{"id":"https://openalex.org/W2993449283","doi":"https://doi.org/10.1109/cns48642.2020.9162332","title":"Attacks on Dynamic Protocol Detection of Open Source Network Security Monitoring Tools","display_name":"Attacks on Dynamic Protocol Detection of Open Source Network Security Monitoring Tools","publication_year":2020,"publication_date":"2020-06-01","ids":{"openalex":"https://openalex.org/W2993449283","doi":"https://doi.org/10.1109/cns48642.2020.9162332","mag":"2993449283"},"language":"en","primary_location":{"id":"doi:10.1109/cns48642.2020.9162332","is_oa":false,"landing_page_url":"https://doi.org/10.1109/cns48642.2020.9162332","pdf_url":null,"source":null,"license":null,"license_id":null,"version":"publishedVersion","is_accepted":true,"is_published":true,"raw_source_name":"2020 IEEE Conference on Communications and Network Security (CNS)","raw_type":"proceedings-article"},"type":"preprint","indexed_in":["arxiv","crossref","datacite"],"open_access":{"is_oa":true,"oa_status":"green","oa_url":"https://publikationen.bibliothek.kit.edu/1000100823","any_repository_has_fulltext":true},"authorships":[{"author_position":"first","author":{"id":"https://openalex.org/A5043135980","display_name":"Jan Grash\u00f6fer","orcid":null},"institutions":[{"id":"https://openalex.org/I102335020","display_name":"Karlsruhe Institute of Technology","ror":"https://ror.org/04t3en479","country_code":"DE","type":"education","lineage":["https://openalex.org/I102335020","https://openalex.org/I1305996414"]}],"countries":["DE"],"is_corresponding":true,"raw_author_name":"Jan Grashofer","raw_affiliation_strings":["Karlsruhe Institute of Technology, Karlsruhe, Germany","Karlsruhe Institute of Technology"],"affiliations":[{"raw_affiliation_string":"Karlsruhe Institute of Technology, Karlsruhe, Germany","institution_ids":["https://openalex.org/I102335020"]},{"raw_affiliation_string":"Karlsruhe Institute of Technology","institution_ids":["https://openalex.org/I102335020"]}]},{"author_position":"middle","author":{"id":"https://openalex.org/A5068779960","display_name":"Christian Titze","orcid":null},"institutions":[{"id":"https://openalex.org/I102335020","display_name":"Karlsruhe Institute of Technology","ror":"https://ror.org/04t3en479","country_code":"DE","type":"education","lineage":["https://openalex.org/I102335020","https://openalex.org/I1305996414"]}],"countries":["DE"],"is_corresponding":false,"raw_author_name":"Christian Titze","raw_affiliation_strings":["Karlsruhe Institute of Technology, Karlsruhe, Germany","Karlsruhe Institute of Technology"],"affiliations":[{"raw_affiliation_string":"Karlsruhe Institute of Technology, Karlsruhe, Germany","institution_ids":["https://openalex.org/I102335020"]},{"raw_affiliation_string":"Karlsruhe Institute of Technology","institution_ids":["https://openalex.org/I102335020"]}]},{"author_position":"last","author":{"id":"https://openalex.org/A5085339318","display_name":"Hannes Hartenstein","orcid":"https://orcid.org/0000-0003-3441-3180"},"institutions":[{"id":"https://openalex.org/I102335020","display_name":"Karlsruhe Institute of Technology","ror":"https://ror.org/04t3en479","country_code":"DE","type":"education","lineage":["https://openalex.org/I102335020","https://openalex.org/I1305996414"]}],"countries":["DE"],"is_corresponding":false,"raw_author_name":"Hannes Hartenstein","raw_affiliation_strings":["Karlsruhe Institute of Technology, Karlsruhe, Germany","Karlsruhe Institute of Technology"],"affiliations":[{"raw_affiliation_string":"Karlsruhe Institute of Technology, Karlsruhe, Germany","institution_ids":["https://openalex.org/I102335020"]},{"raw_affiliation_string":"Karlsruhe Institute of