Information and Communications Magazine (정보와 통신)

The Korean Institute of Commucations and Information Sciences (한국통신학회)
권호 표지

통신망에서 폴리모픽 웜 공격의 탐지 기술

  • Published : 2006.09.01
Download PDF
⟨ Previous Next ⟩

Abstract

Keywords

References

  1. K2, ADMmutate, http://www.ktwo.ca/security.html.
  2. David J. Albanese, Michael J. Wiacek, Christopher M. Salter, and Jeffrey A. Six, The Case for Using Layered Defenses to Stop Worms, Report #C43-002R-2004, Version 1.0, June 18, 2004, National Security Agency
  3. O. Kolesnikov, D. Dagon, and W. Lee, 'Advanced Polymorphic Worms : Evading IDS by blending in with normal traffic', College of Computing, Georgia Inst. of Tech, Atlanta, GA. 2004
  4. CLET Team, 'Polymorphic Shellcode Engine Using Spectrum Analysis', http://www.phrack.org, Phrack 61/9, 2003
  5. M. Sedalo, Jempiscodes: Polymorphic shellcode generator, 2003. http:// securitylab.ru/tools/services/download/?ID=36712
  6. Tapion Project, http://pb.specialised.info/all/tapion/
  7. J. Newsome, B. Karp, and D. Song. Polygraph: Automatic signature generation for polymorphic worms. In Proceedings of the 2005 IEEE Symposium on Security and Privacy, May 2005
  8. Y. Tang and S. Chen. Defending against Internet worms: A signature-based approach. In Proceedings of the IEEE Infocom 2005, Miami, Florida, USA, May 2005
  9. S. Singh, C. Estan, G. Varghese, and S. Savage. Automated worm fingerprinting. In Proceedings of the ACM/USENIX Symposium on Operating System Design and Implementation, San Francisco, SA, USA, December 2004
  10. Mihai Christodorescu et al., 'Semantics-Aware Malware Detection'. (U of Wisconsin & CMU)
  11. C.Kruegel, E.Kirda, D.Mutz, W.Robertson, and G. Vigna. Polymorphic worm detection using structural information of executables. In Proceedings of the 8th International Symposium on Recent Advances in Intrusion Detection (RAID), September 2005
  12. A. Pasupulati et al., 'Buttercup: On network-based detection of polymorphic buffer overflow vulnerabilities', In 9th IEEE/IFIP Network Operation and Management Symposium (NOMS' 2004)
  13. U. Payer, P. Teufl, and M. Lamberger, 'Hybrid engine for polymorphic shellcode detection', In Proc. of DIMVA, 2005
  14. Ed Skoudis and Lenny Zeltser, Malware: Fighting Malicious Code, Prentice-Hall, 2004, (Chapter 2: Virus, 3: Worm)
  15. V. Yegneswaran, J. T. Giffin, P. Barford, and S. Jha, 'An architecture for generating semantics-aware signature', In USENIX Security Symposium, 2005