Use of Ensemble Learning to Detect Buffer Overflow Exploitation

Software exploitation detection remains unresolved problem. Software exploits that target known and unknown vulnerabilities are constantly used in attacks. Signature-based detection techniques are limited to known exploits and susceptible to circumvention. Current research on the use of Machine Lear...

Full description

Saved in:
Bibliographic Details
Published in:IEEE access Vol. 11; pp. 52009 - 52025
Main Authors: Youssef, Ayman, Abdelrazek, Mohamed, Karmakar, Chandan
Format: Journal Article
Language:English
Published: Piscataway IEEE 2023
The Institute of Electrical and Electronics Engineers, Inc. (IEEE)
Subjects:
Algorithms
Buffer overflow
Buffers
Data models
Datasets
Ensemble learning
Exploitation
exploitation detection
Machine learning
Mathematical models
Operating systems
Parameters
Random forests
Run time (computers)
Runtime
Software
Software algorithms
Space applications
XGBoost
ISSN:2169-3536, 2169-3536
Online Access:Get full text
Tags: Add Tag
No Tags, Be the first to tag this record!
Abstract Software exploitation detection remains unresolved problem. Software exploits that target known and unknown vulnerabilities are constantly used in attacks. Signature-based detection techniques are limited to known exploits and susceptible to circumvention. Current research on the use of Machine Learning (ML) for software exploitation detection is limited in quantity and use cases. Existing research lacks the use of public datasets, discussions of feature importance, and elaboration of parameters that affect data preparation and subsequently model performance. This paper presents ML models based on different ensemble algorithms to detect software exploitation using runtime traces. We focus on buffer overflow vulnerabilities in user-space applications within Windows Operating Systems (OS), given the prevalence of the type of vulnerability and the OS. We utilized a publicly available raw dataset of 11 Windows applications under exploitation. Multiple distinct models (based on Random Forest and XGBoost) are created and tested. Testing was performed several times using various aggregation parameters and different testing applications. Our results demonstrate that we can achieve up to 100% recall with 0% false positive rate. We report on the different parameters that must be addressed to curate runtime traces and demonstrate their impact on the performance of the ML models. We demonstrate that the proper training of models on a subset of exploitation techniques enables the model to detect techniques never seen before, such as return-oriented programming. Finally, we conclude with a discussion of the important features that had the highest impact on each of the models, along with the key takeaways.
AbstractList Software exploitation detection remains unresolved problem. Software exploits that target known and unknown vulnerabilities are constantly used in attacks. Signature-based detection techniques are limited to known exploits and susceptible to circumvention. Current research on the use of Machine Learning (ML) for software exploitation detection is limited in quantity and use cases. Existing research lacks the use of public datasets, discussions of feature importance, and elaboration of parameters that affect data preparation and subsequently model performance. This paper presents ML models based on different ensemble algorithms to detect software exploitation using runtime traces. We focus on buffer overflow vulnerabilities in user-space applications within Windows Operating Systems (OS), given the prevalence of the type of vulnerability and the OS. We utilized a publicly available raw dataset of 11 Windows applications under exploitation. Multiple distinct models (based on Random Forest and XGBoost) are created and tested. Testing was performed several times using various aggregation parameters and different testing applications. Our results demonstrate that we can achieve up to 100% recall with 0% false positive rate. We report on the different parameters that must be addressed to curate runtime traces and demonstrate their impact on the performance of the ML models. We demonstrate that the proper training of models on a subset of exploitation techniques enables the model to detect techniques never seen before, such as return-oriented programming. Finally, we conclude with a discussion of the important features that had the highest impact on each of the models, along with the key takeaways.