Technology","institution_ids":["https://openalex.org/I102335020"]}]}],"institutions":[],"countries_distinct_count":1,"institutions_distinct_count":3,"corresponding_author_ids":["https://openalex.org/A5043135980"],"corresponding_institution_ids":["https://openalex.org/I102335020"],"apc_list":null,"apc_paid":null,"fwci":0.0,"has_fulltext":false,"cited_by_count":0,"citation_normalized_percentile":{"value":0.01839535,"is_in_top_1_percent":false,"is_in_top_10_percent":false},"cited_by_percentile_year":null,"biblio":{"volume":null,"issue":null,"first_page":"1","last_page":"9"},"is_retracted":false,"is_paratext":false,"is_xpac":false,"primary_topic":{"id":"https://openalex.org/T10400","display_name":"Network Security and Intrusion Detection","score":1.0,"subfield":{"id":"https://openalex.org/subfields/1705","display_name":"Computer Networks and Communications"},"field":{"id":"https://openalex.org/fields/17","display_name":"Computer Science"},"domain":{"id":"https://openalex.org/domains/3","display_name":"Physical Sciences"}},"topics":[{"id":"https://openalex.org/T10400","display_name":"Network Security and Intrusion Detection","score":1.0,"subfield":{"id":"https://openalex.org/subfields/1705","display_name":"Computer Networks and Communications"},"field":{"id":"https://openalex.org/fields/17","display_name":"Computer Science"},"domain":{"id":"https://openalex.org/domains/3","display_name":"Physical Sciences"}},{"id":"https://openalex.org/T11598","display_name":"Internet Traffic Analysis and Secure E-voting","score":1.0,"subfield":{"id":"https://openalex.org/subfields/1702","display_name":"Artificial Intelligence"},"field":{"id":"https://openalex.org/fields/17","display_name":"Computer Science"},"domain":{"id":"https://openalex.org/domains/3","display_name":"Physical Sciences"}},{"id":"https://openalex.org/T11241","display_name":"Advanced Malware Detection Techniques","score":0.9994000196456909,"subfield":{"id":"https://openalex.org/subfields/1711","display_name":"Signal Processing"},"field":{"id":"https://openalex.org/fields/17","display_name":"Computer Science"},"domain":{"id":"https://openalex.org/domains/3","display_name":"Physical Sciences"}}],"keywords":[{"id":"https://openalex.org/keywords/computer-science","display_name":"Computer science","score":0.8017892837524414},{"id":"https://openalex.org/keywords/protocol","display_name":"Protocol (science)","score":0.7703765630722046},{"id":"https://openalex.org/keywords/context","display_name":"Context (archaeology)","score":0.5529968738555908},{"id":"https://openalex.org/keywords/otway\u2013rees-protocol","display_name":"Otway\u2013Rees protocol","score":0.5341225266456604},{"id":"https://openalex.org/keywords/network-packet","display_name":"Network packet","score":0.5132936835289001},{"id":"https://openalex.org/keywords/network-security","display_name":"Network security","score":0.501894474029541},{"id":"https://openalex.org/keywords/port-control-protocol","display_name":"Port Control Protocol","score":0.49612244963645935},{"id":"https://openalex.org/keywords/process","display_name":"Process (computing)","score":0.4959731996059418},{"id":"https://openalex.org/keywords/protocol-analysis","display_name":"Protocol analysis","score":0.47452986240386963},{"id":"https://openalex.org/keywords/application-layer","display_name":"Application layer","score":0.47121137380599976},{"id":"https://openalex.org/keywords/task","display_name":"Task (project management)","score":0.46275991201400757},{"id":"https://openalex.org/keywords/intrusion-detection-system","display_name":"Intrusion detection system","score":0.460160493850708},{"id":"https://openalex.org/keywords/evasion","display_name":"Evasion (ethics)","score":0.4561672508716583},{"id":"https://openalex.org/keywords/computer-security","display_name":"Computer