PAriCheck: an efficient pointer arithmetic checker for C programs
暂无分享,去创建一个
Wouter Joosen | Frank Piessens | R. Sekar | Lorenzo Cavallaro | Pieter Philippaerts | Yves Younan | W. Joosen | F. Piessens | L. Cavallaro | R. Sekar | Yves Younan | Pieter Philippaerts | Frank Piessens
[1] Joseph L. Steffen. Adding run‐time checking to the portable C compiler , 1992, Softw. Pract. Exp..
[2] Todd M. Austin,et al. Efficient detection of all pointer and array access errors , 1994, PLDI '94.
[3] A. One,et al. Smashing The Stack For Fun And Profit , 1996 .
[4] Paul H. J. Kelly,et al. Backwards-Compatible Bounds Checking for Arrays and Pointers in C Programs , 1997, AADEBUG.
[5] Crispan Cowan,et al. StackGuard: Automatic Adaptive Detection and Prevention of Buffer-Overflow Attacks , 1998, USENIX Security Symposium.
[6] Vivek Sarkar,et al. ABCD: eliminating array bounds checks on demand , 2000, PLDI '00.
[7] 尚弘 島影. National Institute of Standards and Technologyにおける超伝導研究及び生活 , 2001 .
[8] Tzi-cker Chiueh,et al. RAD: a compile-time solution to buffer overflow attacks , 2001, Proceedings 21st International Conference on Distributed Computing Systems.
[9] James Cheney,et al. Cyclone: A Safe Dialect of C , 2002, USENIX Annual Technical Conference, General Track.
[10] Derek Bruening,et al. Secure Execution via Program Shepherding , 2002, USENIX Security Symposium.
[11] George C. Necula,et al. CCured: type-safe retrofitting of legacy code , 2002, POPL '02.
[12] James Cheney,et al. Region-based memory management in cyclone , 2002, PLDI '02.
[13] George C. Necula,et al. CIL: Intermediate Language and Tools for Analysis and Transformation of C Programs , 2002, CC.
[14] Dinakar Dhurjati,et al. Ensuring code safety without runtime checks for real-time control systems , 2002, CASES '02.
[15] George C. Necula,et al. CCured in the real world , 2003, PLDI '03.
[16] Dinakar Dhurjati,et al. Memory safety without runtime checks or garbage collection , 2003, LCTES '03.
[17] Angelos D. Keromytis,et al. Countering code-injection attacks with instruction-set randomization , 2003, CCS '03.
[18] John Johansen,et al. PointGuard™: Protecting Pointers from Buffer Overflow Vulnerabilities , 2003, USENIX Security Symposium.
[19] David H. Ackley,et al. Randomized instruction set emulation to disrupt binary code injection attacks , 2003, CCS '03.
[20] Ravishankar K. Iyer,et al. Transparent runtime randomization for security , 2003, 22nd International Symposium on Reliable Distributed Systems, 2003. Proceedings..
[21] Andreas Krennmair. ContraPolice: a libc Extension for Protecting Applications from Heap-Smashing Attacks , 2003 .
[22] Daniel C. DuVarney,et al. Address Obfuscation: An Efficient Approach to Combat a Broad Range of Memory Error Exploits , 2003, USENIX Security Symposium.
[23] Christopher Krügel,et al. Run-time Detection of Heap-based Overflows , 2003, LISA.
[24] Wei Xu,et al. An efficient and backwards-compatible transformation to ensure memory safety of C programs , 2004, SIGSOFT '04/FSE-12.
[25] Olatunji Ruwase,et al. A Practical Dynamic Buffer Overflow Detector , 2004, NDSS.
[26] Wouter Joosen,et al. Code injection in C and C++: a survey of vulnerabilities and countermeasures , 2004 .
[27] James R. Larus,et al. Righting software , 2004, IEEE Software.
[28] Vikram S. Adve,et al. Automatic pool allocation: improving performance by controlling data structure layout in the heap , 2005, PLDI '05.
[29] Jun Xu,et al. Non-Control-Data Attacks Are Realistic Threats , 2005, USENIX Security Symposium.
[30] Daniel C. DuVarney,et al. Efficient Techniques for Comprehensive Protection from Memory Error Exploits , 2005, USENIX Security Symposium.
[31] Wouter Joosen,et al. Extended Protection against Stack Smashing Attacks without Performance Loss , 2006, 2006 22nd Annual Computer Security Applications Conference (ACSAC'06).
[32] Wouter Joosen,et al. Efficient Protection Against Heap-Based Buffer Overflows Without Resorting to Magic , 2006, ICICS.
[33] Dinakar Dhurjati,et al. Backwards-compatible array bounds checking for C with very low overhead , 2006, ICSE.
[34] Úlfar Erlingsson,et al. Low-Level Software Security: Attacks and Defenses , 2007, FOSAD.
[35] Alessandro Orso,et al. Effective memory protection using dynamic tainting , 2007, ASE '07.
[36] Hovav Shacham,et al. The geometry of innocent flesh on the bone: return-into-libc without function calls (on the x86) , 2007, CCS '07.
[37] Yves Younan,et al. Efficient Countermeasures for Software Vulnerabilities due to Memory Management Errors (Efficiënte tegenmaatregelen voor softwarekwetsbaarheden veroorzaakt door geheugenbeheerfouten) , 2008 .
[38] Miguel Castro,et al. Preventing Memory Error Exploits with WIT , 2008, 2008 IEEE Symposium on Security and Privacy (sp 2008).
[39] S. Bhatkar,et al. Data Space Randomization , 2008, DIMVA.
[40] Frank Piessens,et al. Breaking the memory secrecy assumption , 2009, EUROSEC '09.
[41] Milo M. K. Martin,et al. SoftBound: highly compatible and complete spatial memory safety for c , 2009, PLDI '09.
[42] Miguel Castro,et al. Baggy Bounds Checking: An Efficient and Backwards-Compatible Defense against Out-of-Bounds Errors , 2009, USENIX Security Symposium.
[43] Yutaka Oiwa,et al. Implementation of the memory-safe full ANSI-C compiler , 2009, PLDI '09.
[44] Úlfar Erlingsson,et al. Low-Level Software Security by Example , 2010, Handbook of Information and Communication Security.