An efficient and backwards-compatible transformation to ensure memory safety of C programs
暂无分享,去创建一个
Wei Xu | Daniel C. DuVarney | R. Sekar | W. Xu | R. Sekar
[1] John Johansen,et al. PointGuard™: Protecting Pointers from Buffer Overflow Vulnerabilities , 2003, USENIX Security Symposium.
[2] Olatunji Ruwase,et al. A Practical Dynamic Buffer Overflow Detector , 2004, NDSS.
[3] Susan Horwitz,et al. Protecting C programs from attacks via invalid pointer dereferences , 2003, ESEC/FSE-11.
[4] Somesh Jha,et al. Buffer overrun detection using linear programming and static analysis , 2003, CCS '03.
[5] George C. Necula,et al. CCured in the real world , 2003, PLDI '03.
[6] Navjot Singh,et al. Transparent Run-Time Defense Against Stack-Smashing Attacks , 2000, USENIX Annual Technical Conference, General Track.
[7] Deepak Gupta,et al. TIED, LibsafePlus: Tools for Runtime Buffer Overflow Protection , 2004, USENIX Security Symposium.
[8] David A. Wagner,et al. A First Step Towards Automated Detection of Buffer Overrun Vulnerabilities , 2000, NDSS.
[9] David Evans,et al. Statically Detecting Likely Buffer Overflow Vulnerabilities , 2001, USENIX Security Symposium.
[10] Paul H. J. Kelly,et al. Backwards-Compatible Bounds Checking for Arrays and Pointers in C Programs , 1997, AADEBUG.
[11] Alexander Aiken,et al. A theory of type qualifiers , 1999, PLDI '99.
[12] Robert O. Hastings,et al. Fast detection of memory leaks and access errors , 1991 .
[13] Todd M. Austin,et al. Efficient detection of all pointer and array access errors , 1994, PLDI '94.
[14] Susan Horwitz,et al. Debugging via Run-Time Type Checking , 2001, FASE.
[15] Steve J. Chapin,et al. Type-Assisted Dynamic Buffer Overflow Detection , 2002, USENIX Security Symposium.
[16] Tzi-cker Chiueh,et al. RAD: a compile-time solution to buffer overflow attacks , 2001, Proceedings 21st International Conference on Distributed Computing Systems.
[17] Michael Rodeh,et al. CSSV: towards a realistic tool for statically detecting all buffer overflows in C , 2003, PLDI '03.
[18] Joseph L. Steffen. Adding run‐time checking to the portable C compiler , 1992, Softw. Pract. Exp..
[19] Harish Patil,et al. Efficient Run-time Monitoring Using Shadow Processing , 1995, AADEBUG.
[20] George C. Necula,et al. CCured: type-safe retrofitting of legacy code , 2002, POPL '02.
[21] Crispan Cowan,et al. StackGuard: Automatic Adaptive Detection and Prevention of Buffer-Overflow Attacks , 1998, USENIX Security Symposium.
[22] James Cheney,et al. Cyclone: A Safe Dialect of C , 2002, USENIX Annual Technical Conference, General Track.
[23] Matt Bishop,et al. Testing C Programs for Buffer Overflow Vulnerabilities , 2003, NDSS.
[24] Martin C. Rinard,et al. Symbolic bounds analysis of pointers, array indices, and accessed memory regions , 2005, TOPL.
[25] Akinori Yonezawa,et al. Fail-Safe ANSI-C Compiler: An Approach to Making C Programs Secure: Progress Report , 2002, ISSS.
[26] Daniel C. DuVarney,et al. Address Obfuscation: An Efficient Approach to Combat a Broad Range of Memory Error Exploits , 2003, USENIX Security Symposium.
[27] Satish Chandra,et al. Coping with type casts in C , 1999, ESEC/FSE-7.
[28] Crispin Cowan,et al. FormatGuard: Automatic Protection From printf Format String Vulnerabilities , 2001, USENIX Security Symposium.
[29] Harish Patil,et al. Low-Cost, Concurrent Checking of Pointer and Array Accesses in C Programs , 1997, Softw. Pract. Exp..
[30] Harish Patil,et al. Low‐cost, Concurrent Checking of Pointer and Array Accesses in C Programs , 1997 .
[31] Hans-Juergen Boehm,et al. Garbage collection in an uncooperative environment , 1988, Softw. Pract. Exp..
[32] Dawson R. Engler,et al. ARCHER: using symbolic, path-sensitive analysis to detect memory access errors , 2003, ESEC/FSE-11.
[33] Anne Rogers,et al. Software caching and computation migration in Olden , 1995, PPOPP '95.
[34] George C. Necula,et al. CIL: Intermediate Language and Tools for Analysis and Transformation of C Programs , 2002, CC.