http://www.usenix.org/events/leet09/tech/:

2nd USENIX Workshop on Large-Scale Exploits and Emergent Threats

LEET '09 was held in conjunction with the 6th USENIX Symposium on
Networked Systems Design and Implementation (NSDI '09), April
22-24, 2009.

--

http://www.usenix.org/events/leet09/tech/full_papers/polychronakis/polychron
akis.pdf:

An Empirical Study of Real-world Polymorphic Code Injection Attacks

Michalis Polychronakis
Kostas G. Anagnostakis
Evangelos P. Markatos 

Abstract

Remote code injection attacks against network services remain one of
the most effective and widely used exploitation methods for malware
propagation. In this paper, we present a study of more than 1.2
million polymorphic code injection attacks targeting production
systems, captured using network-level emulation. We focus on the
analysis of the structure and operation of the attack code, as well as
the overall attack activity in relation to the targeted services. The
observed attacks employ a highly diverse set of exploits, often
against less widely used vulnerable services, while our results
indicate limited use of sophisticated obfuscation schemes and
extensive code reuse among different malware families.