Abstract. Drive-by download attacks are among the most common methods for spreading malware today. These attacks typically exploit memory corruption vulnerabilities in web browsers and browser plug-ins to execute shellcode, and in consequence, gain control of a victim's computer. Compromised machines are then used to carry out various malicious activities, such as joining botnets, sending spam emails, or participating in distributed denial of service attacks. To counter drive-by downloads, we propose a technique that relies on x86 instruction emulation to identify JavaScript string buffers that contain shellcode. Our detection is integrated into the browser, and performed before control is transfered to the shellcode, thus, effectively thwarting the attack. The solution maintains fair performance by avoiding unnecessary invocations of the emulator, while ensuring that every buffer with potential shellcode is checked. We have implemented a prototype of our system, and evaluated it over thousands of malicious and legitimate web sites. Our results demonstrate that the system performs accurate detection with no false positives.
The process of bias enhanced nucleation of microwave chemical vapor deposited diamond on silicon has been extensively characterized using plasma diagnostics, scanning and transmission electron microscopy (TEM), Raman spectroscopy, and x-ray diffraction. The nucleation kinetics were measured as a function of bias voltage, methane partial pressure, and substrate temperature. The nucleation is found to be transient in character, with a delay time followed by an exponential increase in nucleation density with time, and finally a saturation. The ion flux and ion energy distribution was measured by a retarding field probe. The nucleation density was found to reach a maximum at a bias at which the ion energy distribution has a maximum of 80 eV, independent of the substrate temperature. This is taken as strong evidence that nucleation enhancement involves ion subplantation. The Raman spectra and x-ray diffraction suggests that the films during nucleation consist primarily of sp2 bonded noncrystalline carbon. The presence of the (0002) interlayer graphitic peak suggests that the carbon is primarily graphitic. The diamond nuclei form in this matrix. TEM shows mainly amorphous hillocks being formed on the substrates by bias enhanced nucleation. Diffraction patterns and high resolution TEM reveal the presence of β-SiC and also a small number of diamond particles.
scite is a Brooklyn-based organization that helps researchers better discover and understand research articles through Smart Citations–citations that display the context of the citation and describe whether the article provides supporting or contrasting evidence. scite is used by students and researchers from around the world and is funded in part by the National Science Foundation and the National Institute on Drug Abuse of the National Institutes of Health.