Evolving Successful Stack Overflow Attacks for Vulnerability Testing

13 years 10 months ago

Download www.acsac.org

The work presented in this paper is intended to test crucial system services against stack overflow vulnerabilities. The focus of the test is the user-accessible variables, that is to say, the inputs from the user as specified at the command line or in a configuration file. The tester is defined as a process for automatically generating a wide variety of user-accessible variables that result in malicious buffers (an exploit). In this work, the search for successful exploits is formulated as an optimization problem and solved using evolutionary computation. Moreover the resulting attacks are passed through the Snort misuse detection system to observe the detection (or not) of each exploit.

Hilmi Günes Kayacik, A. Nur Zincir-Heywood, M

Real-time Traffic

ACSAC 2005 | Security Privacy | Snort Misuse Detection | Stack Overflow Vulnerabilities | User-accessible Variables |

claim paper

Added	24 Jun 2010
Updated	24 Jun 2010
Type	Conference
Year	2005
Where	ACSAC
Authors	Hilmi Günes Kayacik, A. Nur Zincir-Heywood, Malcolm I. Heywood

Sciweavers

Evolving Successful Stack Overflow Attacks for Vulnerability Testing

ACSAC 2005 | Security Privacy | Snort Misuse Detection | Stack Overflow Vulnerabilities | User-accessible Variables |

Explore & Download

Productivity Tools

Document Tools

Image Tools

Sciweavers