On evolving buffer overflow attacks using genetic programming

Created by W.Langdon from gp-bibliography.bib Revision:1.4524

  author =       "Hilmi Gunes Kayacik and Malcolm Heywood and 
                 Nur Zincir-Heywood",
  title =        "On evolving buffer overflow attacks using genetic
  booktitle =    "{GECCO 2006:} Proceedings of the 8th annual conference
                 on Genetic and evolutionary computation",
  year =         "2006",
  editor =       "Maarten Keijzer and Mike Cattolico and Dirk Arnold and 
                 Vladan Babovic and Christian Blum and Peter Bosman and 
                 Martin V. Butz and Carlos {Coello Coello} and 
                 Dipankar Dasgupta and Sevan G. Ficici and James Foster and 
                 Arturo Hernandez-Aguirre and Greg Hornby and 
                 Hod Lipson and Phil McMinn and Jason Moore and Guenther Raidl and 
                 Franz Rothlauf and Conor Ryan and Dirk Thierens",
  volume =       "2",
  ISBN =         "1-59593-186-4",
  pages =        "1667--1674",
  address =      "Seattle, Washington, USA",
  publisher =    "ACM Press",
  publisher_address = "New York, NY, 10286-1405, USA",
  month =        "8-12 " # jul,
  organisation = "ACM SIGEVO (formerly ISGEC)",
  keywords =     "genetic algorithms, genetic programming, Real-World
                 Applications, intrusion detection systems, linear
                 genetic programming, mimicry attacks, security",
  language =     "en",
  oai =          "oai:CiteSeerX.psu:",
  URL =          "http://citeseerx.ist.psu.edu/viewdoc/summary?doi=",
  URL =          "http://www.sis.pitt.edu/jjoshi/courses/IS2620/Spring09/Kayacik.pdf",
  URL =          "http://www.cs.bham.ac.uk/~wbl/biblio/gecco2006/docs/p1667.pdf",
  DOI =          "doi:10.1145/1143997.1144271",
  size =         "7 pages",
  abstract =     "In this work, we employed genetic programming to
                 evolve a white hat attacker; that is to say, we evolve
                 variants of an attack with the objective of providing
                 better detectors. Assuming a generic buffer overflow
                 exploit, we evolve variants of the generic attack, with
                 the objective of evading detection by signature-based
                 methods. To do so, we pay particular attention to the
                 formulation of an appropriate fitness function and
                 partnering instruction set. Moreover, by making use of
                 the intron behaviour inherent in the genetic
                 programming paradigm, we are able to explicitly
                 obfuscate the true intent of the code. All the
                 resulting attacks defeat the widely used Snort
                 Intrusion Detection System.",
  notes =        "GECCO-2006 A joint meeting of the fifteenth
                 international conference on genetic algorithms
                 (ICGA-2006) and the eleventh annual genetic programming
                 conference (GP-2006).

                 ACM Order Number 910060",

Genetic Programming entries for Hilmi Gunes Kayacik Malcolm Heywood Nur Zincir-Heywood