MetaSymploit: Day-One Defense against Script-based Attacks with Security-Enhanced Symbolic Analysis
暂无分享,去创建一个
Tao Xie | Quan Chen | Peng Ning | Ruowen Wang | P. Ning | Tao Xie | Quan Chen | Ruowen Wang
[1] Hao Wang,et al. Towards automatic generation of vulnerability-based signatures , 2006, 2006 IEEE Symposium on Security and Privacy (S&P'06).
[2] Patrice Godefroid,et al. Automatic partial loop summarization in dynamic test generation , 2011, ISSTA '11.
[3] David Brumley,et al. All You Ever Wanted to Know about Dynamic Taint Analysis and Forward Symbolic Execution (but Might Have Been Afraid to Ask) , 2010, 2010 IEEE Symposium on Security and Privacy.
[4] Ming-Yang Kao,et al. Hamsa: fast signature generation for zero-day polymorphic worms with provable attack resilience , 2006, 2006 IEEE Symposium on Security and Privacy (S&P'06).
[5] David Brumley,et al. Automatic exploit generation , 2014, CACM.
[6] Steve Hanna,et al. A Symbolic Execution Framework for JavaScript , 2010, 2010 IEEE Symposium on Security and Privacy.
[7] Zhenkai Liang,et al. Towards Generating High Coverage Vulnerability-Based Signatures with Protocol-Level Constraint-Guided Exploration , 2009, RAID.
[8] Christopher Krügel,et al. Exploring Multiple Execution Paths for Malware Analysis , 2007, 2007 IEEE Symposium on Security and Privacy (SP '07).
[9] Koushik Sen,et al. DART: directed automated random testing , 2005, PLDI '05.
[10] Marc Dacier,et al. Empirical Study of the Impact of Metasploit-Related Attacks in 4 Years of Attack Traces , 2007, ASIAN.
[11] B. Karp,et al. Autograph: Toward Automated, Distributed Worm Signature Detection , 2004, USENIX Security Symposium.
[12] Nikolai Tillmann,et al. Fitness-guided path exploration in dynamic symbolic execution , 2009, 2009 IEEE/IFIP International Conference on Dependable Systems & Networks.
[13] Manuel Costa,et al. Bouncer: securing software by blocking bad input , 2008, WRAITS '08.
[14] Dawei Qi,et al. Path exploration based on symbolic output , 2011, ESEC/FSE '11.
[15] David Brumley,et al. AEG: Automatic Exploit Generation , 2011, NDSS.
[16] Koushik Sen,et al. CUTE and jCUTE: Concolic Unit Testing and Explicit Path Model-Checking Tools , 2006, CAV.
[17] Michael D. Ernst,et al. HAMPI: a solver for string constraints , 2009, ISSTA.
[18] Dawson R. Engler,et al. RWset: Attacking Path Explosion in Constraint-Based Test Generation , 2008, TACAS.
[19] Dawson R. Engler,et al. EXE: automatically generating inputs of death , 2006, CCS '06.
[20] Patrice Godefroid,et al. Automated Whitebox Fuzz Testing , 2008, NDSS.
[21] James Newsome,et al. Polygraph: automatically generating signatures for polymorphic worms , 2005, 2005 IEEE Symposium on Security and Privacy (S&P'05).
[22] Miguel Castro,et al. Vigilante: end-to-end containment of internet worms , 2005, SOSP '05.
[23] Dawson R. Engler,et al. EXE: Automatically Generating Inputs of Death , 2008, TSEC.
[24] Frank Tip,et al. Finding bugs in dynamic web applications , 2008, ISSTA '08.
[25] James C. King,et al. Symbolic execution and program testing , 1976, CACM.
[26] References , 1971 .
[27] Alexander Aiken,et al. Static Detection of Security Vulnerabilities in Scripting Languages , 2006, USENIX Security Symposium.
[28] Hao Wang,et al. Creating Vulnerability Signatures Using Weakest Preconditions , 2007, 20th IEEE Computer Security Foundations Symposium (CSF'07).
[29] Zhenkai Liang,et al. BitBlaze: A New Approach to Computer Security via Binary Analysis , 2008, ICISS.
[30] Miguel Castro,et al. Bouncer: securing software by blocking bad input , 2007, SOSP.
[31] Cormac Flanagan,et al. A Peer Architecture for Lightweight Symbolic Execution , 2011 .
[32] Avik Chaudhuri,et al. Symbolic security analysis of ruby-on-rails web applications , 2010, CCS '10.
[33] Dawn Xiaodong Song,et al. MACE: Model-inference-Assisted Concolic Exploration for Protocol and Vulnerability Discovery , 2011, USENIX Security Symposium.
[34] Helen J. Wang,et al. ShieldGen: Automatic Data Patch Generation for Unknown Vulnerabilities with Informed Probing , 2007, 2007 IEEE Symposium on Security and Privacy (SP '07).
[35] Stephen McCamant,et al. Loop-extended symbolic execution on binary programs , 2009, ISSTA.
[36] Software Agitation of a Dynamically Typed Language , 2012 .
[37] George Candea,et al. Efficient state merging in symbolic execution , 2012, Software Engineering.