Author Karmakar, Chandan
Youssef, Ayman
Abdelrazek, Mohamed
Author_xml – sequence: 1
  givenname: Ayman
  orcidid: 0000-0002-0136-9534
  surname: Youssef
  fullname: Youssef, Ayman
  email: ayman.youssef@research.deakin.edu.au
  organization: Faculty of Science, Engineering, and Built Environment, School of Information Technology, Deakin University, Melbourne, VIC, Australia
– sequence: 2
  givenname: Mohamed
  surname: Abdelrazek
  fullname: Abdelrazek, Mohamed
  organization: A2I2D, Applied Aritificial Intelligence Institute, Deakin University, Melbourne, VIC, Australia
– sequence: 3
  givenname: Chandan
  orcidid: 0000-0003-1814-0856
  surname: Karmakar
  fullname: Karmakar, Chandan
  organization: Faculty of Science, Engineering, and Built Environment, School of Information Technology, Deakin University, Melbourne, VIC, Australia
BookMark eNp9kF1PwjAYhRuDiYj8Ar1Y4vWwH9u6XhmcqCQkXCDXTVfekpGxYlf8-PcWhwnxwt60OXmf856eS9RrbAMIXRM8IgSLu3FRTBaLEcWUjRjlgub4DPUpyUTMUpb1Tt4XaNi2GxxOHqSU99H9soXImmjStLAta4hmoFxTNevI2-gRPGgfPeyNARfN38GZ2n5Ek89dbSuvfGWbK3RuVN3C8HgP0PJp8lq8xLP587QYz2KdYOFjZnjJk9xkkOUCa65KgkEnqoSSGpORnK4Yw2nQlE5XinAT4qU84VrlgqSaDdC0811ZtZE7V22V-5JWVfJHsG4tlfOVrkGmbGVUwnjYKBKluciFzkpsSFikOTHB67bz2jn7tofWy43duybElzSnhJOMUh6mRDelnW1bB0bq45-9U1UtCZaH-mVXvzzUL4_1B5b9YX8T_0_ddFQFACcEYUSEQN9JqJH_
CODEN IAECCG
CitedBy_id crossref_primary_10_1109_ACCESS_2024_3450180
crossref_primary_10_3390_electronics12234741
Cites_doi 10.1109/AICCSA47632.2019.9035265
10.1109/ARES.2013.59
10.1109/iccet.2010.5485224
10.1109/ACCESS.2020.3034766
10.2991/ijcis.d.190905.001
10.1145/1866307.1866370
10.1109/ACCESS.2020.2967746
10.1109/DSC.2018.00030
10.1109/ICDSP.2016.7868617
10.1145/3029806.3029812
10.1016/j.jnca.2021.103009
10.1007/978-0-387-84927-0_15
10.1023/A:1010933404324
10.3390/electronics11203363
10.1186/s42400-019-0038-7
10.1109/ICSE.2009.5070546
10.23919/ICACT.2018.8323798
10.1145/2939672.2939785
10.5220/0006642503790385
10.1016/j.jnca.2017.03.018
10.1145/3214304
10.1109/SP.2015.50
10.1145/3203422.3203433
10.1109/access.2022.3207287
10.1007/s11416-017-0299-1
10.1007/978-3-642-41224-0_3
10.1109/TR.2018.2834476
10.1145/3133956.3134020
10.3390/info9070149
10.1145/3477314.3507108
10.1007/978-3-030-92708-0_22
10.1109/ACCESS.2018.2841987
10.1109/SPW.2018.00025
10.1145/3363824
10.1145/1646353.1646374
10.1145/1966913.1966920
10.1145/3344382
10.1145/2948618.2948620
10.1109/MilCIS.2015.7348942
10.3390/fi8030029
10.1049/iet-ifs.2017.0460
10.1145/3178582
10.5220/0006639801080116
ContentType Journal Article
Copyright Copyright The Institute of Electrical and Electronics Engineers, Inc. (IEEE) 2023
Copyright_xml – notice: Copyright The Institute of Electrical and Electronics Engineers, Inc. (IEEE) 2023
DBID 97E
ESBDL
RIA
RIE
AAYXX
CITATION
7SC
7SP
7SR
8BQ
8FD
JG9
JQ2
L7M
L~C
L~D
DOA
DOI 10.1109/ACCESS.2023.3279280
DatabaseName IEEE All-Society Periodicals Package (ASPP) 2005–Present
IEEE Xplore Open Access Journals
IEEE All-Society Periodicals Package (ASPP) 1998–Present
