[PDF][PDF] You Are What You Do: Hunting Stealthy Malware via Data Provenance Analysis.
To subvert recent advances in perimeter and host security, the attacker community has
developed and employed various attack vectors to make a malware much stealthier than …
developed and employed various attack vectors to make a malware much stealthier than …
Control-flow integrity principles, implementations, and applications
Current software attacks often build on exploits that subvert machine-code execution. The
enforcement of a basic safety property, control-flow integrity (CFI), can prevent such attacks …
enforcement of a basic safety property, control-flow integrity (CFI), can prevent such attacks …
Non-control-data attacks are realistic threats.
S Chen, J Xu, EC Sezer, P Gauriar… - USENIX security …, 2005 - usenix.org
Most memory corruption attacks and Internet worms follow a familiar pattern known as the
control-data attack. Hence, many defensive techniques are designed to protect program …
control-data attack. Hence, many defensive techniques are designed to protect program …
Paranoid android: versatile protection for smartphones
G Portokalidis, P Homburg, K Anagnostakis… - Proceedings of the 26th …, 2010 - dl.acm.org
Smartphone usage has been continuously increasing in recent years. Moreover,
smartphones are often used for privacy-sensitive tasks, becoming highly valuable targets for …
smartphones are often used for privacy-sensitive tasks, becoming highly valuable targets for …
Mining specifications of malicious behavior
Malware detectors require a specification of malicious behavior. Typically, these
specifications are manually constructed by investigating known malware. We present an …
specifications are manually constructed by investigating known malware. We present an …
Behavioural biometrics: a survey and classification
RV Yampolskiy, V Govindaraju - International Journal of …, 2008 - inderscienceonline.com
This study is a survey and classification of the state-of-the-art in behavioural biometrics
which is based on skills, style, preference, knowledge, motor-skills or strategy used by …
which is based on skills, style, preference, knowledge, motor-skills or strategy used by …
Anomalous system call detection
Intrusion detection systems (IDSs) are used to detect traces of malicious activities targeted
against the network and its resources. Anomaly-based IDSs build models of the expected …
against the network and its resources. Anomaly-based IDSs build models of the expected …
ContractGuard: Defend ethereum smart contracts with embedded intrusion detection
X Wang, J He, Z Xie, G Zhao… - IEEE Transactions on …, 2019 - ieeexplore.ieee.org
Ethereum smart contracts are programs that can be collectively executed by a network of
mutually untrusted nodes. Smart contracts handle and transfer assets of values, offering …
mutually untrusted nodes. Smart contracts handle and transfer assets of values, offering …
An anomaly detection system based on variable N-gram features and one-class SVM
W Khreich, B Khosravifar, A Hamou-Lhadj… - Information and Software …, 2017 - Elsevier
Context: Run-time detection of system anomalies at the host level remains a challenging
task. Existing techniques suffer from high rates of false alarms, hindering large-scale …
task. Existing techniques suffer from high rates of false alarms, hindering large-scale …
[PDF][PDF] Automating mimicry attacks using static binary analysis
Intrusion detection systems that monitor sequences of system calls have recently become
more sophisticated in defining legitimate application behavior. In particular, additional …
more sophisticated in defining legitimate application behavior. In particular, additional …