Paper Info
Title
Towards Automatic Generation of Vulnerability-Based Signatures
Abstract
In this paper we explore the problem of creating vulnerability signatures. A vulnerability signature matches all exploits of a given vulnerability, even polymorphic or metamorphic variants. Our work departs from previous approaches by focusing on the semantics of the program and vulnerability exercised by a sample exploit instead of the semantics or syntax of the exploit itself. We show the semantics of a vulnerability define a language which contains all and only those inputs that exploit the vulnerability. A vulnerability signature is a representation (e.g., a regular expression) of the vulnerability language. Unlike exploitbased signatures whose error rate can only be empirically measured for known test cases, the quality of a vulnerability signature can be formally quantified for all possible inputs.
Year
DOI
Venue
2006
10.1109/SP.2006.41
IEEE Symposium on Security and Privacy
Keywords
Field
DocType
possible input,metamorphic variant,known test case,exploitbased signature,vulnerability-based signatures,work departs,error rate,vulnerability language,vulnerability signature,regular expression,towards automatic generation,previous approach,formal specification,filtering,assembly,space exploration,data analysis,data flow analysis,testing,security,computational complexity,data security,polymorphism
Data mining,Regular expression,Data security,Computer science,Computer security,Data-flow analysis,Formal specification,Exploit,Test case,Semantics,Vulnerability
Conference
ISSN
ISBN
Citations 
1081-6011
0-7695-2574-1
156
PageRank 
References 
Authors
9.60
33
5
Search Limit
100156
Name
Order
Citations
PageRank
David Brumley12940142.75
James Newsome2169192.07
Dawn Song37334385.37
Hao Wang423918.42
S. Jha57921539.19