A promising method for the detection of previously unknown code injection attacks is the identification of the shellcode that is part of the attack vector using payload execution....
Michalis Polychronakis, Kostas G. Anagnostakis, Ev...
Abstract—Malicious shellcodes are segments of binary code disguised as normal input data. Such shellcodes can be injected into a target process’s virtual memory. They overwrite...
Boxuan Gu, Xiaole Bai, Zhimin Yang, Adam C. Champi...
Network-level emulation has recently been proposed as a method for the accurate detection of previously unknown polymorphic code injection attacks. In this paper, we extend network...
Michalis Polychronakis, Kostas G. Anagnostakis, Ev...
Abstract. As state-of-the-art attack detection technology becomes more prevalent, attackers are likely to evolve, employing techniques such as polymorphism and metamorphism to evad...
Michalis Polychronakis, Kostas G. Anagnostakis, Ev...
Automated rule induction procedures like machine learning and statistical techniques result in rules that lack generalization and maintainability. Developing rules manually throug...