Evasion techniques: Sneaking through your intrusion detection/prevention systems
TH Cheng, YD Lin, YC Lai… - … Communications Surveys & …, 2011 - ieeexplore.ieee.org
Detecting attacks disguised by evasion techniques is a challenge for signature-based
Intrusion Detection Systems (IDSs) and Intrusion Prevention Systems (IPSs). This study …
Intrusion Detection Systems (IDSs) and Intrusion Prevention Systems (IPSs). This study …
A survey on zero-day polymorphic worm detection techniques
Zero-day polymorphic worms pose a serious threat to the Internet security. With their ability
to rapidly propagate, these worms increasingly threaten the Internet hosts and services. Not …
to rapidly propagate, these worms increasingly threaten the Internet hosts and services. Not …
Unsupervised anomaly-based malware detection using hardware features
Recent works have shown promise in detecting malware programs based on their dynamic
microarchitectural execution patterns. Compared to higher-level features like OS and …
microarchitectural execution patterns. Compared to higher-level features like OS and …
{ZOZZLE}: Fast and precise {In-Browser}{JavaScript} malware detection
JavaScript malware-based attacks account for a large fraction of successful mass-scale
exploitation happening today. Attackers like JavaScript-based attacks because they can be …
exploitation happening today. Attackers like JavaScript-based attacks because they can be …
DROP: Detecting return-oriented programming malicious code
Abstract Return-Oriented Programming (ROP) is a new technique that helps the attacker
construct malicious code mounted on x86/SPARC executables without any function call at …
construct malicious code mounted on x86/SPARC executables without any function call at …
[PDF][PDF] NOZZLE: A Defense Against Heap-spraying Code Injection Attacks.
Heap spraying is a security attack that increases the exploitability of memory corruption
errors in type-unsafe applications. In a heap-spraying attack, an attacker coerces an …
errors in type-unsafe applications. In a heap-spraying attack, an attacker coerces an …
[PDF][PDF] GATEKEEPER: Mostly Static Enforcement of Security and Reliability Policies for JavaScript Code.
S Guarnieri, VB Livshits - USENIX Security Symposium, 2009 - usenix.org
The advent of Web 2.0 has lead to the proliferation of client-side code that is typically written
in JavaScript. This code is often combined—or mashed-up—with other code and content …
in JavaScript. This code is often combined—or mashed-up—with other code and content …
Defending browsers against drive-by downloads: Mitigating heap-spraying code injection attacks
Drive-by download attacks are among the most common methods for spreading malware
today. These attacks typically exploit memory corruption vulnerabilities in web browsers and …
today. These attacks typically exploit memory corruption vulnerabilities in web browsers and …
Systems, methods, and media protecting a digital data processing device from attack
US PATENT DOCUMENTS 7,526,758 B2 4/2009 Hasse et al. 7,639,714 B2 12/2009 Stolfo
et al. 7,818,781 B2 10/2010 Golan et al. 7,975,059 B2 7/2011 Wang et al. 8,074,115 B2 …
et al. 7,818,781 B2 10/2010 Golan et al. 7,975,059 B2 7/2011 Wang et al. 8,074,115 B2 …
Unsupervised detection of anomalous processes using hardware features
L Sethumadhavan, A Tang, S Stolfo - US Patent 9,996,694, 2018 - Google Patents
Disclosed are devices, systems, apparatus, methods, products, media and other
implementations, including a method that includes obtaining current hardware performance …
implementations, including a method that includes obtaining current hardware performance …