You are here:   
  1. Home
  2. Chapters
  3. http://scigraph.springernature.com/pub.10.1007/978-3-642-04342-0_9

Towards Generating High Coverage Vulnerability-Based Signatures with Protocol-Level Constraint-Guided Exploration View Full Text

Ontology type: schema:Chapter      Open Access: True


Chapter Info

DATE

2009

AUTHORS

Juan Caballero , Zhenkai Liang , Pongsin Poosankam , Dawn Song

ABSTRACT

Signature-based input filtering is an important and widely deployed defense. But current signature generation methods have limited coverage and the generated signatures often can be easily evaded by an attacker with small variations of the exploit message. In this paper, we propose protocol-level constraint-guided exploration, a new approach towards generating high coverage vulnerability-based signatures. In particular, our approach generates high coverage, yet compact, vulnerability point reachability predicates, which capture many paths to the vulnerability point. In our experimental results, our tool, Elcano, generates compact, high coverage signatures for real-world vulnerabilities. More... »

PAGES

161-181

Book

TITLE

Recent Advances in Intrusion Detection

ISBN

978-3-642-04341-3
978-3-642-04342-0

Subjects

  • FOR: Information And Computing Sciences
  • FOR: Artificial Intelligence And Image Processing

    • Author Affiliations

  • UC Berkeley, USA
  • National University of Singapore, Singapore

    • Identifiers

    URI

    http://scigraph.springernature.com/pub.10.1007/978-3-642-04342-0_9

    DOI

    http://dx.doi.org/10.1007/978-3-642-04342-0_9

    DIMENSIONS

    https://app.dimensions.ai/details/publication/pub.1029433901

    Indexing Status Check whether this publication has been indexed by Scopus and Web Of Science using the SN Indexing Status Tool
    Incoming Citations Browse incoming citations for this publication using opencitations.net

    JSON-LD is the canonical representation for SciGraph data.

    TIP: You can open this SciGraph record using an external JSON-LD service: JSON-LD Playground Google SDTT 

