-
3
-
-
50249161345
-
-
Portable Network Graphics (PNG) Specification and Extensions
-
Portable Network Graphics (PNG) Specification and Extensions. http://www.libpng.org/pub/png/spec/.
-
-
-
-
5
-
-
50249159857
-
-
Smashing the stack for fun and profit. Phrack 7, 49 (Nov. 1996).
-
Smashing the stack for fun and profit. Phrack 7, 49 (Nov. 1996).
-
-
-
-
6
-
-
33646767376
-
Control-Flow Integrity: Principles, Implementations, and Applications
-
Nov
-
ABADI, M., BUDIU, M., ERLINGSSON, U., AND LIGATTI, J. Control-Flow Integrity: Principles, Implementations, and Applications. In ACM Conference on Computer and Communications Security (Nov. 2005).
-
(2005)
ACM Conference on Computer and Communications Security
-
-
ABADI, M.1
BUDIU, M.2
ERLINGSSON, U.3
LIGATTI, J.4
-
7
-
-
50249119423
-
Dangling Pointer: Smashing the pointer for fun and profit
-
Aug
-
AFEK, J., AND SHARABANI, A. Dangling Pointer: Smashing the pointer for fun and profit. Watchfire white paper, Aug. 2007.
-
(2007)
Watchfire white paper
-
-
AFEK, J.1
SHARABANI, A.2
-
8
-
-
33845946966
-
-
analysis and specialization for the C programming language. PhD thesis, University of Copenhagen
-
ANDERSEN, L. Program analysis and specialization for the C programming language. PhD thesis, University of Copenhagen, 1994.
-
(1994)
Program
-
-
ANDERSEN, L.1
-
9
-
-
33244470892
-
Improving software security with a C pointer analysis
-
May
-
AVOTS, D., DALTON, M., LIVSHITS, V. B., AND LAM, M. S. Improving software security with a C pointer analysis. In ACM/IEEE International Conference on Software Engineering (May 2005).
-
(2005)
ACM/IEEE International Conference on Software Engineering
-
-
AVOTS, D.1
DALTON, M.2
LIVSHITS, V.B.3
LAM, M.S.4
-
11
-
-
84954188728
-
Efficient techniques for comprehensive protection from memory error exploits
-
July
-
BHATKAR, S., SEKAR, R., AND DUVARNEY, D. Efficient techniques for comprehensive protection from memory error exploits. In USENIX Security Symposium (July 2005).
-
(2005)
USENIX Security Symposium
-
-
BHATKAR, S.1
SEKAR, R.2
DUVARNEY, D.3
-
15
-
-
85062418620
-
Non-control-data attacks are realistic threats
-
July
-
CHEN, S., XU, J., SEZER, E. C., GAURIAR, P., AND IYER, R. K. Non-control-data attacks are realistic threats. In USENIX Security Symposium (July 2005).
-
(2005)
USENIX Security Symposium
-
-
CHEN, S.1
XU, J.2
SEZER, E.C.3
GAURIAR, P.4
IYER, R.K.5
-
16
-
-
77954021248
-
Effective Memory Protection Using Dynamic Tainting
-
Nov
-
CLAUSE, J., DOUDALIS, I., ORSO, A., AND PRVULOVIC, M. Effective Memory Protection Using Dynamic Tainting. In International Conference on Automated Software Engineering (Nov. 2007).
-
(2007)
International Conference on Automated Software Engineering
-
-
CLAUSE, J.1
DOUDALIS, I.2
ORSO, A.3
PRVULOVIC, M.4
-
17
-
-
84885679117
-
Vigilante: End-to-End Containment of Internet Worms
-
Oct
-
COSTA, M., CROWCROFT, J., CASTRO, M., ROWSTRON, A., ZHOU, L., ZHANG, L., AND BARHAM, P. Vigilante: End-to-End Containment of Internet Worms. In Symposium on Operating System Principles (Oct. 2005).
-
(2005)
Symposium on Operating System Principles
-
-
COSTA, M.1
CROWCROFT, J.2
CASTRO, M.3
ROWSTRON, A.4
ZHOU, L.5
ZHANG, L.6
BARHAM, P.7
-
18
-
-
85084161775
-
Format-Guard: Automatic protection from printf format string vulnerabilities
-
Aug
-
COWAN, C., BARRINGER, M., BEATTIE, S., KROAHHARTMAN, G., FRANTZEN, M., AND LOKIER, J. Format-Guard: automatic protection from printf format string vulnerabilities. In USENIX Security Symposium (Aug. 2001).