security","score":0.3966972529888153},{"id":"https://openalex.org/keywords/computer-network","display_name":"Computer network","score":0.35773536562919617},{"id":"https://openalex.org/keywords/user-datagram-protocol","display_name":"User Datagram Protocol","score":0.26242703199386597},{"id":"https://openalex.org/keywords/internet-protocol-suite","display_name":"Internet protocol suite","score":0.2389148771762848},{"id":"https://openalex.org/keywords/authentication-protocol","display_name":"Authentication protocol","score":0.14936965703964233},{"id":"https://openalex.org/keywords/authentication","display_name":"Authentication (law)","score":0.14516139030456543},{"id":"https://openalex.org/keywords/the-internet","display_name":"The Internet","score":0.11227735877037048},{"id":"https://openalex.org/keywords/engineering","display_name":"Engineering","score":0.09436321258544922},{"id":"https://openalex.org/keywords/software-engineering","display_name":"Software engineering","score":0.0660683810710907}],"concepts":[{"id":"https://openalex.org/C41008148","wikidata":"https://www.wikidata.org/wiki/Q21198","display_name":"Computer science","level":0,"score":0.8017892837524414},{"id":"https://openalex.org/C2780385302","wikidata":"https://www.wikidata.org/wiki/Q367158","display_name":"Protocol (science)","level":3,"score":0.7703765630722046},{"id":"https://openalex.org/C2779343474","wikidata":"https://www.wikidata.org/wiki/Q3109175","display_name":"Context (archaeology)","level":2,"score":0.5529968738555908},{"id":"https://openalex.org/C35788789","wikidata":"https://www.wikidata.org/wiki/Q1320237","display_name":"Otway\u2013Rees protocol","level":5,"score":0.5341225266456604},{"id":"https://openalex.org/C158379750","wikidata":"https://www.wikidata.org/wiki/Q214111","display_name":"Network packet","level":2,"score":0.5132936835289001},{"id":"https://openalex.org/C182590292","wikidata":"https://www.wikidata.org/wiki/Q989632","display_name":"Network security","level":2,"score":0.501894474029541},{"id":"https://openalex.org/C148108848","wikidata":"https://www.wikidata.org/wiki/Q17156884","display_name":"Port Control Protocol","level":5,"score":0.49612244963645935},{"id":"https://openalex.org/C98045186","wikidata":"https://www.wikidata.org/wiki/Q205663","display_name":"Process (computing)","level":2,"score":0.4959731996059418},{"id":"https://openalex.org/C133112747","wikidata":"https://www.wikidata.org/wiki/Q7251931","display_name":"Protocol analysis","level":2,"score":0.47452986240386963},{"id":"https://openalex.org/C190793597","wikidata":"https://www.wikidata.org/wiki/Q189768","display_name":"Application layer","level":3,"score":0.47121137380599976},{"id":"https://openalex.org/C2780451532","wikidata":"https://www.wikidata.org/wiki/Q759676","display_name":"Task (project management)","level":2,"score":0.46275991201400757},{"id":"https://openalex.org/C35525427","wikidata":"https://www.wikidata.org/wiki/Q745881","display_name":"Intrusion detection system","level":2,"score":0.460160493850708},{"id":"https://openalex.org/C2781251061","wikidata":"https://www.wikidata.org/wiki/Q5416089","display_name":"Evasion (ethics)","level":3,"score":0.4561672508716583},{"id":"https://openalex.org/C38652104","wikidata":"https://www.wikidata.org/wiki/Q3510521","display_name":"Computer security","level":1,"score":0.3966972529888153},{"id":"https://openalex.org/C31258907","wikidata":"https://www.wikidata.org/wiki/Q1301371","display_name":"Computer network","level":1,"score":0.35773536562919617},{"id":"https://openalex.org/C20636137","wikidata":"https://www.wikidata.org/wiki/Q11163","display_name":"User Datagram Protocol","level":4,"score":0.26242703199386597},{"id":"https://openalex.org/C65567647","wikidata":"https://www.wikidata.org/wiki/Q81414","display_name":"Internet