Practical automatic determination of causal relationships in software execution traces
暂无分享,去创建一个
[1] Jan Vitek,et al. Efficient intrusion detection using automaton inlining , 2005, 2005 IEEE Symposium on Security and Privacy (S&P'05).
[2] Alfonso Valdes,et al. Probabilistic Alert Correlation , 2001, Recent Advances in Intrusion Detection.
[3] Keith Marzullo,et al. Computer Forensics in Forensis , 2008, 2008 Third International Workshop on Systematic Approaches to Digital Forensic Engineering.
[4] Samuel T. King,et al. Enriching Intrusion Alerts Through Multi-Host Causality , 2005, NDSS.
[5] K J Biba,et al. Integrity Considerations for Secure Computer Systems , 1977 .
[6] Tom Burr,et al. Causation, Prediction, and Search , 2003, Technometrics.
[7] Calvin Lin,et al. Efficient and extensible security enforcement using dynamic data flow analysis , 2008, CCS.
[8] Weibo Gong,et al. Anomaly detection using call stack information , 2003, 2003 Symposium on Security and Privacy, 2003..
[9] O. Penrose. The Direction of Time , 1962 .
[10] David W. Binkley,et al. Interprocedural slicing using dependence graphs , 1990, TOPL.
[11] David Zhang,et al. Secure program execution via dynamic information flow tracking , 2004, ASPLOS XI.
[12] Christoforos E. Kozyrakis,et al. Raksha: a flexible information flow architecture for software security , 2007, ISCA '07.
[13] Marcus J. Ranum. Experiences Benchmarking Intrusion Detection Systems , 2002 .
[14] Carla E. Brodley,et al. Temporal sequence learning and data reduction for anomaly detection , 1998, CCS '98.
[15] Tzi-cker Chiueh,et al. A General Dynamic Information Flow Tracking Framework for Security Applications , 2006, 2006 22nd Annual Computer Security Applications Conference (ACSAC'06).
[16] Mikhail J. Atallah,et al. An empirical study of automatic event reconstruction systems , 2006, Digit. Investig..
[17] Stephanie Forrest,et al. A sense of self for Unix processes , 1996, Proceedings 1996 IEEE Symposium on Security and Privacy.
[18] Frank Tip,et al. A survey of program slicing techniques , 1994, J. Program. Lang..
[19] David A. Bell,et al. Secure computer systems: mathematical foundations and model , 1973 .
[20] Florian P. Buchholz,et al. Design and Implementation of Zeitline: a Forensic Timeline Editor , 2005, DFRWS.
[21] Karl N. Levitt,et al. Execution monitoring of security-critical programs in distributed systems: a specification-based approach , 1997, Proceedings. 1997 IEEE Symposium on Security and Privacy (Cat. No.97CB36097).
[22] P. Suppes. A Probabilistic Theory Of Causality , 1970 .
[23] Markus Mock,et al. Improving program slicing with dynamic points-to data , 2002, SIGSOFT '02/FSE-10.
[24] Harish Patil,et al. Pin: building customized program analysis tools with dynamic instrumentation , 2005, PLDI '05.
[25] Peng Ning,et al. Analyzing Intensive Intrusion Alerts via Correlation , 2002, RAID.
[26] Frédéric Cuppens,et al. Alert correlation in a cooperative intrusion detection framework , 2002, Proceedings 2002 IEEE Symposium on Security and Privacy.
[27] Maurice J. Bach. The Design of the UNIX Operating System , 1986 .
[28] Subbarayan Venkatesan,et al. Forensic analysis of file system intrusions using improved backtracking , 2005, Third IEEE International Workshop on Information Assurance (IWIA'05).
[29] Alex Aiken,et al. Cooperative Bug Isolation , 2007 .
[30] Joe D. Warren,et al. The program dependence graph and its use in optimization , 1987, TOPL.
[31] Steve J. Chapin,et al. Monitoring Access to Shared Memory-Mapped Files , 2005, DFRWS.
[32] Peter J. Denning,et al. Certification of programs for secure information flow , 1977, CACM.