    [
  {
    "@context": "https://springernature.github.io/scigraph/jsonld/sgcontext.json", 
    "about": [
      {
        "id": "http://purl.org/au-research/vocabulary/anzsrc-for/2008/08", 
        "inDefinedTermSet": "http://purl.org/au-research/vocabulary/anzsrc-for/2008/", 
        "name": "Information and Computing Sciences", 
        "type": "DefinedTerm"
      }, 
      {
        "id": "http://purl.org/au-research/vocabulary/anzsrc-for/2008/0801", 
        "inDefinedTermSet": "http://purl.org/au-research/vocabulary/anzsrc-for/2008/", 
        "name": "Artificial Intelligence and Image Processing", 
        "type": "DefinedTerm"
      }
    ], 
    "author": [
      {
        "affiliation": {
          "alternateName": "UC Berkeley, USA", 
          "id": "http://www.grid.ac/institutes/grid.47840.3f", 
          "name": [
            "Carnegie Mellon University, USA", 
            "UC Berkeley, USA"
          ], 
          "type": "Organization"
        }, 
        "familyName": "Caballero", 
        "givenName": "Juan", 
        "id": "sg:person.07456732061.32", 
        "sameAs": [
          "https://app.dimensions.ai/discover/publication?and_facet_researcher=ur.07456732061.32"
        ], 
        "type": "Person"
      }, 
      {
        "affiliation": {
          "alternateName": "National University of Singapore, Singapore", 
          "id": "http://www.grid.ac/institutes/grid.4280.e", 
          "name": [
            "National University of Singapore, Singapore"
          ], 
          "type": "Organization"
        }, 
        "familyName": "Liang", 
        "givenName": "Zhenkai", 
        "id": "sg:person.014106736131.19", 
        "sameAs": [
          "https://app.dimensions.ai/discover/publication?and_facet_researcher=ur.014106736131.19"
        ], 
        "type": "Person"
      }, 
      {
        "affiliation": {
          "alternateName": "UC Berkeley, USA", 
          "id": "http://www.grid.ac/institutes/grid.47840.3f", 
          "name": [
            "Carnegie Mellon University, USA", 
            "UC Berkeley, USA"
          ], 
          "type": "Organization"
        }, 
        "familyName": "Poosankam", 
        "givenName": "Pongsin", 
        "id": "sg:person.016604336755.76", 
        "sameAs": [
          "https://app.dimensions.ai/discover/publication?and_facet_researcher=ur.016604336755.76"
        ], 
        "type": "Person"
      }, 
      {
        "affiliation": {
          "alternateName": "UC Berkeley, USA", 
          "id": "http://www.grid.ac/institutes/grid.47840.3f", 
          "name": [
            "UC Berkeley, USA"
          ], 
          "type": "Organization"
        }, 
        "familyName": "Song", 
        "givenName": "Dawn", 
        "id": "sg:person.01143152610.86", 
        "sameAs": [
          "https://app.dimensions.ai/discover/publication?and_facet_researcher=ur.01143152610.86"
        ], 
        "type": "Person"
      }
    ], 
    "datePublished": "2009", 
    "datePublishedReg": "2009-01-01", 
    "description": "Signature-based input filtering is an important and widely deployed defense. But current signature generation methods have limited coverage and the generated signatures often can be easily evaded by an attacker with small variations of the exploit message. In this paper, we propose protocol-level constraint-guided exploration, a new approach towards generating high coverage vulnerability-based signatures. In particular, our approach generates high coverage, yet compact, vulnerability point reachability predicates, which capture many paths to the vulnerability point. In our experimental results, our tool, Elcano, generates compact, high coverage signatures for real-world vulnerabilities.", 
    "editor": [
      {
        "familyName": "Kirda", 
        "givenName": "Engin", 
        "type": "Person"
      }, 
      {
        "familyName": "Jha", 
        "givenName": "Somesh", 
        "type": "Person"
      }, 
      {
        "familyName": "Balzarotti", 
        "givenName": "Davide", 
        "type": "Person"
      }
    ], 
    "genre": "chapter", 
    "id": "sg:pub.10.1007/978-3-642-04342-0_9", 
    "inLanguage": "en", 
    "isAccessibleForFree": true, 
    "isPartOf": {
      "isbn": [
        "978-3-642-04341-3", 
        "978-3-642-04342-0"
      ], 
      "name": "Recent Advances in Intrusion Detection", 
      "type": "Book"
    }, 
    "keywords": [
      "real-world vulnerabilities", 
      "signature generation method", 
      "reachability predicate", 
      "generation method", 
      "vulnerability points", 
      "experimental results", 
      "new approach", 
      "attacker", 
      "Elcano", 
      "predicates", 
      "filtering", 
      "messages", 
      "input filtering", 
      "vulnerability", 
      "exploration", 
      "high coverage", 
      "constraints", 
      "signatures", 
      "tool", 
      "coverage", 
      "path", 
      "method", 
      "defense", 
      "point", 
      "results", 
      "approach", 
      "small variations", 
      "variation", 
      "paper"
    ], 
    "name": "Towards Generating High Coverage Vulnerability-Based Signatures with Protocol-Level Constraint-Guided Exploration", 
    "pagination": "161-181", 
    "productId": [
      {
        "name": "dimensions_id", 
        "type": "PropertyValue", 
        "value": [
          "pub.1029433901"
        ]
      }, 
      {
        "name": "doi", 
        "type": "PropertyValue", 
        "value": [
          "10.1007/978-3-642-04342-0_9"
        ]
      }
    ], 
    "publisher": {
      "name": "Springer Nature", 
      "type": "Organisation"
    }, 
    "sameAs": [
      "https://doi.org/10.1007/978-3-642-04342-0_9", 
      "https://app.dimensions.ai/details/publication/pub.1029433901"
    ], 
    "sdDataset": "chapters", 
    "sdDatePublished": "2022-05-20T07:45", 
    "sdLicense": "https://scigraph.springernature.com/explorer/license/", 
    "sdPublisher": {
      "name": "Springer Nature - SN SciGraph project", 
      "type": "Organization"
    }, 
    "sdSource": "s3://com-springernature-scigraph/baseset/20220519/entities/gbq_results/chapter/chapter_286.jsonl", 
    "type": "Chapter", 
    "url": "https://doi.org/10.1007/978-3-642-04342-0_9"
  }
]
     

    Download the RDF metadata as:  json-ld nt turtle xml License info

    HOW TO GET THIS DATA PROGRAMMATICALLY:

