Accurate and efficient exploit capture and classification | |
Ding, Yu ; Wei, Tao ; Xue, Hui ; Zhang, Yulong ; Zhang, Chao ; Han, Xinhui | |
刊名 | SCIENCE CHINA-INFORMATION SCIENCES |
2017 | |
关键词 | software security exploit classification exploit attack capture control flow integrity JIT security SIGNATURES |
DOI | 10.1007/s11432-016-5521-0 |
英文摘要 | Software exploits, especially zero-day exploits, are major security threats. Every day, security experts discover and collect numerous exploits from honeypots, malware forensics, and underground channels. However, no easy methods exist to classify these exploits into meaningful categories and to accelerate diagnosis as well as detailed analysis. To address this need, we present SeismoMeter, which recognizes both control-flowhijacking, and data-only attacks by combining approximate control-flow integrity, fast dynamic taint analysis and API sandboxing schemes. Once it detects an exploit incident, SeismoMeter generates a succinct data representation, called an exploit skeleton, to characterize the captured exploit. SeismoMeter then classifies the captured exploits into different exploit families by performing distance computing on the extracted skeletons. To evaluate the efficiency of SeismoMeter, we conduct a field test using exploit samples from public exploit databases, such as Metasploit, as well as wild-captured exploits. Our experiments demonstrate that SeismoMeter is a practical system that successfully detects and correctly classifies all these exploit attacks.; National Natural Science Foundation of China [61402125, 61572149]; SCI(E); ARTICLE; 5; 60 |
语种 | 英语 |
内容类型 | 期刊论文 |
源URL | [http://ir.pku.edu.cn/handle/20.500.11897/473859] |
专题 | 信息科学技术学院 |
推荐引用方式 GB/T 7714 | Ding, Yu,Wei, Tao,Xue, Hui,et al. Accurate and efficient exploit capture and classification[J]. SCIENCE CHINA-INFORMATION SCIENCES,2017. |
APA | Ding, Yu,Wei, Tao,Xue, Hui,Zhang, Yulong,Zhang, Chao,&Han, Xinhui.(2017).Accurate and efficient exploit capture and classification.SCIENCE CHINA-INFORMATION SCIENCES. |
MLA | Ding, Yu,et al."Accurate and efficient exploit capture and classification".SCIENCE CHINA-INFORMATION SCIENCES (2017). |
个性服务 |
查看访问统计 |
相关权益政策 |
暂无数据 |
收藏/分享 |
除非特别说明,本系统中所有内容都受版权保护,并保留所有权利。
修改评论