n-ROPdetector: Proposal of a Method to Detect the ROP Attack Code on the Network - Citegraph

Paper Info

Title
n-ROPdetector: Proposal of a Method to Detect the ROP Attack Code on the Network

Abstract
Targeted attacks exploiting a zero-day vulnerability are serious threats for many organizations. One reason is that generally available attack tools are very powerful and easy-to-use for attackers. In this paper, we propose n-ROPdetector that detects ROP (Return-Oriented Programming) attack code on the network side. ROP is a core technique used in zero-day attacks. The n-ROPdetector is noticeable method to detect ROP code efficiently on the network side rather than on the host machines side. To evaluate the n-ROPdetector and to show its effectiveness, we used the attack code samples from the attack tool Metasploit and the n-ROPdetector detected 84% of ROP codes in Metasploit.

Year	DOI	Venue
2014	10.1145/2665936.2665937	SafeConfig
Keywords	Field	DocType
invasive software,nids,return-oriented programming,zero-day attack,zero day attack	Computer security,Pre-play attack,Return-oriented programming,Engineering,Zero-day attack,Vulnerability	Conference
Citations	PageRank	References
2	0.44	8
Authors
2

Authors (2 rows)

Cited by (2 rows)

References (8 rows)

Name	Order	Citations	PageRank
Yasuyuki Tanaka	1	3	1.49
Atsuhiro Goto	2	95	29.29

1