-
(2001)
USENIX Security Symposium
-
-
COWAN, C.1
BARRINGER, M.2
BEATTIE, S.3
KROAHHARTMAN, G.4
FRANTZEN, M.5
LOKIER, J.6
-
19
-
-
85009448253
-
Pointguard: Protecting pointers from buffer overflow vulnerabilities
-
Aug
-
COWAN, C., BEATTIE, S., JOHANSEN, J., AND WAGLE, P. Pointguard: Protecting pointers from buffer overflow vulnerabilities. In USENIX Security Symposium (Aug. 2003).
-
(2003)
USENIX Security Symposium
-
-
COWAN, C.1
BEATTIE, S.2
JOHANSEN, J.3
WAGLE, P.4
-
20
-
-
85084160243
-
Stackguard: Automatic detection and prevention of buffer-overrun attacks
-
Jan
-
COWAN, C., PU, C., MAIER, D., HINTON, H., WADPOLE, J., BAKKE, P., BEATTIE, S., GRIER, A., WAGLE, P., AND ZHANG, Q. Stackguard: Automatic detection and prevention of buffer-overrun attacks. In USENIX Security Symposium (Jan. 1998).
-
(1998)
USENIX Security Symposium
-
-
COWAN, C.1
PU, C.2
MAIER, D.3
HINTON, H.4
WADPOLE, J.5
BAKKE, P.6
BEATTIE, S.7
GRIER, A.8
WAGLE, P.9
ZHANG, Q.10
-
24
-
-
85084164164
-
Cyclone: A safe dialect of C
-
June
-
JIM, T., MORRISETT, G., GROSSMAN, D., HICKS, M., CHENEY, J., AND WANG, Y. Cyclone: A safe dialect of C. In USENIX Annual Technical Conference (June 2002).
-
(2002)
USENIX Annual Technical Conference
-
-
JIM, T.1
MORRISETT, G.2
GROSSMAN, D.3
HICKS, M.4
CHENEY, J.5
WANG, Y.6
-
25
-
-
12544250338
-
Backwards-Compatible Bounds Checking for Arrays and Pointers in C Programs
-
May
-
JONES, R., AND KELLY, P. Backwards-Compatible Bounds Checking for Arrays and Pointers in C Programs. In Workshop on Automated Debugging (May 1997).
-
(1997)
Workshop on Automated Debugging
-
-
JONES, R.1
KELLY, P.2
-
26
-
-
50249101973
-
Advanced Doug Lea's malloc exploits
-
Sep
-
JP. Advanced Doug Lea's malloc exploits. Phrack, 61 (Sep. 2003).
-
(2003)
Phrack
, vol.61
-
-
JP1
-
27
-
-
14844317200
-
Countering code-injection attacks with instruction-set randomization
-
Oct
-
KC, G. S., KEROMYTIS, A. D., AND PREVELAKIS, V. Countering code-injection attacks with instruction-set randomization. In ACM CCS (Oct. 2003).
-
(2003)
ACM CCS
-
-
KC, G.S.1
KEROMYTIS, A.D.2
PREVELAKIS, V.3
-
29
-
-
85084164558
-
Statically detecting likely buffer overflow vulnerabilities
-
Aug
-
LAROCHELLE, D., AND EVANS, D. Statically detecting likely buffer overflow vulnerabilities. In USENIX Security Symposium (Aug. 2001).
-
(2001)
USENIX Security Symposium
-
-
LAROCHELLE, D.1
EVANS, D.2
-
30
-
-
50249146073
-
-
MICROSOFT. Phoenix compiler framework. http://research. microsoft.com/phoenix/ phoenixrdk.aspx.
-
MICROSOFT. Phoenix compiler framework. http://research. microsoft.com/phoenix/ phoenixrdk.aspx.
-
-
-
-
31
-
-
42549138073
-
Multiple buffer overflows in libpng 1.2.5. CVE-2004-0597
-
MITRE CORPORATION, June
-
MITRE CORPORATION. Multiple buffer overflows in libpng 1.2.5. CVE-2004-0597, June 2004.
-
(2004)
-
-
-
32
-
-
0742276097
-
Inside the Slammer worm
-
July
-
MOORE, D., PAXSON, V., SAVAGE, S., SHANNON, C., STANIFORD, S., AND WEAVER, N. Inside the Slammer worm. IEEE Security and Privacy 1, 4 (July 2003).
-
(2003)
IEEE Security and Privacy
, vol.1
, pp. 4
-
-
MOORE, D.1
PAXSON, V.2
SAVAGE, S.3
SHANNON, C.4
STANIFORD, S.5
WEAVER, N.6
-
33
-
-
33646032658
-
CCured: Type-Safe Retrofitting of Legacy Software
-
May
-
NECULA, G., CONDIT, J., HARREN, M., MCPEAK, S., AND WEIMER, W. CCured: Type-Safe Retrofitting of Legacy Software. ACM Transactions on Programming Languages and Systems 27, 3 (May 2005).