IEL
CrossRef
Computer and Information Systems Abstracts
Electronics & Communications Abstracts
Engineered Materials Abstracts
METADEX
Technology Research Database
Materials Research Database
ProQuest Computer Science Collection
Advanced Technologies Database with Aerospace
Computer and Information Systems Abstracts – Academic
Computer and Information Systems Abstracts Professional
DOAJ Directory of Open Access Journals
DatabaseTitle CrossRef
Materials Research Database
Engineered Materials Abstracts
Technology Research Database
Computer and Information Systems Abstracts – Academic
Electronics & Communications Abstracts
ProQuest Computer Science Collection
Computer and Information Systems Abstracts
Advanced Technologies Database with Aerospace
METADEX
Computer and Information Systems Abstracts Professional
DatabaseTitleList
Materials Research Database
Database_xml – sequence: 1
  dbid: DOA
  name: DOAJ Directory of Open Access Journals
  url: https://www.doaj.org/
  sourceTypes: Open Website
– sequence: 2
  dbid: RIE
  name: IEL
  url: https://ieeexplore.ieee.org/
  sourceTypes: Publisher
DeliveryMethod fulltext_linktorsrc
Discipline Engineering
EISSN 2169-3536
EndPage 52025
ExternalDocumentID oai_doaj_org_article_53dfa4377b794ac7989c6b0f1ff6c71f
10_1109_ACCESS_2023_3279280
10131927
Genre orig-research
GroupedDBID 0R~
4.4
5VS
6IK
97E
AAJGR
ABAZT
ABVLG
ACGFS
ADBBV
AGSQL
ALMA_UNASSIGNED_HOLDINGS
BCNDV
BEFXN
BFFAM
BGNUA
BKEBE
BPEOZ
EBS
EJD
ESBDL
GROUPED_DOAJ
IPLJI
JAVBF
KQ8
M43
M~E
O9-
OCL
OK1
RIA
RIE
RNS
AAYXX
CITATION
7SC
7SP
7SR
8BQ
8FD
JG9
JQ2
L7M
L~C
L~D
ID FETCH-LOGICAL-c409t-3f7b748f6e6890c7ab10ec4abeb2ff6182d33050ecac5da17f6955747ca8915c3
IEDL.DBID RIE
ISICitedReferencesCount 3
ISICitedReferencesURI http://www.webofscience.com/api/gateway?GWVersion=2&SrcApp=Summon&SrcAuth=ProQuest&DestLinkType=CitingArticles&DestApp=WOS_CPL&KeyUT=001006035100001&url=https%3A%2F%2Fcvtisr.summon.serialssolutions.com%2F%23%21%2Fsearch%3Fho%3Df%26include.ft.matches%3Dt%26l%3Dnull%26q%3D
ISSN 2169-3536
IngestDate Fri Oct 03 12:53:13 EDT 2025
Sun Nov 30 05:18:23 EST 2025
Tue Nov 18 22:33:12 EST 2025
Sat Nov 29 04:02:40 EST 2025
Wed Aug 27 02:25:52 EDT 2025
IsDoiOpenAccess true
IsOpenAccess true
IsPeerReviewed true
IsScholarly true
Language English
License https://creativecommons.org/licenses/by-nc-nd/4.0
LinkModel DirectLink
MergedId FETCHMERGED-LOGICAL-c409t-3f7b748f6e6890c7ab10ec4abeb2ff6182d33050ecac5da17f6955747ca8915c3
Notes ObjectType-Article-1
SourceType-Scholarly Journals-1
ObjectType-Feature-2
content type line 14
ORCID 0000-0003-1814-0856
0000-0002-0136-9534
OpenAccessLink https://ieeexplore.ieee.org/document/10131927
PQID 2821716227
PQPubID 4845423
PageCount 17
ParticipantIDs doaj_primary_oai_doaj_org_article_53dfa4377b794ac7989c6b0f1ff6c71f
proquest_journals_2821716227
crossref_citationtrail_10_1109_ACCESS_2023_3279280
ieee_primary_10131927
crossref_primary_10_1109_ACCESS_2023_3279280
PublicationCentury 2000
PublicationDate 20230000
