메뉴 건너뛰기




Volumn , Issue , 2008, Pages 263-277

Preventing memory error exploits with WIT

Author keywords

[No Author keywords available]

Indexed keywords

CODES (SYMBOLS); COMPUTER SOFTWARE; GRAPH THEORY; RELIABILITY; STATIC ANALYSIS; WEIGHT CONTROL;

EID: 50249149602     PISSN: 10816011     EISSN: None     Source Type: Conference Proceeding    
DOI: 10.1109/SP.2008.30     Document Type: Conference Paper
Times cited : (235)

References (47)
  • 3
    • 50249161345 scopus 로고    scopus 로고
    • Portable Network Graphics (PNG) Specification and Extensions
    • Portable Network Graphics (PNG) Specification and Extensions. http://www.libpng.org/pub/png/spec/.
  • 5
    • 50249159857 scopus 로고    scopus 로고
    • Smashing the stack for fun and profit. Phrack 7, 49 (Nov. 1996).
    • Smashing the stack for fun and profit. Phrack 7, 49 (Nov. 1996).
  • 7
    • 50249119423 scopus 로고    scopus 로고
    • Dangling Pointer: Smashing the pointer for fun and profit
    • Aug
    • AFEK, J., AND SHARABANI, A. Dangling Pointer: Smashing the pointer for fun and profit. Watchfire white paper, Aug. 2007.
    • (2007) Watchfire white paper
    • AFEK, J.1    SHARABANI, A.2
  • 8
    • 33845946966 scopus 로고
    • analysis and specialization for the C programming language. PhD thesis, University of Copenhagen
    • ANDERSEN, L. Program analysis and specialization for the C programming language. PhD thesis, University of Copenhagen, 1994.
    • (1994) Program
    • ANDERSEN, L.1
  • 11
    • 84954188728 scopus 로고    scopus 로고
    • Efficient techniques for comprehensive protection from memory error exploits
    • July
    • BHATKAR, S., SEKAR, R., AND DUVARNEY, D. Efficient techniques for comprehensive protection from memory error exploits. In USENIX Security Symposium (July 2005).
    • (2005) USENIX Security Symposium
    • BHATKAR, S.1    SEKAR, R.2    DUVARNEY, D.3
  • 25
    • 12544250338 scopus 로고    scopus 로고
    • Backwards-Compatible Bounds Checking for Arrays and Pointers in C Programs
    • May
    • JONES, R., AND KELLY, P. Backwards-Compatible Bounds Checking for Arrays and Pointers in C Programs. In Workshop on Automated Debugging (May 1997).
    • (1997) Workshop on Automated Debugging
    • JONES, R.1    KELLY, P.2
  • 26
    • 50249101973 scopus 로고    scopus 로고
    • Advanced Doug Lea's malloc exploits
    • Sep
    • JP. Advanced Doug Lea's malloc exploits. Phrack, 61 (Sep. 2003).
    • (2003) Phrack , vol.61
    • JP1
  • 27
    • 14844317200 scopus 로고    scopus 로고
    • Countering code-injection attacks with instruction-set randomization
    • Oct
    • KC, G. S., KEROMYTIS, A. D., AND PREVELAKIS, V. Countering code-injection attacks with instruction-set randomization. In ACM CCS (Oct. 2003).
    • (2003) ACM CCS
    • KC, G.S.1    KEROMYTIS, A.D.2    PREVELAKIS, V.3
  • 29
    • 85084164558 scopus 로고    scopus 로고
    • Statically detecting likely buffer overflow vulnerabilities
    • Aug
    • LAROCHELLE, D., AND EVANS, D. Statically detecting likely buffer overflow vulnerabilities. In USENIX Security Symposium (Aug. 2001).
    • (2001) USENIX Security Symposium
    • LAROCHELLE, D.1    EVANS, D.2
  • 30
    • 50249146073 scopus 로고    scopus 로고
    • MICROSOFT. Phoenix compiler framework. http://research. microsoft.com/phoenix/ phoenixrdk.aspx.
