Title :
Generating mimicry attacks using genetic programming: A benchmarking study
Author :
H. Gunes Kayacik;A. Nur Zincir-Heywood;Malcolm I. Heywood;Stefan Burschka
Author_Institution :
Dalhousie University, Faculty of Computer Science, 6050 University Avenue, Halifax, Nova Scotia. B3H 1W5 Canada
Abstract :
Mimicry attacks have been the focus of detector research where the objective of the attacker is to generate multiple attacks satisfying the same generic exploit goals for a given vulnerability. In this work, multi-objective Genetic programming is used to establish a “black-box” approach to mimicry attack generation. No knowledge is made of internal data structures of the target anomaly detector, only the anomaly rate reported by the detector. Such a “black box” methodology enables a vulnerability testing approach where both open-source and commodity anomaly detection systems can be tested. The approach successfully identifies exploits when benchmarked over four detectors and four applications.
Keywords :
"Genetic programming","Detectors","System testing","Data structures","Intrusion detection","Feedback","Buffer overflow","Gain control","Computer science","Technological innovation"
Conference_Titel :
Computational Intelligence in Cyber Security, 2009. CICS ´09. IEEE Symposium on
Print_ISBN :
978-1-4244-2769-7
DOI :
10.1109/CICYBS.2009.4925101