protocol suite","level":3,"score":0.2389148771762848},{"id":"https://openalex.org/C21564112","wikidata":"https://www.wikidata.org/wiki/Q4825885","display_name":"Authentication protocol","level":3,"score":0.14936965703964233},{"id":"https://openalex.org/C148417208","wikidata":"https://www.wikidata.org/wiki/Q4825882","display_name":"Authentication (law)","level":2,"score":0.14516139030456543},{"id":"https://openalex.org/C110875604","wikidata":"https://www.wikidata.org/wiki/Q75","display_name":"The Internet","level":2,"score":0.11227735877037048},{"id":"https://openalex.org/C127413603","wikidata":"https://www.wikidata.org/wiki/Q11023","display_name":"Engineering","level":0,"score":0.09436321258544922},{"id":"https://openalex.org/C115903868","wikidata":"https://www.wikidata.org/wiki/Q80993","display_name":"Software engineering","level":1,"score":0.0660683810710907},{"id":"https://openalex.org/C86803240","wikidata":"https://www.wikidata.org/wiki/Q420","display_name":"Biology","level":0,"score":0.0},{"id":"https://openalex.org/C71924100","wikidata":"https://www.wikidata.org/wiki/Q11190","display_name":"Medicine","level":0,"score":0.0},{"id":"https://openalex.org/C203014093","wikidata":"https://www.wikidata.org/wiki/Q101929","display_name":"Immunology","level":1,"score":0.0},{"id":"https://openalex.org/C204787440","wikidata":"https://www.wikidata.org/wiki/Q188504","display_name":"Alternative medicine","level":2,"score":0.0},{"id":"https://openalex.org/C105339364","wikidata":"https://www.wikidata.org/wiki/Q2297740","display_name":"Software deployment","level":2,"score":0.0},{"id":"https://openalex.org/C136764020","wikidata":"https://www.wikidata.org/wiki/Q466","display_name":"World Wide Web","level":1,"score":0.0},{"id":"https://openalex.org/C111919701","wikidata":"https://www.wikidata.org/wiki/Q9135","display_name":"Operating system","level":1,"score":0.0},{"id":"https://openalex.org/C142724271","wikidata":"https://www.wikidata.org/wiki/Q7208","display_name":"Pathology","level":1,"score":0.0},{"id":"https://openalex.org/C41895202","wikidata":"https://www.wikidata.org/wiki/Q8162","display_name":"Linguistics","level":1,"score":0.0},{"id":"https://openalex.org/C201995342","wikidata":"https://www.wikidata.org/wiki/Q682496","display_name":"Systems engineering","level":1,"score":0.0},{"id":"https://openalex.org/C207828512","wikidata":"https://www.wikidata.org/wiki/Q1060131","display_name":"Challenge-Handshake Authentication Protocol","level":4,"score":0.0},{"id":"https://openalex.org/C8891405","wikidata":"https://www.wikidata.org/wiki/Q1059","display_name":"Immune system","level":2,"score":0.0},{"id":"https://openalex.org/C138885662","wikidata":"https://www.wikidata.org/wiki/Q5891","display_name":"Philosophy","level":0,"score":0.0},{"id":"https://openalex.org/C151730666","wikidata":"https://www.wikidata.org/wiki/Q7205","display_name":"Paleontology","level":1,"score":0.0}],"mesh":[],"locations_count":6,"locations":[{"id":"doi:10.1109/cns48642.2020.9162332","is_oa":false,"landing_page_url":"https://doi.org/10.1109/cns48642.2020.9162332","pdf_url":null,"source":null,"license":null,"license_id":null,"version":"publishedVersion","is_accepted":true,"is_published":true,"raw_source_name":"2020 IEEE Conference on Communications and Network Security (CNS)","raw_type":"proceedings-article"},{"id":"pmh:oai:EVASTAR-Karlsruhe.de:1000100823","is_oa":true,"landing_page_url":"https://publikationen.bibliothek.kit.edu/1000100823","pdf_url":null,"source":{"id":"https://openalex.org/S4306401992","display_name":"Repository KITopen (Karlsruhe Institute of