{"status":"ok","message-type":"work","message-version":"1.0.0","message":{"indexed":{"date-parts":[[2024,9,5]],"date-time":"2024-09-05T06:46:08Z","timestamp":1725518768460},"publisher-location":"Berlin, Heidelberg","reference-count":25,"publisher":"Springer Berlin Heidelberg","isbn-type":[{"type":"print","value":"9783540874027"},{"type":"electronic","value":"9783540874034"}],"content-domain":{"domain":[],"crossmark-restriction":false},"short-container-title":[],"DOI":"10.1007\/978-3-540-87403-4_10","type":"book-chapter","created":{"date-parts":[[2008,9,17]],"date-time":"2008-09-17T11:42:05Z","timestamp":1221651725000},"page":"175-190","source":"Crossref","is-referenced-by-count":4,"title":["Swarm Attacks against Network-Level Emulation\/Analysis"],"prefix":"10.1007","author":[{"given":"Simon P.","family":"Chung","sequence":"first","affiliation":[]},{"given":"Aloysius K.","family":"Mok","sequence":"additional","affiliation":[]}],"member":"297","reference":[{"key":"10_CR1","doi-asserted-by":"crossref","unstructured":"Akritidis, P., Markatos, E.P., Polychronakis, M., Ananostakis, K.: Stride: Polymorphic sled detection through instruction sequence analysis. In: Proceedings of the 20th IFIP International Information Security Conference (IFIP\/SEC 2005), Chiba, Japan (May 2005)","DOI":"10.1007\/0-387-25660-1_25"},{"key":"10_CR2","unstructured":"Chen, S., Xu, J., Sezer, E.C., Gauriar, P., Iyer, R.K.: Non-control data attacks are realistic threats. In: Proceedings of the 14th conference on USENIX Security Symposium (USENIX Security 2005), Madison (July 2005)"},{"key":"10_CR3","series-title":"Lecture Notes in Computer Science","doi-asserted-by":"publisher","first-page":"284","DOI":"10.1007\/11663812_15","volume-title":"Recent Advances in Intrusion Detection","author":"R. Chinchani","year":"2006","unstructured":"Chinchani, R., Van Den Berg, E.: A fast static analysis approach to detect exploit code inside network flows. In: Valdes, A., Zamboni, D. (eds.) RAID 2005. LNCS, vol.\u00a03858, pp. 284\u2013308. Springer, Heidelberg (2006)"},{"key":"10_CR4","series-title":"Lecture Notes in Computer Science","doi-asserted-by":"publisher","first-page":"61","DOI":"10.1007\/11856214_4","volume-title":"Recent Advances in Intrusion Detection","author":"S.P. Chung","year":"2006","unstructured":"Chung, S.P., Mok, A.K.: Allergy Attack Against Automatic Signature Generation. In: Zamboni, D., Kr\u00fcgel, C. (eds.) RAID 2006. LNCS, vol.\u00a04219, pp. 61\u201380. Springer, Heidelberg (2006)"},{"key":"10_CR5","doi-asserted-by":"crossref","unstructured":"Costa, M., Crowcroft, J., Castro, M., Rowstron, A., Zhou, L., Zhang, L., Barham, P.: Vigilante: End-to-end containment of internet worms. In: Proceedings of 20th ACM Symposium on Operating Systems Principles, Brighton (October 2005)","DOI":"10.1145\/1095810.1095824"},{"key":"10_CR6","unstructured":"Detristan, T., Ulenspiegel, T., Malcom, Y., von Underduk, M.S.: Polymorphic shellcode engine using spectrum analysis. In: Phrack, vol. 11 (2003)"},{"key":"10_CR7","doi-asserted-by":"crossref","unstructured":"Fogla, P., Lee, W.: Evading network anomaly detection systems: Formal reasoning and practical techniques. In: Proceedings of the 13th Conference on Computer and Communication Security (CCS 2006), Virginia (October 