Sciweavers

Share
RAID
2009
Springer

Towards Generating High Coverage Vulnerability-Based Signatures with Protocol-Level Constraint-Guided Exploration

12 years 4 months ago
Towards Generating High Coverage Vulnerability-Based Signatures with Protocol-Level Constraint-Guided Exploration
Abstract. Signature-based input filtering is an important and widely deployed defense. But current signature generation methods have limited coverage and the generated signatures often can be easily evaded by an attacker with small variations of the exploit message. In this paper, we propose protocol-level constraint-guided exploration, a new approach towards generating high coverage vulnerability-based signatures. In particular, our approach generates high coverage, yet compact, vulnerability point reachability predicates, which capture many paths to the vulnerability point. In our experimental results, our tool, Elcano, generates compact, high coverage signatures for real-world vulnerabilities.
Juan Caballero, Zhenkai Liang, Pongsin Poosankam,
Added 27 May 2010
Updated 27 May 2010
Type Conference
Year 2009
Where RAID
Authors Juan Caballero, Zhenkai Liang, Pongsin Poosankam, Dawn Song
Comments (0)
books