통신망에서 폴리모픽 웜 공격의 탐지 기술 |
Jeon Yong-Hui
(대구가톨릭대학교)
Jang Jeong-Suk (대구가톨릭대학교) Jang Jeong-Su (한국전자통신연구원) Nam Taek-Yong (한국전자통신연구원) |
1 | Tapion Project, http://pb.specialised.info/all/tapion/ |
2 | J. Newsome, B. Karp, and D. Song. Polygraph: Automatic signature generation for polymorphic worms. In Proceedings of the 2005 IEEE Symposium on Security and Privacy, May 2005 |
3 | Ed Skoudis and Lenny Zeltser, Malware: Fighting Malicious Code, Prentice-Hall, 2004, (Chapter 2: Virus, 3: Worm) |
4 | David J. Albanese, Michael J. Wiacek, Christopher M. Salter, and Jeffrey A. Six, The Case for Using Layered Defenses to Stop Worms, Report #C43-002R-2004, Version 1.0, June 18, 2004, National Security Agency |
5 | C.Kruegel, E.Kirda, D.Mutz, W.Robertson, and G. Vigna. Polymorphic worm detection using structural information of executables. In Proceedings of the 8th International Symposium on Recent Advances in Intrusion Detection (RAID), September 2005 |
6 | CLET Team, 'Polymorphic Shellcode Engine Using Spectrum Analysis', http://www.phrack.org, Phrack 61/9, 2003 |
7 | O. Kolesnikov, D. Dagon, and W. Lee, 'Advanced Polymorphic Worms : Evading IDS by blending in with normal traffic', College of Computing, Georgia Inst. of Tech, Atlanta, GA. 2004 |
8 | A. Pasupulati et al., 'Buttercup: On network-based detection of polymorphic buffer overflow vulnerabilities', In 9th IEEE/IFIP Network Operation and Management Symposium (NOMS' 2004) |
9 | V. Yegneswaran, J. T. Giffin, P. Barford, and S. Jha, 'An architecture for generating semantics-aware signature', In USENIX Security Symposium, 2005 |
10 | M. Sedalo, Jempiscodes: Polymorphic shellcode generator, 2003. http:// securitylab.ru/tools/services/download/?ID=36712 |
11 | S. Singh, C. Estan, G. Varghese, and S. Savage. Automated worm fingerprinting. In Proceedings of the ACM/USENIX Symposium on Operating System Design and Implementation, San Francisco, SA, USA, December 2004 |
12 | Mihai Christodorescu et al., 'Semantics-Aware Malware Detection'. (U of Wisconsin & CMU) |
13 | Y. Tang and S. Chen. Defending against Internet worms: A signature-based approach. In Proceedings of the IEEE Infocom 2005, Miami, Florida, USA, May 2005 |
14 | K2, ADMmutate, http://www.ktwo.ca/security.html. |
15 | U. Payer, P. Teufl, and M. Lamberger, 'Hybrid engine for polymorphic shellcode detection', In Proc. of DIMVA, 2005 |