Towards Generating High Coverage Vulnerability-Based Signatures with Protocol-Level Constraint-Guided Exploration View Full Text


Ontology type: schema:Chapter      Open Access: True


Chapter Info

DATE

2009

AUTHORS

Juan Caballero , Zhenkai Liang , Pongsin Poosankam , Dawn Song

ABSTRACT

Signature-based input filtering is an important and widely deployed defense. But current signature generation methods have limited coverage and the generated signatures often can be easily evaded by an attacker with small variations of the exploit message. In this paper, we propose protocol-level constraint-guided exploration, a new approach towards generating high coverage vulnerability-based signatures. In particular, our approach generates high coverage, yet compact, vulnerability point reachability predicates, which capture many paths to the vulnerability point. In our experimental results, our tool, Elcano, generates compact, high coverage signatures for real-world vulnerabilities. More... »

PAGES

161-181

Book

TITLE

Recent Advances in Intrusion Detection

ISBN

978-3-642-04341-3
978-3-642-04342-0

Identifiers

URI

http://scigraph.springernature.com/pub.10.1007/978-3-642-04342-0_9

DOI

http://dx.doi.org/10.1007/978-3-642-04342-0_9

DIMENSIONS

https://app.dimensions.ai/details/publication/pub.1029433901


Indexing Status Check whether this publication has been indexed by Scopus and Web Of Science using the SN Indexing Status Tool
Incoming Citations Browse incoming citations for this publication using opencitations.net

JSON-LD is the canonical representation for SciGraph data.

TIP: You can open this SciGraph record using an external JSON-LD service: JSON-LD Playground Google SDTT

