Springer Science and Business Media LLC

Công bố khoa học tiêu biểu

* Dữ liệu chỉ mang tính chất tham khảo

Sắp xếp:  
Enabling automated threat response through the use of a dynamic security policy
Springer Science and Business Media LLC - Tập 3 - Trang 195-210 - 2007
Hervé Debar, Yohann Thomas, Frédéric Cuppens, Nora Cuppens-Boulahia
Information systems security issues are currently being addressed using different techniques, such as authentication, encryption and access control, through the definition of security policies, but also using monitoring techniques, in particular intrusion detection systems. We can observe that security monitoring is currently totally decorrelated from security policies, that is security requiremen...... hiện toàn bộ
On callgraphs and generative mechanisms
Springer Science and Business Media LLC - Tập 3 - Trang 299-310 - 2007
Daniel Bilar
This paper examines the structural features of callgraphs. The sample consisted of 120 malicious and 280 non-malicious executables. Pareto models were fitted to indegree, outdegree and basic block count distribution, and a statistically significant difference shown for the derived power law exponent. A two-step optimization process involving human designers and code compilers is proposed to accoun...... hiện toàn bộ
Code mutation techniques by means of formal grammars and automatons
Springer Science and Business Media LLC - Tập 5 - Trang 199-207 - 2009
Pavel V. Zbitskiy
The paper describes formalization of existing code mutation techniques widely used in a viruses (polymorphism and metamorphism) by means of formal grammars and automatons. New model of metamorphic viruses and new classification of this type of viruses are suggested. The statement about undetectable viruses of this type is proved. In that paper are shown iterative approach toward construct complex ...... hiện toàn bộ
Filter-resistant code injection on ARM
Springer Science and Business Media LLC - Tập 7 - Trang 173-188 - 2010
Yves Younan, Pieter Philippaerts, Frank Piessens, Wouter Joosen, Sven Lachmund, Thomas Walter
Code injection attacks are one of the most powerful and important classes of attacks on software. In these attacks, the attacker sends malicious input to a software application, where it is stored in memory. The malicious input is chosen in such a way that its representation in memory is also a valid representation of a machine code program that performs actions chosen by the attacker. The attacke...... hiện toàn bộ
Enforcing kernel constraints by hardware-assisted virtualization
Springer Science and Business Media LLC - Tập 7 - Trang 1-21 - 2009
Éric Lacombe, Vincent Nicomette, Yves Deswarte
This article deals with kernel security protection. We propose a characterization of malicious kernel-targeted actions, based on how the way they act to corrupt the kernel. Then, we discuss security measures able to counter such attacks. We finally expose our approach based on hardware-virtualization that is partially implemented into our demonstrator Hytux, which is inspired from bluepill (Rutkow...... hiện toàn bộ
Letter from the EICAR Chairman
Springer Science and Business Media LLC - Tập 3 - Trang 61-61 - 2007
Rainer Fahs, Vlasti Broucek
Testing and evaluating virus detectors for handheld devices
Springer Science and Business Media LLC - Tập 2 Số 2 - Trang 135-147 - 2006
Morales, Jose Andre, Clarke, Peter J., Deng, Yi, Golam Kibria, B. M.
The widespread use of personal digital assistants and smartphones gives securing these devices a high priority. Yet little attention has been placed on protecting handheld devices against viruses. Currently available antivirus software for handhelds is few in number. At this stage, the opportunity exists for the evaluation and improvement of current solutions. By pinpointing weaknesses in the curr...... hiện toàn bộ
Constructing malware normalizers using term rewriting
Springer Science and Business Media LLC - Tập 4 - Trang 307-322 - 2008
Andrew Walenstein, Rachit Mathur, Mohamed R. Chouchane, Arun Lakhotia
A malware mutation engine is able to transform a malicious program to create a different version of the program. Such mutation engines are used at distribution sites or in self-propagating malware in order to create variation in the distributed programs. Program normalization is a way to remove variety introduced by mutation engines, and can thus simplify the problem of detecting variant strains. ...... hiện toàn bộ
On the trade-off between speed and resiliency of Flash worms and similar malcodes
Springer Science and Business Media LLC - Tập 5 - Trang 309-320 - 2009
Duc T. Ha, Hung Q. Ngo
We formulate and investigate the problem of finding a fast and resilient propagation topology and propagation schedule for Flash worms and similar malcodes. Resiliency means a very large proportion of infectable targets are still infected no matter which fraction of targets are not infectable. There is an intrinsic tradeoff between speed and resiliency, since resiliency requires transmission redun...... hiện toàn bộ
Classification of packet contents for malware detection
Springer Science and Business Media LLC - - 2011
Irfan Ahmed, Kyung-suk Lhee
Tổng số: 105   
  • 1
  • 2
  • 3
  • 4
  • 5
  • 6
  • 10