Two-Level Automated Approach for Defending Against Obfuscated Zero-Day Attacks
作者: Ratinder Kaur , Maninder Singh
DOI: 10.1007/978-3-319-17127-2_11
关键词:
摘要: A zero-day attack is one that exploits a vulnerability for which no patch readily available and the developer or vendor may not be aware. They are very expensive powerful tools to defend against. Since known in advance, there reliable way guard against attacks before they happen. Attackers take advantage of unknown nature use them conjunction with highly sophisticated targeted achieve stealthiness respect standard intrusion detection techniques. This paper presents novel combination anomaly, behavior signature based techniques detecting such attacks. The proposed approach detects obfuscated two-level evaluation, generates new automatically updates other sensors by using push technology via global hotfix feature.
springer.com
sci-hub.st 参考文章(21)
Mamoun Alazab, Sitalakshmi Venkatraman, Paul A Watters, Moutaz Alazab, None, Zero-day malware detection based on supervised learning algorithms of API call signatures australasian data mining conference. pp. 171- 182 ,(2011)
Ratinder Kaur, Maninder Singh, Automatic Evaluation and Signature Generation Technique for Thwarting Zero-Day Attacks International Conference on Security in Computer Networks and Distributed Systems. pp. 298- 309 ,(2014) , 10.1007/978-3-642-54525-2_27
Michalis Polychronakis, Kostas G. Anagnostakis, Evangelos P. Markatos, Emulation-based detection of non-self-contained polymorphic shellcode recent advances in intrusion detection. pp. 87- 106 ,(2007) , 10.1007/978-3-540-74320-0_5
Corrado Leita, Marc Dacier, Georg Wicherski, SGNET: a distributed infrastructure to handle zero-day exploits EURECOM. ,(2007)
Prakash Mandayam Comar, Lei Liu, Sabyasachi Saha, Pang-Ning Tan, Antonio Nucci, Combining supervised and unsupervised learning for zero-day malware detection 2013 Proceedings IEEE INFOCOM. pp. 2022- 2030 ,(2013) , 10.1109/INFCOM.2013.6567003
Richard M. Karp, Michael O. Rabin, Efficient randomized pattern-matching algorithms Ibm Journal of Research and Development. ,vol. 31, pp. 249- 260 ,(1987) , 10.1147/RD.312.0249
Ahmed Aleroud, George Karabatis, Toward Zero-Day Attack Identification Using Linear Data Transformation Techniques 2013 IEEE 7th International Conference on Software Security and Reliability. pp. 159- 168 ,(2013) , 10.1109/SERE.2013.16
Michalis Polychronakis, Kostas G. Anagnostakis, Evangelos P. Markatos, Network-level polymorphic shellcode detection using emulation Journal in Computer Virology. ,vol. 2, pp. 257- 274 ,(2007) , 10.1007/S11416-006-0031-Z
Georgios Portokalidis, Herbert Bos, SweetBait: Zero-hour worm detection and containment using low- and high-interaction honeypots Computer Networks. ,vol. 51, pp. 1256- 1274 ,(2007) , 10.1016/J.COMNET.2006.09.005
Ratinder Kaur, Maninder Singh, A Survey on Zero-Day Polymorphic Worm Detection Techniques IEEE Communications Surveys and Tutorials. ,vol. 16, pp. 1520- 1549 ,(2014) , 10.1109/SURV.2014.022714.00160