simplemind

I think I have an idea for a possible honors thesis;

“Temporally Distributed Multi-Stage Attack Generation”

The title doesn’t quite explain the entire idea, In point of fact it makes it sound like I just wanna generate slow attacks. Slow attacks are detected easily enough with a large enough time window, though it does increase the signal to noise ratio. I want to distribute the stages of an attack over a large period of time and across a number of attack hosts and include bayesian fuzzing in an effort to increase the chance of branches being pruned from the decision tree. This of course doesn’t mean that an IDS won’t register the individual stages of the attack but it may reduce the chances that any alert aggregation and/or correlation software will fail to notice that the individual stages are part of a concentrated attack. I think It’s interesting though I doubt I will be allowed to do it in the academic setting. I would like to contend that it would be better to do this kind of research academically than it would to discover it in the wild; the reality is that I want to see if it works cause I like  mischief.

EDIT:

While an interesting idea on further reflection this would be little more than practical example of a known fact (if not a well known fact) that peer to peer networks are a perfect solution in terms of botnet control, combined with a known vulnerability in multi-stage attack detection. This makes the idea less interesting the more I think about it.