Preventing Memory Error Exploits with WIT
暂无分享,去创建一个
Miguel Castro | Costin Raiciu | Periklis Akritidis | Manuel Costa | Cristian Cadar | M. Castro | Manuel Costa | Cristian Cadar | C. Raiciu | P. Akritidis
[1] John Wilander,et al. A Comparison of Publicly Available Tools for Dynamic Buffer Overflow Prevention , 2003, NDSS.
[2] James Cheney,et al. Cyclone: A Safe Dialect of C , 2002, USENIX Annual Technical Conference, General Track.
[3] Angelos D. Keromytis,et al. Countering code-injection attacks with instruction-set randomization , 2003, CCS '03.
[4] David A. Wagner,et al. Intrusion detection via static analysis , 2001, Proceedings 2001 IEEE Symposium on Security and Privacy. S&P 2001.
[5] Wei Xu,et al. Taint-Enhanced Policy Enforcement: A Practical Approach to Defeat a Wide Range of Attacks , 2006, USENIX Security Symposium.
[6] Paul H. J. Kelly,et al. Backwards-Compatible Bounds Checking for Arrays and Pointers in C Programs , 1997, AADEBUG.
[7] Jonathan D. Pincus,et al. Beyond stack smashing: recent advances in exploiting buffer overruns , 2004, IEEE Security & Privacy Magazine.
[8] David A. Wagner,et al. A First Step Towards Automated Detection of Buffer Overrun Vulnerabilities , 2000, NDSS.
[9] David Evans,et al. Statically Detecting Likely Buffer Overflow Vulnerabilities , 2001, USENIX Security Symposium.
[10] Miguel Castro,et al. Vigilante: end-to-end containment of internet worms , 2005, SOSP '05.
[11] Stefan Savage,et al. Inside the Slammer Worm , 2003, IEEE Secur. Priv..
[12] AbadiMartín,et al. Control-flow integrity principles, implementations, and applications , 2009 .
[13] Susan Horwitz,et al. Protecting C programs from attacks via invalid pointer dereferences , 2003, ESEC/FSE-11.
[14] Miguel Castro,et al. Securing software by enforcing data-flow integrity , 2006, OSDI '06.
[15] Martin C. Carlisle,et al. Olden: parallelizing programs with dynamic data structures on distributed-memory machines , 1996 .
[16] Alessandro Orso,et al. Effective memory protection using dynamic tainting , 2007, ASE '07.
[17] Wei Xu,et al. An efficient and backwards-compatible transformation to ensure memory safety of C programs , 2004, SIGSOFT '04/FSE-12.
[18] Emery D. Berger,et al. DieHard: probabilistic memory safety for unsafe languages , 2006, PLDI '06.
[19] Olatunji Ruwase,et al. A Practical Dynamic Buffer Overflow Detector , 2004, NDSS.
[20] Lars Ole Andersen,et al. Program Analysis and Specialization for the C Programming Language , 2005 .
[21] Tzi-cker Chiueh,et al. DIRA: Automatic Detection, Identification and Repair of Control-Hijacking Attacks , 2005, NDSS.
[22] Crispin Cowan,et al. FormatGuard: Automatic Protection From printf Format String Vulnerabilities , 2001, USENIX Security Symposium.
[23] Susan Horwitz,et al. Pointer-Range Analysis , 2004, SAS.
[24] James Newsome,et al. Dynamic Taint Analysis for Automatic Detection, Analysis, and SignatureGeneration of Exploits on Commodity Software , 2005, NDSS.
[25] David A. Wagner,et al. Large-scale analysis of format string vulnerabilities in Debian Linux , 2007, PLAS '07.
[26] George C. Necula,et al. CCured: type-safe retrofitting of legacy software , 2005, TOPL.
[27] Derek Bruening,et al. Secure Execution via Program Shepherding , 2002, USENIX Security Symposium.
[28] A. One,et al. Smashing The Stack For Fun And Profit , 1996 .
[29] Christopher Krügel,et al. Run-time Detection of Heap-based Overflows , 2003, LISA.
[30] D. Avots,et al. Improving software security with a C pointer analysis , 2005, Proceedings. 27th International Conference on Software Engineering, 2005. ICSE 2005..
[31] Dinakar Dhurjati,et al. Backwards-compatible array bounds checking for C with very low overhead , 2006, ICSE.
[32] Daniel C. DuVarney,et al. Efficient Techniques for Comprehensive Protection from Memory Error Exploits , 2005, USENIX Security Symposium.
[33] Olivier Tardieu,et al. Ultra-fast aliasing analysis using CLA: a million lines of C code in a second , 2001, PLDI '01.
[34] John Johansen,et al. PointGuard™: Protecting Pointers from Buffer Overflow Vulnerabilities , 2003, USENIX Security Symposium.
[35] Dinakar Dhurjati,et al. Efficiently Detecting All Dangling Pointer Uses in Production Servers , 2006, International Conference on Dependable Systems and Networks (DSN'06).
[36] Jun Xu,et al. Non-Control-Data Attacks Are Realistic Threats , 2005, USENIX Security Symposium.
[37] David A. Wagner,et al. This copyright notice must be included in the reproduced paper. USENIX acknowledges all trademarks herein. Detecting Format String Vulnerabilities with Type Qualifiers , 2001 .