Dies ist eine Übersichtsseite mit Metadaten zu dieser wissenschaftlichen Arbeit. Ein externer Link zum Volltext ist derzeit nicht verfügbar.
Dynamic Taint Analysis for Automatic Detection, Analysis, and Signature Generation of Exploits on Commodity Software
1.297
Zitationen
2
Autoren
2018
Jahr
Abstract
Software vulnerabilities have had a devastating effect on the Internet. Worms such as CodeRed and Slammer can compromise hundreds of thousands of hosts within hours or even minutes, and cause millions of dollars of damage [26, 43]. To successfully combat these fast automatic Internet attacks, we need fast automatic attack detection and filtering mechanisms. In this paper we propose dynamic taint analysis for automatic detection of overwrite attacks, which include most types of exploits. This approach does not need source code or special compilation for the monitored program, and hence works on commodity software. To demonstrate this idea, we have implemented TaintCheck, a mechanism that can perform dynamic taint analysis by performing binary rewriting at run time. We show that TaintCheck reliably detects most types of exploits. We found that TaintCheck produced no false positives for any of the many different programs that we tested. Further, we describe how TaintCheck could improve automatic signature generation in several ways.
Ähnliche Arbeiten
A detailed analysis of the KDD CUP 99 data set
2009 · 4.672 Zit.
The Sybil Attack
2002 · 4.380 Zit.
UNSW-NB15: a comprehensive data set for network intrusion detection systems (UNSW-NB15 network data set)
2015 · 3.479 Zit.
Practical Black-Box Attacks against Machine Learning
2017 · 3.442 Zit.
An Intrusion-Detection Model
1987 · 3.332 Zit.