论文信息 - From the Ground Up: The DIMACS Software Security Workshop

From the Ground Up: The DIMACS Software Security Workshop

The DIMACS Software Security Workshop held in New Jersey explored issues such as security engineering, architecture and implementation risks, security analysis, mobile and malicious code, education and training, and open research issues. Many promising techniques have grown from connections between computer security, programming languages, and software engineering, and one workshop goal was to bring these communities closer together to crystallize the software security subfield.

Gary McGraw | G. McGraw

[1] Gary McGraw,et al. Attacking Malicious Code: A Report to the Infosec Research Council , 2000, IEEE Software.

[2] Dawson R. Engler,et al. Checking system rules using system-specific, programmer-written compiler extensions , 2000, OSDI.

[3] Gary McGraw,et al. Securing Java: getting down to business with mobile code , 1999 .

[4] Gary McGraw,et al. An automated approach for identifying potential vulnerabilities in software , 1998, Proceedings. 1998 IEEE Symposium on Security and Privacy (Cat. No.98CB36186).

[5] Yang Meng Tan,et al. LCLint: a tool for using specifications to check code , 1994, SIGSOFT '94.

[6] David LeBlanc,et al. Writing Secure Code , 2001 .

[7] Gary McGraw,et al. ITS4: a static vulnerability scanner for C and C++ code , 2000, Proceedings 16th Annual Computer Security Applications Conference (ACSAC'00).

[8] David A. Wagner,et al. A First Step Towards Automated Detection of Buffer Overrun Vulnerabilities , 2000, NDSS.

[9] Gary McGraw,et al. Statically Scanning Java Code: Finding Security Vulnerabilities , 2000, IEEE Software.

[10] FrazerKen. Building secure software , 2002 .

[11] William R. Bush,et al. A static analyzer for finding dynamic programming errors , 2000 .

[12] Ross J. Anderson. Security engineering - a guide to building dependable distributed systems (2. ed.) , 2001 .