-
1
-
-
59249092422
-
-
ghttpd Log() Function Buffer Overflow Vuinerability. http://www. securityfocus.com/bid/5960.
-
ghttpd Log() Function Buffer Overflow Vuinerability. http://www. securityfocus.com/bid/5960.
-
-
-
-
2
-
-
33746211342
-
Binary rewriting and call interception for efficient runtime protection against buffer overflows
-
Kumar Avijit, Prateek Gupta, and Deepak Gupta. Binary rewriting and call interception for efficient runtime protection against buffer overflows. SOFTWARE-PRACTICE AND EXPERIENCE, (36):971-998, 2006.
-
(2006)
SOFTWARE-PRACTICE AND EXPERIENCE
, vol.36
, pp. 971-998
-
-
Avijit, K.1
Gupta, P.2
Gupta, D.3
-
4
-
-
59249084730
-
Paranoid penguin: An introduction to Novell AppArmor
-
Mick Bauer. Paranoid penguin: an introduction to Novell AppArmor. Linux J., 2006(148):13, 2006.
-
(2006)
Linux J
, vol.2006
, Issue.148
, pp. 13
-
-
Bauer, M.1
-
6
-
-
33751039507
-
Dataflow anomaly detection
-
Washington, DC, USA, IEEE Computer Society
-
Sandeep Bhatkar, Abhishek Chaturvedi, and R. Sekar. Dataflow anomaly detection. In SP'06: Proceedings of the 2006 IEEE Symposium on Security and Privacy (S&P'06), pages 48-62, Washington, DC, USA, 2006. IEEE Computer Society.
-
(2006)
SP'06: Proceedings of the 2006 IEEE Symposium on Security and Privacy (S&P'06)
, pp. 48-62
-
-
Bhatkar, S.1
Chaturvedi, A.2
Sekar, R.3
-
7
-
-
59249098846
-
Sting: An end-to-end self-healing system for definding against internet worms
-
Springer
-
David Brumley, James Newsome, and Dawn Song. Sting: An end-to-end self-healing system for definding against internet worms. In Malware Detection. Springer, 2007.
-
(2007)
Malware Detection
-
-
Brumley, D.1
Newsome, J.2
Song, D.3
-
8
-
-
33751056900
-
Towards automatic generation of vulnerability-based signatures
-
Washington, DC, USA, IEEE Computer Society
-
David Brumley, James Newsome, Dawn Song, Hao Wang, and Somesh Jha. Towards automatic generation of vulnerability-based signatures. In SP'06: Proceedings of the 2006 IEEE Symposium on Security and Privacy (S&P'06), pages 2-16, Washington, DC, USA, 2006. IEEE Computer Society.
-
(2006)
SP'06: Proceedings of the 2006 IEEE Symposium on Security and Privacy (S&P'06)
, pp. 2-16
-
-
Brumley, D.1
Newsome, J.2
Song, D.3
Wang, H.4
Jha, S.5
-
9
-
-
84948741442
-
The impact of recovery mechanisms on the likelihood of saving corrupted state
-
Washington, DC, USA, IEEE Computer Society
-
Subhachandra Chandra and Peter M. Chen. The impact of recovery mechanisms on the likelihood of saving corrupted state. In ISSRE'02: Proceedings of the 13th International Symposium on Software Reliability Engineering (ISSRE'02), page 91, Washington, DC, USA, 2002. IEEE Computer Society.
-
(2002)
ISSRE'02: Proceedings of the 13th International Symposium on Software Reliability Engineering (ISSRE'02)
, pp. 91
-
-
Chandra, S.1
Chen, P.M.2
-
10
-
-
33845391802
-
Vigilante: End-to-end containment of internet worms
-
New York, NY, USA, ACM Press
-
Manuel Costa, Jon Crowcroft, Miguel Castro, Antony Rowstron, Lidong Zhou, Lintao Zhang, and Paul Barham. Vigilante: end-to-end containment of internet worms. In SOSP'05: Proceedings of the twentieth ACM symposium on Operating systems principles, pages 133-147, New York, NY, USA, 2005. ACM Press.
