Abstract—Recent exploit techniques are highly complex, and it is not easy for cybersecurity learners to understand the attack strategies quickly and clearly. For efficient and comprehensive learning, this paper proposes an attack-scheme visualization system that fulfills three requirements: attack progress visualization in real-time, memory and register-level description, and concise description of the attack schemes. This paper exemplifies two cases: stack buffer overflow and ROP attacks, and demonstrates how the system operates and how users can learn that existing defense technologies are effective or ineffective depending on the execution environments.
Index Terms—Exploit code, visualization, ROP, cybersecurity learning.
S. Kose is with the Department of Computer Science and Engineering, Fukuoka Institute of Technology, Fukuoka, 811-0295, Japan (e-mail: s16a2025@bene.fit.ac.jp).
Y. Suenaga and K. Oida are with the Graduate School of Course of Computer Science and Engineering, Fukuoka Institute of Technology, Fukuoka, 811-0295, Japan (e-mail: mfm19102@bene.fit.ac.jp, oida@fit.ac.jp).
Cite: Seima Kose, Yumi Suenaga, and Kazumasa Oida, "Real-time Attack-Scheme Visualization for Complex Exploit Technique Comprehension," International Journal of Machine Learning and Computing vol. 11, no. 1, pp. 164-169, 2021.
Copyright © 2021 by the authors. This is an open access article distributed under the Creative Commons Attribution License which permits unrestricted use, distribution, and reproduction in any medium, provided the original work is properly cited (CC BY 4.0).