Skip to search formSkip to main contentSkip to account menu
SOK: (State of) The Art of War: Offensive Techniques in Binary Analysis
TLDR
This paper presents a binary analysis framework that implements a number of analysis techniques that have been proposed in the past and implements these techniques in a unifying framework, which allows other researchers to compose them and develop new approaches.
View on IEEE
Driller: Augmenting Fuzzing Through Selective Symbolic Execution
TLDR
Driller is presented, a hybrid vulnerability excavation tool which leverages fuzzing and selective concolic execution in a complementary manner, to find deeper bugs and mitigate their weaknesses, avoiding the path explosion inherent in concolic analysis and the incompleteness of fuzzing.
View via Publisher
Detection and analysis of drive-by-download attacks and malicious JavaScript code
TLDR
A novel approach to the detection and analysis of malicious JavaScript code is presented that uses a number of features and machine-learning techniques to establish the characteristics of normal JavaScript code and is able to identify anomalous JavaScript code by emulating its behavior and comparing it to the established profiles.
View on ACM
Detecting spammers on social networks
TLDR
The results show that it is possible to automatically identify the accounts used by spammers, and the analysis was used for take-down efforts in a real-world social network.
View on ACM
Your botnet is my botnet: analysis of a botnet takeover
TLDR
This paper reports on efforts to take control of the Torpig botnet and study its operations for a period of ten days, which provides a new understanding of the type and amount of personal information that is stolen by botnets.
View on ACM
Anomaly detection of web-based attacks
TLDR
An intrusion detection system that uses a number of different anomaly detection techniques to detect attacks against web servers and web-based applications and derives automatically the parameter profiles associated with web applications from the analyzed data.
View on ACM
Prophiler: a fast filter for the large-scale detection of malicious web pages
TLDR
The authors' filter, called Prophiler, uses static analysis techniques to quickly examine a web page for malicious content, and automatically derive detection models that use these features using machine-learning techniques applied to labeled datasets.
View on ACM
Cookieless Monster: Exploring the Ecosystem of Web-Based Device Fingerprinting
TLDR
By analyzing the code of three popular browser-fingerprinting code providers, it is revealed the techniques that allow websites to track users without the need of client-side identifiers and how fragile the browser ecosystem is against fingerprinting through the use of novel browser-identifying techniques.
View on IEEE
COMPA: Detecting Compromised Accounts on Social Networks
TLDR
This work has extensively studied the use of fake (Sybil) accounts that attackers set up to distribute spam messages, which typically exhibit highly anomalous behavior, and hence, are relatively easy to detect.
View Paper
Comprehensive approach to intrusion detection alert correlation
TLDR
This paper presents a general correlation model that includes a comprehensive set of components and a framework based on this model and shows that the correlation components are effective in achieving alert reduction and abstraction.
View on IEEE
...
...
By clicking accept or continuing to use the site, you agree to the terms outlined in our Privacy Policy, Terms of Service, and Dataset License