Paragraph: Thwarting signature learning by training maliciously

Lecture Notes in Computer Science (including subseries Lecture Notes in Artificial Intelligence and Lecture Notes in Bioinformatics)

Volumn 4219 LNCS, Issue , 2006, Pages 81-105

  Newsome, James ^a   Karp, Brad ^b   Song, Dawn ^a  

^a CARNEGIE MELLON UNIVERSITY   (United States)

^b UNIVERSITY COLLEGE LONDON   (United Kingdom)

Author keywords

Automatic signature generation; Machine learning; Spam; Worm

Indexed keywords

COMPUTER CRIME; COMPUTER VIRUSES; INTERNET; LEARNING SYSTEMS; TELECOMMUNICATION TRAFFIC;

AUTOMATIC SIGNATURE GENERATION; POLYMORPHIC WORM; SPAM;

ELECTRONIC DOCUMENT IDENTIFICATION SYSTEMS;

EID: 33750332606     PISSN: 03029743     EISSN: 16113349     Source Type: Book Series    
DOI: 10.1007/11856214_5     Document Type: Conference Paper

References (25)

1. Marco Barreno, Blaine Nelson, Russell Sears, Anthony D. Joseph, and J. D. Tygar. Can machine learning be secure? In ASIA CCS, March 2006.
2. David Brumley, James Newsome, Dawn Song, Hao Wang, and Somesh Jha. Towards automatic generation of vulnerability-based signatures. In IEEE Symposium on Security and Privacy, 2006.
3. Manuel Costa, Jon Crowcroft, Miguel Castro, and Antony Rowstron. Vigilante: End-to-end containment of internet worms. In SOSP, 2005.
4. Jedidiah R. Crandall and Fred Chong. Minos: Architectural support for software security through control data integrity. In International Symposium on Microarchitecture, December 2004.
5. Jedidiah R. Crandall, Zhendong Su, S. Felix Wu, and Frederic T. Chong. On deriving un-known vulnerabilities from zero-day polymorphic and metamorphic worm exploits. In 12th ACM Conference on Computer and Communications Security (CCS), 2005.
6. Nilesh Dalvi, Pedro Domingos, Mausam, Sumit Sanghai, and Deepak Verma. Adversarial classification. In Tenth ACM SIGKDD International Conference on Knowledge Discovery and Data Mining (KDD), 2004.
7. Hyang-Ah Kim and Brad Karp. Autograph: toward automated, distributed worm signature detection. In 13th USENIX Security Symposium, August 2004.
8. Christian Kreibich and Jon Crowcroft. Honeycomb - creating intrusion detection signatures using honeypots. In HotNets, November 2003.
9. Zhichun Li, Manan Sanghi, Yan Chen, Ming-Yang Kao, and Brian Chavez. Hamsa: fast signature generation for zero-day polymorphic worms with provable attack resilience. In IEEE Symposium on Security and Privacy, May 2006.
10. Zhenkai Liang and R. Sekar. Fast and automated generation of attack signatures: A basis for building self-protecting servers. In 12th ACM Conference on Computer and Communications Security (CCS), 2005.
11. N. Littlestone. Learning quickly when irrelevant attributes abound: A new linear threshold algorithm. Machine Learning, 2(285-318), 1988.
12. N. Littlestone. Redundant noisy attributes, attribute errors, and linear-threshold learning using winnow. In Fourth Annual Workshop on Computational Learning Theory, pages 147-156, 1991.
13. Daniel Lowd and Christopher Meek. Adversarial learning. In Eleventh ACM SIGKDD International Conference on Knowledge Discovery and Data Mining (KDD), 2005.
14. James Newsome, David Brumley, and Dawn Song. Vulnerability-specific execution filtering for exploit prevention on commodity software. In 13th Symposium on Network and Distributed System Security (NDSS'06), 2006.
15. James Newsome, Brad Karp, and Dawn Song. Polygraph: Automatically generating signatures for polymorphic worms. In IEEE Symposium on Security and Privacy, May 2005.
16. James Newsome and Dawn Song. Dynamic taint analysis for automatic detection, analysis, and signature generation of exploits on commodity software. In 12th Annual Network and Distributed System Security Symposium (NDSS), February 2005.
17. delusive (definition). In Oxford English Dictionary, Oxford University Press, 2006.
18. Roberto Perdisci, David Dagon, Wenke Lee, Prahlad Fogla, and Monirul Sharif. Misleading worm signature generators using deliberate noise injection. In IEEE Symposium on Security and Privacy, May 2006.
19. Yann Ramin. ATPhttpd. http://www.redshift.com/~yramin/atp/atphttpd/.
20. Stelios Sidiroglou, Michael E. Locasto, Stephen W. Boyd, and Angelos D. Keromytis. Building a reactive immune system for software services. In USENIX Annual Technical Conference, 2005.
21. Sumeet Singh, Cristian Estan, George Varghese, and Stefan Savage. Automated worm fingerprinting. In 6th ACM/USENIX Symposium on Operating System Design and Implementation (OSDI), December 2004.
22. S. Staniford, D. Moore, V. Paxson, and N. Weaver. The top speed of flash worms. In ACM CCS WORM, 2004.
23. G. Edward Suh, Jaewook Lee, and Srinivas Devadas. Secure program execution via dynamic information flow tracking. In ASPLOS, 2004.
24. Yong Tang and Shigang Chen. Defending against internet worms: A signature-based approach. In IEEE INFOCOM, March 2005.
25. Jun Xu, Peng Ning, Chongkyung Kil, Yan Zhai, and Chris Bookholt. Automatic diagnosis and response to memory corruption vulnerabilities. In 12th Annual ACM Conference on Computer and Communication Security (CCS), 2005.