On the Limits of Information Flow Techniques for Malware Analysis and Containment
暂无分享,去创建一个
[1] K. J. Bma. Integrity considerations for secure computer systems , 1977 .
[2] Brian Campbell,et al. Amortised Memory Analysis Using the Depth of Data Structures , 2009, ESOP.
[3] David A. Bell,et al. Secure computer systems: mathematical foundations and model , 1973 .
[4] Jeffrey S. Fenton. Memoryless Subsystems , 1974, Comput. J..
[5] Christopher Krügel,et al. Exploring Multiple Execution Paths for Malware Analysis , 2007, 2007 IEEE Symposium on Security and Privacy (SP '07).
[6] Nicholas Nethercote,et al. Valgrind: a framework for heavyweight dynamic binary instrumentation , 2007, PLDI '07.
[7] Heng Yin,et al. Panorama: capturing system-wide information flow for malware detection and analysis , 2007, CCS '07.
[8] John C. Mitchell,et al. Characterizing the Remote Control Behavior of Bots , 2007 .
[9] Ravishankar K. Iyer,et al. Defeating memory corruption attacks via pointer taintedness detection , 2005, 2005 International Conference on Dependable Systems and Networks (DSN'05).
[10] Dachuan Yu,et al. A Typed Assembly Language for Confidentiality , 2006, ESOP.
[11] Huiyang Zhou,et al. Improving software security via runtime instruction-level taint checking , 2006, ASID '06.
[12] Gilles Barthe,et al. A Certified Lightweight Non-interference Java Bytecode Verifier , 2007, ESOP.
[13] Herbert Bos,et al. Argos: an emulator for fingerprinting zero-day attacks for advertised honeypots with automatic signature generation , 2006, EuroSys.
[14] Pavel Laskov,et al. Detection of Intrusions and Malware, and Vulnerability Assessment: 19th International Conference, DIMVA 2022, Cagliari, Italy, June 29 –July 1, 2022, Proceedings , 2022, International Conference on Detection of intrusions and malware, and vulnerability assessment.
[15] Dennis M. Volpano. Safety versus Secrecy , 1999, SAS.
[16] Yunheung Paek,et al. Advances in Computer Systems Architecture , 2008 .
[17] Fabrice Bellard,et al. QEMU, a Fast and Portable Dynamic Translator , 2005, USENIX Annual Technical Conference, FREENIX Track.
[18] Harish Patil,et al. Pin: building customized program analysis tools with dynamic instrumentation , 2005, PLDI '05.
[19] James Newsome,et al. Dynamic Taint Analysis for Automatic Detection, Analysis, and SignatureGeneration of Exploits on Commodity Software , 2005, NDSS.
[20] Tzi-cker Chiueh,et al. BIRD: binary interpretation using runtime disassembly , 2006, International Symposium on Code Generation and Optimization (CGO'06).
[21] Amit Vasudevan,et al. Wildcat: an integrated stealth environment for dynamic malware analysis , 2007 .
[22] Tadeusz Pietraszek,et al. Defending Against Injection Attacks Through Context-Sensitive String Evaluation , 2005, RAID.
[23] George C. Necula,et al. Proof-carrying code , 1997, POPL '97.
[24] Zhenkai Liang,et al. HookFinder: Identifying and Understanding Malware Hooking Behaviors , 2008, NDSS.
[25] John McLean,et al. A general theory of composition for trace sets closed under selective interleaving functions , 1994, Proceedings of 1994 IEEE Computer Society Symposium on Research in Security and Privacy.
[26] Christopher Krügel,et al. Cross Site Scripting Prevention with Dynamic Data Tainting and Static Analysis , 2007, NDSS.
[27] Andrew C. Myers,et al. Language-based information-flow security , 2003, IEEE J. Sel. Areas Commun..
[28] Anh Nguyen-Tuong,et al. Automatically Hardening Web Applications Using Precise Tainting , 2005, SEC.
[29] Cheng Wang,et al. LIFT: A Low-Overhead Practical Information Flow Tracking System for Detecting Security Attacks , 2006, 2006 39th Annual IEEE/ACM International Symposium on Microarchitecture (MICRO'06).
[30] Christopher Krügel,et al. Limits of Static Analysis for Malware Detection , 2007, Twenty-Third Annual Computer Security Applications Conference (ACSAC 2007).
[31] David Zhang,et al. Secure program execution via dynamic information flow tracking , 2004, ASPLOS XI.
[32] Peter Szor,et al. The Art of Computer Virus Research and Defense , 2005 .
[33] Gilles Barthe,et al. Preventing Timing Leaks Through Transactional Branching Instructions , 2006, QAPL.
[34] Dawson R. Engler,et al. EXE: Automatically Generating Inputs of Death , 2008, TSEC.
[35] Heng Yin,et al. Dynamic Spyware Analysis , 2007, USENIX Annual Technical Conference.
[36] Geoffrey Smith,et al. A Sound Type System for Secure Flow Analysis , 1996, J. Comput. Secur..
[37] Wei Xu,et al. Taint-Enhanced Policy Enforcement: A Practical Approach to Defeat a Wide Range of Attacks , 2006, USENIX Security Symposium.
[38] Peter J. Denning,et al. Certification of programs for secure information flow , 1977, CACM.
[39] Andrew C. Myers,et al. JFlow: practical mostly-static information flow control , 1999, POPL '99.