Tools
Sorted by:
Try your query at:
 |
 |
 |
 |
 |
 |
Results 1 - 10
of
175
Signatures Generator for Zero-day Polymorphic Worms
"... Abstract. Modern worms can spread so quickly that any countermeasure based on human reaction might not be fast enough. Recent research has focused on devising algorithms to produce automatically the polymorphic worms signatures required by Intrusion Detection Systems. However, polymorphic worms are ..."
Abstract
- Add to MetaCart
Abstract. Modern worms can spread so quickly that any countermeasure based on human reaction might not be fast enough. Recent research has focused on devising algorithms to produce automatically the polymorphic worms signatures required by Intrusion Detection Systems. However, polymorphic worms
Network-based and attackresilient length signature generation for zero-day polymorphic worms
, 2007
"... It is crucial to detect zero-day polymorphic worms and to generate signatures at the edge network gateways or honeynets so that we can prevent the worms from propagating at their early phase. However, most existing network-based signatures generated are not vulnerability based and can be easily evad ..."
Abstract
-
Cited by 8 (2 self)
- Add to MetaCart
It is crucial to detect zero-day polymorphic worms and to generate signatures at the edge network gateways or honeynets so that we can prevent the worms from propagating at their early phase. However, most existing network-based signatures generated are not vulnerability based and can be easily
PolyS: Network-based Signature Generation for Zero-day Polymorphic Worms
"... With growing sophistication of computer worms, it is very important to detect and prevent the worms quickly and accurately at their early phase of infection. Traditional signature based IDS, though effective for known attacks but failed to handle the zero-day attack promptly. Recent works on polymor ..."
Abstract
- Add to MetaCart
With growing sophistication of computer worms, it is very important to detect and prevent the worms quickly and accurately at their early phase of infection. Traditional signature based IDS, though effective for known attacks but failed to handle the zero-day attack promptly. Recent works
LISABETH: Automated Content-Based Signature Generator for Zero-day Polymorphic Worms
"... Modern worms can spread so quickly that any countermeasure based on human reaction might not be fast enough. Recent research has focused on devising algorithms to automatically produce signature for polymorphic worms, required by Intrusion Detection Systems. However, polymorphic worms are more compl ..."
Abstract
-
Cited by 5 (0 self)
- Add to MetaCart
Modern worms can spread so quickly that any countermeasure based on human reaction might not be fast enough. Recent research has focused on devising algorithms to automatically produce signature for polymorphic worms, required by Intrusion Detection Systems. However, polymorphic worms are more
Thwarting Zero-Day Polymorphic Worms With Network-Level Length-Based Signature Generation
"... Abstract—It is crucial to detect zero-day polymorphic worms and to generate signatures at network gateways or honeynets so that we can prevent worms from propagating at their early phase. However, most existing network-based signatures are specific to exploit and can be easily evaded. In this paper, ..."
Abstract
-
Cited by 3 (1 self)
- Add to MetaCart
Abstract—It is crucial to detect zero-day polymorphic worms and to generate signatures at network gateways or honeynets so that we can prevent worms from propagating at their early phase. However, most existing network-based signatures are specific to exploit and can be easily evaded. In this paper
Network-based and Attack-resilient Length Signature Generation for Zero-day Polymorphic Worms
"... Abstract—It is crucial to detect zero-day polymorphic worms and to generate signatures at the edge network gateways or honeynets so that we can prevent the worms from propagating at their early phase. However, most existing network-based signatures generated are not vulnerability-based and can be ea ..."
Abstract
- Add to MetaCart
Abstract—It is crucial to detect zero-day polymorphic worms and to generate signatures at the edge network gateways or honeynets so that we can prevent the worms from propagating at their early phase. However, most existing network-based signatures generated are not vulnerability-based and can
Network-based and Attack-resilient Length Signature Generation for Zero-day Polymorphic Worms
"... Abstract—It is crucial to detect zero-day polymorphic worms and to generate signatures at the edge network gateways or honeynets so that we can prevent the worms from propagating at their early phase. However, most existing network-based signatures generated are not vulnerability-based and can be ea ..."
Abstract
- Add to MetaCart
Abstract—It is crucial to detect zero-day polymorphic worms and to generate signatures at the edge network gateways or honeynets so that we can prevent the worms from propagating at their early phase. However, most existing network-based signatures generated are not vulnerability-based and can
On Deriving Unknown Vulnerabilities from Zero-Day Polymorphic and Metamorphic Worm Exploits
- In Proc. 12th ACM Conference on Computer and Communications Security (CCS
, 2005
"... Vulnerabilities that allow worms to hijack the control flow of each host that they spread to are typically discovered months before the worm outbreak, but are also typically discovered by third party researchers. A determined attacker could discover vulnerabilities as easily and create zero-day worm ..."
Abstract
-
Cited by 96 (11 self)
- Add to MetaCart
Vulnerabilities that allow worms to hijack the control flow of each host that they spread to are typically discovered months before the worm outbreak, but are also typically discovered by third party researchers. A determined attacker could discover vulnerabilities as easily and create zero-day
An Architecture of Unknown Attack Detection System against Zero-day Worm
"... Abstract: We have introduced the ZASMIN (Zeroday-Attack Signature Management Infrastructure) system, which is developed for novel network attack detection. This system provides early warning at the moment the attacks start to spread on the network and to block the spread of the cyber attacks by auto ..."
Abstract
-
Cited by 1 (0 self)
- Add to MetaCart
by automatically generating a signature that could be used by the network security appliance such as IPS. This system have adopted various of new technologies — suspicious traffic monitoring, attack validation, polymorphic worm recognition, signature generation — for unknown network attack detection. Because its
Dynamic taint analysis for automatic detection, analysis, and signature generation of exploits on commodity software
- In Network and Distributed Systems Security Symposium
, 2005
"... Software vulnerabilities have had a devastating effect on the Internet. Worms such as CodeRed and Slammer can compromise hundreds of thousands of hosts within hours or even minutes, and cause millions of dollars of damage [32, 51]. To successfully combat these fast automatic Internet attacks, we nee ..."
Abstract
-
Cited by 647 (32 self)
- Add to MetaCart
be used as signatures. Semantic-analysis based signature generation can be more accurate, resilient against polymorphic worms, and robust to attacks exploiting polymorphism than the pattern-extraction based signature generation methods.
Results 1 - 10
of
175
