Bouncer: securing software by blocking bad input
暂无分享,去创建一个
[1] Jun Xu,et al. Non-Control-Data Attacks Are Realistic Threats , 2005, USENIX Security Symposium.
[2] Mark Weiser,et al. Program Slicing , 1981, IEEE Transactions on Software Engineering.
[3] Zhenkai Liang,et al. Fast and automated generation of attack signatures: a basis for building self-protecting servers , 2005, CCS '05.
[4] Xiangyu Zhang,et al. Cost effective dynamic program slicing , 2004, PLDI '04.
[5] Janusz W. Laski,et al. Dynamic Program Slicing , 1988, Inf. Process. Lett..
[6] Helen J. Wang,et al. ShieldGen: Automatic Data Patch Generation for Unknown Vulnerabilities with Informed Probing , 2007, 2007 IEEE Symposium on Security and Privacy (SP '07).
[7] Ravishankar K. Iyer,et al. Defeating memory corruption attacks via pointer taintedness detection , 2005, 2005 International Conference on Dependable Systems and Networks (DSN'05).
[8] David Brumley,et al. Vulnerability-Specific Execution Filtering for Exploit Prevention on Commodity Software , 2006, NDSS.
[9] Rupak Majumdar,et al. Path slicing , 2005, PLDI '05.
[10] Glynn Winskel,et al. The formal semantics of programming languages - an introduction , 1993, Foundation of computing series.
[11] Koushik Sen,et al. CUTE: a concolic unit testing engine for C , 2005, ESEC/FSE-13.
[12] Derek Bruening,et al. Secure Execution via Program Shepherding , 2002, USENIX Security Symposium.
[13] James Newsome,et al. Dynamic Taint Analysis for Automatic Detection, Analysis, and SignatureGeneration of Exploits on Commodity Software , 2005, NDSS.
[14] Koushik Sen,et al. DART: directed automated random testing , 2005, PLDI '05.
[15] George C. Necula,et al. Finding and preventing run-time error handling mistakes , 2004, OOPSLA.
[16] Dawson R. Engler,et al. EXE: automatically generating inputs of death , 2006, CCS '06.
[17] Alfred V. Aho,et al. Compilers: Principles, Techniques, and Tools , 1986, Addison-Wesley series in computer science / World student series edition.
[18] Jon Crowcroft,et al. Honeycomb , 2004, Comput. Commun. Rev..
[19] Sanjay Bhansali,et al. Framework for instruction-level tracing and analysis of program executions , 2006, VEE '06.
[20] Olatunji Ruwase,et al. A Practical Dynamic Buffer Overflow Detector , 2004, NDSS.
[21] Antony I. T. Rowstron,et al. Vigilante: End-to-end containment of Internet worm epidemics , 2006, TOCS.
[22] Emery D. Berger,et al. DieHard: probabilistic memory safety for unsafe languages , 2006, PLDI '06.
[23] James Newsome,et al. Polygraph: automatically generating signatures for polymorphic worms , 2005, 2005 IEEE Symposium on Security and Privacy (S&P'05).
[24] George Varghese,et al. Automated Worm Fingerprinting , 2004, OSDI.
[25] Mihai Budiu,et al. Control-flow integrity principles, implementations, and applications , 2009, TSEC.
[26] Christopher Krügel,et al. Accurate Buffer Overflow Detection via Abstract Payload Execution , 2002, RAID.
[27] James C. King,et al. Symbolic execution and program testing , 1976, CACM.
[28] Yuanyuan Zhou,et al. Sweeper: a lightweight end-to-end system for defending against fast worms , 2007, EuroSys '07.
[29] Hao Wang,et al. Creating Vulnerability Signatures Using Weakest Preconditions , 2007, 20th IEEE Computer Security Foundations Symposium (CSF'07).
[30] Miguel Castro,et al. Vigilante: end-to-end containment of internet worms , 2005, SOSP '05.
[31] B. Karp,et al. Autograph: Toward Automated, Distributed Worm Signature Detection , 2004, USENIX Security Symposium.
[32] Edsger W. Dijkstra,et al. Guarded commands, nondeterminacy and formal derivation of programs , 1975, Commun. ACM.
[33] Zhendong Su,et al. On deriving unknown vulnerabilities from zero-day polymorphic and metamorphic worm exploits , 2005, CCS '05.
[34] Patrice Godefroid,et al. Compositional dynamic test generation , 2007, POPL '07.
[35] Martín Abadi,et al. Control-flow integrity , 2005, CCS '05.
[36] K. Rustan M. Leino,et al. Weakest-precondition of unstructured programs , 2005, PASTE '05.
[37] Zhenkai Liang,et al. Automatic generation of buffer overflow attack signatures: an approach based on program behavior models , 2005, 21st Annual Computer Security Applications Conference (ACSAC'05).
[38] Stefan Savage,et al. Inside the Slammer Worm , 2003, IEEE Secur. Priv..
[39] Miguel Castro,et al. Securing software by enforcing data-flow integrity , 2006, OSDI '06.
[40] Yuanyuan Zhou,et al. Rx: treating bugs as allergies---a safe method to survive software failures , 2005, SOSP '05.
[41] Hao Wang,et al. Towards automatic generation of vulnerability-based signatures , 2006, 2006 IEEE Symposium on Security and Privacy (S&P'06).
[42] Daniel M. Roy,et al. Enhancing Server Availability and Security Through Failure-Oblivious Computing , 2004, OSDI.
[43] Crispan Cowan,et al. StackGuard: Automatic Adaptive Detection and Prevention of Buffer-Overflow Attacks , 1998, USENIX Security Symposium.