-
(2005)
SOSP'05: Proceedings of the twentieth ACM symposium on Operating systems principles
, pp. 133-147
-
-
Costa, M.1
Crowcroft, J.2
Castro, M.3
Rowstron, A.4
Zhou, L.5
Zhang, L.6
Barham, P.7
-
11
-
-
85084160243
-
StackGuard: Automatic adaptive detection and prevention of buffer-overflow attacks
-
San Antonio, Texas, Jan
-
Crispan Cowan, Calton Pu, Dave Maier, Jonathan Walpole, Peat Bakke, Steve Beattie, Aaron Grier, Perry Wagle, Qian Zhang, and Heather Hinton. StackGuard: Automatic adaptive detection and prevention of buffer-overflow attacks. In Proc. 7th USENIX Security Conference, pages 63-78, San Antonio, Texas, Jan 1998.
-
(1998)
Proc. 7th USENIX Security Conference
, pp. 63-78
-
-
Cowan, C.1
Pu, C.2
Maier, D.3
Walpole, J.4
Bakke, P.5
Beattie, S.6
Grier, A.7
Wagle, P.8
Zhang, Q.9
Hinton, H.10
-
14
-
-
10044275460
-
Subdomain: Parsimonious server security
-
Berkeley, CA, USA, USENIX Association
-
Crispin Cowan, Steve Beattie, Greg Kroah-Hartman, Calton Pu, Perry Wagle, and Virgil Gligor. Subdomain: Parsimonious server security. In LISA'00: Proceedings of the 14th USENIX conference on System administration, pages 355-368, Berkeley, CA, USA, 2000. USENIX Association.
-
(2000)
LISA'00: Proceedings of the 14th USENIX conference on System administration
, pp. 355-368
-
-
Cowan, C.1
Beattie, S.2
Kroah-Hartman, G.3
Pu, C.4
Wagle, P.5
Gligor, V.6
-
17
-
-
59249096383
-
-
Ulfar Erlingsson, George C. Necula, Martin Abadi, Michael Vrable, and Mihai Budiu. XFI: Software guards for system address spaces. In Microsoft Research Silicon Valley, editor, OSDI, 2006.
-
Ulfar Erlingsson, George C. Necula, Martin Abadi, Michael Vrable, and Mihai Budiu. XFI: Software guards for system address spaces. In Microsoft Research Silicon Valley, editor, OSDI, 2006.
-
-
-
-
18
-
-
14844332687
-
P (CSEC). Propolice-improved stack smashing attack detection
-
H. Etoh and K. Yoda P (CSEC). Propolice-improved stack smashing attack detection. IPSJ SIGNotes Computer Security, 14(25), 2001.
-
(2001)
IPSJ SIGNotes Computer Security
, vol.14
, Issue.25
-
-
Etoh, H.1
Yoda, K.2
-
19
-
-
0029716418
-
A sense of self for unix processes
-
Oakland, CA
-
S. Forrest, S. A. Hofmeyr, A. Somayaji, and T. A. Longstaff. A sense of self for unix processes. In Proceedings of the 1996 IEEE Symposium on Security and Privacy, pages 120-128, Oakland, CA, 1996.
-
(1996)
Proceedings of the 1996 IEEE Symposium on Security and Privacy
, pp. 120-128
-
-
Forrest, S.1
Hofmeyr, S.A.2
Somayaji, A.3
Longstaff, T.A.4
-
22
-
-
85084162735
-
A secure environment for untrusted helper applications
-
San Jose, CA, USA
-
I. Goldberg, D. Wagner, R. Thomas, and E. A. Brewer. A secure environment for untrusted helper applications. In Proceedings of the 6th USENIX Security Symposium, San Jose, CA, USA, 1996.
-
(1996)
Proceedings of the 6th USENIX Security Symposium
-
-
Goldberg, I.1
Wagner, D.2
Thomas, R.3
Brewer, E.A.4
-
23
-
-
34748845128
-
Practical taint-based protection using demand emulation
-
Alex Ho, Michael Fetterman, Christopher Clark, Andrew Warfield, and Steven Hand. Practical taint-based protection using demand emulation. In Proc. ACM SICOPS EUROSYS, 2006.
