Free Online Productivity Tools
i2Speak
i2Symbol
i2OCR
iTex2Img
iWeb2Print
iWeb2Shot
i2Type
iPdf2Split
iPdf2Merge
i2Bopomofo
i2Arabic
i2Style
i2Image
i2PDF
iLatex2Rtf
Sci2ools
CSFW
2007
IEEE
2007
IEEE
Creating Vulnerability Signatures Using Weakest Preconditions
Signature-based tools such as network intrusion detection systems are widely used to protect critical systems. Automatic signature generation techniques are needed to enable these tools due to the speed at which new vulnerabilities are discovered. In particular, we need automatic techniques which generate sound signatures — signatures which will not mistakenly block legitimate traffic or raise false alarms. In addition, we need signatures to have few false negatives and will catch many different exploit variants. We investigate new techniques for automatically generating sound vulnerability signatures with fewer false negatives than previous research using program binary analysis. The key problem to reducing false negatives is to consider as many as possible different program paths an exploit may take. Previous work considered each possible program path an exploit may take separately, thus generating signatures that are exponential in the size of the number of branches considered. ...
Real-time TrafficRelated Content
| Added | 02 Jun 2010 |
| Updated | 02 Jun 2010 |
| Type | Conference |
| Year | 2007 |
| Where | CSFW |
| Authors | David Brumley, Hao Wang, Somesh Jha, Dawn Xiaodong Song |
Comments (0)
Researcher Info
|