[
  {
    "@context": "https://springernature.github.io/scigraph/jsonld/sgcontext.json", 
    "about": [
      {
        "id": "http://purl.org/au-research/vocabulary/anzsrc-for/2008/08", 
        "inDefinedTermSet": "http://purl.org/au-research/vocabulary/anzsrc-for/2008/", 
        "name": "Information and Computing Sciences", 
        "type": "DefinedTerm"
      }, 
      {
        "id": "http://purl.org/au-research/vocabulary/anzsrc-for/2008/0801", 
        "inDefinedTermSet": "http://purl.org/au-research/vocabulary/anzsrc-for/2008/", 
        "name": "Artificial Intelligence and Image Processing", 
        "type": "DefinedTerm"
      }
    ], 
    "author": [
      {
        "affiliation": {
          "alternateName": "UC Berkeley, USA", 
          "id": "http://www.grid.ac/institutes/grid.47840.3f", 
          "name": [
            "Carnegie Mellon University, USA", 
            "UC Berkeley, USA"
          ], 
          "type": "Organization"
        }, 
        "familyName": "Caballero", 
        "givenName": "Juan", 
        "id": "sg:person.07456732061.32", 
        "sameAs": [
          "https://app.dimensions.ai/discover/publication?and_facet_researcher=ur.07456732061.32"
        ], 
        "type": "Person"
      }, 
      {
        "affiliation": {
          "alternateName": "National University of Singapore, Singapore", 
          "id": "http://www.grid.ac/institutes/grid.4280.e", 
          "name": [
            "National University of Singapore, Singapore"
          ], 
          "type": "Organization"
        }, 
        "familyName": "Liang", 
        "givenName": "Zhenkai", 
        "id": "sg:person.014106736131.19", 
        "sameAs": [
          "https://app.dimensions.ai/discover/publication?and_facet_researcher=ur.014106736131.19"
        ], 
        "type": "Person"
      }, 
      {
        "affiliation": {
          "alternateName": "UC Berkeley, USA", 
          "id": "http://www.grid.ac/institutes/grid.47840.3f", 
          "name": [
            "Carnegie Mellon University, USA", 
            "UC Berkeley, USA"
          ], 
          "type": "Organization"
        }, 
        "familyName": "Poosankam", 
        "givenName": "Pongsin", 
        "id": "sg:person.016604336755.76", 
        "sameAs": [
          "https://app.dimensions.ai/discover/publication?and_facet_researcher=ur.016604336755.76"
        ], 
        "type": "Person"
      }, 
      {
        "affiliation": {
          "alternateName": "UC Berkeley, USA", 
          "id": "http://www.grid.ac/institutes/grid.47840.3f", 
          "name": [
            "UC Berkeley, USA"
          ], 
          "type": "Organization"
        }, 
        "familyName": "Song", 
        "givenName": "Dawn", 
        "id": "sg:person.01143152610.86", 
        "sameAs": [
          "https://app.dimensions.ai/discover/publication?and_facet_researcher=ur.01143152610.86"
        ], 
        "type": "Person"
      }
    ], 
    "datePublished": "2009", 
    "datePublishedReg": "2009-01-01", 
    "description": "Signature-based input filtering is an important and widely deployed defense. But current signature generation methods have limited coverage and the generated signatures often can be easily evaded by an attacker with small variations of the exploit message. In this paper, we propose protocol-level constraint-guided exploration, a new approach towards generating high coverage vulnerability-based signatures. In particular, our approach generates high coverage, yet compact, vulnerability point reachability predicates, which capture many paths to the vulnerability point. In our experimental results, our tool, Elcano, generates compact, high coverage signatures for real-world vulnerabilities.", 
    "editor": [
      {
        "familyName": "Kirda", 
        "givenName": "Engin", 
        "type": "Person"
      }, 
      {
        "familyName": "Jha", 
        "givenName": "Somesh", 
        "type": "Person"
      }, 
      {
        "familyName": "Balzarotti", 
        "givenName": "Davide", 
        "type": "Person"
      }
    ], 
    "genre": "chapter", 
    "id": "sg:pub.10.1007/978-3-642-04342-0_9", 
    "inLanguage": "en", 
    "isAccessibleForFree": true, 
    "isPartOf": {
      "isbn": [
        "978-3-642-04341-3", 
        "978-3-642-04342-0"
      ], 
      "name": "Recent Advances in Intrusion Detection", 
      "type": "Book"
    }, 
    "keywords": [
      "real-world vulnerabilities", 
      "signature generation method", 
      "reachability predicate", 
      "generation method", 
      "vulnerability points", 
      "experimental results", 
      "new approach", 
      "attacker", 
      "Elcano", 
      "predicates", 
      "filtering", 
      "messages", 
      "input filtering", 
      "vulnerability", 
      "exploration", 
      "high coverage", 
      "constraints", 
      "signatures", 
      "tool", 
      "coverage", 
      "path", 
      "method", 
      "defense", 
      "point", 
      "results", 
      "approach", 
      "small variations", 
      "variation", 
      "paper"
    ], 
    "name": "Towards Generating High Coverage Vulnerability-Based Signatures with Protocol-Level Constraint-Guided Exploration", 
    "pagination": "161-181", 
    "productId": [
      {
        "name": "dimensions_id", 
        "type": "PropertyValue", 
        "value": [
          "pub.1029433901"
        ]
      }, 
      {
        "name": "doi", 
        "type": "PropertyValue", 
        "value": [
          "10.1007/978-3-642-04342-0_9"
        ]
      }
    ], 
    "publisher": {
      "name": "Springer Nature", 
      "type": "Organisation"
    }, 
    "sameAs": [
      "https://doi.org/10.1007/978-3-642-04342-0_9", 
      "https://app.dimensions.ai/details/publication/pub.1029433901"
    ], 
    "sdDataset": "chapters", 
    "sdDatePublished": "2022-05-20T07:45", 
    "sdLicense": "https://scigraph.springernature.com/explorer/license/", 
    "sdPublisher": {
      "name": "Springer Nature - SN SciGraph project", 
      "type": "Organization"
    }, 
    "sdSource": "s3://com-springernature-scigraph/baseset/20220519/entities/gbq_results/chapter/chapter_286.jsonl", 
    "type": "Chapter", 
    "url": "https://doi.org/10.1007/978-3-642-04342-0_9"
  }
]
 

Download the RDF metadata as:  json-ld nt turtle xml License info

HOW TO GET THIS DATA PROGRAMMATICALLY:

