Evolving Successful Stack Overflow Attacks for Vulnerability Testing

Created by W.Langdon from gp-bibliography.bib Revision:1.3872

@InProceedings{10.1109/CSAC.2005.23,
  author =       "H. Gunes Kayacyk and A. Nur Zincir-Heywood and 
                 Malcolm Heywood",
  title =        "Evolving Successful Stack Overflow Attacks for
                 Vulnerability Testing",
  booktitle =    "21st Annual Computer Security Applications Conference
                 (ACSAC'05)",
  year =         "2005",
  pages =        "225--234",
  month =        dec,
  publisher =    "IEEE Computer Society",
  keywords =     "genetic algorithms, genetic programming, grammatical
                 evolution",
  ISSN =         "1063-9527",
  URL =          "http://www.acsac.org/2005/papers/119.pdf",
  DOI =          "doi:10.1109/CSAC.2005.23",
  abstract =     "The work presented in this paper is intended to test
                 crucial system services against stack overflow
                 vulnerabilities. The focus of the test is the
                 user-accessible variables, that is to say, the inputs
                 from the user as specified at the command line or in a
                 configuration file. The tester is defined as a process
                 for automatically generating a wide variety of
                 user-accessible variables that result in malicious
                 buffers (an exploit). In this work, the search for
                 successful exploits is formulated as an optimisation
                 problem and solved using evolutionary computation.
                 Moreover the resulting attacks are passed through the
                 Snort misuse detection system to observe the detection
                 (or not) of each exploit.",
  notes =        "note incorrect spelling of first author",
}

Genetic Programming entries for Hilmi Gunes Kayacik Nur Zincir-Heywood Malcolm Heywood

Citations