Abstract. As state-of-the-art attack detection technology becomes more prevalent, attackers are likely to evolve, employing techniques such as polymorphism and metamorphism to evad...
Michalis Polychronakis, Kostas G. Anagnostakis, Ev...
Remote code-injection attacks are one of the most frequently used attacking vectors in computer security. To detect and analyze injected code (often called shellcode), some researc...
Network-level emulation has recently been proposed as a method for the accurate detection of previously unknown polymorphic code injection attacks. In this paper, we extend network...
Michalis Polychronakis, Kostas G. Anagnostakis, Ev...
A promising method for the detection of previously unknown code injection attacks is the identification of the shellcode that is part of the attack vector using payload execution....
Michalis Polychronakis, Kostas G. Anagnostakis, Ev...
Abstract—Malicious shellcodes are segments of binary code disguised as normal input data. Such shellcodes can be injected into a target process’s virtual memory. They overwrite...
Boxuan Gu, Xiaole Bai, Zhimin Yang, Adam C. Champi...