We use cookies to provide you with a better experience. If you continue to use this site, we'll assume you're happy with this. Alternatively, click here to find out how to manage these cookies

hide cookie message
80,258 News Articles

University of Glamorgan to study deadly AET cyberattacks

Using Stonesoft tool

The University of Glamorgan is to study cyberattacks based on Advanced Evasion Techniques (AETs) as part of a new partnership with Finnish security company Stonesoft.

The research will see the Welsh university's Faculty of Advanced Technology use Stonesoft's anti-evasion testing tool to conduct "field research" on different AETs in a lab environment.

Exactly what sometimes obscure AETs are capable of is open to some conjecture. Stonesoft has claimed since it first started promoting the issue a year ago that AETs are regularly being used to attack servers in ways that firewalls and intrusion detection systems usually can't detect let alone stop.

Since then, the AET hypothesis has gained some credibility among security experts more generally with the University of Glamorgan partnership being the latest example of that.

"We believe AETs pose a serious threat to network security and have already seen evidence of hackers using them in the wild," said the University of Glamorgan's Advanced Technology department head, Professor Andrew Blyth. "It is also very promising to see that Stonesoft is taking the threat posed by evasions seriously as they have been overlooked by many in the past."

The university's Information Security Group had carried out testing and forensics for government, financial services and pharmaceutical and understanding Stonesoft's AET attacks would help inform this expertise, he said.

Stonesoft also recently highlighted the possibility that AETs might also be hidden inside port 80 http traffic, a serious development if true. Firewalls pass this traffic because not to do so would cause bottlenecks.

"It is important to note when AETs are delivered via http they are able to bypass Firewalls and IPS devices, this is clear evidence that they can originate and be deployed from outside the corporate network," said Professor Blyth.


IDG UK Sites

Best Christmas 2014 UK tech deals, Boxing Day 2014 UK tech deals & January sales 2015 UK tech...

IDG UK Sites

LED vs Halogen: Why now could be the right time to invest in LED bulbs

IDG UK Sites

Christmas' best ads: See great festive spots studios have created to promote themselves and clients

IDG UK Sites

Why Apple shouldn't be blamed for exploitation in China and Indonesia