Filters








2,135 Hits in 2.0 sec

Taint-Enhanced Anomaly Detection [chapter]

Lorenzo Cavallaro, R. Sekar
2011 Lecture Notes in Computer Science  
Anomaly detection identifies unusual behaviors, while fine-grained taint can filter out behaviors that do not seem controlled by attacker-provided data.  ...  Our combination is very effective, detecting attack types that have been problematic for taint-based techniques, while significantly cutting down the false positives experienced by anomaly detection.  ...  We present a new technique, called taint-enhanced anomaly detection (TEAD), that combines the strengths of system-call-based anomaly detection with fine-grained tainttracking.  ... 
doi:10.1007/978-3-642-25560-1_11 fatcat:i47aeqqekfepzbs5m3zcdc53om

A Survey on Various Malware Detection Techniques on Mobile Platform

Aashima Malhotra, Karan Bajaj
2016 International Journal of Computer Applications  
General Terms Pattern Recognition, Permission based detection Technique.  ...  In this review paper, a fastidious study of the terms related to mobile malware and the techniques used for the detection of malware is done.  ...  HIDS,NIDS Anomaly based Detection Android Taint-Droid: It is a system which monitors android application and alert user when sensitive data is found.  ... 
doi:10.5120/ijca2016909159 fatcat:vxgeajtb6bcdhjrsydwwenxeji

From Speculation to Security

Haibo Chen, Xi Wu, Liwei Yuan, Binyu Zang, Pen-chung Yew, Frederic T. Chong
2008 SIGARCH Computer Architecture News  
Moreover, by decoupling mechanisms for taint tracking from security policies, SHIFT can detect a wide range of exploits, including high-level semantic attacks.  ...  Based on this observation, we propose SHIFT, a low-overhead, software-based dynamic information flow tracking system to detect a wide range of attacks.  ...  flow anomalies; and hardware-based systems [25, 24, 7, 8, 26] that provide architectural enhancements to improve the efficiency of information flow tracking.  ... 
doi:10.1145/1394608.1382156 fatcat:4rfuygu6vjgh5jmb5k7dt5ubmu

From Speculation to Security: Practical and Efficient Information Flow Tracking Using Speculative Hardware

Haibo Chen, Xi Wu, Liwei Yuan, Binyu Zang, Pen-chung Yew, Frederic T. Chong
2008 2008 International Symposium on Computer Architecture  
Moreover, by decoupling mechanisms for taint tracking from security policies, SHIFT can detect a wide range of exploits, including high-level semantic attacks.  ...  Based on this observation, we propose SHIFT, a low-overhead, software-based dynamic information flow tracking system to detect a wide range of attacks.  ...  flow anomalies; and hardware-based systems [25, 24, 7, 8, 26] that provide architectural enhancements to improve the efficiency of information flow tracking.  ... 
doi:10.1109/isca.2008.18 dblp:conf/isca/ChenWYZYC08 fatcat:yjpye3xdfncgljndzhmu3jm6n4

Building an Application Data Behavior Model for Intrusion Detection [chapter]

Olivier Sarrouy, Eric Totel, Bernard Jouga
2009 Lecture Notes in Computer Science  
In this paper, we propose an approach that would enhance the detection of such attacks.  ...  Related Work Most recent application level anomaly-based intrusion detection systems rely on the immunological approach introduced by Forrest and al. [11] . This approach is  ...  funded by the french DGA (General Delegation for Armament) and the french CNRS (National Center for Scientific Research) in the context of the DALI (Design and Assessment of application Level Intrusion detection  ... 
doi:10.1007/978-3-642-03007-9_21 fatcat:a4l44alkcfhxjhbfqzyo2vql4a

Web Anomaly Misuse Intrusion Detection Framework for SQL Injection Detection

Shaimaa Ezzat, Mohamed I., Laila M., Yehia K.
2012 International Journal of Advanced Computer Science and Applications  
In this paper we propose a framework based on misuse and anomaly detection techniques to detect SQL injection attack.  ...  As a second step in the detection process, the structure of the query under observation will be compared against the legitimate queries stored in the XML file thus minimizing false positive alarms.  ...  a tainted query.  ... 
doi:10.14569/ijacsa.2012.030321 fatcat:nt2kaelnk5dwrg4pvd53nk4t7u

CloudER

Ping Chen, Dongyan Xu, Bing Mao
2012 Proceedings of the 7th ACM Symposium on Information, Computer and Communications Security - ASIACCS '12  
CloudER leverages an existing taint-based system (Demand Emulation) for runtime anomaly detection, employs new algorithms for software vulnerability location and patch generation, and adapts a virtual  ...  The challenge is to facilitate the automatic runtime detection, location, and patching of the software vulnerability -outside the VMs and without the source code.  ...  Upon the detection of a taint-based anomaly, CloudER will locate the instructions directly responsible for the anomaly and further generate a binary patch to bypass those instructions yet maintaining the  ... 
doi:10.1145/2414456.2414485 dblp:conf/ccs/ChenXM12 fatcat:26gepyy5rrgydnftb3qlk2v2oy

