Generating mimicry attacks using genetic programming: A benchmarking study

Created by W.Langdon from gp-bibliography.bib Revision:1.4524

  author =       "H. {Gunes Kayacik} and A. Nur Zincir-Heywood and 
                 Malcolm I. Heywood and Stefan Burschka",
  title =        "Generating mimicry attacks using genetic programming:
                 A benchmarking study",
  booktitle =    "IEEE Symposium on Computational Intelligence in Cyber
                 Security, CICS '09",
  year =         "2009",
  month =        "30 " # mar # "-" # apr # " 2",
  pages =        "136--143",
  keywords =     "genetic algorithms, genetic programming, benchmark
                 testing, black-box approach, commodity anomaly
                 detection system, evolutionary mimicry attack
                 generation, intrusion detection, multiobjective genetic
                 programming, open-source anomaly detection system,
                 penetration testing, target anomaly detection,
                 vulnerability testing approach, vulnerable UNIX
                 application, benchmark testing, program testing,
                 security of data",
  DOI =          "doi:10.1109/CICYBS.2009.4925101",
  abstract =     "Mimicry attacks have been the focus of detector
                 research where the objective of the attacker is to
                 generate multiple attacks satisfying the same generic
                 exploit goals for a given vulnerability. In this work,
                 multi-objective Genetic programming is used to
                 establish a 'black-box' approach to mimicry attack
                 generation. No knowledge is made of internal data
                 structures of the target anomaly detector, only the
                 anomaly rate reported by the detector. Such a 'black
                 box' methodology enables a vulnerability testing
                 approach where both open-source and commodity anomaly
                 detection systems can be tested. The approach
                 successfully identifies exploits when benchmarked over
                 four detectors and four applications.",
  notes =        "Also known as \cite{4925101}",

Genetic Programming entries for Hilmi Gunes Kayacik Nur Zincir-Heywood Malcolm Heywood Stefan Burschka