2006)","DOI":"10.1145\/1180405.1180414"},{"key":"10_CR8","unstructured":"Fogla, P., Sharif, M., Perdisci, R., Kolesnikov, O., Lee, W.: Polymorphic blending attacks. In: Proceedings of 15th USENIX Security Symposium Abstract (USENIX Security 2006), Vancouver (July 2006)"},{"key":"10_CR9","unstructured":"jp. Advanced Doug lea\u2019s malloc exploits, http:\/\/doc.bughunter.net\/buffer-overflow\/advanced-malloc-exploits.html"},{"key":"10_CR10","unstructured":"K2. ADMmutate documentation (2003), http:\/\/www.ktwo.ca\/ADMmutate-0.8.4.tar.gz"},{"key":"10_CR11","unstructured":"mati@see security.com. Savant 3.1 Web Server Buffer Overflow Tutorial, https:\/\/www.securinfos.info\/english\/security-whitepapers-hacking-tutorials\/Savant-BO-tutorial.pdf"},{"key":"10_CR12","doi-asserted-by":"crossref","unstructured":"Parampalli, C., Sekar, R., Johnson, R.: A practical mimicry attack against powerful system-call monitors. In: Proceedings of the ACM Symposium on Information, Computer and Communications Security (ASIACCS 2008), Tokyo (March 2008)","DOI":"10.1145\/1368310.1368334"},{"key":"10_CR13","series-title":"Lecture Notes in Computer Science","doi-asserted-by":"crossref","first-page":"19","DOI":"10.1007\/11506881_2","volume-title":"Proceedings of Proceedings of the Third Conference on Detection of Intrusions and Malware and Vulnerability Assessment (DIMVA 2005)","author":"U. Payer","year":"2005","unstructured":"Payer, U., Teufl, P., Lamberger, M.: Hybrid engine for polymorphic shellcode detection. In: Julisch, K., Kr\u00fcgel, C. (eds.) DIMVA 2005. LNCS, vol.\u00a03548, pp. 19\u201331. Springer, Heidelberg (2005)"},{"key":"10_CR14","series-title":"Lecture Notes in Computer Science","doi-asserted-by":"publisher","first-page":"54","DOI":"10.1007\/11790754_4","volume-title":"Proceedings of the Third Conference on Detection of Intrusions and Malware and Vulnerability Assessment (DIMVA 2006)","author":"M. Polychronakis","year":"2006","unstructured":"Polychronakis, M., Anagnostakis, K.G., Markatos, E.P.: Network-level polymorphic shellcode detection using emulation. In: B\u00fcschkes, R., Laskov, P. (eds.) DIMVA 2006. LNCS, vol.\u00a04064, pp. 54\u201373. Springer, Heidelberg (2006)"},{"key":"10_CR15","series-title":"Lecture Notes in Computer Science","first-page":"87","volume-title":"Recent Advances in Intrusion Detection","author":"E.P. Markatos","year":"2007","unstructured":"Markatos, E.P., Anagnostakis, K.G., Polychronakis, M.: Emulation-Based Detection of Non-self-contained Polymorphic Shellcode. In: Kruegel, C., Lippmann, R., Clark, A. (eds.) RAID 2007. LNCS, vol.\u00a04637, pp. 87\u2013106. Springer, Heidelberg (2007)"},{"key":"10_CR16","unstructured":"Determina\u00a0Security Research. Windows Animated Cursor Stack Overflow Vulnerability, http:\/\/www.determina.com\/security.research\/vulnerabilities\/ani-header.html ."