Free Online Productivity Tools
i2Speak
i2Symbol
i2OCR
iTex2Img
iWeb2Print
iWeb2Shot
i2Type
iPdf2Split
iPdf2Merge
i2Bopomofo
i2Arabic
i2Style
i2Image
i2PDF
iLatex2Rtf
Sci2ools
IMC
2006
ACM
2006
ACM
Finding diversity in remote code injection exploits
Remote code injection exploits inflict a significant societal cost, and an active underground economy has grown up around these continually evolving attacks. We present a methodology for inferring the phylogeny, or evolutionary tree, of such exploits. We have applied this methodology to traffic captured at several vantage points, and we demonstrate that our methodology is robust to the observed polymorphism. Our techniques revealed non-trivial code sharing among different exploit families, and the resulting phylogenies accurately captured the subtle variations among exploits within each family. Thus, we believe our methodology and results are a helpful step to better understanding the evolution of remote code injection exploits on the Internet. Categories and Subject Descriptors C.2.0 [Computer-Communication Networks]: General—Security and protection; D.4.6 [Operating Systems]: Security and Protection—Invasive software General Terms Algorithms, Measurement, Security Keywords wo...
Real-time TrafficRelated Content
| Added | 13 Jun 2010 |
| Updated | 13 Jun 2010 |
| Type | Conference |
| Year | 2006 |
| Where | IMC |
| Authors | Justin Ma, John Dunagan, Helen J. Wang, Stefan Savage, Geoffrey M. Voelker |
Comments (0)
Researcher Info
|
