Computer Science ›› 2016, Vol. 43 ›› Issue (5): 80-86.doi: 10.11896/j.issn.1002-137X.2016.05.015
Previous Articles Next Articles
WANG Tao, HAN Lan-sheng, FU Cai, ZOU De-qing and LIU Ming
| [1] Sandu R S,Samaratiy P.Access Control Principles and Practice[J].IEEE Communications Magazine,1994,32(9):40-48 [2] Krsul I V.Software Vulnerability Analysis[D].West Lafayette:Purdue University,1998 [3] Li Peng,Cui Bao-jiang.A Comparative Study on Software Vulnerability Static Analysis Techniques and Tools[C]∥2010 IEEE International Conference on Information Theory and Information Security.Beijing,China:IEEE Press,2010:521-524 [4] Chess B,McGraw G.Static Analysis for Security[J].IEEE Security & Privacy,2004,10(3):53-56 [5] Viega J,Bloch J T,Kohno Y,et al.ITS4:A Static Vulnerability Scanner for C and C++code[C]∥16th Annual Conference on Computer Security Applications.Piscataway,USA:IEEE,2000:257-267 [6] Flanagan C,Leino K R M,Lillibridge M,et al.Extended Static Checking for Java[C]∥2002 ACM SIGPLAN Conference on Programming Language Design and Implementation.Berlin,Germany:ACM Press,2002:234-245 [7] Clarke E,Grumberg O,Peled D.Model Checking[M].Cam-bridge:MIT Press,1999 [8] Quinlan D,Panas T.Source Code and Binary Analysis of Softw are defects[C]∥5th Annual Workshop on Cyber Security and Information Intelligence Challenges and Strategies.New York,USA:AMC Press,2009:1-4 [9] Wilander J.Modeling and Visualizing Security Properties ofCode Using Dependence Graphs[C]∥5th Conference on Software Engineering Research and Practice in Sweden(SERPS’05).Vasteras,Sweden:ACM Press,2005:65-74 [10] Liang Bin,Hou Kan-kan,Shi Wen-chang,et al.A Static Vulne-rabilities Detection Method Based on Security State Tracing and Checking[J].Chinese Journal of Computers,2009,32(5):899-909(in Chinese) 梁彬,侯看看,石文昌,等.一种基于安全状态跟踪检查的漏洞静态检测方法[J].计算机学报,2009,32(5):899-909 [11] Qin Xia-jun,Gan Shui-tao,Chen Zuo-ning.A Static DetectionTechnoogy of Software Code Secure Vulnerabiity Based on First-order Logic[J].Scientia Sinica Informationis,2014,44:108-219(in Chinese) 秦晓军,甘水滔,陈左宁.一种基于一阶逻辑的软件代码安全性缺陷静态检测技术[J].中国科学:信息科学,2014,44:108-219 [12] Zeng Fu-ping,Jin Hui-liang,LU Min-yan.Study on SoftwareDefect Patterns[J].Computer Science,2011,38(2):127-130(in Chinese) 曾福萍,靳慧亮,陆民燕.软件缺陷模式的研究[J].计算机科学,2011,38(2):127-130 [13] Gong Yun-zhan,Yang Chao-hong,Jin Da-hai,et al.Software Defect Patterns and Testing[M].Beijing:Science Press,2011:21-22(in Chinese) 宫云战,杨朝红,金大海,等.软件缺陷模式与测试[M].北京:科学出版社,2011:21-22 [14] Chen Z Q,Zhang Y,Chen Z R.A Categorization Framework for Common Vulnerabilities and Exposures[J].Computer Journal Archive,2010,53(5):551-580 [15] Wu Shi-zhong,Guo Tao,Dong Guo-wei,et al.Software Vulnerability Analysis Technology[M].Beijing:Science Press,2014:3-6(in Chinese) 吴世忠,郭涛,董国伟,等.软件漏洞分析技术[M].北京:科学出版社,2014:3-6 [16] Allen F E.Control Flow Analysis[J].ACM SIGPLAN Notices,1970,5(7):1-19 [17] Ferrante J,Ottenstein K J,Warren J D.The Program Depen-dence Graph and Its Use in Optimization[J].ACM Transactions on Programming Languages and Systems,1987,9(3):319-349 [18] Chen Yong-yan,Shu Hong-chun,Dai Wei.Function Vulnerability Detection Method Based on Parse Tree[J].Computer Science,2013,40(8):119-123(in Chinese) 陈永艳,束洪春,戴伟.基于语法解析树的函数漏洞发现方法[J].计算机科学,2013,40(8):119-123 [19] Howard M,LeBlanc D,Viega D J.24 Deadly Sins of SoftwareSecurity:programming flaws and how to fix them[M].董艳,包战,程文俊,译.北京:清华大学出版社,2006 [20] Lv Lei,Liu Hong,Li Xin.Method of Building Control Depen-dence Sub-graph[J].Computer Engineering,2009,35(15):50-52(in Chinese) 吕蕾,刘弘,李鑫.一种建立控制依赖子图的方法[J].计算机工程,2009,35(15):50-52 [21] Zheng Bian-hong.Generating of Static Call Graph and Use Case Model[D].Xi’an:Xidian University,2007(in Chinese) 郑变红.静态程序依赖图和用例模型的生成[D].西安:西安电子科技大学,2007 [22] Horwitz S,Reps T,Binkley D.Interprocedural Slicing Using Dependence Graphs[J].ACM Transactions on Programming Languages and Systems,1990,12(1):26-60 [23] NIST.http://samate.nist.gov/SARD/view.php |
| No related articles found! |
|
||
Home