Sploit

A Tool for the Generation of Mutant Attacks

Description

Sploit is an exploit execution and mutation framework designed to test and evaluate misuse detection models in the case of network-based intrusion detection systems.

Sploit is based on an engine that can apply one or more transformation techniques to an exploit script. Using Sploit, it is possible to automatically generate an high number of different attack mutations that can then be executed against a real target to test the detection capabilities of network intrusion detection systems. Sploit also represents the perfect environment to design, implement, and try new mutation and evasion techniques. For a more detailed description of Sploit please refer to the project documentation.

Publications

2006 (1 publication)

Testing Network Intrusion Detection Systems PDF (1.6 MB)

2004 (1 publication)

Testing Network-based Intrusion Detection Signatures Using Mutant Exploits G. Vigna, W. Robertson, D. Balzarotti Proceedings of the ACM Conference on Computer and Communications Security (CCS 2004) BibTeX PDF (165.2 KB)

Acknowledgments

This research was supported by the Army Research Office, under agreement DAAD19-01-1-0484 and by the National Science Foundation under grants CCR-0209065 and CCR-0238492.

Research topics

People involved

Faculty

Post-doctoral Researchers

PhD Students

Last update
Jan. 18, 2013, 1:18 p.m.