Computer Science ›› 2014, Vol. 41 ›› Issue (12): 19-23.doi: 10.11896/j.issn.1002-137X.2014.12.005
Previous Articles Next Articles
HUANG Ke-zhen,LIAN Yi-feng,CHEN Kai,ZHANG Ying-jun and KANG Kai
| [1] Silberman P,Johnson R.A comparison of buffer overflow prevention implementations and weaknesses [R].IDEFENSE,August,2004 [2] Christery S,Martin R A.Vulnerability type distributions inCVE [R].Mitre report,May 2007 [3] Wang T,Wei T,Lin Z,et al.Intscope:Automatically detecting integer overflow vulnerability in x86 binary using symbolic execution.www.isoc.com/isoc/conferences/ndss/09/pdf/17.pdf [4] Wang Y,Gu D,Xu J,et al.RICB:Integer overflow vulnerability dynamic analysis via buffer overflow [M]∥Forensics in Telecommunications,Information,and Multimedia,2011:99-109 [5] Chen P,Han H,Wang Y,et al.intfinder:automatically detecting integer bugs in x86 binary program [M]∥Information and Communications Security,2009:336-345 [6] Luk C K,Cohn R,Muth R,et al.Pin:building customized program analysis tools with dynamic instrumentation;proceedings of the ACM SIGPLAN Notices[C]∥F,2005.ACM,2005:190-200 [7] YanivMiron aka Lament.Microsoft Patch Analysis.Confidence 2010.http://www.intelligentexploit.com/articres/Microsoft-Patch-Analysis.pdf [8] CVE stack overflow.http://www.cve.mitre.org/cgi-bin/cvekey.cgi?keyword=stack%20overflow [9] CVE integer overflow.http://www.cve.mitre.org/cgi-bin/cvekey.cgi?keyword=integer%20overflow [10] Newsome J,Song D.Dynamic taint analysis for automatic detection,analysis,and signature generation of exploits on commodity software .citeseerx.ist.psu.edu/viewdoc/summary?doi=10.1.1.62.8372 [11] 陈恺,苏璞睿,冯登国.基于延后策略的动态多路径分析方法[J].计算机学报,2010,33(3):493-503 [12] Wang Y,Ruan D,Tang Z,et al.RICF:Dynamic Analysis of Integer Arithmetic Overflow Vulnerability via Finite State Machine [J].Journal of Computational Information Systems,2010,6(6):1933-41 [13] Chen K,Feng D G,Su P R,et al.Black-box testing based on colorful taint analysis [J].Science China Information sciences,2012,55(1):171-83 [14] Jeongwook O H.ExploitSpotting:Locating Vulnerabilities Outof Vender Pathes Automatically.http://www.blackhat.com/htrul/bh-us-10/bh-us-to-briefings.html [15] Chen Kai,Lian Yi-feng,Zhang Ying-jun.AutoDunt:DynamicLatency Dependence Analysis for Accurate Detection of Zero Day Vulnerabilities[C]∥ICICS.2010:367-382 [16] Avgerinos T,Cha S K,Hao B L T,et al.AEG:Automatic exploit generation[J].Communications of the ACM,2011,7(2):74-84 [17] Brumley D,Poosankam P,Song D,et al.Automatic patch-based exploit generation is possible:Techniques and implications[C]∥2008 SP 2008 IEEE Symposium on Proceedings of the Security and Privacy.IEEE,2008 [18] Chen K,Lian Y,Zhang Y.Automatically generating patch in binary programs using attribute-based taint analysis [M].Information and Communications Security,2010,367-82 [19] Johnson N M,Caballero J,Chen K Z,et al.Differential slicing:Identifying causal execution differences for security applications[C]∥2011 IEEE Symposium on Proceedings of the Security and Privacy (SP).IEEE,2011:347-362 [20] Bryant R,David Richard O H.Computer systems:a program-mer’s perspective [M].Prentice Hall,2003 |
| No related articles found! |
|
||
Home