• DocumentCode
    3631236
  • Title

    Generating mimicry attacks using genetic programming: A benchmarking study

  • Author

    H. Gunes Kayacik;A. Nur Zincir-Heywood;Malcolm I. Heywood;Stefan Burschka

  • Author_Institution
    Dalhousie University, Faculty of Computer Science, 6050 University Avenue, Halifax, Nova Scotia. B3H 1W5 Canada
  • fYear
    2009
  • Firstpage
    136
  • Lastpage
    143
  • Abstract
    Mimicry attacks have been the focus of detector research where the objective of the attacker is to generate multiple attacks satisfying the same generic exploit goals for a given vulnerability. In this work, multi-objective Genetic programming is used to establish a “black-box” approach to mimicry attack generation. No knowledge is made of internal data structures of the target anomaly detector, only the anomaly rate reported by the detector. Such a “black box” methodology enables a vulnerability testing approach where both open-source and commodity anomaly detection systems can be tested. The approach successfully identifies exploits when benchmarked over four detectors and four applications.
  • Keywords
    "Genetic programming","Detectors","System testing","Data structures","Intrusion detection","Feedback","Buffer overflow","Gain control","Computer science","Technological innovation"
  • Publisher
    ieee
  • Conference_Titel
    Computational Intelligence in Cyber Security, 2009. CICS ´09. IEEE Symposium on
  • Print_ISBN
    978-1-4244-2769-7
  • Type

    conf

  • DOI
    10.1109/CICYBS.2009.4925101
  • Filename
    4925101
    • Link To Document
    https://search.isc.ac/dl/search/defaultta.aspx?DTC=49&DC=3631236