We use cookies to provide you with a better experience. If you continue to use this site, we'll assume you're happy with this. Alternatively, click here to find out how to manage these cookies

hide cookie message
80,259 News Articles

University of Glamorgan to study deadly AET cyberattacks

Using Stonesoft tool

The University of Glamorgan is to study cyberattacks based on Advanced Evasion Techniques (AETs) as part of a new partnership with Finnish security company Stonesoft.

The research will see the Welsh university's Faculty of Advanced Technology use Stonesoft's anti-evasion testing tool to conduct "field research" on different AETs in a lab environment.

Exactly what sometimes obscure AETs are capable of is open to some conjecture. Stonesoft has claimed since it first started promoting the issue a year ago that AETs are regularly being used to attack servers in ways that firewalls and intrusion detection systems usually can't detect let alone stop.

Since then, the AET hypothesis has gained some credibility among security experts more generally with the University of Glamorgan partnership being the latest example of that.

"We believe AETs pose a serious threat to network security and have already seen evidence of hackers using them in the wild," said the University of Glamorgan's Advanced Technology department head, Professor Andrew Blyth. "It is also very promising to see that Stonesoft is taking the threat posed by evasions seriously as they have been overlooked by many in the past."

The university's Information Security Group had carried out testing and forensics for government, financial services and pharmaceutical and understanding Stonesoft's AET attacks would help inform this expertise, he said.

Stonesoft also recently highlighted the possibility that AETs might also be hidden inside port 80 http traffic, a serious development if true. Firewalls pass this traffic because not to do so would cause bottlenecks.

"It is important to note when AETs are delivered via http they are able to bypass Firewalls and IPS devices, this is clear evidence that they can originate and be deployed from outside the corporate network," said Professor Blyth.


IDG UK Sites

Windows 10 launch event as it happened: Read our Windows 10 launch live blog - find out first as...

IDG UK Sites

Windows 9 and the death of the OS as a must-have product

IDG UK Sites

Video trends: 4K is here โ€“ HDR video, VR and 3D audio is coming

IDG UK Sites

Best iPhone 6, iPhone 6 Plus deals: iPhone 6, iPhone 6 Plus tariffs, contracts and prices UK