JSON-LD is a popular format for linked data which is fully compatible with JSON.

curl -H 'Accept: application/ld+json' 'https://scigraph.springernature.com/pub.10.1007/978-3-642-04342-0_9'

N-Triples is a line-based linked data format ideal for batch operations.

curl -H 'Accept: application/n-triples' 'https://scigraph.springernature.com/pub.10.1007/978-3-642-04342-0_9'

Turtle is a human-readable linked data format.

curl -H 'Accept: text/turtle' 'https://scigraph.springernature.com/pub.10.1007/978-3-642-04342-0_9'

RDF/XML is a standard XML format for linked data.

curl -H 'Accept: application/rdf+xml' 'https://scigraph.springernature.com/pub.10.1007/978-3-642-04342-0_9'


 

This table displays all metadata directly associated to this object as RDF triples.

124 TRIPLES      23 PREDICATES      55 URIs      48 LITERALS      7 BLANK NODES

Subject Predicate Object
1 sg:pub.10.1007/978-3-642-04342-0_9 schema:about anzsrc-for:08
2 anzsrc-for:0801
3 schema:author Ne6f055ee1f20450aa77622642f31d82c
4 schema:datePublished 2009
5 schema:datePublishedReg 2009-01-01
6 schema:description Signature-based input filtering is an important and widely deployed defense. But current signature generation methods have limited coverage and the generated signatures often can be easily evaded by an attacker with small variations of the exploit message. In this paper, we propose protocol-level constraint-guided exploration, a new approach towards generating high coverage vulnerability-based signatures. In particular, our approach generates high coverage, yet compact, vulnerability point reachability predicates, which capture many paths to the vulnerability point. In our experimental results, our tool, Elcano, generates compact, high coverage signatures for real-world vulnerabilities.
7 schema:editor Nf761b8a91f79440d9a50cee5fd7e7720
8 schema:genre chapter
9 schema:inLanguage en
10 schema:isAccessibleForFree true
11 schema:isPartOf N6a4f18ec7274480194d853eac9af108a
12 schema:keywords Elcano
13 approach
14 attacker
15 constraints
16 coverage
17 defense
18 experimental results
19 exploration
20 filtering
21 generation method
22 high coverage
23 input filtering
24 messages
25 method
26 new approach
27 paper
28 path
29 point
30 predicates
31 reachability predicate
32 real-world vulnerabilities
33 results
34 signature generation method
35 signatures
36 small variations
37 tool
38 variation
39 vulnerability
40 vulnerability points
41 schema:name Towards Generating High Coverage Vulnerability-Based Signatures with Protocol-Level Constraint-Guided Exploration
42 schema:pagination 161-181
43 schema:productId N748db0674fd14bb9aece491a5c9edb73
44 N822dee97cbd547c6895a6656deed58c9
45 schema:publisher N05512d72c4fd492588bf5f9c00bc6e07
46 schema:sameAs https://app.dimensions.ai/details/publication/pub.1029433901
47 https://doi.org/10.1007/978-3-642-04342-0_9
48 schema:sdDatePublished 2022-05-20T07:45
49 schema:sdLicense https://scigraph.springernature.com/explorer/license/
50 schema:sdPublisher Nc99fd5c6533d40a799c5599d42ed23ab
51 schema:url https://doi.org/10.1007/978-3-642-04342-0_9
52 sgo:license sg:explorer/license/
53 sgo:sdDataset chapters
54 rdf:type schema:Chapter
55 N05512d72c4fd492588bf5f9c00bc6e07 schema:name Springer Nature
56 rdf:type schema:Organisation
57 N1aafc98a44bd4183b44c80a985c916e3 schema:familyName Balzarotti
58 schema:givenName Davide
