• RESEARCH
  • Research Areas
  • Centers & Programs
  • Projects
  • Technical Reports
  • Publications
  • CyLab Chronicles
  • Inventions & Patents
• EDUCATION
  • Graduate Study
  • Training
  • Building Capacity
  • Scholarship for Service
  • Faculty Directory
• PARTNERSHIP
  • A Networked World
  • Partner Benefits
  • Partnership Levels
  • Current Partners
  • Technology Transfer
  • Success Stories
• OUTREACH
  • Building Awareness
  • MySecureCyberSpace
  • Privacy Bird
  • Resources & Links
• NEWS & EVENTS
  • CyLab News
  • CyBlog
  • Events & Seminars
  • Making Headlines
• ABOUT CYLAB
  • About CyLab
  • Mission & Objectives
  • Affiliations
  • CyLab People
  • Faculty Directory
  • Current Partners
• QUICK LINKS
  • Contact CyLab
  • Visiting CyLab
  • Media Center
  • Success Stories
  • Resources & Links
  • Staff Resources
  • Carnegie Mellon Home

Signature-based input filtering is an important and widely-deployed defense.  But current signature generation methods have limited coverage and the generated signatures can be easily evaded by an attacker with small variations of the exploit message.  In this paper, we propose protocol-level constraint-guided exploration, a new approach towards generating high coverage vulnerability-based signatures.  In particular, our approach generates high coverage, yet compact, vulnerability point reachability predicates, which capture many paths to the vulnerability point.  We have implemented Endeavor, a system that uses our approach.  The results show that our signatures have high coverage (i.e., optimal or close to optimal in our experiments) -- and are small (i.e., often human readable) -- offering dramatic improvements over previous approaches.