    JSON-LD is a popular format for linked data which is fully compatible with JSON. 

    curl -H 'Accept: application/ld+json' 'https://scigraph.springernature.com/pub.10.1007/978-3-642-04342-0_9'

    N-Triples is a line-based linked data format ideal for batch operations. 

    curl -H 'Accept: application/n-triples' 'https://scigraph.springernature.com/pub.10.1007/978-3-642-04342-0_9'

    Turtle is a human-readable linked data format. 

    curl -H 'Accept: text/turtle' 'https://scigraph.springernature.com/pub.10.1007/978-3-642-04342-0_9'

    RDF/XML is a standard XML format for linked data. 

    curl -H 'Accept: application/rdf+xml' 'https://scigraph.springernature.com/pub.10.1007/978-3-642-04342-0_9'


     

    This table displays all metadata directly associated to this object as RDF triples.

    124 TRIPLES      23 PREDICATES      55 URIs      48 LITERALS      7 BLANK NODES

    Subject Predicate Object
    1 sg:pub.10.1007/978-3-642-04342-0_9 schema:about anzsrc-for:08
    2 anzsrc-for:0801
    3 schema:author Ne6f055ee1f20450aa77622642f31d82c
    4 schema:datePublished 2009
    5 schema:datePublishedReg 2009-01-01
    6 schema:description Signature-based input filtering is an important and widely deployed defense. But current signature generation methods have limited coverage and the generated signatures often can be easily evaded by an attacker with small variations of the exploit message. In this paper, we propose protocol-level constraint-guided exploration, a new approach towards generating high coverage vulnerability-based signatures. In particular, our approach generates high coverage, yet compact, vulnerability point reachability predicates, which capture many paths to the vulnerability point. In our experimental results, our tool, Elcano, generates compact, high coverage signatures for real-world vulnerabilities.
    7 schema:editor Nf761b8a91f79440d9a50cee5fd7e7720
    8 schema:genre chapter
    9 schema:inLanguage en
    10 schema:isAccessibleForFree true
    11 schema:isPartOf N6a4f18ec7274480194d853eac9af108a
    12 schema:keywords Elcano
    13 approach
    14 attacker
    15 constraints
    16 coverage
    17 defense
    18 experimental results
    19 exploration
    20 filtering
    21 generation method
    22 high coverage
    23 input filtering
    24 messages
    25 method
    26 new approach
    27 paper
    28 path
    29 point
    30 predicates
    31 reachability predicate
    32 real-world vulnerabilities
    33 results
    34 signature generation method
    35 signatures
    36 small variations
    37 tool
    38 variation
    39 vulnerability
    40 vulnerability points
    41 schema:name Towards Generating High Coverage Vulnerability-Based Signatures with Protocol-Level Constraint-Guided Exploration
    42 schema:pagination 161-181
    43 schema:productId N748db0674fd14bb9aece491a5c9edb73
    44 N822dee97cbd547c6895a6656deed58c9
    45 schema:publisher N05512d72c4fd492588bf5f9c00bc6e07
    46 schema:sameAs https://app.dimensions.ai/details/publication/pub.1029433901
    47 https://doi.org/10.1007/978-3-642-04342-0_9
    48 schema:sdDatePublished 2022-05-20T07:45
    49 schema:sdLicense https://scigraph.springernature.com/explorer/license/
    50 schema:sdPublisher Nc99fd5c6533d40a799c5599d42ed23ab
    51 schema:url https://doi.org/10.1007/978-3-642-04342-0_9
    52 sgo:license sg:explorer/license/
    53 sgo:sdDataset chapters
    54 rdf:type schema:Chapter
    55 N05512d72c4fd492588bf5f9c00bc6e07 schema:name Springer Nature
    56 rdf:type schema:Organisation
    57 N1aafc98a44bd4183b44c80a985c916e3 schema:familyName Balzarotti
    58 schema:givenName Davide
