Free Online Productivity Tools
i2Speak
i2Symbol
i2OCR
iTex2Img
iWeb2Print
iWeb2Shot
i2Type
iPdf2Split
iPdf2Merge
i2Bopomofo
i2Arabic
i2Style
i2Image
i2PDF
iLatex2Rtf
Sci2ools
CGO
2016
IEEE
2016
IEEE
BlackBox: lightweight security monitoring for COTS binaries
After a software system is compromised, it can be difficult to understand what vulnerabilities attackers exploited. Any information residing on that machine cannot be trusted as attackers may have tampered with it to cover their tracks. Moreover, even after an exploit is known, it can be difficult to determine whether it has been used to compromise a given machine. Aviation has long-used black boxes to better understand the causes of accidents, enabling improvements that reduce the likelihood of future accidents. Many attacks introduce abnormal control flows to compromise systems. In this paper, we present BLACKBOX, a monitoring system for COTS software. Our techniques enable BLACKBOX to efficiently monitor unexpected and potentially harmful control flow in COTS binaries. BLACKBOX constructs dynamic profiles of an application’s typical control flows to filter the vast majority of expected control flow behavior, leaving us with a manageable amount of data that can be logged ...
Real-time Traffic| Added | 31 Mar 2016 |
| Updated | 31 Mar 2016 |
| Type | Journal |
| Year | 2016 |
| Where | CGO |
| Authors | Byron Hawkins, Brian Demsky, Michael B. Taylor |
Comments (0)
Researcher Info
|
