Attack signature generation by traceable dynamic taint analysis
Most of known attack signature generation systems took either black-box method or white-box method,both of which were limited in several aspects,such as costing a long time to capture sufficient samples,demanding arduous manual analysis and requiring source code of the vulnerable program.An attack s...
Saved in:
| Main Authors: | , , , |
|---|---|
| Format: | Article |
| Language: | zho |
| Published: |
Editorial Department of Journal on Communications
2012-05-01
|
| Series: | Tongxin xuebao |
| Subjects: | |
| Online Access: | http://www.joconline.com.cn/zh/article/doi/1000-436X(2012)05-0021-08/ |
| Tags: |
Add Tag
No Tags, Be the first to tag this record!
|
| _version_ | 1841539921662181376 |
|---|---|
| author | Yu LIU Mei-ning NIE Pu-rui SU Deng-guo FENG |
| author_facet | Yu LIU Mei-ning NIE Pu-rui SU Deng-guo FENG |
| author_sort | Yu LIU |
| collection | DOAJ |
| description | Most of known attack signature generation systems took either black-box method or white-box method,both of which were limited in several aspects,such as costing a long time to capture sufficient samples,demanding arduous manual analysis and requiring source code of the vulnerable program.An attack signature generation method based on an innovative traceable dynamic taint analysis framework was proposed.By monitoring the vulnerable process execution,the executing trace and the constrain conditions exactly related to input data exploiting the vulnerability was extracted.Finally,by restoring the execution context and supplementing the determinant statements an executable Turing machine signature was attained.A prototype system was implemented and evaluated with different attack samples,which proved that the proposed method was able to generate accurate attack signature fast. |
| format | Article |
| id | doaj-art-c88f120d532e4a2b81b0a250df074d50 |
| institution | Kabale University |
| issn | 1000-436X |
| language | zho |
| publishDate | 2012-05-01 |
| publisher | Editorial Department of Journal on Communications |
| record_format | Article |
| series | Tongxin xuebao |
| spelling | doaj-art-c88f120d532e4a2b81b0a250df074d502025-01-14T06:31:49ZzhoEditorial Department of Journal on CommunicationsTongxin xuebao1000-436X2012-05-0133212859661943Attack signature generation by traceable dynamic taint analysisYu LIUMei-ning NIEPu-rui SUDeng-guo FENGMost of known attack signature generation systems took either black-box method or white-box method,both of which were limited in several aspects,such as costing a long time to capture sufficient samples,demanding arduous manual analysis and requiring source code of the vulnerable program.An attack signature generation method based on an innovative traceable dynamic taint analysis framework was proposed.By monitoring the vulnerable process execution,the executing trace and the constrain conditions exactly related to input data exploiting the vulnerability was extracted.Finally,by restoring the execution context and supplementing the determinant statements an executable Turing machine signature was attained.A prototype system was implemented and evaluated with different attack samples,which proved that the proposed method was able to generate accurate attack signature fast.http://www.joconline.com.cn/zh/article/doi/1000-436X(2012)05-0021-08/malwareattack signature generationdynamic taint analysisattack trace |
| spellingShingle | Yu LIU Mei-ning NIE Pu-rui SU Deng-guo FENG Attack signature generation by traceable dynamic taint analysis Tongxin xuebao malware attack signature generation dynamic taint analysis attack trace |
| title | Attack signature generation by traceable dynamic taint analysis |
| title_full | Attack signature generation by traceable dynamic taint analysis |
| title_fullStr | Attack signature generation by traceable dynamic taint analysis |
| title_full_unstemmed | Attack signature generation by traceable dynamic taint analysis |
| title_short | Attack signature generation by traceable dynamic taint analysis |
| title_sort | attack signature generation by traceable dynamic taint analysis |
| topic | malware attack signature generation dynamic taint analysis attack trace |
| url | http://www.joconline.com.cn/zh/article/doi/1000-436X(2012)05-0021-08/ |
| work_keys_str_mv | AT yuliu attacksignaturegenerationbytraceabledynamictaintanalysis AT meiningnie attacksignaturegenerationbytraceabledynamictaintanalysis AT puruisu attacksignaturegenerationbytraceabledynamictaintanalysis AT dengguofeng attacksignaturegenerationbytraceabledynamictaintanalysis |