Skip to main content
Conference Proceedings

Towards generating high coverage vulnerability-based signatures with protocol-level constraint-guided exploration

Lecture Notes in Computer Science (including subseries Lecture Notes in Artificial Intelligence and Lecture Notes in Bioinformatics) (2009) 5758 LNCS 161-181
DOI: 10.1007/978-3-642-04342-0_9
14Citations
Citations of this article
44Readers
Mendeley users who have this article in their library.
Get full text

Abstract

Signature-based input filtering is an important and widely deployed defense. But current signature generation methods have limited coverage and the generated signatures often can be easily evaded by an attacker with small variations of the exploit message. In this paper, we propose protocol-level constraint-guided exploration, a new approach towards generating high coverage vulnerability-based signatures. In particular, our approach generates high coverage, yet compact, vulnerability point reachability predicates, which capture many paths to the vulnerability point. In our experimental results, our tool, Elcano, generates compact, high coverage signatures for real-world vulnerabilities. © 2009 Springer Berlin Heidelberg.

Cite

CITATION STYLE

APA

Caballero, J., Liang, Z., Poosankam, P., & Song, D. (2009). Towards generating high coverage vulnerability-based signatures with protocol-level constraint-guided exploration. In Lecture Notes in Computer Science (including subseries Lecture Notes in Artificial Intelligence and Lecture Notes in Bioinformatics) (Vol. 5758 LNCS, pp. 161–181). https://doi.org/10.1007/978-3-642-04342-0_9

Register to see more suggestions

Mendeley helps you to discover research relevant for your work.

Already have an account?

Save time finding and organizing research with Mendeley

Sign up for free