Taint-enhanced anomaly detection

Mimicry attacks on host-based intrusion detection systems

Proceedings of the 9th ACM conference on Computer and communications security

Intrusion Detection Using Variable-Length Audit Trail Patterns

RAID '00 Proceedings of the Third International Workshop on Recent Advances in Intrusion Detection

Anomaly Detection Using Call Stack Information

SP '03 Proceedings of the 2003 IEEE Symposium on Security and Privacy

A Fast Automaton-Based Method for Detecting Anomalous Program Behaviors

SP '01 Proceedings of the 2001 IEEE Symposium on Security and Privacy

Intrusion Detection via Static Analysis

SP '01 Proceedings of the 2001 IEEE Symposium on Security and Privacy

Secure program execution via dynamic information flow tracking

ASPLOS XI Proceedings of the 11th international conference on Architectural support for programming languages and operating systems

Gray-box extraction of execution graphs for anomaly detection

Proceedings of the 11th ACM conference on Computer and communications security

The essence of command injection attacks in web applications

Conference record of the 33rd ACM SIGPLAN-SIGACT symposium on Principles of programming languages

Anomalous system call detection

ACM Transactions on Information and System Security (TISSEC)

Dataflow Anomaly Detection

SP '06 Proceedings of the 2006 IEEE Symposium on Security and Privacy

Improving software security via runtime instruction-level taint checking

Proceedings of the 1st workshop on Architectural and system support for improving software dependability

Automating mimicry attacks using static binary analysis

SSYM'05 Proceedings of the 14th conference on USENIX Security Symposium - Volume 14

Non-control-data attacks are realistic threats

SSYM'05 Proceedings of the 14th conference on USENIX Security Symposium - Volume 14

Taint-enhanced policy enforcement: a practical approach to defeat a wide range of attacks

USENIX-SS'06 Proceedings of the 15th conference on USENIX Security Symposium - Volume 15

Intrusion detection using sequences of system calls

Journal of Computer Security

Switchblade: enforcing dynamic personalized system call models

Proceedings of the 3rd ACM SIGOPS/EuroSys European Conference on Computer Systems 2008

Efficient fine-grained binary instrumentationwith applications to taint-tracking

Proceedings of the 6th annual IEEE/ACM international symposium on Code generation and optimization

A practical mimicry attack against powerful system-call monitors

Proceedings of the 2008 ACM symposium on Information, computer and communications security

Anomalous Taint Detection

RAID '08 Proceedings of the 11th international symposium on Recent Advances in Intrusion Detection

Bridging the Gap between Data-Flow and Control-Flow Analysis for Anomaly Detection

ACSAC '08 Proceedings of the 2008 Annual Computer Security Applications Conference

Building an Application Data Behavior Model for Intrusion Detection

Proceedings of the 23rd Annual IFIP WG 11.3 Working Conference on Data and Applications Security XXIII

Exploiting execution context for the detection of anomalous system calls

RAID'07 Proceedings of the 10th international conference on Recent advances in intrusion detection

A sense of self for Unix processes

SP'96 Proceedings of the 1996 IEEE conference on Security and privacy

Defending against injection attacks through context-sensitive string evaluation

RAID'05 Proceedings of the 8th international conference on Recent Advances in Intrusion Detection