—A bot is a piece of software that is usually installed on an infected machine without the user’s knowledge. A bot is controlled remotely by the attacker under a Command and Co...
Malicious mass-mailing activity on the Internet is a serious and continuing threat that includes mass-mailing worms, spam, and phishing. A mechanism commonly used to deliver such ...
David Whyte, Paul C. van Oorschot, Evangelos Krana...
Instruction-set randomization (ISR) is a technique based on randomizing the "language" understood by a system to protect it from code-injection attacks. Such attacks wer...
Payload attribution is an important problem often encountered in network forensics. Given an excerpt of a payload, finding its source and destination is useful for many security ...
Kernel-mode rootkits hide objects such as processes and threads using a technique known as Direct Kernel Object Manipulation (DKOM). Many forensic analysis tools attempt to detect...
Brendan Dolan-Gavitt, Abhinav Srivastava, Patrick ...