Shu et al., 2015 - Google Patents
Unearthing stealthy program attacks buried in extremely long execution pathsShu et al., 2015
View PDF- Document ID
- 12775237638707265732
- Author
- Shu X
- Yao D
- Ramakrishnan N
- Publication year
- Publication venue
- Proceedings of the 22nd ACM SIGSAC Conference on Computer and Communications Security
External Links
Snippet
Modern stealthy exploits can achieve attack goals without introducing illegal control flows, eg, tampering with non-control data and waiting for the modified data to propagate and alter the control flow legally. Existing program anomaly detection systems focusing on legal …
- 238000001514 detection method 0 abstract description 118
Classifications
-
- G—PHYSICS
- G06—COMPUTING; CALCULATING; COUNTING
- G06F—ELECTRICAL DIGITAL DATA PROCESSING
- G06F21/00—Security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
- G06F21/50—Monitoring users, programs or devices to maintain the integrity of platforms, e.g. of processors, firmware or operating systems
- G06F21/55—Detecting local intrusion or implementing counter-measures
- G06F21/554—Detecting local intrusion or implementing counter-measures involving event detection and direct action
-
- G—PHYSICS
- G06—COMPUTING; CALCULATING; COUNTING
- G06F—ELECTRICAL DIGITAL DATA PROCESSING
- G06F21/00—Security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
- G06F21/70—Protecting specific internal or peripheral components, in which the protection of a component leads to protection of the entire computer
- G06F21/82—Protecting input, output or interconnection devices
- G06F21/83—Protecting input, output or interconnection devices input devices, e.g. keyboards, mice or controllers thereof
-
- G—PHYSICS
- G06—COMPUTING; CALCULATING; COUNTING
- G06F—ELECTRICAL DIGITAL DATA PROCESSING
- G06F21/00—Security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
- G06F21/50—Monitoring users, programs or devices to maintain the integrity of platforms, e.g. of processors, firmware or operating systems
- G06F21/55—Detecting local intrusion or implementing counter-measures
- G06F21/56—Computer malware detection or handling, e.g. anti-virus arrangements
- G06F21/562—Static detection
- G06F21/563—Static detection by source code analysis
-
- G—PHYSICS
- G06—COMPUTING; CALCULATING; COUNTING
- G06F—ELECTRICAL DIGITAL DATA PROCESSING
- G06F21/00—Security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
- G06F21/50—Monitoring users, programs or devices to maintain the integrity of platforms, e.g. of processors, firmware or operating systems
- G06F21/55—Detecting local intrusion or implementing counter-measures
- G06F21/552—Detecting local intrusion or implementing counter-measures involving long-term monitoring or reporting
-
- G—PHYSICS
- G06—COMPUTING; CALCULATING; COUNTING
- G06F—ELECTRICAL DIGITAL DATA PROCESSING
- G06F21/00—Security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
- G06F21/50—Monitoring users, programs or devices to maintain the integrity of platforms, e.g. of processors, firmware or operating systems
- G06F21/52—Monitoring users, programs or devices to maintain the integrity of platforms, e.g. of processors, firmware or operating systems during program execution, e.g. stack integrity ; Preventing unwanted data erasure; Buffer overflow
Similar Documents
| Publication | Publication Date | Title |
|---|---|---|
| Shu et al. | Unearthing stealthy program attacks buried in extremely long execution paths | |
| Yang et al. | {PROGRAPHER}: An anomaly detection system based on provenance graph embedding | |
| Hadžiosmanović et al. | N-gram against the machine: On the feasibility of the n-gram network analysis for binary protocols | |
| Kaur et al. | A survey on zero-day polymorphic worm detection techniques | |
| US9311476B2 (en) | Methods, systems, and media for masquerade attack detection by monitoring computer user behavior | |
| Shu et al. | Long-span program behavior modeling and attack detection | |
| Dambra et al. | Decoding the secrets of machine learning in malware classification: A deep dive into datasets, feature extraction, and model performance | |
| Cao et al. | Preemptive intrusion detection: Theoretical framework and real-world measurements | |
| WO2009097610A1 (en) | A vmm-based intrusion detection system | |
| Chenet et al. | A survey on hardware-based malware detection approaches | |
| Thummapudi et al. | Detection of ransomware attacks using processor and disk usage data | |
| Ben Salem et al. | Masquerade attack detection using a search-behavior modeling approach | |
| Robertson et al. | Effective Anomaly Detection with Scarce Training Data. | |
| Vigna et al. | Host-based intrusion detection | |
| Alvi et al. | RansomGuard: a framework for proactive detection and mitigation of cryptographic windows ransomware | |
| Deepserish et al. | PET-Droid: Android malware detection using static analysis | |
| El-Taj et al. | Intrusion detection and prevention response based on signature-based and anomaly-based: Investigation study | |
| Garcia-Cervigon et al. | Browser function calls modeling for banking malware detection | |
| Mamalakis et al. | Of daemons and men: A file system approach towards intrusion detection | |
| Samantray et al. | A theoretical feature-wise study of malware detection techniques | |
| Zhang et al. | Profiling and Discriminating of Containerized ML Applications in Digital Data Marketplaces (DDM). | |
| Gagulic et al. | Ransomware detection with machine learning in storage systems | |
| Nandal | Malware Detection | |
| Karanth et al. | Pattern mining for future attacks | |
| Čeponis | Research of machine and deep learning methods application for host-level intrusion detection and classification |