The original paper is in English. Non-English content has been machine-translated and may contain typographical errors or mistranslations. ex. Some numerals are expressed as "XNUMX".
Copyrights notice
The original paper is in English. Non-English content has been machine-translated and may contain typographical errors or mistranslations. Copyrights notice
Bien que la détection des attaques logicielles via l'analyse dynamique des contaminations (DTA) permette une couverture élevée de l'exécution du programme, elle dégrade de manière prohibitive les performances du programme surveillé. Cette lettre explore la possibilité d'une analyse collaborative des contaminations dynamiques entre les membres d'une communauté d'applications (AC) : au lieu d'une surveillance complète de chaque demande à chaque instance de l'AC, chaque membre utilise DTA pour une fraction des demandes entrantes, allégeant ainsi le fardeau. de surveillance lourde. Nos résultats expérimentaux utilisant un test AC basé sur le serveur Web Apache montrent qu'une détection rapide des épidémies de vers est réalisable avec des communautés d'applications de taille moyenne (à, 250-500).
The copyright of the original papers published on this site belongs to IEICE. Unauthorized use of the original or translated papers is prohibited. See IEICE Provisions on Copyright for details.
Copier
Hyung Chan KIM, Angelos KEROMYTIS, "On the Deployment of Dynamic Taint Analysis for Application Communities" in IEICE TRANSACTIONS on Information,
vol. E92-D, no. 3, pp. 548-551, March 2009, doi: 10.1587/transinf.E92.D.548.
Abstract: Although software-attack detection via dynamic taint analysis (DTA) supports high coverage of program execution, it prohibitively degrades the performance of the monitored program. This letter explores the possibility of collaborative dynamic taint analysis among members of an application community (AC): instead of full monitoring for every request at every instance of the AC, each member uses DTA for some fraction of the incoming requests, thereby loosening the burden of heavyweight monitoring. Our experimental results using a test AC based on the Apache web server show that speedy detection of worm outbreaks is feasible with application communities of medium size (i.e., 250-500).
URL: https://global.ieice.org/en_transactions/information/10.1587/transinf.E92.D.548/_p
Copier
@ARTICLE{e92-d_3_548,
author={Hyung Chan KIM, Angelos KEROMYTIS, },
journal={IEICE TRANSACTIONS on Information},
title={On the Deployment of Dynamic Taint Analysis for Application Communities},
year={2009},
volume={E92-D},
number={3},
pages={548-551},
abstract={Although software-attack detection via dynamic taint analysis (DTA) supports high coverage of program execution, it prohibitively degrades the performance of the monitored program. This letter explores the possibility of collaborative dynamic taint analysis among members of an application community (AC): instead of full monitoring for every request at every instance of the AC, each member uses DTA for some fraction of the incoming requests, thereby loosening the burden of heavyweight monitoring. Our experimental results using a test AC based on the Apache web server show that speedy detection of worm outbreaks is feasible with application communities of medium size (i.e., 250-500).},
keywords={},
doi={10.1587/transinf.E92.D.548},
ISSN={1745-1361},
month={March},}
Copier
TY - JOUR
TI - On the Deployment of Dynamic Taint Analysis for Application Communities
T2 - IEICE TRANSACTIONS on Information
SP - 548
EP - 551
AU - Hyung Chan KIM
AU - Angelos KEROMYTIS
PY - 2009
DO - 10.1587/transinf.E92.D.548
JO - IEICE TRANSACTIONS on Information
SN - 1745-1361
VL - E92-D
IS - 3
JA - IEICE TRANSACTIONS on Information
Y1 - March 2009
AB - Although software-attack detection via dynamic taint analysis (DTA) supports high coverage of program execution, it prohibitively degrades the performance of the monitored program. This letter explores the possibility of collaborative dynamic taint analysis among members of an application community (AC): instead of full monitoring for every request at every instance of the AC, each member uses DTA for some fraction of the incoming requests, thereby loosening the burden of heavyweight monitoring. Our experimental results using a test AC based on the Apache web server show that speedy detection of worm outbreaks is feasible with application communities of medium size (i.e., 250-500).
ER -