[33] Somesh Jha,et al. Efficient Context-Sensitive Intrusion Detection , 2004, NDSS.
[34] Stephanie Forrest,et al. Intrusion Detection Using Sequences of System Calls , 1998, J. Comput. Secur..
[35] James R. Larus,et al. Efficient path profiling , 1996, Proceedings of the 29th Annual IEEE/ACM International Symposium on Microarchitecture. MICRO 29.
[36] Robert P. Goldberg,et al. Survey of virtual machine research , 1974, Computer.
[37] J. Mill. A System of Logic , 1843 .
[38] Wei Xu,et al. Taint-Enhanced Policy Enforcement: A Practical Approach to Defeat a Wide Range of Attacks , 2006, USENIX Security Symposium.
[39] Cheng Wang,et al. LIFT: A Low-Overhead Practical Information Flow Tracking System for Detecting Security Attacks , 2006, 2006 39th Annual IEEE/ACM International Symposium on Microarchitecture (MICRO'06).
[40] Gavin Lowe,et al. Quantifying information flow , 2002, Proceedings 15th IEEE Computer Security Foundations Workshop. CSFW-15.
[41] Xiangyu Zhang,et al. Precise dynamic slicing algorithms , 2003, 25th International Conference on Software Engineering, 2003. Proceedings..
[42] Guilherme Ottoni,et al. RIFLE: An Architectural Framework for User-Centric Information-Flow Security , 2004, 37th International Symposium on Microarchitecture (MICRO-37'04).
[43] Wu-chi Feng,et al. Forensix: a robust, high-performance reconstruction system , 2005, 25th IEEE International Conference on Distributed Computing Systems Workshops.
[44] Rajiv Gupta,et al. Hybrid slicing: an approach for refining static slices using dynamic information , 1995, SIGSOFT FSE.
[45] Samuel T. King,et al. Backtracking intrusions , 2003, SOSP '03.
[46] Christophe Bidan,et al. An Improved Reference Flow Control Model for Policy-Based Intrusion Detection , 2003, ESORICS.
[47] Somesh Jha,et al. Formalizing sensitivity in static analysis for intrusion detection , 2004, IEEE Symposium on Security and Privacy, 2004. Proceedings. 2004.
[48] Donald Nute,et al. Counterfactuals , 1975, Notre Dame J. Formal Log..
[49] Samuel T. King,et al. ReVirt: enabling intrusion analysis through virtual-machine logging and replay , 2002, OPSR.
[50] J. Meseguer,et al. Security Policies and Security Models , 1982, 1982 IEEE Symposium on Security and Privacy.
[51] David Brumley,et al. All You Ever Wanted to Know about Dynamic Taint Analysis and Forward Symbolic Execution (but Might Have Been Afraid to Ask) , 2010, 2010 IEEE Symposium on Security and Privacy.
[52] Eugene H. Spafford,et al. Pervasive binding of labels to system processes , 2005 .
[53] J. Pearl. Causality: Models, Reasoning and Inference , 2000 .
[54] Mark David Weiser,et al. Program slices: formal, psychological, and practical investigations of an automatic program abstraction method , 1979 .
[55] Chris I. Dalton,et al. Dynamic label binding at run-time , 2003, NSPW '03.
[56] Judea Pearl,et al. Reasoning with Cause and Effect , 1999, IJCAI.
[57] Christophe Bidan,et al. Experimenting with a policy-based HIDS based on an information flow control model , 2003, 19th Annual Computer Security Applications Conference, 2003. Proceedings..
[58] Michael J. Nash,et al. The Chinese Wall security policy , 1989, Proceedings. 1989 IEEE Symposium on Security and Privacy.
[59] Of references. , 1966, JAMA.
[60] Fabian Monrose,et al. Trail of bytes: efficient support for forensic analysis , 2010, CCS '10.
[61] Stephen McCamant,et al. Measuring channel capacity to distinguish undue influence , 2009, PLAS '09.
[62] Frederic T. Chong,et al. Minos: Control Data Attack Prevention Orthogonal to Memory Model , 2004, 37th International Symposium on Microarchitecture (MICRO-37'04).
