The original paper is in English. Non-English content has been machine-translated and may contain typographical errors or mistranslations. ex. Some numerals are expressed as "XNUMX".
Copyrights notice
The original paper is in English. Non-English content has been machine-translated and may contain typographical errors or mistranslations. Copyrights notice
Embora a detecção de ataques de software por meio da análise dinâmica de contaminação (DTA) suporte uma alta cobertura da execução do programa, ela degrada proibitivamente o desempenho do programa monitorado. Esta carta explora a possibilidade de análise dinâmica colaborativa de contaminação entre membros de uma comunidade de aplicativos (AC): em vez de monitoramento completo para cada solicitação em cada instância da AC, cada membro usa DTA para alguma fração das solicitações recebidas, aliviando assim a carga de monitoramento pesado. Nossos resultados experimentais usando um AC de teste baseado no servidor web Apache mostram que a detecção rápida de surtos de worms é viável com comunidades de aplicativos de tamanho médio (ou seja, 250-500).
The copyright of the original papers published on this site belongs to IEICE. Unauthorized use of the original or translated papers is prohibited. See IEICE Provisions on Copyright for details.
Copiar
Hyung Chan KIM, Angelos KEROMYTIS, "On the Deployment of Dynamic Taint Analysis for Application Communities" in IEICE TRANSACTIONS on Information,
vol. E92-D, no. 3, pp. 548-551, March 2009, doi: 10.1587/transinf.E92.D.548.
Abstract: Although software-attack detection via dynamic taint analysis (DTA) supports high coverage of program execution, it prohibitively degrades the performance of the monitored program. This letter explores the possibility of collaborative dynamic taint analysis among members of an application community (AC): instead of full monitoring for every request at every instance of the AC, each member uses DTA for some fraction of the incoming requests, thereby loosening the burden of heavyweight monitoring. Our experimental results using a test AC based on the Apache web server show that speedy detection of worm outbreaks is feasible with application communities of medium size (i.e., 250-500).
URL: https://global.ieice.org/en_transactions/information/10.1587/transinf.E92.D.548/_p
Copiar
@ARTICLE{e92-d_3_548,
author={Hyung Chan KIM, Angelos KEROMYTIS, },
journal={IEICE TRANSACTIONS on Information},
title={On the Deployment of Dynamic Taint Analysis for Application Communities},
year={2009},
volume={E92-D},
number={3},
pages={548-551},
abstract={Although software-attack detection via dynamic taint analysis (DTA) supports high coverage of program execution, it prohibitively degrades the performance of the monitored program. This letter explores the possibility of collaborative dynamic taint analysis among members of an application community (AC): instead of full monitoring for every request at every instance of the AC, each member uses DTA for some fraction of the incoming requests, thereby loosening the burden of heavyweight monitoring. Our experimental results using a test AC based on the Apache web server show that speedy detection of worm outbreaks is feasible with application communities of medium size (i.e., 250-500).},
keywords={},
doi={10.1587/transinf.E92.D.548},
ISSN={1745-1361},
month={March},}
Copiar
TY - JOUR
TI - On the Deployment of Dynamic Taint Analysis for Application Communities
T2 - IEICE TRANSACTIONS on Information
SP - 548
EP - 551
AU - Hyung Chan KIM
AU - Angelos KEROMYTIS
PY - 2009
DO - 10.1587/transinf.E92.D.548
JO - IEICE TRANSACTIONS on Information
SN - 1745-1361
VL - E92-D
IS - 3
JA - IEICE TRANSACTIONS on Information
Y1 - March 2009
AB - Although software-attack detection via dynamic taint analysis (DTA) supports high coverage of program execution, it prohibitively degrades the performance of the monitored program. This letter explores the possibility of collaborative dynamic taint analysis among members of an application community (AC): instead of full monitoring for every request at every instance of the AC, each member uses DTA for some fraction of the incoming requests, thereby loosening the burden of heavyweight monitoring. Our experimental results using a test AC based on the Apache web server show that speedy detection of worm outbreaks is feasible with application communities of medium size (i.e., 250-500).
ER -