Results 1 - 10
of
106
Stealthy malware detection through VMM-based “out-of-the-box” semantic view reconstruction
- IN: COMPUTER AND COMMUNICATIONS SECURITY (CCS
, 2007
"... An alarming trend in malware attacks is that they are armed with stealthy techniques to detect, evade, and subvert malware detection facilities of the victim. On the defensive side, a fundamental limitation of traditional host-based anti-malware systems is that they run inside the very hosts they ar ..."
Abstract
-
Cited by 139 (18 self)
- Add to MetaCart
An alarming trend in malware attacks is that they are armed with stealthy techniques to detect, evade, and subvert malware detection facilities of the victim. On the defensive side, a fundamental limitation of traditional host-based anti-malware systems is that they run inside the very hosts
Quantitatively analyzing stealthy communication channels
- In Proceedings of the 9th International Conference on Applied Cryptography and Network Security (ACNS ’11), number 6715 in Lecture Notes in Computer Science (LNCS
, 2011
"... Abstract. Attackers in particular botnet controllers use stealthy mes-saging systems to set up large-scale command and control. Understand-ing the capacity of such communication channels is important in detect-ing organized cyber crimes. We analyze the use of domain name service (DNS) as a stealthy ..."
Abstract
-
Cited by 6 (2 self)
- Add to MetaCart
Abstract. Attackers in particular botnet controllers use stealthy mes-saging systems to set up large-scale command and control. Understand-ing the capacity of such communication channels is important in detect-ing organized cyber crimes. We analyze the use of domain name service (DNS) as a stealthy
Unearthing Stealthy Program Attacks Buried in Extremely Long Execution Paths
"... Modern stealthy exploits can achieve attack goals without introducing illegal control flows, e.g., tampering with non-control data and waiting for the modified data to propa-gate and alter the control flow legally. Existing program anomaly detection systems focusing on legal control flow at-testatio ..."
Abstract
-
Cited by 1 (1 self)
- Add to MetaCart
Modern stealthy exploits can achieve attack goals without introducing illegal control flows, e.g., tampering with non-control data and waiting for the modified data to propa-gate and alter the control flow legally. Existing program anomaly detection systems focusing on legal control flow at
Architectures for Self-Healing Databases under Cyber Attacks
"... In this paper, we propose five architectures for self-healing databases under malicious attacks. While traditional secure database systems rely on prevention controls, a self-healing database system can autonomically estimate, locate, isolate, contain, and repair damage caused by attacks in such a w ..."
Abstract
-
Cited by 2 (0 self)
- Add to MetaCart
In this paper, we propose five architectures for self-healing databases under malicious attacks. While traditional secure database systems rely on prevention controls, a self-healing database system can autonomically estimate, locate, isolate, contain, and repair damage caused by attacks in such a
Cultural Biases in Economic Exchange",
, 2004
"... Abstract How much do cultural biases affect economic exchange? We try to answer this question by using the relative trust European citizens have for citizens of other countries. First, we document that this trust is affected not only by objective characteristics of the country being trusted, but al ..."
Abstract
-
Cited by 57 (4 self)
- Add to MetaCart
, but also by cultural aspects such as religion, a history of conflicts, and genetic similarities. We then find that lower relative levels of trust toward citizens of a country lead to less trade with that country, less portfolio investment, and less direct investment in that country, even after controlling
Defending Against the Unknown Enemy: Applying FLIPIT to System Security
"... Most cryptographic systems carry the basic assumption that entities are able to preserve the secrecy of their keys. With attacks today showing ever increasing sophistication, however, this tenet is eroding. “Advanced Persistent Threats” (APTs), for instance, leverage zero-day exploits and extensive ..."
Abstract
-
Cited by 4 (0 self)
- Add to MetaCart
’ goals and abilities. In this paper, we explore applications of FLIPIT, a novel game-theoretic model of system defense introduced in [17]. In FLIPIT, an attacker periodically gains complete control of a system, with the unique feature that system compromises are stealthy, i.e., not immediately detected
Architectures for Intrusion Tolerant Database Systems
"... In this paper, we propose four architectures for intrusion-tolerant database systems. While traditional secure database systems rely on prevention controls, an intrusion-tolerant database system can operate through attacks in such a way that the system can continue delivering essential services in t ..."
Abstract
- Add to MetaCart
by a lot of attacks. Architecture III enhances Architecture I with the ability to dynamically contain the damage in such a way that no damage will leak out during the attack recovery process. Architecture IV enhances Architectures II and III with the ability to adapt the intrusion-tolerance controls
Robust TCP Stream Reassembly in the Presence of Adversaries
- In USENIX Security Symposium
, 2005
"... There is a growing interest in designing high-speed network devices to perform packet processing at semantic levels above the network layer. Some examples are layer-7 switches, content inspection and transformation systems, and network intrusion detection/prevention systems. Such systems must mainta ..."
Abstract
-
Cited by 26 (5 self)
- Add to MetaCart
There is a growing interest in designing high-speed network devices to perform packet processing at semantic levels above the network layer. Some examples are layer-7 switches, content inspection and transformation systems, and network intrusion detection/prevention systems. Such systems must
doi:10.1093/comjnl/bxp026 A Digest and Pattern Matching-Based Intrusion Detection Engine
, 2008
"... Intrusion detection/prevention systems (IDSs/IPSs) heavily rely on signature databases and pattern matching (PM) techniques to identify network attacks. The engines of such systems often employ traditional PM algorithms to search for telltale patterns in network flows. The observations that real-wor ..."
Abstract
- Add to MetaCart
Intrusion detection/prevention systems (IDSs/IPSs) heavily rely on signature databases and pattern matching (PM) techniques to identify network attacks. The engines of such systems often employ traditional PM algorithms to search for telltale patterns in network flows. The observations that real
Resource Constrained Leader Election Scheme for Intrusion Detection in Mobile Ad-Hoc Networks
"... Abstract- Mobile Ad-hoc Network is a peer-to-peer wireless network that transmits data from computer to computer without the use of a central base station or access point. Intrusion detection techniques are used for the network attack detection process. The system is designed to handle leader electi ..."
Abstract
- Add to MetaCart
Abstract- Mobile Ad-hoc Network is a peer-to-peer wireless network that transmits data from computer to computer without the use of a central base station or access point. Intrusion detection techniques are used for the network attack detection process. The system is designed to handle leader
Results 1 - 10
of
106