Implementation of Pattern Matching Algorithm to Defend SQLIA

Nency Patel, Narendra Shekokar
2015 Procedia Computer Science  
In the new system, if any form of new anomaly occurs, then a new anomaly pattern will be updated to the existing static pattern list.  ...  We have proposed a detection and prevention technique for SQL Injection Attack (SQLIA) using modified Aho-Corasick pattern matching algorithm.  ...  Another technique for the same uses static Anomaly Detection using Aho-Corasick Pattern matching algorithm. The anomaly SQL Queries are detection in static phase.  ... 
doi:10.1016/j.procs.2015.03.078 fatcat:dxsy4ifwqncvfbtftypb3jpjvu

Learning Fine-Grained Structured Input for Memory Corruption Detection [chapter]

Lei Zhao, Debin Gao, Lina Wang
2012 Lecture Notes in Computer Science  
We propose a fine-grained dynamic taint analysis system to detect different fields in an input and monitor the propagation of these fields, and show that deviations from the execution pattern learned signal  ...  In this paper, we propose a novel approach to detect memory corruptions at the binary level.  ...  instructions, and the anomaly could be captured through patterns on the input processing.  ... 
doi:10.1007/978-3-642-33383-5_10 fatcat:bug4wzejnnfijjcrn6aiaayfm4

A Classification of Intrusion Detection Systems in the Cloud

Marwa Elsayed, Mohammad Zulkernine
2015 Journal of Information Processing  
This paper presents a novel classification scheme of the state-of-the-art of intrusion detection approaches in the cloud.  ...  Additionally, robust IDSs need novel detection techniques to keep up with modern sophisticated attacks that target cloud environments.  ...  CloudFence [36] and its enhanced design ECloudFence [37] use dynamic taint analysis to detect and prevent attacks that violate the confidentiality of data-flow in order to protect against data leakage  ... 
doi:10.2197/ipsjjip.23.392 fatcat:toie6prmtzfw7glfqcee3namre

Using malware for software-defined networking–based smart home security management through a taint checking approach

Ping Wang, Kuo-Ming Chao, Chi-Chun Lo, Wen-Hui Lin, Hsiao-Chung Lin, Wun-Jie Chao
2016 International Journal of Distributed Sensor Networks  
anomalies.  ...  If an anomaly is detected, the application instructs the controller on how to reprogram the data plane to mitigate it.  ... 
doi:10.1177/1550147716662947 fatcat:d63ugyia3ve3hd65oe3osqzuqi

A Framework for Web Application Vulnerability Detection

2020 International Journal of Engineering and Advanced Technology  
This paper has carried out the literature survey in direction of identifying the new attack vectors, vulnerabilities, detection mechanism, research gaps and new working areas in same field.  ...  Hence, there is a need to develop a framework that can detect different levels of vulnerabilities, ranging from client side vulnerabilities, communication side vulnerabilities to server side vulnerabilities  ...  , online anomaly behavior analysis, etc.  ... 
doi:10.35940/ijeat.c4778.029320 fatcat:jir2atlqffav3h5jozekw2gsum

Cyber-Physical Taint Analysis in Multi-stage Manufacturing Systems (MMS): A Case Study [article]

Tao Liu, Bowen Yang, Qi Li, Jin Ye, Wenzhan Song, Peng Liu
2021 arXiv   pre-print
It is clear that taints graphs could significantly enhance intrusion diagnosis.  ...  Taint propagation paths are typically determined by data flows and implicit flows in a computer program. And the union of all the taint propagation paths forms a taint graph.  ...  In [21] , a framework is proposed to generate invariants for anomaly detection in ICS.  ... 
arXiv:2109.12774v1 fatcat:ew7vfoppcfgcrkpx5wm7ehvsw4

Threat Detection and Investigation with System-level Provenance Graphs: A Survey [article]

Zhenyuan Li, Qi Alfred Chen, Runqing Yang, Yan Chen
2020 arXiv   pre-print
A comprehensive provenance graph-based threat detection system can be divided into three modules, namely, "data collection module", "data management module", and "threat detection modules".  ...  In this paper, we firstly introduce the basic concepts about system-level provenance graph and proposed typical system architecture for provenance graph-based threat detection and investigation.  ...  However, this is an anomaly detection-based approaches, which thus suffers from the limitation of anomaly detection. 2) Anomaly Score-based Detection Anomaly score-based detection tries to quantify the  ... 
arXiv:2006.01722v3 fatcat:ofx2geac3rggvo5kz3zenbmpvq

TaintHLS: High-Level Synthesis For Dynamic Information Flow Tracking

Christian Pilato, Kaijie Wu, Siddharth Garg, Ramesh Karri, Francesco Regazzoni
2018 IEEE Transactions on Computer-Aided Design of Integrated Circuits and Systems  
We extended a state-of-the-art HLS tool to generate DIFT-enhanced accelerators and demonstrated the approach on numerous benchmarks.  ...  Untrusted data are marked with tags (tainted), which are propagated through the system and their potential for unsafe use is analyzed to prevent them.  ...  Accelerators without DIFT support may compromise the tag propagation and identification of anomalies.  ... 
doi:10.1109/tcad.2018.2834421 fatcat:ws7b3zayfraknk2qwfyq33kana
« Previous Showing results 1 — 15 out of 2,135 results