2023-00-00
20230101
2023-01-01
PublicationDateYYYYMMDD 2023-01-01
PublicationDate_xml – year: 2023
  text: 20230000
PublicationDecade 2020
PublicationPlace Piscataway
PublicationPlace_xml – name: Piscataway
PublicationTitle IEEE access
PublicationTitleAbbrev Access
PublicationYear 2023
Publisher IEEE
The Institute of Electrical and Electronics Engineers, Inc. (IEEE)
Publisher_xml – name: IEEE
– name: The Institute of Electrical and Electronics Engineers, Inc. (IEEE)
References ref13
ref15
Li (ref20) 2018
ref59
Bhatkar (ref4)
ref14
ref58
ref53
ref52
ref55
ref54
(ref6) 2023
(ref51) 1990
ref17
ref16
ref19
ref18
Martin (ref10) 2022
ref50
(ref27) 2022
(ref67) 2023
ref46
ref45
(ref42) 2023
ref48
ref47
Harer (ref56) 2018
ref41
ref43
(ref44) 2022
ref49
ref8
(ref1) 2022
ref7
ref3
Cheng (ref24) 2018
ref40
ref35
ref34
Creech (ref38) 2014
ref37
ref36
ref31
ref30
(ref28) 2022
ref33
ref32
(ref68) 2023
ref2
ref39
(ref11) 2015
(ref12) 2023
ref23
(ref29) 2022
Wang (ref22) 2021
ref26
(ref5) 2023
ref25
Pak (ref57) 2012
ref66
ref21
ref65
(ref69) 2023
Newsome (ref63)
(ref9) 2023
ref60
Carlini (ref64)
ref62
ref61
References_xml – start-page: 255
  volume-title: Proc. 14th USENIX Secur. Symp.
  ident: ref4
  article-title: Efficient techniques for comprehensive protection from memory error exploits
– volume-title: CWE—2022 CWE Top 25 Most Dangerous Software Weaknesses
  year: 2022
  ident: ref28
– ident: ref54
  doi: 10.1109/AICCSA47632.2019.9035265
– volume-title: AV-TEST Seal of Approval |AV-TEST Institute
  year: 2023
  ident: ref68
– ident: ref53
  doi: 10.1109/ARES.2013.59
– ident: ref49
  doi: 10.1109/iccet.2010.5485224
– ident: ref50
  doi: 10.1109/ACCESS.2020.3034766
– ident: ref21
  doi: 10.2991/ijcis.d.190905.001
– ident: ref65
  doi: 10.1145/1866307.1866370
– ident: ref23
  doi: 10.1109/ACCESS.2020.2967746
– ident: ref33
  doi: 10.1109/DSC.2018.00030
– ident: ref43
  doi: 10.1109/ICDSP.2016.7868617
– year: 2012
  ident: ref57
  article-title: Hybrid fuzz testing: Discovering software bugs via fuzzing and symbolic execution
– ident: ref16
  doi: 10.1145/3029806.3029812
– ident: ref52
  doi: 10.1016/j.jnca.2021.103009
– year: 2018
  ident: ref24
  article-title: Program anomaly detection against data-oriented attacks
– ident: ref18
  doi: 10.1007/978-0-387-84927-0_15
– year: 2022
  ident: ref27
  publication-title: Desktop Operating System Market Share Worldwide |Statcounter Global Stats
– year: 2023
  ident: ref42
  publication-title: Malware—Wikipedia
– start-page: 1
  volume-title: Gaining the Advantage—Applying Cyber Kill Chain Methodology to Network Defense
  year: 2015
  ident: ref11
– ident: ref31
  doi: 10.1023/A:1010933404324
– ident: ref19
  doi: 10.3390/electronics11203363
– volume-title: Digital Security Unit
  year: 2022
  ident: ref1
  article-title: Special report: Ukraine
– ident: ref45
  doi: 10.1186/s42400-019-0038-7
– ident: ref61
  doi: 10.1109/ICSE.2009.5070546
– start-page: 256
  volume-title: Proc. 23rd USENIX Conf. Secur. Symp.
