We use cookies to provide you with a better experience. If you continue to use this site, we'll assume you're happy with this. Alternatively, click here to find out how to manage these cookies

hide cookie message
79,812 News Articles

University of Glamorgan to study deadly AET cyberattacks

Using Stonesoft tool

The University of Glamorgan is to study cyberattacks based on Advanced Evasion Techniques (AETs) as part of a new partnership with Finnish security company Stonesoft.

The research will see the Welsh university's Faculty of Advanced Technology use Stonesoft's anti-evasion testing tool to conduct "field research" on different AETs in a lab environment.

Exactly what sometimes obscure AETs are capable of is open to some conjecture. Stonesoft has claimed since it first started promoting the issue a year ago that AETs are regularly being used to attack servers in ways that firewalls and intrusion detection systems usually can't detect let alone stop.

Since then, the AET hypothesis has gained some credibility among security experts more generally with the University of Glamorgan partnership being the latest example of that.

"We believe AETs pose a serious threat to network security and have already seen evidence of hackers using them in the wild," said the University of Glamorgan's Advanced Technology department head, Professor Andrew Blyth. "It is also very promising to see that Stonesoft is taking the threat posed by evasions seriously as they have been overlooked by many in the past."

The university's Information Security Group had carried out testing and forensics for government, financial services and pharmaceutical and understanding Stonesoft's AET attacks would help inform this expertise, he said.

Stonesoft also recently highlighted the possibility that AETs might also be hidden inside port 80 http traffic, a serious development if true. Firewalls pass this traffic because not to do so would cause bottlenecks.

"It is important to note when AETs are delivered via http they are able to bypass Firewalls and IPS devices, this is clear evidence that they can originate and be deployed from outside the corporate network," said Professor Blyth.


IDG UK Sites

45 Best Android games: top Android games for your smartphone or tablet in 2014 (24 are free!)

IDG UK Sites

How Apple, Adobe, Microsoft and others have let us down over UltraHD and hiDPI screens

IDG UK Sites

Miranda July's Somebody app offers a very unusual take on messaging

IDG UK Sites

iPad Pro release date, rumours and leaked images - 12.9 screen 'coming in 2015'