},{"key":"10_CR17","doi-asserted-by":"crossref","unstructured":"Rubin, S., Jha, S., Miller, B.: Automatic generation and analysis of nids attacks. In: Proceedings of the Annual Computer Security Applications Conference 2004 (ACSAC 2004), California (December 2004)","DOI":"10.1109\/CSAC.2004.9"},{"key":"10_CR18","doi-asserted-by":"crossref","unstructured":"Shacham, H.: The geometry of innocent flesh on the bone: Return-into-libc without function calls (on the x86). In: Proceedings of the 14th Conference on Computer and Communication Security (CCS 2007), Virginia (October 2007)","DOI":"10.1145\/1315245.1315313"},{"key":"10_CR19","unstructured":"Sidiroglou, S., Locasto, M.E., Boyd, S.W., Keromytis, A.D.: Building a reactive immune system for software services. In: Proceedings of the USENIX Annual Technical Conference 2005, California (April 2005)"},{"key":"10_CR20","doi-asserted-by":"crossref","unstructured":"Song, Y., Locasto, M.E., Stavrou, A., Keromytis, A.D., Stolfo, S.J.: On the infeasibility of modeling polymorphic shellcode. In: Proceedings of the 13th Conference on Computer and Communication Security (CCS 2007), Virginia (October 2007)","DOI":"10.1145\/1315245.1315312"},{"key":"10_CR21","series-title":"Lecture Notes in Computer Science","doi-asserted-by":"publisher","DOI":"10.1007\/3-540-36084-0_15","volume-title":"Recent Advances in Intrusion Detection","author":"T. Toth","year":"2002","unstructured":"Toth, T., Kruegel, C.: Accurate buffer overflow detection via abstract payload execution. In: Wespi, A., Vigna, G., Deri, L. (eds.) RAID 2002. LNCS, vol.\u00a02516. Springer, Heidelberg (2002)"},{"key":"10_CR22","unstructured":"US-CERT. Vulnerability Note VU#29823: Format string input validation error in wu-ftpd site_exec() function, http:\/\/www.kb.cert.org\/vuls\/id\/29823"},{"key":"10_CR23","series-title":"Lecture Notes in Computer Science","doi-asserted-by":"publisher","first-page":"227","DOI":"10.1007\/11663812_12","volume-title":"Recent Advances in Intrusion Detection","author":"K. Wang","year":"2006","unstructured":"Wang, K., Cretu, G., Stolfo, S.J.: Anomalous payload-based worm detection and signature generation. In: Valdes, A., Zamboni, D. (eds.) RAID 2005. LNCS, vol.\u00a03858, pp. 227\u2013246. Springer, Heidelberg (2006)"},{"key":"10_CR24","unstructured":"Wang, X., Pan, C.C., Liu, P., Zhu, S.: Sigfree: A signature-free buffer overflow attack blocker. In: Proceedings of 15th USENIX Security Symposium Abstract (USENIX Security 2006), Vancouver (July 2006)"},{"key":"10_CR25","doi-asserted-by":"crossref","unstructured":"Zhang, Q., Reeves, D.S., Ning, P., Iyer, S.P.: Analyzing network traffic to detect self-decryption exploit code. In: Proceedings of the 2nd ACM Symposium on InformAtion, Computer and Communications Security (ASIACCS 2007), Singapore (March 2007)","DOI":"10.1145\/1229285.1229291"}],"container-title":["Lecture Notes in Computer Science","Recent Advances in Intrusion Detection"],"original-title":[],"language":"en","link":[{"URL":"http:\/\/link.springer.com\/content\/pdf\/10.1007\/978-3-540-87403-4_10.pdf","content-type":"unspecified","content-version":"vor","intended-application":"similarity-checking"}],"deposited":{"date-parts":[[2020,11,24]],"date-time":"2020-11-24T02:37:24Z","timestamp":1606185444000},"score":1,"resource":{"primary":{"URL":"http:\/\/link.springer.com\/10.1007\/978-3-540-87403-4_10"}},"subtitle":[],"short-title":[],"issued":{"date-parts":[[null]]},"ISBN":["9783540874027","9783540874034"],"references-count":25,"URL":"https:\/\/doi.org\/10.1007\/978-3-540-87403-4_10","relation":{},"ISSN":["0302-9743","1611-3349"],"issn-type":[{"type":"print","value":"0302-9743"},{"type":"electronic","value":"1611-3349"}],"subject":[]}}