The University of Glamorgan is to study cyberattacks based on Advanced Evasion Techniques (AETs) as part of a new partnership with Finnish security company Stonesoft.
The research will see the Welsh university’s Faculty of Advanced Technology use Stonesoft’s anti-evasion testing tool to conduct “field research” on different AETs in a lab environment.
Exactly what sometimes obscure AETs are capable of is open to some conjecture. Stonesoft has claimed since it first started promoting the issue a year ago that AETs are regularly being used to attack servers in ways that firewalls and intrusion detection systems usually can’t detect let alone stop.
Since then, the AET hypothesis has gained some credibility among security experts more generally with the University of Glamorgan partnership being the latest example of that.
“We believe AETs pose a serious threat to network security and have already seen evidence of hackers using them in the wild,” said the University of Glamorgan’s Advanced Technology department head, Professor Andrew Blyth. “It is also very promising to see that Stonesoft is taking the threat posed by evasions seriously as they have been overlooked by many in the past.”
The university’s Information Security Group had carried out testing and forensics for government, financial services and pharmaceutical and understanding Stonesoft’s AET attacks would help inform this expertise, he said.
Stonesoft also recently highlighted the possibility that AETs might also be hidden inside port 80 http traffic, a serious development if true. Firewalls pass this traffic because not to do so would cause bottlenecks.
"It is important to note when AETs are delivered via http they are able to bypass Firewalls and IPS devices, this is clear evidence that they can originate and be deployed from outside the corporate network,” said Professor Blyth.