59 rdf:type schema:Person
60 N2fad355c1ef94d8481728bd329f776a7 rdf:first N9e8d789339804732bc4ee84ca55a47ca
61 rdf:rest N7f62557912dc4858bf705a792c073653
62 N3ab32a1d73314794bd6f8b7aa9cca9d2 schema:familyName Kirda
63 schema:givenName Engin
64 rdf:type schema:Person
65 N6a4f18ec7274480194d853eac9af108a schema:isbn 978-3-642-04341-3
66 978-3-642-04342-0
67 schema:name Recent Advances in Intrusion Detection
68 rdf:type schema:Book
69 N748db0674fd14bb9aece491a5c9edb73 schema:name dimensions_id
70 schema:value pub.1029433901
71 rdf:type schema:PropertyValue
72 N75fc719971f841fcb47f49f9d05053a0 rdf:first sg:person.01143152610.86
73 rdf:rest rdf:nil
74 N7f62557912dc4858bf705a792c073653 rdf:first N1aafc98a44bd4183b44c80a985c916e3
75 rdf:rest rdf:nil
76 N81c5208cacde40d59abef537b3a439f0 rdf:first sg:person.014106736131.19
77 rdf:rest N882bf20fc3ff4064a791b5f8b2eac200
78 N822dee97cbd547c6895a6656deed58c9 schema:name doi
79 schema:value 10.1007/978-3-642-04342-0_9
80 rdf:type schema:PropertyValue
81 N882bf20fc3ff4064a791b5f8b2eac200 rdf:first sg:person.016604336755.76
82 rdf:rest N75fc719971f841fcb47f49f9d05053a0
83 N9e8d789339804732bc4ee84ca55a47ca schema:familyName Jha
84 schema:givenName Somesh
85 rdf:type schema:Person
86 Nc99fd5c6533d40a799c5599d42ed23ab schema:name Springer Nature - SN SciGraph project
87 rdf:type schema:Organization
88 Ne6f055ee1f20450aa77622642f31d82c rdf:first sg:person.07456732061.32
89 rdf:rest N81c5208cacde40d59abef537b3a439f0
90 Nf761b8a91f79440d9a50cee5fd7e7720 rdf:first N3ab32a1d73314794bd6f8b7aa9cca9d2
91 rdf:rest N2fad355c1ef94d8481728bd329f776a7
92 anzsrc-for:08 schema:inDefinedTermSet anzsrc-for:
93 schema:name Information and Computing Sciences
94 rdf:type schema:DefinedTerm
95 anzsrc-for:0801 schema:inDefinedTermSet anzsrc-for:
96 schema:name Artificial Intelligence and Image Processing
97 rdf:type schema:DefinedTerm
98 sg:person.01143152610.86 schema:affiliation grid-institutes:grid.47840.3f
99 schema:familyName Song
100 schema:givenName Dawn
101 schema:sameAs https://app.dimensions.ai/discover/publication?and_facet_researcher=ur.01143152610.86
102 rdf:type schema:Person
103 sg:person.014106736131.19 schema:affiliation grid-institutes:grid.4280.e
104 schema:familyName Liang
105 schema:givenName Zhenkai
106 schema:sameAs https://app.dimensions.ai/discover/publication?and_facet_researcher=ur.014106736131.19
107 rdf:type schema:Person
108 sg:person.016604336755.76 schema:affiliation grid-institutes:grid.47840.3f
109 schema:familyName Poosankam
110 schema:givenName Pongsin
111 schema:sameAs https://app.dimensions.ai/discover/publication?and_facet_researcher=ur.016604336755.76
112 rdf:type schema:Person
113 sg:person.07456732061.32 schema:affiliation grid-institutes:grid.47840.3f
114 schema:familyName Caballero
115 schema:givenName Juan
116 schema:sameAs https://app.dimensions.ai/discover/publication?and_facet_researcher=ur.07456732061.32
117 rdf:type schema:Person
118 grid-institutes:grid.4280.e schema:alternateName National University of Singapore, Singapore
119 schema:name National University of Singapore, Singapore
120 rdf:type schema:Organization
121 grid-institutes:grid.47840.3f schema:alternateName UC Berkeley, USA
122 schema:name Carnegie Mellon University, USA
123 UC Berkeley, USA
124 rdf:type schema:Organization
 




Preview window. Press ESC to close (or click here)


...