  ident: ref64
  article-title: ROP is still dangerous: Breaking modern defenses
– ident: ref26
  doi: 10.23919/ICACT.2018.8323798
– volume-title: Summary Report 2022—AV-Comparatives
  year: 2023
  ident: ref67
– year: 2014
  ident: ref38
  article-title: Developing a high-accuracy cross platform host-based intrusion detection system capable of reliably detecting zero-day attacks
– ident: ref32
  doi: 10.1145/2939672.2939785
– volume-title: What is the Cyber Kill Chain? Introduction Guide |CrowdStrike
  year: 2023
  ident: ref9
– start-page: 1
  volume-title: Proc. Netw. Distrib. Syst. Secur. Symp. (NDSS)
  ident: ref63
  article-title: Dynamic taint analysis for automatic detection, analysis, and signature generation of exploits on commodity software
– ident: ref3
  doi: 10.5220/0006642503790385
– ident: ref41
  doi: 10.1016/j.jnca.2017.03.018
– ident: ref47
  doi: 10.1145/3214304
– volume-title: What is an Exploit ?—Cisco
  year: 2023
  ident: ref12
– volume-title: Bypassing DEP With VirtualProtect (x86). Vulndev
  year: 2023
  ident: ref6
– ident: ref62
  doi: 10.1109/SP.2015.50
– year: 2022
  ident: ref44
  publication-title: Generating Payloads—Metasploit Unleashed
– ident: ref14
  doi: 10.1145/3203422.3203433
– ident: ref66
  doi: 10.1145/3203422.3203433
– ident: ref30
  doi: 10.1109/access.2022.3207287
– ident: ref8
  doi: 10.1007/s11416-017-0299-1
– ident: ref2
  doi: 10.1007/978-3-642-41224-0_3
– ident: ref58
  doi: 10.1109/TR.2018.2834476
– ident: ref60
  doi: 10.1145/3133956.3134020
– volume-title: NVD—Search and Statistics
  year: 2022
  ident: ref29
– ident: ref36
  doi: 10.3390/info9070149
– ident: ref15
  doi: 10.1145/3477314.3507108
– ident: ref48
  doi: 10.1007/978-3-030-92708-0_22
– ident: ref34
  doi: 10.1109/ACCESS.2018.2841987
– volume-title: Intel Ⓡ 64 and IA-32 Architectures Software Developer Manuals
  year: 2023
  ident: ref69
– ident: ref17
  doi: 10.1109/SPW.2018.00025
– volume-title: IEEE Standard Glossary of Software Engineering Terminology
  year: 1990
  ident: ref51
– ident: ref59
  doi: 10.1145/3363824
– year: 2018
  ident: ref56
  article-title: Automated software vulnerability detection with machine learning
  publication-title: arXiv:1803.04497
– volume-title: Data Execution Prevention—Win32 Apps |Microsoft Docs
  year: 2023
  ident: ref5
– ident: ref55
  doi: 10.1145/1646353.1646374
– ident: ref7
  doi: 10.1145/1966913.1966920
– ident: ref46
  doi: 10.1145/3344382
– ident: ref25
  doi: 10.1145/2948618.2948620
– ident: ref39
  doi: 10.1109/MilCIS.2015.7348942
– year: 2021
  ident: ref22
  article-title: Tackling imbalanced data in cybersecurity with transfer learning: A case with ROP payload detection
  publication-title: arXiv:2105.02996
– ident: ref37
  doi: 10.3390/fi8030029
– ident: ref13
  doi: 10.1049/iet-ifs.2017.0460
– ident: ref35
  doi: 10.1145/3178582
– year: 2018
  ident: ref20
  article-title: ROPNN: Detection of ROP payloads using deep neural networks
  publication-title: arXiv:1807.11110
– ident: ref40
  doi: 10.5220/0006639801080116
– volume-title: Cyber Kill Chain Ⓡ
  year: 2022
  ident: ref10
SSID ssj0000816957
Score 2.285525
Snippet Software exploitation detection remains unresolved problem. Software exploits that target known and unknown vulnerabilities are constantly used in attacks....