-
(2006)
Proc. ACM SICOPS EUROSYS
-
-
Ho, A.1
Fetterman, M.2
Clark, C.3
Warfield, A.4
Hand, S.5
-
24
-
-
0032313923
-
Intrusion detection using sequences of system calls
-
S. A. Hofmeyr, S. Forrest, and A. Somayaji, Intrusion detection using sequences of system calls. Journal of Computer Security, 6:151-180, 1999.
-
(1999)
Journal of Computer Security
, vol.6
, pp. 151-180
-
-
Hofmeyr, S.A.1
Forrest, S.2
Somayaji, A.3
-
25
-
-
85084162336
-
Secure execution via program shepherding
-
Berkeley, CA, USA, USENIX Association
-
Vladimir Kiriansky, Derek Bruening, and Saman P. Amarasinghe. Secure execution via program shepherding. In Proceedings of the 11th USENIX Security Symposium, pages 191-206, Berkeley, CA, USA, 2002. USENIX Association.
-
(2002)
Proceedings of the 11th USENIX Security Symposium
, pp. 191-206
-
-
Kiriansky, V.1
Bruening, D.2
Amarasinghe, S.P.3
-
26
-
-
0142157009
-
On the detection of anomalous system call arguments
-
C. Kruegel, D. Mutz, F. Valeur, and G. Vigna. On the detection of anomalous system call arguments. In Proceedings of European Symposium on Research in Computer Security (ESORICS), pages 326-343, 2003.
-
(2003)
Proceedings of European Symposium on Research in Computer Security (ESORICS)
, pp. 326-343
-
-
Kruegel, C.1
Mutz, D.2
Valeur, F.3
Vigna, G.4
-
29
-
-
59249094821
-
-
Roland McGrath. Utrace, 2007. http://people.redhat.com/roland/utrace/.
-
(2007)
-
-
-
30
-
-
33745201000
-
Anomalous system call detection
-
February
-
D. Mutz, F. Valeur, G. Vigna, and C. Kruegel. Anomalous system call detection. ACM Transactions on Information and System Security (TISSEC), 9(1):61-93, February 2006.
-
(2006)
ACM Transactions on Information and System Security (TISSEC)
, vol.9
, Issue.1
, pp. 61-93
-
-
Mutz, D.1
Valeur, F.2
Vigna, G.3
Kruegel, C.4
-
31
-
-
35448963872
-
How to shadow every byte of memory used by a program
-
New York, NY, USA, ACM Press
-
Nicholas Nethercote and Julian Seward. How to shadow every byte of memory used by a program. In VEE'07: Proceedings of the 3rd international conference on Virtual execution environments, pages 65-74, New York, NY, USA, 2007. ACM Press.
-
(2007)
VEE'07: Proceedings of the 3rd international conference on Virtual execution environments
, pp. 65-74
-
-
Nethercote, N.1
Seward, J.2
-
32
-
-
35448955692
-
Valgrind: A framework for heavyweight dynamic binary instrumentation
-
Jun
-
Nicholas Nethereote and Julian Seward. Valgrind: A framework for heavyweight dynamic binary instrumentation. In In Proceedings of the PLDI 2007, Jun 2007.
-
(2007)
In Proceedings of the PLDI 2007
-
-
Nethereote, N.1
Seward, J.2
-
33
-
-
84882740544
-
Vulnerability-specific execution filtering for exploit prevention on commodity software
-
The Internet Society
-
James Newsome, David Brumley, and Dawn Xiaodong Song. Vulnerability-specific execution filtering for exploit prevention on commodity software. In NDSS. The Internet Society, 2006.
