Abstract
Abstract Nowadays, code injection is one of the most dangerous cyber attacks. Shellcode is a mali-cious code which is used in this type of attack. Processor emulation at network level is oneof the best proposed methods against code injection attacks. Multiple runtime heuristics have -been discussed in previous researches. However, none of them can detect those shellcodes in which hard-coded addresses are used. This type of shellcode cannot be used against ASLR-enabled Windows. Howbeit, older versions of Windows have still too many users. In addition, there are several hard-coded address contained shellcodes in public shellcode repositories which can be used easily by dummy hackers. In this paper, we propose a robust runtime he- u-ristic for detecting this type of shellcode. Our objective is to augment the collection of the x-eisting run-time heuristics. The experimental results show that our new heuristic can effective-ly detect every shellcode in which hard-coded addresses are used.
Sign-in/Register to access full text options 
Talk to us
Join us for a 30 min session where you can share your feedback and ask us any queries you have
Schedule a callMore From: International Journal of Security and Its Applications
Disclaimer: All third-party content on this website/platform is and will remain the property of their respective owners and is provided on "as is" basis without any warranties, express or implied. Use of third-party content does not indicate any affiliation, sponsorship with or endorsement by them. Any references to third-party content is to identify the corresponding services and shall be considered fair use under The CopyrightLaw.
