Evolving Successful Stack Overflow Attacks for Vulnerability Testing

H. Gunes Kayacyk; A. Nur Zincir-Heywood; Malcolm Heywood

doi:10.1109/CSAC.2005.23

A
ACSAC
2005
21st Annual Computer Security Applications Conference (ACSAC'05)
Abstract - Evolving Successful Stack Overflow Attacks for Vulnerability Testing

	This Article
	Subscribers, please Login Purchase article: $19 PDF IEEE Xplore Subscribers RSS feed
	Share
	Email this Article to a friend
	Bibliographic References
	ASCII Text BibTex RefWorks Procite/RefMan/EndNote
	Add to:
	Digg Furl Spurl Blink Simpy Google Del.icio.us Y!MyWeb
	Search
	Similar Articles Articles by H. Gunes Kayacyk Articles by A. Nur Zincir-Heywood Articles by Malcolm Heywood

21st Annual Computer Security Applications Conference (ACSAC'05)

Evolving Successful Stack Overflow Attacks for Vulnerability Testing

Tucson, Arizona

December 05-December 09

ISBN: 0-7695-2461-3

	ASCII Text	x
	H. Gunes Kayacyk, A. Nur Zincir-Heywood, Malcolm Heywood, "Evolving Successful Stack Overflow Attacks for Vulnerability Testing," Computer Security Applications Conference, Annual, pp. 225-234, 21st Annual Computer Security Applications Conference (ACSAC'05), 2005.

	BibTex	x
	@article{ 10.1109/CSAC.2005.23, author = {H. Gunes Kayacyk and A. Nur Zincir-Heywood and Malcolm Heywood}, title = {Evolving Successful Stack Overflow Attacks for Vulnerability Testing}, journal ={Computer Security Applications Conference, Annual}, volume = {0}, year = {2005}, issn = {1063-9527}, pages = {225-234}, doi = {http://doi.ieeecomputersociety.org/10.1109/CSAC.2005.23}, publisher = {IEEE Computer Society}, address = {Los Alamitos, CA, USA}, }

	RefWorks Procite/RefMan/Endnote	x
	TY - CONF JO - Computer Security Applications Conference, Annual TI - Evolving Successful Stack Overflow Attacks for Vulnerability Testing SN - 1063-9527 SP225 EP234 A1 - H. Gunes Kayacyk, A1 - A. Nur Zincir-Heywood, A1 - Malcolm Heywood, PY - 2005 KW - null VL - 0 JA - Computer Security Applications Conference, Annual ER -

H. Gunes Kayacyk, Dalhousie University, Halifax, Nova Scotia

A. Nur Zincir-Heywood, Dalhousie University, Halifax, Nova Scotia

Malcolm Heywood, Dalhousie University, Halifax, Nova Scotia

DOI Bookmark: http://doi.ieeecomputersociety.org/10.1109/CSAC.2005.23

The work presented in this paper is intended to test crucial system services against stack overflow vulnerabilities. The focus of the test is the user-accessible variables, that is to say, the inputs from the user as specified at the command line or in a configuration file. The tester is defined as a process for automatically generating a wide variety of user-accessible variables that result in malicious buffers (an exploit). In this work, the search for successful exploits is formulated as an optimization problem and solved using evolutionary computation. Moreover the resulting attacks are passed through the Snort misuse detection system to observe the detection (or not) of each exploit.

Citation:

H. Gunes Kayacyk, A. Nur Zincir-Heywood, Malcolm Heywood, "Evolving Successful Stack Overflow Attacks for Vulnerability Testing," acsac, pp.225-234, 21st Annual Computer Security Applications Conference (ACSAC'05), 2005

Peer Review Notice | Give Us Feedback

Usage of this product signifies your acceptance of the Terms of Use.