-
(2006)
NDSS
-
-
Newsome, J.1
Brumley, D.2
Xiaodong Song, D.3
-
35
-
-
0004015896
-
Recovery oriented computing (roc): Motivation, definition, techniques,
-
Technical report, UCB, Berkeley, CA, USA
-
David Patterson, Aaron Brown, Pete Broadwell, George Candea, Mike Chen, James Cutler, Patricia Enriquez, Armando Fox, Emre Kiciman, Matthew Merzbacher, David Oppenheimer, Naveen Sastry, William Tetzlaff, Jonathan Traupman, and Noah Treuhaft. Recovery oriented computing (roc): Motivation, definition, techniques,. Technical report, UCB, Berkeley, CA, USA, 2002.
-
(2002)
-
-
Patterson, D.1
Brown, A.2
Broadwell, P.3
Candea, G.4
Chen, M.5
Cutler, J.6
Enriquez, P.7
Fox, A.8
Kiciman, E.9
Merzbacher, M.10
Oppenheimer, D.11
Sastry, N.12
Tetzlaff, W.13
Traupman, J.14
Treuhaft, N.15
-
37
-
-
33750325871
-
Argos: An emulator for fingerprinting zero-day attacks
-
Leuven, Belgium, April
-
Georgios Portokalidis, Asia Slowinska, and Herbert Bos. Argos: an emulator for fingerprinting zero-day attacks. In Proc. ACM SIGOPS EUROSYS, Leuven, Belgium, April 2006.
-
(2006)
Proc. ACM SIGOPS EUROSYS
-
-
Portokalidis, G.1
Slowinska, A.2
Bos, H.3
-
38
-
-
84878346861
-
Improving host security with system call policies
-
August
-
Niels Provos. Improving host security with system call policies. In 12th USENIX Security Symposium, pages 257-272, August 2003.
-
(2003)
12th USENIX Security Symposium
, pp. 257-272
-
-
Provos, N.1
-
39
-
-
33845429905
-
Rx: Treating bugs as allergies-a safe method to survive software failures
-
New York, NY, USA, ACM Press
-
Feng Qin, Joseph Tucek, Jagadeesan Sundaresan, and Yuanyuan Zhou. Rx: treating bugs as allergies-a safe method to survive software failures. In SOSP'05: Proceedings of the twentieth ACM symposium on Operating systems principles, pages 235-248, New York, NY, USA, 2005. ACM Press.
-
(2005)
SOSP'05: Proceedings of the twentieth ACM symposium on Operating systems principles
, pp. 235-248
-
-
Qin, F.1
Tucek, J.2
Sundaresan, J.3
Zhou, Y.4
-
40
-
-
40349087553
-
Ho seop Kim, Yuanyuan Zhou, and Youfeng Wu. Lift: A low-overhead practical information flow tracking system for detecting security attacks
-
Washington, DC, USA, IEEE Computer Society
-
Feng Qin, Cheng Wang, Zhenmin Li, Ho seop Kim, Yuanyuan Zhou, and Youfeng Wu. Lift: A low-overhead practical information flow tracking system for detecting security attacks. In MICRO 39: Proceedings of the 39th Annual IEEE/ACM International Symposium on Microarchitecture, pages 135-148, Washington, DC, USA, 2006. IEEE Computer Society.
-
(2006)
MICRO 39: Proceedings of the 39th Annual IEEE/ACM International Symposium on Microarchitecture
, pp. 135-148
-
-
Qin, F.1
Wang, C.2
Li, Z.3
-
41
-
-
0034829697
-
A fast automaton-based method for detecting anomalous program behaviors
-
Oakland, CA
-
R. Sekar, M. Bendre, D. Dhurjati, and P. Bollineni. A fast automaton-based method for detecting anomalous program behaviors. In Proceedings of the 2001 IEEE Symposium on Security and Privacy, pages 144-155, Oakland, CA, 2001.
-
(2001)
Proceedings of the 2001 IEEE Symposium on Security and Privacy
, pp. 144-155
-
-
Sekar, R.1
Bendre, M.2
Dhurjati, D.3
Bollineni, P.4
-
42
-
-
21644444136
-
Model-carrying code: A practical approach for safe execution of untrusted applications
-
New York, NY, USA, ACM Press
-
R. Sekar, V.N. Venkatakrishnan, Samik Basu, Sandeep Bhatkar, and Daniel C. DuVarney. Model-carrying code: a practical approach for safe execution of untrusted applications. In SOSP'03: Proceedings of the nineteenth ACM symposium on Operating systems principles, pages 15-28, New York, NY, USA, 2003. ACM Press.
