  • Jaime Acosta
  • Kelly Toppin
  • Michael De Lucia

Organizations

  • United States Army Research Laboratory

Tags

Fields of Study

  • Computer science

Readers

  • Cybersecurity.
  • Marine Ecological Systems Migration
  • Sensor Fusion and Tracking Systems.