207,118 research outputs found

    Polygraph: Automatically generating signatures for polymorphic worms

    Get PDF
    It is widely believed that content-signature-based intrusion detection systems (IDSes) are easily evaded by polymorphic worms, which vary their payload on every infection attempt. In this paper, we present Polygraph, a signature generation system that successfully produces signatures that match polymorphic worms. Polygraph generates signatures that consist of multiple disjoint content sub-strings. In doing so, Polygraph leverages our insight that for a real-world exploit to function properly, multiple invariant substrings must often be present in all variants of a payload; these substrings typically correspond to protocol framing, return addresses, and in some cases, poorly obfuscated code. We contribute a definition of the polymorphic signature generation problem; propose classes of signature suited for matching polymorphic worm payloads; and present algorithms for automatic generation of signatures in these classes. Our evaluation of these algorithms on a range of polymorphic worms demonstrates that Polygraph produces signatures for polymorphic worms that exhibit low false negatives and false positives. © 2005 IEEE

    On polymorphic logical gates in sub-excitable chemical medium

    Get PDF
    In a sub-excitable light-sensitive Belousov-Zhabotinsky chemical medium an asymmetric disturbance causes the formation of localized traveling wave-fragments. Under the right conditions these wave-fragment can conserve their shape and velocity vectors for extended time periods. The size and life span of a fragment depend on the illumination level of the medium. When two or more wave-fragments collide they annihilate or merge into a new wave-fragment. In computer simulations based on the Oregonator model we demonstrate that the outcomes of inter-fragment collisions can be controlled by varying the illumination level applied to the medium. We interpret these wave-fragments as values of Boolean variables and design collision-based polymorphic logical gates. The gate implements operation XNOR for low illumination, and it acts as NOR gate for high illumination. As a NOR gate is a universal gate then we are able to demonstrate that a simulated light sensitive BZ medium exhibits computational universality

    Polymorphic Types in ACL2

    Full text link
    This paper describes a tool suite for the ACL2 programming language which incorporates certain ideas from the Hindley-Milner paradigm of functional programming (as exemplified in popular languages like ML and Haskell), including a "typed" style of programming with the ability to define polymorphic types. These ideas are introduced via macros into the language of ACL2, taking advantage of ACL2's guard-checking mechanism to perform type checking on both function definitions and theorems. Finally, we discuss how these macros were used to implement features of Specware, a software specification and implementation system.Comment: In Proceedings ACL2 2014, arXiv:1406.123
    corecore