메뉴 건너뛰기




Volumn 9, Issue 3, 2012, Pages 305-317

A taxonomy of buffer overflow characteristics

Author keywords

arrays; Protection mechanisms; security and privacy; software program verification

Indexed keywords

TAXONOMIES; VERIFICATION;

EID: 84858636380     PISSN: 15455971     EISSN: None     Source Type: Journal    
DOI: 10.1109/TDSC.2012.10     Document Type: Article
Times cited : (26)

References (49)
  • 1
    • 0024663403 scopus 로고
    • With microscope and tweezers: An analysis of the internet virus of november 1988
    • M.W. Eichin and J.A. Rochlis, "With Microscope and Tweezers: An Analysis of the Internet Virus of November 1988," Proc. IEEE Symp. Security and Privacy, pp. 326-343, 1989.
    • (1989) Proc. IEEE Symp. Security and Privacy , pp. 326-343
    • Eichin, M.W.1    Rochlis, J.A.2
  • 3
    • 0024681099 scopus 로고
    • Crisis and aftermath
    • E.H. Spafford, "Crisis and Aftermath," Comm. ACM, vol. 32, no. 6, pp. 678-687, 1989.
    • (1989) Comm. ACM , vol.32 , Issue.6 , pp. 678-687
    • Spafford, E.H.1
  • 4
    • 8744281125 scopus 로고    scopus 로고
    • CERT, CERT Advisory CA-2003-20, Aug.
    • CERT, "W32/Blaster Worm," CERT Advisory CA-2003-20, http://www.cert.org/advisories/CA-2003-20.html, Aug. 2003.
    • (2003) W32/Blaster Worm
  • 5
    • 2642519394 scopus 로고    scopus 로고
    • CERT, CERT Advisory CA-2003-04, Jan.
    • CERT, "MS-SQL Server Worm," CERT Advisory CA-2003-04, http://www.cert.org/advisories/CA-2003-04.html, Jan. 2003.
    • (2003) MS-SQL Server Worm
  • 6
    • 33744935097 scopus 로고    scopus 로고
    • CERT, CERT Advisory CA-2002-27, Oct.
    • CERT, "Apache/mod-ssl Worm," CERT Advisory CA-2002-27, http://www.cert.org/advisories/CA-2002-27.html, Oct. 2002.
    • (2002) Apache/mod-ssl Worm
  • 8
    • 4244165283 scopus 로고    scopus 로고
    • CERT, CERT Advisory CA-2001-23, July
    • CERT, "Continuing Threat of the 'Code Red' Worm," CERT Advisory CA-2001-23, http://www.cert.org/advisories/CA-2001-23.html, July 2001.
    • (2001) Continuing Threat of the 'Code Red' Worm
  • 12
    • 2442605789 scopus 로고
    • Protection analysis: Final report technical report ISI/SR-78-13
    • Univ. of Southern California, May
    • R. Bisbey II and D. Hollingsworth, "Protection Analysis: Final Report," Technical Report ISI/SR-78-13, Information Sciences Inst., Univ. of Southern California, May 1978.
    • (1978) Information Sciences Inst.
    • Bisbey II, R.1    Hollingsworth, D.2
  • 16
    • 0006100649 scopus 로고    scopus 로고
    • Smashing the stack for fun and profit
    • AlephOne
    • AlephOne, "Smashing the Stack for Fun and Profit," Phrack, vol. 7, no. 49, 1996.
    • (1996) Phrack , vol.7 , Issue.49
  • 20
    • 78649987048 scopus 로고    scopus 로고
    • Heap feng shui in javascript
    • A. Sotirov, "Heap Feng Shui in Javascript," Proc. Black Hat Europe, http://www.blackhat.com/presentations/bh-europe-07/FSotirov/ Presentation/bh-eu-07-sotirov-apr19.pdf, 2007.
    • (2007) Proc. Black Hat Europe
    • Sotirov, A.1
  • 22
    • 12344288334 scopus 로고    scopus 로고
    • technical report, Guardent, Inc. Sept.
    • T. Newsham, "Format String Attacks," technical report, Guardent, Inc., Sept. 2000.
    • (2000) Format String Attacks
    • Newsham, T.1
  • 25
    • 84858640092 scopus 로고    scopus 로고
    • PhD dissertation Dept. of Computer Science, Univ. of California, Davis, June
    • S. Engle, "A Policy-Based Vulnerability Analysis Framework," PhD dissertation, Dept. of Computer Science, Univ. of California, Davis, June 2010.
    • (2010) A Policy-Based Vulnerability Analysis Framework
    • Engle, S.1
  • 29
    • 0038005495 scopus 로고    scopus 로고
    • Buffer overflow and format string overflow vulnerabilities
    • K.-S. Lhee and S.J. Chapin, "Buffer Overflow and Format String Overflow Vulnerabilities," Software: Practice and Experience, vol. 33, no. 5, pp. 423-460, 2003.
    • (2003) Software: Practice and Experience , vol.33 , Issue.5 , pp. 423-460
    • Lhee, K.-S.1    Chapin, S.J.2
  • 37
    • 84954188728 scopus 로고    scopus 로고
    • Efficient techniques for comprehensive protection from memory error exploits
    • S. Bhatkar, R. Sekar, and D.C. DuVarney, "Efficient Techniques for Comprehensive Protection from Memory Error Exploits," Proc. 14th USENIX Security Conf., pp. 255-270, 2005.
    • (2005) Proc. 14th USENIX Security Conf. , pp. 255-270
    • Bhatkar, S.1    Sekar, R.2    DuVarney, D.C.3
  • 38
    • 31344451091 scopus 로고    scopus 로고
    • Security vulnerabilities: From analysis to detection and masking techniques
    • DOI 10.1109/JPROC.2005.862473
    • S. Chen, J. Xu, Z. Kalbarczyk, and R.K. Iyer, "Security Vulnerabilities: From Analysis to Detection and Masking Techniques," Proc. IEEE, vol. 94, no. 2, pp. 407-418, Feb. 2006. (Pubitemid 43145993)
    • (2006) Proceedings of the IEEE , vol.94 , Issue.2 , pp. 407-418
    • Chen, S.1    Jun, X.U.2    Kalbarczyk, Z.3    Iyer, R.K.4


* 이 정보는 Elsevier사의 SCOPUS DB에서 KISTI가 분석하여 추출한 것입니다.