A copy of this work was available on the public web and has been preserved in the Wayback Machine. The capture dates from 2011; you can also visit the original URL.
The file type is application/pdf
.
On the infeasibility of modeling polymorphic shellcode
2007
Proceedings of the 14th ACM conference on Computer and communications security - CCS '07
Current trends demonstrate an increasing use of polymorphism by attackers to disguise their exploits. The ability for malicious code to be easily, and automatically, transformed into semantically equivalent variants frustrates attempts to construct simple, easily verifiable representations for use in security sensors. In this paper, we present a quantitative analysis of the strengths and limitations of shellcode polymorphism, and describe the impact that these techniques have in the context of
doi:10.1145/1315245.1315312
dblp:conf/ccs/SongLSKS07
fatcat:ebnrlydq6ncttbajrrz3icuroe