论文信息 - Protecting web services from remote exploit code: a static analysis approach

Protecting web services from remote exploit code: a static analysis approach

We propose STILL, a signature-free remote exploit binary code injection attack blocker to protect web servers and web applications. STILL is robust to almost all anti-signature, anti-static-analysis and anti-emulation obfuscation.

Sencun Zhu | Peng Liu | Xinran Wang | Yoon-chan Jhi

[1] Christopher Krügel,et al. Polymorphic Worm Detection Using Structural Information of Executables , 2005, RAID.

[2] Dirk Fox. Computer Emergency Response Team (CERT) , 2002, Datenschutz und Datensicherheit.

[3] Evangelos P. Markatos,et al. Network-level polymorphic shellcode detection using emulation , 2006, Journal in Computer Virology.

[4] Sencun Zhu,et al. SigFree: A Signature-Free Buffer Overflow Attack Blocker , 2010, IEEE Transactions on Dependable and Secure Computing.

[5] Eric van den Berg,et al. A Fast Static Analysis Approach to Detect Exploit Code Inside Network Flows , 2005, RAID.