Abstract | ||
---|---|---|
In this paper we explore the problem of creating vulnerability signatures. A vulnerability signature matches all exploits of a given vulnerability, even polymorphic or metamorphic variants. Our work departs from previous approaches by focusing on the semantics of the program and vulnerability exercised by a sample exploit instead of the semantics or syntax of the exploit itself. We show the semantics of a vulnerability define a language which contains all and only those inputs that exploit the vulnerability. A vulnerability signature is a representation (e.g., a regular expression) of the vulnerability language. Unlike exploitbased signatures whose error rate can only be empirically measured for known test cases, the quality of a vulnerability signature can be formally quantified for all possible inputs. |
Year | DOI | Venue |
---|---|---|
2006 | 10.1109/SP.2006.41 | IEEE Symposium on Security and Privacy |
Keywords | Field | DocType |
possible input,metamorphic variant,known test case,exploitbased signature,vulnerability-based signatures,work departs,error rate,vulnerability language,vulnerability signature,regular expression,towards automatic generation,previous approach,formal specification,filtering,assembly,space exploration,data analysis,data flow analysis,testing,security,computational complexity,data security,polymorphism | Data mining,Regular expression,Data security,Computer science,Computer security,Data-flow analysis,Formal specification,Exploit,Test case,Semantics,Vulnerability | Conference |
ISSN | ISBN | Citations |
1081-6011 | 0-7695-2574-1 | 156 |
PageRank | References | Authors |
9.60 | 33 | 5 |
Name | Order | Citations | PageRank |
---|---|---|---|
David Brumley | 1 | 2940 | 142.75 |
James Newsome | 2 | 1691 | 92.07 |
Dawn Song | 3 | 7334 | 385.37 |
Hao Wang | 4 | 239 | 18.42 |
S. Jha | 5 | 7921 | 539.19 |