-
(2005)
ACM Transactions on Programming Languages and Systems
, vol.27
, pp. 3
-
-
NECULA, G.1
CONDIT, J.2
HARREN, M.3
MCPEAK, S.4
WEIMER, W.5
-
34
-
-
79953672829
-
Dynamic taint analysis for automatic detection, analysis and signature generation of exploits on commodity software
-
Feb
-
NEWSOME, J., AND SONG, D. Dynamic taint analysis for automatic detection, analysis and signature generation of exploits on commodity software. In NDSS (Feb. 2005).
-
(2005)
NDSS
-
-
NEWSOME, J.1
SONG, D.2
-
35
-
-
4344593013
-
Beyond stack smashing: Recent advances in exploiting buffer overruns
-
PINCUS, J., AND BAKER, B. Beyond stack smashing: Recent advances in exploiting buffer overruns. IEEE Security and Privacy 2, 4 (2004), 20-27.
-
(2004)
IEEE Security and Privacy
, vol.2
, Issue.4
, pp. 20-27
-
-
PINCUS, J.1
BAKER, B.2
-
36
-
-
85094678188
-
Run-time Detection of Heap-based Overflows
-
ROBERTSON, W., KRUEGEL, C., MUTZ, D., AND VALEUR, F. Run-time Detection of Heap-based Overflows. In USENIX conference on System administration (2003).
-
(2003)
USENIX conference on System administration
-
-
ROBERTSON, W.1
KRUEGEL, C.2
MUTZ, D.3
VALEUR, F.4
-
37
-
-
77954504457
-
A practical dynamic buffer overflow detector
-
Feb
-
RUWASE, O., AND LAM, M. A practical dynamic buffer overflow detector. In NDSS (Feb. 2004).
-
(2004)
NDSS
-
-
RUWASE, O.1
LAM, M.2
-
38
-
-
85084164620
-
Detecting format string vulnerabilities with type qualifiers
-
Aug
-
SHANKAR, U., TALWAR, K., FOSTER, J. S., AND WAGNER, D. Detecting format string vulnerabilities with type qualifiers. In USENIX Security Symposium (Aug. 2001).
-
(2001)
USENIX Security Symposium
-
-
SHANKAR, U.1
TALWAR, K.2
FOSTER, J.S.3
WAGNER, D.4
-
39
-
-
50249117469
-
-
SMIRNOV, A., AND CHIUEH, T. DIRA: Automatic detection, identification, and repair of control-hijacking attacks. In NDSS (Feb. 2005).
-
SMIRNOV, A., AND CHIUEH, T. DIRA: Automatic detection, identification, and repair of control-hijacking attacks. In NDSS (Feb. 2005).
-
-
-
-
40
-
-
24644502365
-
-
SPEC
-
SPEC. SPEC Benchmarks. http://www.spec.org.
-
SPEC Benchmarks
-
-
-
42
-
-
0002946830
-
A first step towards automated detection of buffer overrun vulnerabilities
-
WAGNER, D., FOSTER, J. S., BREWER, E. A., AND AIKEN, A. A first step towards automated detection of buffer overrun vulnerabilities. In NDSS (2000).
-
(2000)
NDSS
-
-
WAGNER, D.1
FOSTER, J.S.2
BREWER, E.A.3
AIKEN, A.4
-
43
-
-
34247546866
-
A comparison of publicly available tools for dynamic buffer overflow prevention
-
Feb
-
WILANDER, J., AND KAMKAR, M. A comparison of publicly available tools for dynamic buffer overflow prevention. In NDSS (Feb. 2003).
-
(2003)
NDSS
-
-
WILANDER, J.1
KAMKAR, M.2
-
44
-
-
85038810709
-
Taint-enhanced policy enforcement: A practical approach to defeat a wide range of attacks
-
XU, W., BHATKAR, S., AND SEKAR, R. Taint-enhanced policy enforcement: A practical approach to defeat a wide range of attacks. In USENIX Security (2006).
-
(2006)
USENIX Security
-
-
XU, W.1
BHATKAR, S.2
SEKAR, R.3
-
45
-
-
20344383014
-
An efficient and backwards-compatible transformation to ensure memory safety of c programs
-
XU, W., DUVARNEY, D. C., AND SEKAR, R. An efficient and backwards-compatible transformation to ensure memory safety of c programs. SIGSOFT Softw. Eng. Notes 29, 6 (2004), 117-126.
-
(2004)
SIGSOFT Softw. Eng. Notes
, vol.29
, Issue.6
, pp. 117-126
-
-
XU, W.1
DUVARNEY, D.C.2
SEKAR, R.3
|