Abstract | ||
---|---|---|
Targeted attacks exploiting a zero-day vulnerability are serious threats for many organizations. One reason is that generally available attack tools are very powerful and easy-to-use for attackers. In this paper, we propose n-ROPdetector that detects ROP (Return-Oriented Programming) attack code on the network side. ROP is a core technique used in zero-day attacks. The n-ROPdetector is noticeable method to detect ROP code efficiently on the network side rather than on the host machines side. To evaluate the n-ROPdetector and to show its effectiveness, we used the attack code samples from the attack tool Metasploit and the n-ROPdetector detected 84% of ROP codes in Metasploit. |
Year | DOI | Venue |
---|---|---|
2014 | 10.1145/2665936.2665937 | SafeConfig |
Keywords | Field | DocType |
invasive software,nids,return-oriented programming,zero-day attack,zero day attack | Computer security,Pre-play attack,Return-oriented programming,Engineering,Zero-day attack,Vulnerability | Conference |
Citations | PageRank | References |
2 | 0.44 | 8 |
Authors | ||
2 |
Name | Order | Citations | PageRank |
---|---|---|---|
Yasuyuki Tanaka | 1 | 3 | 1.49 |
Atsuhiro Goto | 2 | 95 | 29.29 |