    59 rdf:type schema:Person
    60 N2fad355c1ef94d8481728bd329f776a7 rdf:first N9e8d789339804732bc4ee84ca55a47ca
    61 rdf:rest N7f62557912dc4858bf705a792c073653
    62 N3ab32a1d73314794bd6f8b7aa9cca9d2 schema:familyName Kirda
    63 schema:givenName Engin
    64 rdf:type schema:Person
    65 N6a4f18ec7274480194d853eac9af108a schema:isbn 978-3-642-04341-3
    66 978-3-642-04342-0
    67 schema:name Recent Advances in Intrusion Detection
    68 rdf:type schema:Book
    69 N748db0674fd14bb9aece491a5c9edb73 schema:name dimensions_id
    70 schema:value pub.1029433901
    71 rdf:type schema:PropertyValue
    72 N75fc719971f841fcb47f49f9d05053a0 rdf:first sg:person.01143152610.86
    73 rdf:rest rdf:nil
    74 N7f62557912dc4858bf705a792c073653 rdf:first N1aafc98a44bd4183b44c80a985c916e3
    75 rdf:rest rdf:nil
    76 N81c5208cacde40d59abef537b3a439f0 rdf:first sg:person.014106736131.19
    77 rdf:rest N882bf20fc3ff4064a791b5f8b2eac200
    78 N822dee97cbd547c6895a6656deed58c9 schema:name doi
    79 schema:value 10.1007/978-3-642-04342-0_9
    80 rdf:type schema:PropertyValue
    81 N882bf20fc3ff4064a791b5f8b2eac200 rdf:first sg:person.016604336755.76
    82 rdf:rest N75fc719971f841fcb47f49f9d05053a0
    83 N9e8d789339804732bc4ee84ca55a47ca schema:familyName Jha
    84 schema:givenName Somesh
    85 rdf:type schema:Person
    86 Nc99fd5c6533d40a799c5599d42ed23ab schema:name Springer Nature - SN SciGraph project
    87 rdf:type schema:Organization
    88 Ne6f055ee1f20450aa77622642f31d82c rdf:first sg:person.07456732061.32
    89 rdf:rest N81c5208cacde40d59abef537b3a439f0
    90 Nf761b8a91f79440d9a50cee5fd7e7720 rdf:first N3ab32a1d73314794bd6f8b7aa9cca9d2
    91 rdf:rest N2fad355c1ef94d8481728bd329f776a7
    92 anzsrc-for:08 schema:inDefinedTermSet anzsrc-for:
    93 schema:name Information and Computing Sciences
    94 rdf:type schema:DefinedTerm
    95 anzsrc-for:0801 schema:inDefinedTermSet anzsrc-for:
    96 schema:name Artificial Intelligence and Image Processing
    97 rdf:type schema:DefinedTerm
    98 sg:person.01143152610.86 schema:affiliation grid-institutes:grid.47840.3f
    99 schema:familyName Song
    100 schema:givenName Dawn
    101 schema:sameAs https://app.dimensions.ai/discover/publication?and_facet_researcher=ur.01143152610.86
    102 rdf:type schema:Person
    103 sg:person.014106736131.19 schema:affiliation grid-institutes:grid.4280.e
    104 schema:familyName Liang
    105 schema:givenName Zhenkai
    106 schema:sameAs https://app.dimensions.ai/discover/publication?and_facet_researcher=ur.014106736131.19
    107 rdf:type schema:Person
    108 sg:person.016604336755.76 schema:affiliation grid-institutes:grid.47840.3f
    109 schema:familyName Poosankam
    110 schema:givenName Pongsin
    111 schema:sameAs https://app.dimensions.ai/discover/publication?and_facet_researcher=ur.016604336755.76
    112 rdf:type schema:Person
    113 sg:person.07456732061.32 schema:affiliation grid-institutes:grid.47840.3f
    114 schema:familyName Caballero
    115 schema:givenName Juan
    116 schema:sameAs https://app.dimensions.ai/discover/publication?and_facet_researcher=ur.07456732061.32
    117 rdf:type schema:Person
    118 grid-institutes:grid.4280.e schema:alternateName National University of Singapore, Singapore
    119 schema:name National University of Singapore, Singapore
    120 rdf:type schema:Organization
    121 grid-institutes:grid.47840.3f schema:alternateName UC Berkeley, USA
    122 schema:name Carnegie Mellon University, USA
    123 UC Berkeley, USA
    124 rdf:type schema:Organization
     




    Preview window. Press ESC to close (or click here)

    ...