Massive Data Mining for Polymorphic Code Detection
作者: Udo Payer , Peter Teufl , Stefan Kraxberger , Mario Lamberger
DOI: 10.1007/11560326_38
关键词: Self-organizing map 、 Intrusion detection system 、 Genetic algorithm 、 Information extraction 、 Polymorphic code 、 Markov model 、 Data mining 、 Artificial neural network 、 Shellcode 、 Computer science
摘要: Driven by the permanent search for reliable anomaly-based intrusion detection mechanisms, we investigated different statistical methodologies to deal with of polymorphic shellcode. The paper intends give an overview on existing approaches in literature as well a synopsis our efforts evaluate applicability data mining techniques such Neural Networks, Self Organizing Maps, Markov Models or Genetic Algorithms area code detection. We will then present achieved results and conclusions.
springer.com
elsevier.com
springerlink.com参考文章(11)
Thomas Toth, Christopher Kruegel, Accurate buffer overflow detection via abstract payload execution recent advances in intrusion detection. pp. 274- 291 ,(2002) , 10.1007/3-540-36084-0_15
David G. Stork, Richard O. Duda, Peter E. Hart, Pattern Classification (2nd ed.) ,(1999)
Christopher M. Bishop, Neural networks for pattern recognition ,(1995)
Udo Payer, Peter Teufl, Mario Lamberger, Hybrid engine for polymorphic shellcode detection international conference on detection of intrusions and malware and vulnerability assessment. pp. 19- 31 ,(2005) , 10.1007/11506881_2
Udo Payer, Stefan Kraxberger, Polymorphic Code Detection with GA Optimized Markov Models Communications and Multimedia Security. pp. 210- 219 ,(2005) , 10.1007/11552055_21
Archana Pasupulati, Jason Coit, Karl Levitt, Shyhtsun Felix Wu, SH Li, JC Kuo, Kuo-Pao Fan, Buttercup: on network-based detection of polymorphic buffer overflow vulnerabilities network operations and management symposium. ,vol. 1, pp. 235- 248 ,(2004) , 10.1109/NOMS.2004.1317662
David G. Stork, Richard O. Duda, Peter E. Hart, Pattern Classification ,(1973)
Peter Teufl, Mario Lamberger, Udo Payer, Traffic Classification using Self-Organizing Maps International Network Conference. pp. 11- 18 ,(2005)
Udo Payer, Stefan Kraxberger, None, Markov Model for Polymorphic Shellcode Detection International Network Conference. pp. 183- 190 ,(2005)
Teuvo Kohonen, Self-Organizing Maps som. ,(2001)