Sciweavers

DIMVA
2008
14 years 1 months ago
Data Space Randomization
Over the past several years, US-CERT advisories, as well as most critical updates from software vendors, have been due to memory corruption vulnerabilities such as buffer overflo...
Sandeep Bhatkar, R. Sekar
DIMVA
2008
14 years 1 months ago
Learning and Classification of Malware Behavior
Malicious software in form of Internet worms, computer viruses, and Trojan horses poses a major threat to the security of networked systems. The diversity and amount of its variant...
Konrad Rieck, Thorsten Holz, Carsten Willems, Patr...
DIMVA
2008
14 years 1 months ago
VeriKey: A Dynamic Certificate Verification System for Public Key Exchanges
Abstract. This paper presents a novel framework to substantiate selfsigned certificates in the absence of a trusted certificate authority. In particular, we aim to address the prob...
Brett Stone-Gross, David Sigal, Rob Cohn, John Mor...
DIMVA
2008
14 years 1 months ago
On Race Vulnerabilities in Web Applications
Abstract A web programmer often conceives its application as a sequential entity, thus neglecting the parallel nature of the underlying execution environment. In this environment, ...
Roberto Paleari, Davide Marrone, Danilo Bruschi, M...
DIMVA
2008
14 years 1 months ago
Embedded Malware Detection Using Markov n-Grams
Embedded malware is a recently discovered security threat that allows malcode to be hidden inside a benign file. It has been shown that embedded malware is not detected by commerci...
M. Zubair Shafiq, Syed Ali Khayam, Muddassar Faroo...
DIMVA
2008
14 years 1 months ago
XSS-GUARD: Precise Dynamic Prevention of Cross-Site Scripting Attacks
Abstract. This paper focuses on defense mechanisms for cross-site scripting attacks, the top threat on web applications today. It is believed that input validation (or filtering) c...
Prithvi Bisht, V. N. Venkatakrishnan
DIMVA
2008
14 years 1 months ago
Expanding Malware Defense by Securing Software Installations
Software installation provides an attractive entry vector for malware: since installations are performed with administrator privileges, malware can easily get the enhanced level of...
Weiqing Sun, R. Sekar, Zhenkai Liang, V. N. Venkat...
DIMVA
2008
14 years 1 months ago
Traffic Aggregation for Malware Detection
Abstract. Stealthy malware, such as botnets and spyware, are hard to detect because their activities are subtle and do not disrupt the network, in contrast to DoS attacks and aggre...
Ting-Fang Yen, Michael K. Reiter
DIMVA
2008
14 years 1 months ago
FluXOR: Detecting and Monitoring Fast-Flux Service Networks
Botnets are large groups of compromised machines (bots) used by miscreants for the most illegal activities (e.g., sending spam emails, denial-of-service attacks, phishing and other...
Emanuele Passerini, Roberto Paleari, Lorenzo Marti...