Argos: an emulator for fingerprinting zero-day attacks for advertised honeypots with automatic signature generation
暂无分享,去创建一个
Herbert Bos | Georgios Portokalidis | Asia Slowinska | H. Bos | G. Portokalidis | A. Slowinska | Asia Slowinska
[1] A. One,et al. Smashing The Stack For Fun And Profit , 1996 .
[2] Crispan Cowan,et al. StackGuard: Automatic Adaptive Detection and Prevention of Buffer-Overflow Attacks , 1998, USENIX Security Symposium.
[3] Martin Roesch,et al. Snort - Lightweight Intrusion Detection for Networks , 1999 .
[4] Michael Shuey,et al. StackGhost: Hardware Facilitated Stack Protection , 2001, USENIX Security Symposium.
[5] Crispin Cowan,et al. FormatGuard: Automatic Protection From printf Format String Vulnerabilities , 2001, USENIX Security Symposium.
[6] David A. Wagner,et al. This copyright notice must be included in the reproduced paper. USENIX acknowledges all trademarks herein. Detecting Format String Vulnerabilities with Type Qualifiers , 2001 .
[7] Derek Bruening,et al. Secure Execution via Program Shepherding , 2002, USENIX Security Symposium.
[8] Matthew M. Williamson,et al. Throttling viruses: restricting propagation to defeat malicious mobile code , 2002, 18th Annual Computer Security Applications Conference, 2002. Proceedings..
[9] Vern Paxson,et al. How to Own the Internet in Your Spare Time , 2002, USENIX Security Symposium.
[10] Samuel T. King,et al. ReVirt: enabling intrusion analysis through virtual-machine logging and replay , 2002, OPSR.
[11] Angelos D. Keromytis,et al. Countering code-injection attacks with instruction-set randomization , 2003, CCS '03.
[12] John Johansen,et al. PointGuard™: Protecting Pointers from Buffer Overflow Vulnerabilities , 2003, USENIX Security Symposium.
[13] Tal Garfinkel,et al. A Virtual Machine Introspection Based Architecture for Intrusion Detection , 2003, NDSS.
[14] David H. Ackley,et al. Randomized instruction set emulation to disrupt binary code injection attacks , 2003, CCS '03.
[15] Jesse C. Rabek,et al. Detection of injected, dynamically generated, and obfuscated malicious code , 2003, WORM '03.
[16] Michael Rodeh,et al. CSSV: towards a realistic tool for statically detecting all buffer overflows in C , 2003, PLDI '03.
[17] Daniel C. DuVarney,et al. Address Obfuscation: An Efficient Approach to Combat a Broad Range of Memory Error Exploits , 2003, USENIX Security Symposium.
[18] Guofei Gu,et al. HoneyStat: Local Worm Detection Using Honeypots , 2004, RAID.
[19] Niels Provos,et al. A Virtual Honeypot Framework , 2004, USENIX Security Symposium.
[20] David Zhang,et al. Secure program execution via dynamic information flow tracking , 2004, ASPLOS XI.
[21] B. Karp,et al. Autograph: Toward Automated, Distributed Worm Signature Detection , 2004, USENIX Security Symposium.
[22] George Varghese,et al. Automated Worm Fingerprinting , 2004, OSDI.
[23] Angelos D. Keromytis,et al. Using Execution Transactions To Recover From Buffer Overflow Attacks , 2004 .
[24] J. Crowcroft,et al. Honeycomb: creating intrusion detection signatures using honeypots , 2004, Comput. Commun. Rev..
[25] Frederic T. Chong,et al. Minos: Control Data Attack Prevention Orthogonal to Memory Model , 2004, 37th International Symposium on Microarchitecture (MICRO-37'04).
[26] Herbert Bos,et al. FFPF: Fairly Fast Packet Filters , 2004, OSDI.
[27] Herbert Bos,et al. Towards Software-Based Signature Detection for Intrusion Prevention on the Network Card , 2005, RAID.
[28] James Newsome,et al. Dynamic Taint Analysis for Automatic Detection, Analysis, and SignatureGeneration of Exploits on Commodity Software , 2005, NDSS.
[29] Frederic T. Chong,et al. Experiences Using Minos as a Tool for Capturing and Analyzing Novel Worms for Unknown Vulnerabilities , 2005, DIMVA.
[30] Fabrice Bellard,et al. QEMU, a Fast and Portable Dynamic Translator , 2005, USENIX ATC, FREENIX Track.
[31] Miguel Castro,et al. Vigilante: end-to-end containment of internet worms , 2005, SOSP '05.
[32] Randy H. Katz,et al. Protocol-Independent Adaptive Replay of Application Dialog , 2006, NDSS.
[33] Andrew Warfield,et al. Practical taint-based protection using demand emulation , 2006, EuroSys.
[34] Herbert Bos,et al. SweetBait: Zero-hour worm detection and containment using low- and high-interaction honeypots , 2007, Comput. Networks.