    • MICROSOFT. Phoenix compiler framework. http://research. microsoft.com/phoenix/ phoenixrdk.aspx.
  • 31
    • 42549138073 scopus 로고    scopus 로고
    • Multiple buffer overflows in libpng 1.2.5. CVE-2004-0597
    • MITRE CORPORATION, June
    • MITRE CORPORATION. Multiple buffer overflows in libpng 1.2.5. CVE-2004-0597, June 2004.
    • (2004)
  • 34
    • 79953672829 scopus 로고    scopus 로고
    • Dynamic taint analysis for automatic detection, analysis and signature generation of exploits on commodity software
    • Feb
    • NEWSOME, J., AND SONG, D. Dynamic taint analysis for automatic detection, analysis and signature generation of exploits on commodity software. In NDSS (Feb. 2005).
    • (2005) NDSS
    • NEWSOME, J.1    SONG, D.2
  • 35
    • 4344593013 scopus 로고    scopus 로고
    • Beyond stack smashing: Recent advances in exploiting buffer overruns
    • PINCUS, J., AND BAKER, B. Beyond stack smashing: Recent advances in exploiting buffer overruns. IEEE Security and Privacy 2, 4 (2004), 20-27.
    • (2004) IEEE Security and Privacy , vol.2 , Issue.4 , pp. 20-27
    • PINCUS, J.1    BAKER, B.2
  • 37
    • 77954504457 scopus 로고    scopus 로고
    • A practical dynamic buffer overflow detector
    • Feb
    • RUWASE, O., AND LAM, M. A practical dynamic buffer overflow detector. In NDSS (Feb. 2004).
    • (2004) NDSS
    • RUWASE, O.1    LAM, M.2
  • 39
    • 50249117469 scopus 로고    scopus 로고
    • SMIRNOV, A., AND CHIUEH, T. DIRA: Automatic detection, identification, and repair of control-hijacking attacks. In NDSS (Feb. 2005).
    • SMIRNOV, A., AND CHIUEH, T. DIRA: Automatic detection, identification, and repair of control-hijacking attacks. In NDSS (Feb. 2005).
  • 40
  • 42
    • 0002946830 scopus 로고    scopus 로고
    • A first step towards automated detection of buffer overrun vulnerabilities
    • WAGNER, D., FOSTER, J. S., BREWER, E. A., AND AIKEN, A. A first step towards automated detection of buffer overrun vulnerabilities. In NDSS (2000).
    • (2000) NDSS
    • WAGNER, D.1    FOSTER, J.S.2    BREWER, E.A.3    AIKEN, A.4
  • 43
    • 34247546866 scopus 로고    scopus 로고
    • A comparison of publicly available tools for dynamic buffer overflow prevention
    • Feb
    • WILANDER, J., AND KAMKAR, M. A comparison of publicly available tools for dynamic buffer overflow prevention. In NDSS (Feb. 2003).
    • (2003) NDSS
    • WILANDER, J.1    KAMKAR, M.2
  • 44
    • 85038810709 scopus 로고    scopus 로고
    • Taint-enhanced policy enforcement: A practical approach to defeat a wide range of attacks
    • XU, W., BHATKAR, S., AND SEKAR, R. Taint-enhanced policy enforcement: A practical approach to defeat a wide range of attacks. In USENIX Security (2006).
    • (2006) USENIX Security
    • XU, W.1    BHATKAR, S.2    SEKAR, R.3
  • 45
    • 20344383014 scopus 로고    scopus 로고
    • An efficient and backwards-compatible transformation to ensure memory safety of c programs
    • XU, W., DUVARNEY, D. C., AND SEKAR, R. An efficient and backwards-compatible transformation to ensure memory safety of c programs. SIGSOFT Softw. Eng. Notes 29, 6 (2004), 117-126.
    • (2004) SIGSOFT Softw. Eng. Notes , vol.29 , Issue.6 , pp. 117-126
    • XU, W.1    DUVARNEY, D.C.2    SEKAR, R.3


* 이 정보는 Elsevier사의 SCOPUS DB에서 KISTI가 분석하여 추출한 것입니다.