SourceID doaj
proquest
crossref
ieee
SourceType Open Website
Aggregation Database
Enrichment Source
Index Database
Publisher
StartPage 52009
SubjectTerms Algorithms
Buffer overflow
Buffers
Data models
Datasets
Ensemble learning
Exploitation
exploitation detection
Machine learning
Mathematical models
Operating systems
Parameters
Random forests
Run time (computers)
Runtime
Software
Software algorithms
Space applications
XGBoost
SummonAdditionalLinks – databaseName: DOAJ Directory of Open Access Journals
  dbid: DOA
  link: http://cvtisr.summon.serialssolutions.com/2.0.0/link/0/eLvHCXMwrV09T8MwELVQxQAD4qOIQkEeGEkb58vxhNrSiqkwUKmb5Tg-hFQa1LTw9zknbhUJCRZWx5btd_b5nmO9I-QWKVeeK4i9AHLfi5RIPaUwkAMBSe5HWhhTJ5vg02k6n4vnRqov-yaslgeugevHYQ4qCjnPcOUozUUqdJL5wAASzRlY7-tz0SBTlQ9OWSJi7mSGmC_6g9EIZ9Sz2cJ7oVXNs0KQjaOoUux3KVZ--OXqsJkckyMXJdJBPboTsmeWp-SwoR14Ru5npaEF0PGyNO_ZwlCnlPpK1wV9MPbfAB1ubPYT-oTLFRbFF60e3DlR7jaZTcYvo0fPZUPwNHKwtRcCQhClkJgkFb7mKmO-0ZHKkBsjFsgT8hA3L5YpHeeKcUAEYmQLWqWCxTo8J61lsTQXhEIMGDZhaMQUEhZsgF85WOXAWAuteYcEW2CkdqOyGSsWsqIMvpA1mtKiKR2aHXK3a_RRK2X8Xn1oEd9VtTLXVQEaXzrjy7-M3yFta69GfwxdSoAT6G4NKN2eLCWSS6sNFAT88j_6viIHdj71dUyXtNarjbkm-_pz_Vaubqrl-A1quODe
  priority: 102
  providerName: Directory of Open Access Journals
Title Use of Ensemble Learning to Detect Buffer Overflow Exploitation
URI https://ieeexplore.ieee.org/document/10131927
https://www.proquest.com/docview/2821716227
https://doaj.org/article/53dfa4377b794ac7989c6b0f1ff6c71f
Volume 11
WOSCitedRecordID wos001006035100001&url=https%3A%2F%2Fcvtisr.summon.serialssolutions.com%2F%23%21%2Fsearch%3Fho%3Df%26include.ft.matches%3Dt%26l%3Dnull%26q%3D
hasFullText 1
inHoldings 1
isFullTextHit
isPrint
journalDatabaseRights – providerCode: PRVAON
  databaseName: DOAJ Directory of Open Access Journals
  customDbUrl:
  eissn: 2169-3536
  dateEnd: 99991231
  omitProxy: false
  ssIdentifier: ssj0000816957
  issn: 2169-3536
  databaseCode: DOA
  dateStart: 20130101
  isFulltext: true
  titleUrlDefault: https://www.doaj.org/
  providerName: Directory of Open Access Journals
– providerCode: PRVHPJ
  databaseName: ROAD: Directory of Open Access Scholarly Resources
  customDbUrl:
  eissn: 2169-3536
  dateEnd: 99991231
  omitProxy: false
  ssIdentifier: ssj0000816957
  issn: 2169-3536
  databaseCode: M~E
  dateStart: 20130101
  isFulltext: true
