Abstract—Malicious shellcodes are segments of binary code disguised as normal input data. Such shellcodes can be injected into a target process’s virtual memory. They overwrite...
Boxuan Gu, Xiaole Bai, Zhimin Yang, Adam C. Champi...
VMM (virtual machine monitor) based system provides the useful inspection and interposition of guest OS. With proper modification of guest OS, we can obtain event-driven memory sn...
Drive-by download attacks are among the most common methods for spreading malware today. These attacks typically exploit memory corruption vulnerabilities in web browsers and brows...
Manuel Egele, Peter Wurzinger, Christopher Kruegel...
Abstract. Malicious Web content poses a serious threat to the Internet, organizations and users. Current approaches to detecting malicious Web content employ high-powered honey cli...
Heap spraying is an attack technique commonly used in hijacking browsers to download and execute malicious code. In this attack, attackers first fill a large portion of the victim...
Yu Ding, Tao Wei, Tielei Wang, Zhenkai Liang, Wei ...