Technology)","issn_l":null,"issn":null,"is_oa":false,"is_in_doaj":false,"is_core":false,"host_organization":"https://openalex.org/I102335020","host_organization_name":"Karlsruhe Institute of Technology","host_organization_lineage":["https://openalex.org/I102335020"],"host_organization_lineage_names":[],"type":"repository"},"license":"cc-by","license_id":"https://openalex.org/licenses/cc-by","version":"publishedVersion","is_accepted":true,"is_published":true,"raw_source_name":"","raw_type":"doc-type:report"},{"id":"pmh:oai:arXiv.org:1912.03962","is_oa":true,"landing_page_url":"http://arxiv.org/abs/1912.03962","pdf_url":"https://arxiv.org/pdf/1912.03962","source":{"id":"https://openalex.org/S4306400194","display_name":"arXiv (Cornell University)","issn_l":null,"issn":null,"is_oa":true,"is_in_doaj":false,"is_core":false,"host_organization":"https://openalex.org/I205783295","host_organization_name":"Cornell University","host_organization_lineage":["https://openalex.org/I205783295"],"host_organization_lineage_names":[],"type":"repository"},"license":null,"license_id":null,"version":"submittedVersion","is_accepted":false,"is_published":false,"raw_source_name":null,"raw_type":"text"},{"id":"mag:2993449283","is_oa":true,"landing_page_url":"https://arxiv.org/pdf/1912.03962","pdf_url":null,"source":{"id":"https://openalex.org/S4306400194","display_name":"arXiv (Cornell University)","issn_l":null,"issn":null,"is_oa":true,"is_in_doaj":false,"is_core":false,"host_organization":"https://openalex.org/I205783295","host_organization_name":"Cornell University","host_organization_lineage":["https://openalex.org/I205783295"],"host_organization_lineage_names":[],"type":"repository"},"license":null,"license_id":null,"version":"submittedVersion","is_accepted":false,"is_published":false,"raw_source_name":"arXiv (Cornell University)","raw_type":null},{"id":"doi:10.48550/arxiv.1912.03962","is_oa":true,"landing_page_url":"https://doi.org/10.48550/arxiv.1912.03962","pdf_url":null,"source":{"id":"https://openalex.org/S4306400194","display_name":"arXiv (Cornell University)","issn_l":null,"issn":null,"is_oa":true,"is_in_doaj":false,"is_core":false,"host_organization":"https://openalex.org/I205783295","host_organization_name":"Cornell University","host_organization_lineage":["https://openalex.org/I205783295"],"host_organization_lineage_names":[],"type":"repository"},"license":"cc-by","license_id":"https://openalex.org/licenses/cc-by","version":null,"is_accepted":false,"is_published":null,"raw_source_name":null,"raw_type":"article"},{"id":"doi:10.5445/ir/1000100823","is_oa":true,"landing_page_url":"https://doi.org/10.5445/ir/1000100823","pdf_url":null,"source":{"id":"https://openalex.org/S7407052948","display_name":"KITopen","issn_l":null,"issn":[],"is_oa":false,"is_in_doaj":false,"is_core":false,"host_organization":null,"host_organization_name":null,"host_organization_lineage":[],"host_organization_lineage_names":[],"type":"repository"},"license":"cc-by","license_id":"https://openalex.org/licenses/cc-by","version":null,"is_accepted":false,"is_published":null,"raw_source_name":null,"raw_type":"report"}],"best_oa_location":{"id":"pmh:oai:EVASTAR-Karlsruhe.de:1000100823","is_oa":true,"landing_page_url":"https://publikationen.bibliothek.kit.edu/1000100823","pdf_url":null,"source":{"id":"https://openalex.org/S4306401992","display_name":"Repository KITopen (Karlsruhe Institute of Technology)","issn_l":null,"issn":null,"is_oa":false,"is_in_doaj":false,"is_core":false,"host_organization":"https://openalex.org/I102335020","host_organization_name":"Karlsruhe Institute of Technology","host_organization_lineage":["https://openalex.org/I102335020"],"host_organization_lineage_names":[],"type":"repository"},"license":"cc-by","license_id":"https://openalex.org/licenses/cc-by","version":"publishedVersion","is_accepted":true,"is_published":true,"raw_source_name":"","raw_type":"doc-type:report"},"sustainable_development_goals":[{"display_name":"Peace, Justice