Sciweavers

NSPW
2006
ACM

Dark application communities

14 years 5 months ago
Dark application communities
In considering new security paradigms, it is often worthwhile to anticipate the direction and nature of future attack paradigms. We identify a class of attacks based on the idea of a “Dark” Application Community (DAC) – a collection of bots and zombie machines that actively performs binarylevel supervision of applications to help an attacker automate the process of finding vulnerabilities. A collection of such hosts can observe and attempt to influence the behavior of automatic defense systems. An attacker can use the DAC as both a test platform for subverting security applications and as a reconnaissance network for exploiting commonly deployed automatic update and early warning systems. An instance of this type of Application Community can host what we call an automorphic worm. An automorphic worm is application-agnostic and vulnerability-generic. Such a worm attempts to remain stealthy by cycling through the portfolio of vulnerabilities that the DAC has identified. We exam...
Michael E. Locasto, Angelos Stavrou, Angelos D. Ke
Added 14 Jun 2010
Updated 14 Jun 2010
Type Conference
Year 2006
Where NSPW
Authors Michael E. Locasto, Angelos Stavrou, Angelos D. Keromytis
Comments (0)