Scargos: Towards Automatic Vulnerability Distribution

Florian Rhinow; Michael Clear

Research.Publish.Connect.

*Please fill out at least one Field. *Value must be an number!

Title:
ISBN:
Year:
Acronym:
Subject:

Advanced Search Proceedings Search

If you're looking for an exact phrase use quotation marks on text fields.

*Please fill out at least one Field.

Title:
Author:
Affiliation:
Subject:

Advanced Search Papers Search

If you're looking for an exact phrase use quotation marks on text fields.

*Please fill out at least one Field.

Name:
Affiliation:
Country:
Conference:
Subject:

Advanced Search Authors Search

If you're looking for an exact phrase use quotation marks on text fields.

*Please fill out at least one Field.

Name:
Country:
Subject:

Advanced Search Affiliations Search

If you're looking for an exact phrase use quotation marks on text fields.

Proceedings

Proceedings Search *Please fill out at least one Field. *Value must be an number!

Title:
ISBN:
Year:
Acronym:
Subject:

Advanced Search Proceedings Search

If you're looking for an exact phrase use quotation marks on text fields.

Papers

Papers Search *Please fill out at least one Field.

Title:
Author:
Affiliation:
Subject:

Advanced Search Papers Search

If you're looking for an exact phrase use quotation marks on text fields.

Authors

Authors Search *Please fill out at least one Field.

Name:
Affiliation:
Country:
Conference:
Subject:

Advanced Search Authors Search

If you're looking for an exact phrase use quotation marks on text fields.

Advanced Search

Paper

Scargos: Towards Automatic Vulnerability Distribution

Topics: Critical Infrastructure Protection; Intrusion Detection & Prevention; Network Security; Security in Distributed Systems

In Proceedings of the 12th International Conference on Security and Cryptography - Volume 0ICETE, 369-376, 2015 , Colmar, Alsace, France

Authors: Florian Rhinow ¹ and Michael Clear ²

Affiliations: ¹ Trinity College Dublin and SAP Business Intelligence R&D, Ireland ; ² Trinity College Dublin, Ireland

Keyword(s): Dynamic Taint Analysis, Self-certifying Alerts, Vulnerability Distribution, Zero Day Attacks.

Related Ontology Subjects/Areas/Topics: Critical Infrastructure Protection ; Information and Systems Security ; Intrusion Detection & Prevention ; Network Security ; Security in Distributed Systems ; Wireless Network Security

Abstract: Recent work has suggested automated approaches to vulnerability distribution, but their usage has been limited to local networks and memory corruption detection techniques and has precluded custom vulnerability response processes. We present Scargos, a novel approach to automate the distribution and verification of vulnerabilities across the internet, while allowing for automatic, custom countermeasures without the need to trust a central authority. By leveraging collaborative detection, vulnerability reports can be contributed by anybody and are announced to an open network by using packet-based self-certifying alerts (SCA), which are a proof of the existence of a vulnerability by capturing the original, unmodified attack. We show that our approach allows for detection of previously unknown attacks, while an entire life cycle including distribution and verification is achieved on average in under 2 seconds.

CC BY-NC-ND 4.0

Guest: Register as new SciTePress user now for free.

SciTePress user: please login.

My Papers

You are not signed in, therefore limits apply to your IP address 216.73.216.166

In the current month:

Recent papers: 100 available of 100 total

2⁺ years older papers: 200 available of 200 total

Paper citation in several formats:

Rhinow, F. and Clear, M. (2015). Scargos: Towards Automatic Vulnerability Distribution. In Proceedings of the 12th International Conference on Security and Cryptography (ICETE 2015) - SECRYPT; ISBN 978-989-758-117-5; ISSN 2184-3236, SciTePress, pages 369-376. DOI: 10.5220/0005566203690376

@conference{secrypt15,
author={Florian Rhinow and Michael Clear},
title={Scargos: Towards Automatic Vulnerability Distribution},
booktitle={Proceedings of the 12th International Conference on Security and Cryptography (ICETE 2015) - SECRYPT},
year={2015},
pages={369-376},
publisher={SciTePress},
organization={INSTICC},
doi={10.5220/0005566203690376},
isbn={978-989-758-117-5},
issn={2184-3236},
}

TY - CONF

JO - Proceedings of the 12th International Conference on Security and Cryptography (ICETE 2015) - SECRYPT
TI - Scargos: Towards Automatic Vulnerability Distribution
SN - 978-989-758-117-5
IS - 2184-3236
AU - Rhinow, F.
AU - Clear, M.
PY - 2015
SP - 369
EP - 376
DO - 10.5220/0005566203690376
PB - SciTePress