Methods, media, and systems for detecting attack on a digital processing device
作者: Angelos D. Keromytis , Salvatore J. Stolfo , Elli Androulaki , Wei-Jen Li
DOI:
关键词:
摘要: Methods, media, and systems for detecting attack are provided. In some embodiments, the methods include: comparing at least part of a document to static detection model; determining whether attacking code is included in based on comparison executing document; execution if determined be one model document, reporting presence an attack. selecting data segment portion electronic arbitrarily selected can altered without causing result error when processed by corresponding program; response that altered, altering produce program produces state program.
google.co.uk 参考文章(114)
Kymie M. C. Tan, Kevin S. Killourhy, Roy A. Maxion, Undermining an anomaly-based intrusion detection system using common exploits recent advances in intrusion detection. pp. 54- 73 ,(2002) , 10.1007/3-540-36084-0_4
Philip K. Chan, Rachna Vargiya, Boundary detection in tokenizing network application payload for anomaly detection ,(2003)
Wei-Jen Li, Ke Wang, Salvatore J. Stolfo, Fileprint analysis for Malware Detection 1 ,(2005)
Brad Karp, Hyang-Ah Kim, Autograph: toward automated, distributed worm signature detection usenix security symposium. pp. 19- 19 ,(2004)
Farnam Jahanian, Jon Oberheide, Evan Cooke, CloudAV: N-version antivirus in the network cloud usenix security symposium. pp. 91- 106 ,(2008)
Nick Cercone, Tony Abou-Assaleh, Vlado Keselj, Ray Sweidan, Detection of New Malicious Code Using N-grams Signatures. conference on privacy, security and trust. pp. 193- 196 ,(2004)
Gerald Tesauro, William Arnold, AUTOMATICALLY GENERATED WIN32 HEURISTIC VIRUS DETECTION ,(2000)
Richard Allen Shaner, Method of identifying data type and locating in a file ,(1998)
Andrew J. Noga, A Visual Data Hash Method ,(2004)