[63] Eugene H. Spafford,et al. On the role of file system metadata in digital forensics , 2004, Digit. Investig..
[64] Unix System Laboratories. System V Application Binary Interface , 1993 .
[65] Eugene H. Spafford,et al. An Event-Based Digital Forensic Investigation Framework , 2004 .
[66] Flemming Nielson,et al. Security Analysis using Flow Logics , 2000, Bull. EATCS.
[67] James Newsome,et al. Dynamic Taint Analysis for Automatic Detection, Analysis, and SignatureGeneration of Exploits on Commodity Software , 2005, NDSS.
[68] Andrew C. Myers,et al. JFlow: practical mostly-static information flow control , 1999, POPL '99.
[69] Alessandro Orso,et al. Dytan: a generic dynamic taint analysis framework , 2007, ISSTA '07.
[70] R. Sekar,et al. A fast automaton-based method for detecting anomalous program behaviors , 2001, Proceedings 2001 IEEE Symposium on Security and Privacy. S&P 2001.
[71] Peng Ning,et al. Constructing attack scenarios through correlation of intrusion alerts , 2002, CCS '02.
[72] Chris Hankin,et al. Approximate non-interference , 2002, Proceedings 15th IEEE Computer Security Foundations Workshop. CSFW-15.
[73] G. A. Venkatesh,et al. Experimental results from dynamic slicing of C programs , 1995, TOPL.
[74] James R. Larus,et al. EEL: machine-independent executable editing , 1995, PLDI '95.
[75] Susan W. Brenner,et al. The Trojan Horse Defense in Cybercrime Cases , 2004 .
[76] Clay Shields,et al. Providing process origin information to aid in computer forensic investigations , 2004, J. Comput. Secur..
[77] Massimo Bernaschi,et al. Operating system enhancements to prevent the misuse of system calls , 2000, CCS.
[78] Brian D. Carrier,et al. Defining event reconstruction of digital crime scenes. , 2004, Journal of forensic sciences.
[79] Alexander Dekhtyar,et al. Information Retrieval , 2018, Lecture Notes in Computer Science.
[80] T. Redmond,et al. Noninterference and intrusion detection , 2002, Proceedings 2002 IEEE Symposium on Security and Privacy.
[81] Dorothy E. Denning,et al. Cryptography and Data Security , 1982 .
[82] J. Bennett,et al. Enquiry Concerning Human Understanding , 2010 .
[83] Hovav Shacham,et al. On the effectiveness of address-space randomization , 2004, CCS '04.
[84] P. Spirtes,et al. Causation, prediction, and search , 1993 .
[85] Joseph Robert Horgan,et al. Dynamic program slicing , 1990, PLDI '90.
[86] Richard Scheines,et al. Causation, Prediction, and Search, Second Edition , 2000, Adaptive computation and machine learning.
[87] Andrew C. Myers,et al. Language-based information-flow security , 2003, IEEE J. Sel. Areas Commun..
[88] Xuxian Jiang,et al. Provenance-Aware Tracing ofWorm Break-in and Contaminations: A Process Coloring Approach , 2006, 26th IEEE International Conference on Distributed Computing Systems (ICDCS'06).
[89] D. Lewis. Philosophical Papers: Volume II , 1987 .
[90] David W. Binkley,et al. A large-scale empirical study of forward and backward static slice size and context sensitivity , 2003, International Conference on Software Maintenance, 2003. ICSM 2003. Proceedings..
[91] Christophe Bidan,et al. Introducing Reference Flow Control for Detecting Intrusion Symptoms at the OS Level , 2002, RAID.
[92] David A. Wagner,et al. Intrusion detection via static analysis , 2001, Proceedings 2001 IEEE Symposium on Security and Privacy. S&P 2001.
[93] Eugene H. Spafford,et al. A hypothesis-based approach to digital forensic investigations , 2006 .
[94] Tal Garfinkel,et al. Understanding data lifetime via whole system simulation , 2004 .
[95] Jonathan K. Millen,et al. Covert Channel Capacity , 1987, 1987 IEEE Symposium on Security and Privacy.