Presentation | 2009-06-18 Detection of Shellcodes in Remote Exploits Detection Method based on Structural Analysis Hiroki NOGAWA, Fuminori ADACHI, Yasumitsu TSUJINO, Seiji MORIYA, Kazunori SAITO, |
---|---|
PDF Download Page | PDF download Page Link |
Abstract(in Japanese) | (See Japanese page) |
Abstract(in English) | Shellcodes are small assembly programs used in remote exploits. Some researchers focus on shellcode analysis and detection of shellcodes, but they failed to build a shellcode detection system with enough precision and performance. In this paper, we show our method of analyzing and detecting shellocdes over network traffic, and demonstrate our shellcode-detecting system. At first, we briefly define shellcodes and introduce importance of shellcodes detection in finding remote exploits. Secondly, we introduce previous methods for shellcode detection, and describe our structural analysis of shellcodes. At last, we display evaluation result of our method implemented in C language, and show an interesting example. |
Keyword(in Japanese) | (See Japanese page) |
Keyword(in English) | shellcode detection / structural analysis |
Paper # | IA2009-2,ICSS2009-10 |
Date of Issue |
Conference Information | |
Committee | IA |
---|---|
Conference Date | 2009/6/11(1days) |
Place (in Japanese) | (See Japanese page) |
Place (in English) | |
Topics (in Japanese) | (See Japanese page) |
Topics (in English) | |
Chair | |
Vice Chair | |
Secretary | |
Assistant |
Paper Information | |
Registration To | Internet Architecture(IA) |
---|---|
Language | ENG |
Title (in Japanese) | (See Japanese page) |
Sub Title (in Japanese) | (See Japanese page) |
Title (in English) | Detection of Shellcodes in Remote Exploits Detection Method based on Structural Analysis |
Sub Title (in English) | |
Keyword(1) | shellcode detection |
Keyword(2) | structural analysis |
1st Author's Name | Hiroki NOGAWA |
1st Author's Affiliation | Secureware Inc.() |
2nd Author's Name | Fuminori ADACHI |
2nd Author's Affiliation | Secureware Inc. |
3rd Author's Name | Yasumitsu TSUJINO |
3rd Author's Affiliation | Secureware Inc. |
4th Author's Name | Seiji MORIYA |
4th Author's Affiliation | Secureware Inc. |
5th Author's Name | Kazunori SAITO |
5th Author's Affiliation | Secureware Inc. |
Date | 2009-06-18 |
Paper # | IA2009-2,ICSS2009-10 |
Volume (vol) | vol.109 |
Number (no) | 85 |
Page | pp.pp.- |
#Pages | 6 |
Date of Issue |