SQLrand: Preventing SQL Injection Attacks
暂无分享,去创建一个
[1] Andrew Berman,et al. TRON: Process-Specific File Protection for the UNIX Operating System , 1995, USENIX.
[2] David A. Wagner,et al. A Secure Environment for Untrusted Helper Applications , 1996, USENIX Security Symposium.
[3] A. One,et al. Smashing The Stack For Fun And Profit , 1996 .
[4] Daniel F. Sterne,et al. Confining Root Programs with Domain and Type Enforcement , 1996, USENIX Security Symposium.
[5] T. Mitchem,et al. Using kernel hypervisors to secure applications , 1997, Proceedings 13th Annual Computer Security Applications Conference.
[6] David H. Ackley,et al. Building diverse computer systems , 1997, Proceedings. The Sixth Workshop on Hot Topics in Operating Systems (Cat. No.97TB100133).
[7] Thomas E. Anderson,et al. SLIC: An Extensibility System for Commodity Operating Systems , 1998, USENIX Annual Technical Conference.
[8] Klaus Erik Schauser,et al. Consh: Confined Execution Environment for Internet Computations , 1998 .
[9] Crispan Cowan,et al. StackGuard: Automatic Adaptive Detection and Prevention of Buffer-Overflow Attacks , 1998, USENIX Security Symposium.
[10] Alain J. Mayer,et al. Security of Web Browser Scripting Languages: Vulnerabilities, Attacks, and Remedies , 1998, USENIX Security Symposium.
[11] A. Acharya,et al. MAPbox: Using Parameterized Behavior Classes to Confine Applications , 1999 .
[12] Alexander Aiken,et al. A theory of type qualifiers , 1999, PLDI '99.
[13] Timothy Fraser,et al. Hardening COTS software with generic software wrappers , 1999, Proceedings of the 1999 IEEE Symposium on Security and Privacy (Cat. No.99CB36344).
[14] David A. Wagner,et al. A First Step Towards Automated Detection of Buffer Overrun Vulnerabilities , 2000, NDSS.
[15] Calton Pu,et al. The Cracker Patch Choice: An Analysis of Post Hoc Security Techniques , 2000 .
[16] R. M. Balzer,et al. Mediating connectors: a non-bypassable process wrapping technology , 2000, Proceedings DARPA Information Survivability Conference and Exposition. DISCEX'00.
[17] Diomidis Spinellis,et al. Sandboxing Applications , 2001, USENIX Annual Technical Conference, FREENIX Track.
[18] Stephen Smalley,et al. Integrating Flexible Support for Security Policies into the Linux Operating System , 2001, USENIX Annual Technical Conference, FREENIX Track.
[19] Robert N. M. Watson,et al. TrustedBSD: Adding Trusted Operating System Features to FreeBSD , 2001, USENIX Annual Technical Conference, FREENIX Track.
[20] David Evans,et al. Statically Detecting Likely Buffer Overflow Vulnerabilities , 2001, USENIX Security Symposium.
[21] David A. Wagner,et al. This copyright notice must be included in the reproduced paper. USENIX acknowledges all trademarks herein. Detecting Format String Vulnerabilities with Type Qualifiers , 2001 .
[22] Chris Anley,et al. Advanced SQL Injection In SQL Server Applications , 2002 .
[23] Steve J. Chapin,et al. Type-Assisted Dynamic Buffer Overflow Detection , 2002, USENIX Security Symposium.
[24] Matt Bishop,et al. A Flexible Containment Mechanism for Executing Untrusted Code , 2002, USENIX Security Symposium.
[25] Todd M. Austin,et al. High Coverage Detection of Input-Related Security Faults , 2003, USENIX Security Symposium.
[26] Tal Garfinkel,et al. Traps and Pitfalls: Practical Problems in System Call Interposition Based Security Tools , 2003, NDSS.
[27] Niels Provos,et al. Improving Host Security with System Call Policies , 2003, USENIX Security Symposium.
[28] Angelos D. Keromytis,et al. Countering code-injection attacks with instruction-set randomization , 2003, CCS '03.
[29] John Johansen,et al. PointGuard™: Protecting Pointers from Buffer Overflow Vulnerabilities , 2003, USENIX Security Symposium.
[30] David H. Ackley,et al. Randomized instruction set emulation to disrupt binary code injection attacks , 2003, CCS '03.
[31] Saumya K. Debray,et al. Obfuscation of executable code to improve resistance to static disassembly , 2003, CCS '03.
[32] Michael Rodeh,et al. CSSV: towards a realistic tool for statically detecting all buffer overflows in C , 2003, PLDI '03.
[33] Daniel C. DuVarney,et al. Address Obfuscation: An Efficient Approach to Combat a Broad Range of Memory Error Exploits , 2003, USENIX Security Symposium.