-
(2003)
SOSP'03: Proceedings of the nineteenth ACM symposium on Operating systems principles
, pp. 15-28
-
-
Sekar, R.1
Venkatakrishnan, V.N.2
Basu, S.3
Bhatkar, S.4
DuVarney, D.C.5
-
43
-
-
14844328033
-
On the effectiveness of address-space randomization
-
New York, NY, USA, ACM Press
-
Hovav Shacham, Matthew Page, Ben Pfaff, Eu-Jin Goh, Nagendra Modadugu, and Dan Boneh. On the effectiveness of address-space randomization. In CCS'04: Proceedings of the 11th ACM conference on Computer and communications security, pages 298-307, New York, NY, USA, 2004. ACM Press.
-
(2004)
CCS'04: Proceedings of the 11th ACM conference on Computer and communications security
, pp. 298-307
-
-
Shacham, H.1
Page, M.2
Pfaff, B.3
Goh, E.-J.4
Modadugu, N.5
Boneh, D.6
-
48
-
-
41149177450
-
Triage: Diagnosing production run failures at the user's site
-
New York, NY, USA, ACM
-
Joseph Tucek, Shan Lu, Chengdu Huang, Spiros Xanthos, and Yuanyuan Zhou. Triage: diagnosing production run failures at the user's site. In SOSP'07: Proceedings of twenty-first ACM SIGOPS symposium on Operating systems principles, pages 131-144, New York, NY, USA, 2007. ACM.
-
(2007)
SOSP'07: Proceedings of twenty-first ACM SIGOPS symposium on Operating systems principles
, pp. 131-144
-
-
Tucek, J.1
Lu, S.2
Huang, C.3
Xanthos, S.4
Zhou, Y.5
-
49
-
-
34548043748
-
Sweeper: A lightweight end-to-end system for defending against fast worms
-
New York, NY, USA, ACM
-
Joseph Tucek, James Newsome, Shan Lu, Chengdu Huang, Spiros Xanthos, David Brumley, Yuanyuan Zhou, and Dawn Song. Sweeper: a lightweight end-to-end system for defending against fast worms. In EuroSys'07: Proceedings of the ACM SIGOPS/EuroSys European Conference on Computer Systems 2007, pages 115-128, New York, NY, USA, 2007. ACM.
-
(2007)
EuroSys'07: Proceedings of the ACM SIGOPS/EuroSys European Conference on Computer Systems
, pp. 115-128
-
-
Tucek, J.1
Newsome, J.2
Lu, S.3
Huang, C.4
Xanthos, S.5
Brumley, D.6
Zhou, Y.7
Song, D.8
-
53
-
-
34247546866
-
A comparison of publicly available tools for dynamic buffer overflow prevention
-
San Diego, California, February
-
John Wilander and Mariam Kamkar. A comparison of publicly available tools for dynamic buffer overflow prevention. In Proceedings of the 10th Network and Distributed System Security Symposium, pages 149-162, San Diego, California, February 2003.
-
(2003)
Proceedings of the 10th Network and Distributed System Security Symposium
, pp. 149-162
-
-
Wilander, J.1
Kamkar, M.2
-
54
-
-
85084164351
-
Linux security modules: General security support for the linux kernel
-
Berkeley, CA, USA, USENIX Association
-
Chris Wright, Crispin Cowan, Stephen Smalley, James Morris, and Greg Kroah-Hartman. Linux security modules: General security support for the linux kernel. In Proceedings of the 11th USENIX Security Symposium, pages 17-31, Berkeley, CA, USA, 2002. USENIX Association.
-
(2002)
Proceedings of the 11th USENIX Security Symposium
, pp. 17-31
-
-
Wright, C.1
Cowan, C.2
Smalley, S.3
Morris, J.4
Kroah-Hartman, G.5
|