ETRI-Knowledge Sharing Plaform

KOREAN
논문 검색
Type SCI
Year ~ Keyword

Detail

Conference Paper Function Call Mechanism Based Executable Code Detection for the Network Security
Cited 3 time in scopus Share share facebook twitter linkedin kakaostory
Authors
Dae Won Kim, Yang Seo Choi, Ik Kyun Kim, Jin Tae Oh, Jong Soo Jang
Issue Date
2008-07
Citation
International Symposium on Applications and the Internet (SAINT) 2008, pp.62-67
Language
English
Type
Conference Paper
DOI
https://dx.doi.org/10.1109/SAINT.2008.13
Abstract
The general method in which attackers obtain the control authority of the remote host is through the exploit code. Motivated by the viewpoint that the exploit code normally contains some executable codes, we propose a method of detecting the executable codes included in packets for the network security. Because some parts in the executable codes essentially include the function call related instruction patterns, we propose an approach detecting the instruction patterns following the function call mechanism. We have implemented a prototype and evaluated it against a variety of the executable and non-executable codes. The results show that the proposed method properly classifies the executable and non-executable codes. © 2008 IEEE.
KSP Keywords
Function call, General method, control authority, network Security