and strong institutions","score":0.6600000262260437,"id":"https://metadata.un.org/sdg/16"}],"awards":[],"funders":[],"has_content":{"pdf":false,"grobid_xml":false},"content_urls":null,"referenced_works_count":25,"referenced_works":["https://openalex.org/W196904133","https://openalex.org/W1490025813","https://openalex.org/W1516506771","https://openalex.org/W1553177637","https://openalex.org/W1849161695","https://openalex.org/W1985776777","https://openalex.org/W1985902740","https://openalex.org/W2019821286","https://openalex.org/W2082264682","https://openalex.org/W2096118443","https://openalex.org/W2109966155","https://openalex.org/W2148913232","https://openalex.org/W2187970900","https://openalex.org/W2291769357","https://openalex.org/W2549924192","https://openalex.org/W2560107525","https://openalex.org/W2612544399","https://openalex.org/W2805984568","https://openalex.org/W2897202622","https://openalex.org/W2904027722","https://openalex.org/W2907749373","https://openalex.org/W6629285517","https://openalex.org/W6639048092","https://openalex.org/W6729623464","https://openalex.org/W6757249222"],"related_works":["https://openalex.org/W3139155658","https://openalex.org/W3111187927","https://openalex.org/W2736210006","https://openalex.org/W2049508374","https://openalex.org/W2901425553","https://openalex.org/W3081902987","https://openalex.org/W2026397604","https://openalex.org/W2950911860","https://openalex.org/W2277843966","https://openalex.org/W2815936059","https://openalex.org/W2288490641","https://openalex.org/W2940367102","https://openalex.org/W2609902909","https://openalex.org/W2785953910","https://openalex.org/W2566419812","https://openalex.org/W3082461168","https://openalex.org/W2741926605","https://openalex.org/W2901683318","https://openalex.org/W3048654736","https://openalex.org/W108168991"],"abstract_inverted_index":{"Protocol":[0,61,135],"detection":[1,83],"is":[2,109],"the":[3,7,12,50,59,74,102,130],"process":[4],"of":[5,14,76,106,115],"determining":[6],"application":[8,51],"layer":[9,52],"protocol":[10,107],"in":[11,113],"context":[13],"network":[15,70],"security":[16],"monitoring,":[17],"which":[18],"requires":[19],"a":[20,92],"timely":[21],"and":[22,67],"precise":[23],"decision":[24],"to":[25,35,47,87,95],"enable":[26,123],"protocol-specific":[27],"deep":[28],"packet":[29],"inspection.":[30],"This":[31,90],"task":[32],"has":[33],"proven":[34],"be":[36],"complex,":[37],"as":[38],"isolated":[39],"characteristics,":[40],"like":[41],"port":[42],"numbers,":[43],"are":[44,85],"not":[45,110],"sufficient":[46],"reliably":[48],"determine":[49],"protocol.":[53],"In":[54],"this":[55,127],"paper,":[56],"we":[57,78,120],"analyze":[58],"Dynamic":[60,134],"Detection":[62],"mechanisms":[63,84],"employed":[64],"by":[65],"popular":[66],"widespread":[68],"open-source":[69],"monitoring":[71,97,117],"tools.":[72],"On":[73],"example":[75],"HTTP,":[77],"show":[79],"that":[80,101,119],"all":[81],"analyzed":[82],"vulnerable":[86],"evasion":[88],"attacks.":[89],"poses":[91],"serious":[93],"threat":[94],"real-world":[96],"operations.":[98],"We":[99],"find":[100],"underlying":[103],"fundamental":[104],"problem":[105],"disambiguation":[108],"adequately":[111],"addressed":[112],"two":[114],"three":[116],"systems":[118],"analyzed.":[121],"To":[122],"adequate":[124],"operational":[125],"decisions,":[126],"paper":[128],"highlights":[129],"inherent":[131],"trade-offs":[132],"within":[133],"Detection.":[136]},"counts_by_year":[],"updated_date":"2026-03-21T08:13:44.787528","created_date":"2022-07-26T00:00:00"}