Observatorio de I+D+i UPM

Memorias de investigación
Ponencias en congresos:
PolyVaccine: Protecting Web Servers against Zero-Day, Polymorphic and Metamorphic Exploits.
Áreas de investigación
  • Lenguaje de programación
Today web servers are ubiquitous having become critical infrastructures of many organizations. However, they are still one of the most vulnerable parts of organizations infrastructure. Exploits are many times used by worms to fast propagate across the full Internet being web servers one of their main targets. New exploit techniques have arouse in the last few years that have rendered useless traditional IDS techniques based on signature identification. Exploits use polymorphism (code encryption) and metamorphism (code obfuscation) to evade detection from signature-based IDSs. In this paper, we address precisely the topic of how to protect web servers against zero-day (new), polymorphic, and metamorphic malware embedded in data streams (requests) that target web servers. We rely on a novel technique to detect harmful binary code injection (i.e., exploits) in HTTP requests that is more efficient than current techniques based on binary code emulation or instrumentation of virtual engines. The detection of exploits is done through sandbox processes. The technique is complemented by another set of techniques such as caching, and pooling, to reduce its cost to neglectable levels. Our technique has little assumptions regarding the exploit unlike previous approaches that assume the existence of sled or getPC code, loops, read of the payload, writes to different addresses, etc. The evaluation shows that caching is highly effective and that the average latency introduced by our system is neglectable.
Nombre congreso
28th Int. Symp. on Reliable Distributed Systems (SRDS).
Tipo de participación
Lugar del congreso
Nueva York, Estados Unidos
Fecha inicio congreso
Fecha fin congreso
Desde la página
Hasta la página
Título de las actas
2009 28th IEEE International Symposium on Reliable Distributed Systems
Esta actividad pertenece a memorias de investigación
  • Autor: Marta Patiño Martinez (UPM)
  • Autor: Ricardo Jimenez Peris (UPM)
Grupos de investigación, Departamentos, Centros e Institutos de I+D+i relacionados
  • Creador: Grupo de Investigación: Distributed Systems Labs (LSD) Laboratorio de sistemas distribuidos
  • Departamento: Lenguajes y Sistemas Informáticos e Ingeniería de Software
S2i 2022 Observatorio de investigación @ UPM con la colaboración del Consejo Social UPM
Cofinanciación del MINECO en el marco del Programa INNCIDE 2011 (OTR-2011-0236)
Cofinanciación del MINECO en el marco del Programa INNPACTO (IPT-020000-2010-22)