  titleUrlDefault: https://road.issn.org
  providerName: ISSN International Centre
link http://cvtisr.summon.serialssolutions.com/2.0.0/link/0/eLvHCXMwlV1LSwMxEB5UPOjBZ8VqlRw8unXf2ZxEa4sXHweF3kI2mxGhdsW2evO3O8nGUhAFL8uSB5vMZDbz5fENwAlBrqpSmAUxVmGQKlEESpEjhwLzKky1MKYJNsFvb4vhUNz7y-ruLowxxh0-M1376vbyq1rP7FIZWXhEIybmy7DMed5c1povqNgIEiLjnlkoCsXZRa9HnejaAOHdxBLlWe7HhdnHkfT7qCo_fsVufhls_rNlW7DhHUl20Wh-G5bMeAfWF-gFd-H8cWJYjaw_npiXcmSYJ1N9YtOaXRm7fcAuZzZACrujEY2j-oO5M3met7sFj4P-Q-868AETAk0wbRokyEueFpibvBCh5qqMQqNTVRJ8RswJSlQJ2TelKZ1VKuJIEssIUGhViCjTyR6sjOux2QeGGZJnRd5TpAjTUAXK5WjJBTMttOZtiL8FKbVvlQ1qMZIOVYRCNtKXVvrSS78Np_NKrw2Zxt_FL62G5kUtE7ZLINFLb1gySypUacKp5yJVmotC6LwMMaIOax5hG1pWXQvfazTVhs63wqU324kk_Gnpg-KYH_xS7RDWbBObRZgOrEzfZuYIVvX79HnyduwQPT1vPvvHbnR-AUl33-8
linkProvider IEEE
linkToHtml http://cvtisr.summon.serialssolutions.com/2.0.0/link/0/eLvHCXMwlV1LT-MwEB6xgLRw4LELorzWhz2Sbl6O4xOCAgItdDmAxM1yHA9CKg2iLfx9xo6pKiGQ9hY5tmLPeOL5xvY3AL8JctW1Rh6lWMdRrmUZaU2OHEos6jg30to22YTo98u7O3kdLqv7uzDWWn_4zHbdo9_LrxszcaEysvCEZkwqvsECz_M0bq9rTUMqLoeE5CJwCyWx_HPU69Ewui5FeDdzVHmO_XFm_fE0_SGvyoefsV9hzlb_s29rsBJcSXbU6n4d5uzwByzPEAz-hMPbkWUNstPhyD5WA8sCneo9GzfsxLoNBHY8cSlS2D-a0zhoXpk_lReYuzfg9uz0pncehZQJkSGgNo4yFJXISyxsUcrYCF0lsTW5rghAIxYEJuqMLJzKtOG1TgSSxDhBCqNLmXCTbcL8sBnaLWDIkXwr8p8STaiGGtBbgY5ekBtpjOhA-i5IZUKvXFqLgfK4Ipaqlb5y0ldB-h04mDZ6auk0vq5-7DQ0req4sH0BiV4F01I8q1HnmaCRy1wbIUtpiirGhAZsRIId2HDqmvleq6kO7L4rXAXDHSlCoI5AKE3F9ifNfsH385urS3V50f-7A0uuu21IZhfmx88TuweL5mX8MHre97PzDYiT4RA
openUrl ctx_ver=Z39.88-2004&ctx_enc=info%3Aofi%2Fenc%3AUTF-8&rfr_id=info%3Asid%2Fsummon.serialssolutions.com&rft_val_fmt=info%3Aofi%2Ffmt%3Akev%3Amtx%3Ajournal&rft.genre=article&rft.atitle=Use+of+Ensemble+Learning+to+Detect+Buffer+Overflow+Exploitation&rft.jtitle=IEEE+access&rft.au=Youssef%2C+Ayman&rft.au=Abdelrazek%2C+Mohamed&rft.au=Karmakar%2C+Chandan&rft.date=2023&rft.pub=IEEE&rft.eissn=2169-3536&rft.volume=11&rft.spage=52009&rft.epage=52025&rft_id=info:doi/10.1109%2FACCESS.2023.3279280&rft.externalDocID=10131927
thumbnail_l http://covers-cdn.summon.serialssolutions.com/index.aspx?isbn=/lc.gif&issn=2169-3536&client=summon
thumbnail_m http://covers-cdn.summon.serialssolutions.com/index.aspx?isbn=/mc.gif&issn=2169-3536&client=summon
thumbnail_s http://covers-cdn.summon.serialssolutions.com/index.aspx?isbn=/sc.gif&issn=2169-3536&client=summon