Capturing Malware Propagations with Code Injections and Code-Reuse Attacks
暂无分享,去创建一个
[1] Wenke Lee,et al. Ether: malware analysis via hardware virtualization extensions , 2008, CCS.
[2] Fabrice Bellard,et al. QEMU, a Fast and Portable Dynamic Translator , 2005, USENIX Annual Technical Conference, FREENIX Track.
[3] Guillaume Bonfante,et al. CoDisasm: Medium Scale Concatic Disassembly of Self-Modifying Binaries with Overlapping Instructions , 2015, CCS.
[4] Zhenkai Liang,et al. BitBlaze: A New Approach to Computer Security via Binary Analysis , 2008, ICISS.
[5] Jan Gustafsson,et al. The Mälardalen WCET Benchmarks: Past, Present And Future , 2010, WCET.
[6] Heng Yin,et al. DroidScope: Seamlessly Reconstructing the OS and Dalvik Semantic Views for Dynamic Android Malware Analysis , 2012, USENIX Security Symposium.
[7] Hovav Shacham,et al. When good instructions go bad: generalizing return-oriented programming to RISC , 2008, CCS.
[8] Heng Yin,et al. Make it work, make it right, make it fast: building a platform-neutral whole-system dynamic binary analysis platform , 2014, ISSTA 2014.
[9] R. Sekar,et al. On the Limits of Information Flow Techniques for Malware Analysis and Containment , 2008, DIMVA.
[10] Heng Yin,et al. DECAF: A Platform-Neutral Whole-System Dynamic Binary Analysis Platform , 2017, IEEE Transactions on Software Engineering.
[11] Hovav Shacham,et al. Can DREs Provide Long-Lasting Security? The Case of Return-Oriented Programming and the AVC Advantage , 2009, EVT/WOTE.
[12] Angelos D. Keromytis,et al. ROP payload detection using speculative code execution , 2011, 2011 6th International Conference on Malicious and Unwanted Software.
[13] Heng Yin,et al. Dynamic Spyware Analysis , 2007, USENIX Annual Technical Conference.
[14] Claudia Eckert,et al. Persistent Data-only Malware: Function Hooks without Code , 2014, NDSS.
[15] Heng Yin,et al. Panorama: capturing system-wide information flow for malware detection and analysis , 2007, CCS '07.
[16] Hovav Shacham,et al. The geometry of innocent flesh on the bone: return-into-libc without function calls (on the x86) , 2007, CCS '07.
[17] Byung-Gon Chun,et al. TaintDroid: An Information-Flow Tracking System for Realtime Privacy Monitoring on Smartphones , 2010, OSDI.
[18] Zhenkai Liang,et al. Jump-oriented programming: a new class of code-reuse attack , 2011, ASIACCS '11.
[19] Davide Balzarotti,et al. ROPMEMU: A Framework for the Analysis of Complex Code-Reuse Attacks , 2016, AsiaCCS.
[20] Heng Yin,et al. Renovo: a hidden code extractor for packed executables , 2007, WORM '07.
[21] David Korczynski. RePEconstruct: reconstructing binaries with self-modifying code and import address table destruction , 2016, 2016 11th International Conference on Malicious and Unwanted Software (MALWARE).
[22] Herbert Bos,et al. Size Does Matter: Why Using Gadget-Chain Length to Prevent Code-Reuse Attacks is Hard , 2014, USENIX Security Symposium.
[23] Wenke Lee,et al. PolyUnpack: Automating the Hidden-Code Extraction of Unpack-Executing Malware , 2006, 2006 22nd Annual Computer Security Applications Conference (ACSAC'06).
[24] Ernest Foo,et al. Integrity verification of user space code , 2013 .
[25] Davide Balzarotti,et al. SoK: Deep Packer Inspection: A Longitudinal Study of the Complexity of Run-Time Packers , 2015, 2015 IEEE Symposium on Security and Privacy.
[26] Ahmad-Reza Sadeghi,et al. Stitching the Gadgets: On the Ineffectiveness of Coarse-Grained Control-Flow Integrity Protection , 2014, USENIX Security Symposium.
[27] Lok K. Yan,et al. SoK : On the Soundness and Precision of Dynamic Taint Analysis , 2017 .
[28] Somesh Jha,et al. OmniUnpack: Fast, Generic, and Safe Unpacking of Malware , 2007, Twenty-Third Annual Computer Security Applications Conference (ACSAC 2007).
[29] George Candea,et al. The S2E Platform: Design, Implementation, and Applications , 2012, TOCS.
[30] Christopher Krügel,et al. Exploring Multiple Execution Paths for Malware Analysis , 2007, 2007 IEEE Symposium on Security and Privacy (SP '07).
[31] Claudia Eckert,et al. Counteracting Data-Only Malware with Code Pointer Examination , 2015, RAID.