Sciweavers

CSFW
2007
IEEE

Creating Vulnerability Signatures Using Weakest Preconditions

14 years 6 months ago
Creating Vulnerability Signatures Using Weakest Preconditions
Signature-based tools such as network intrusion detection systems are widely used to protect critical systems. Automatic signature generation techniques are needed to enable these tools due to the speed at which new vulnerabilities are discovered. In particular, we need automatic techniques which generate sound signatures — signatures which will not mistakenly block legitimate traffic or raise false alarms. In addition, we need signatures to have few false negatives and will catch many different exploit variants. We investigate new techniques for automatically generating sound vulnerability signatures with fewer false negatives than previous research using program binary analysis. The key problem to reducing false negatives is to consider as many as possible different program paths an exploit may take. Previous work considered each possible program path an exploit may take separately, thus generating signatures that are exponential in the size of the number of branches considered. ...
David Brumley, Hao Wang, Somesh Jha, Dawn Xiaodong
Added 02 Jun 2010
Updated 02 Jun 2010
Type Conference
Year 2007
Where CSFW
Authors David Brumley, Hao Wang, Somesh Jha, Dawn Xiaodong Song
Comments (0)