|
参考文献
|
-
“!exploitable crash analyzer,” http://msecdbg.codeplex.com/.
-
Avgerinos, T.,Cha, S. K.,Hao, B. L. T.,Brumley, D.(2011).AEG: Automatic Exploit Generation.Proceedings of the Network and Distributed System Security Symposium (NDSS'11),San Diego, California, USA:
-
Bellard, F.(2005).QEMU, a fast and portable dynamic translator.Proceedings of the FREENIX Track: 2005 USENIX Annual Technical Conference,Anaheim, CA, USA:
-
Brumley, D.,Poosankam, P.,Song, D. X.,Zheng, J.(2008).Automatic Patch-Based Exploit Generation is Possible: Techniques and Implications.Proceedings of the 2008 IEEE Symposium on Security and Privacy (S&P 2008),Oakland, California, USA:
-
Cadar, C.,Dunbar, D.,Engler, D. R.(2008).KLEE: Unassisted and Automatic Generation of High-Coverage Tests for Complex Systems Programs.Proceedings of the 8th USENIX Symposium on Operating Systems Design and Implementation (OSDI'08),San Diego, California, USA:
-
Cha, A. R.S.K.,Avgerinos, T.,Brumley, D.(2012).Unleashing mayhem on binary code.Proceedings of the 2012 IEEE Symposium on Security and Privacy (S&P 2012),San Francisco, USA:
-
Chipounov, V.,Kuznetsov, V.,Candea, G.(2011).S2E: a platform for in-vivo multi-path analysis of software systems.Proceedings of the 16th International Conference on Architectural Support for Programming Languages and Operating Systems (ASPLOS'11),Newport Beach, CA, USA:
-
chwartz, E. J.,Avgerinos, T.,Brumley, D.(2011).Q: Exploit Hardening Made Easy.Proceedings of the 20th USENIX Security Symposium (USENIX'11),San Francisco, CA, USA:
-
Ganesh, V.,Dill, D.(2007).A decision procedure for bit-vectors and arrays.Proceedings of the 19th International Conference on Computer Aided Verification (CAV'07),Berlin, Germany:
-
Heelan, Sean(2009).UK,Computing Laboratory, University of Oxford.
-
Huang, Shih-Kun(2009).CT-Exploit Controllable Taintedness for Automated Exploit Generator.5th iCAST/CMU/TRUST Joint Conference on Security and Privacy Technologies,Taipei, Taiwan:
-
Huang, Shih-Kun,Huang, Po-Yen,Huang, Min-Hsiang,Lai,, Chung-Wei,Lu, Han-Lin,Leong , Wai-Meng(2012).CRAX: Software Crash Analysis for Automatic Exploit Generation by Modeling Attacks as Symbolic Continuations.sixth International Conference on Software Security and Reliability (SERE 2012),Gaithersburg, Maryland, USA:
-
Kim, D.,Wang, X.,Kim, S.,Zeller, A.,Cheung, S.,Park, S.(2011).Which crashes should i fix first?: Predicting top crashes at an early stage to prioritize debugging efforts.IEEE Transactions on Software Engineering,37(3),430-447.
-
Miller, C.,Caballero, J.,Johnson, N. M.,Kang, M. G.,Mc-Camant, S.,Poosankam, P.,Song, D.(2010).Crash Analysis using BitBlaze.Proceedings of the Black Hat USA 2010,Las Vegas, US:
-
Schwartz, E.,Avgerinos, T.,Brumley, D.(2010).All you ever wanted to know about dynamic taint analysis and forward symbolic execution (but might have been afraid to ask).Proceedings of the 31st IEEE Symposium on Security and Privacy (SP 2010),Berleley/Oakland, California, USA:
-
Song, D.,Brumley, D.,Yin, H.,Caballero, J.,Jager, I.,Kang, M.,Liang, Z.,Newsome, J.,Poosankam, P.,Saxena, P.(2008).BitBlaze: A new approach to computer security via binary analysis.Proceedings of the 4th International Conference on Information Systems Security,Hyderabad, India:
-
Sutton, M.,Greene, A., Amini, P.(2007).Fuzzing: brute force vulnerabilty discovery.Addison-Wesley Professional.
-
Wang, T.,Wei, T.,Gu, G.,Zou, W.(2010).TaintScope: A checksum-aware directed fuzzing tool for automatic software vulnerability detection.IEEE Symposium on Security and Privacy
|
