Automatic Evaluation and Signature Generation Technique for Thwarting Zero-Day Attacks
作者: Ratinder Kaur , Maninder Singh
DOI: 10.1007/978-3-642-54525-2_27
关键词: Signature (logic) 、 Exploit 、 Computer security 、 Feature (computer vision) 、 Obfuscation 、 Push technology 、 Honeypot 、 Hotfix 、 Intrusion detection system 、 Computer science
摘要: Zero-day attack is a cyber-attack which exploits vulnerabilities that have not been disclosed publicly. attacks are very expensive and powerful tools. They used in conjunction with highly sophisticated targeted to achieve stealthiness respect standard intrusion detection techniques. unknown no signature so they difficult detect. This paper presents novel efficient technique for detecting zero-day attacks. The proposed detects obfuscated two-level evaluation, generates new automatically updates other sensors by using push technology via global hotfix feature.
springer.com
sci-hub.st 参考文章(23)
Mamoun Alazab, Sitalakshmi Venkatraman, Paul A Watters, Moutaz Alazab, None, Zero-day malware detection based on supervised learning algorithms of API call signatures australasian data mining conference. pp. 171- 182 ,(2011)
Ke Wang, Gabriela Cretu, Salvatore J. Stolfo, Anomalous Payload-Based Worm Detection and Signature Generation Lecture Notes in Computer Science. pp. 227- 246 ,(2006) , 10.1007/11663812_12
Christopher Kruegel, Engin Kirda, Darren Mutz, William Robertson, Giovanni Vigna, Polymorphic Worm Detection Using Structural Information of Executables Lecture Notes in Computer Science. pp. 207- 226 ,(2006) , 10.1007/11663812_11
Michalis Polychronakis, Kostas G. Anagnostakis, Evangelos P. Markatos, Emulation-based detection of non-self-contained polymorphic shellcode recent advances in intrusion detection. pp. 87- 106 ,(2007) , 10.1007/978-3-540-74320-0_5
Corrado Leita, Marc Dacier, Georg Wicherski, SGNET: a distributed infrastructure to handle zero-day exploits EURECOM. ,(2007)
Prakash Mandayam Comar, Lei Liu, Sabyasachi Saha, Pang-Ning Tan, Antonio Nucci, Combining supervised and unsupervised learning for zero-day malware detection 2013 Proceedings IEEE INFOCOM. pp. 2022- 2030 ,(2013) , 10.1109/INFCOM.2013.6567003
Ahmed Aleroud, George Karabatis, Toward Zero-Day Attack Identification Using Linear Data Transformation Techniques 2013 IEEE 7th International Conference on Software Security and Reliability. pp. 159- 168 ,(2013) , 10.1109/SERE.2013.16
Wen-Chen Sun, Yi-Ming Chen, A rough set approach for automatic key attributes identification of zero-day polymorphic worms Expert Systems with Applications. ,vol. 36, pp. 4672- 4679 ,(2009) , 10.1016/J.ESWA.2008.06.037
Michalis Polychronakis, Kostas G. Anagnostakis, Evangelos P. Markatos, Network-level polymorphic shellcode detection using emulation Journal in Computer Virology. ,vol. 2, pp. 257- 274 ,(2007) , 10.1007/S11416-006-0031-Z
Georgios Portokalidis, Herbert Bos, SweetBait: Zero-hour worm detection and containment using low- and high-interaction honeypots Computer Networks. ,vol. 51, pp. 1256- 1274 ,(2007) , 10.1016/J.COMNET.2006.09.005