Evolving successful stack overflow attacks for vulnerability testing

Proceedings - Annual Computer Security Applications Conference, ACSAC

Volumn 2005, Issue , 2005, Pages 225-232

  Gunes Kayacik H ^a   Nur Zincir Heywood, A ^a   Heywood, Malcolm ^a  

^a DALHOUSIE UNIVERSITY   (Canada)

Author keywords

[No Author keywords available]

Indexed keywords

MALICIOUS BUFFERS; MISUSE DETECTION; STACK OVERFLOW;

OPTIMIZATION; PROBLEM SOLVING; PUBLIC KEY CRYPTOGRAPHY; SYSTEMS ANALYSIS;

SECURITY OF DATA;

EID: 33751054751     PISSN: 10639527     EISSN: None     Source Type: Conference Proceeding    
DOI: 10.1109/CSAC.2005.23     Document Type: Conference Paper

References (19)

1. Christodorescu M., Jha S., "Static analysis of executables to detect malicious patterns", Proceedings of the USENIX Security Symposium, 2003.
2. Deb K., Goldberg D. E., "An Investigation of Niche and Species Formation in Genetic Function Optimization" Proceedings of the third international conference on Genetic algorithms, pp 42-50, 1-55860-006-3, 1989.
3. Detristan T., Ulenspiegel T., Malcom Y., Underduk M. S., "Polymorphic shellcode engine using spectrum analysis", Phrack Online Magazine, 61, 2003.
4. Dozier, G., Brown, D., Cain, K., Hurley, J., "Vulnerability analysis of immunity-based intrusion detection systems using evolutionary hackers," Proceedings of the Genetic and Evolutionary Computation Conference, Lecture Notes in Computer Science, LNCS 3102, pp 263-274, 2004.
5. Eiben A.E., Smith J.E., "Introduction to Evolutionary Computing", Springer, ISBN 3-540-40184-9, 2003.
6. Erickson J., "Hacking: The Art of Exploitation", No Starch Press, ISBN 1-59327-007-0, Ch. 2, 2003.
7. Foster J.C., Osipov V., Bhalla N., Heinen N., "Buffer Overflow Attacks: Detect, Exploit, Prevent", Syngress Publishing, ISBN 1-932266-67-4, Ch.5, 2005.
8. Goldberg D.E., Deb K., "A Comparative Analysis of Selection Schemes Used in Genetic Algorithms," in Foundations of Genetic Algorithms, G.J.E. Rawlins (ed.), Morgan Kaufmann, ISBN 1-55860-170-8, 1991.
9. Koza J.R., "Genetic Programming", MIT Press, 1992.
10. Langdon W.B., Poli R., "Foundations of Genetic Programming", Springer-Verlag, IBSN 3-540-42451-2, 2002.
11. Miller B.L., Shaw M.J., "Genetic Algorithms with dynamic Niche Sharing for Multimodal Function optimization", University Of Illinois at Urbana-Champaign, Dept. General Engineering, IlliGAL Report 95010, 1995.
12. O'Neill, M., Ryan, C.: "Grammatical Evolution", IEEE Transactions on Evolutionary Computation, Vol. 5, No. 4, pp 349-358, 2001.
13. Marti R., "THOR: A tool to test intrusion detection systems by variations of attacks", Master's Thesis, Swiss Federal Institute of Technology, March 2002.
14. Roesch, M., "Snort - lightweight intrusion detection for networks", Proceedings of Thirteenth Systems Administration Conference - LISA, pp 229-238, 1999.
15. Rubin S., Jha S., Miller B.P., "Automatic Generation and Analysis of NIDS Attacks", 20th Annual Computer Security Applications Conference - ACSAC, pp 28-38, 2004.
16. Snort Web Site - www.snort.org. last accessed Mar 2005.
17. th International Symposium on Recent Advances in Intrusion Detection - RAID, Lecture Notes in Computer Science, LNCS 2516, pp 54-73, 2002.
18. Vigna, G., Robertson, W., Balzarotti D., "Testing Network Based Intrusion Detection Signatures Using Mutant Exploits", ACM Conference on Computer Security, 2004.
19. Wagner, D., Soto, P., "Mimicry Attacks on Host-based Intrusion Detection Systems", ACM Conference on Computer Security, pp 255-264, 2002.