Abstract | ||
---|---|---|
To detect intrusions resulting of an attack that corrupted data items used by a program to perform its computation, we propose an approach that automatically instruments programs to control a data-based behavior model during their execution. We build our model by discovering the sets of data the system calls depend on and which constraints these sets must verify at runtime. We have implemented our approach using a static analysis framework called Frama-C and we present the results of experimentations on a vulnerable version of OpenSSH . |
Year | DOI | Venue |
---|---|---|
2009 | 10.1007/978-3-642-04342-0_19 | RAID |
Keywords | Field | DocType |
instruments program,automatic software instrumentation,non-control-data attacks,vulnerable version,corrupted data item,system call,data-based behavior model,static analysis framework,static analysis,behavior modeling | Instrumentation (computer programming),Computer security,Computer science,Static analysis,Real-time computing,Computation | Conference |
Volume | ISSN | Citations |
5758 | 0302-9743 | 0 |
PageRank | References | Authors |
0.34 | 1 | 3 |
Name | Order | Citations | PageRank |
---|---|---|---|
Jonathan-Christofer Demay | 1 | 3 | 1.10 |
Éric Totel | 2 | 0 | 0.34 |
Frédéric Tronel | 3 | 123 | 10.45 |