Communications of the Korean Institute of Information Scientists and Engineers (정보과학회지)

Korean Institute of Information Scientists and Engineers (한국정보과학회)
권호 표지

버퍼오버플로우 취약성과 인프라 공격

  • Published : 2003.12.01
Download PDF
⟨ Previous Next ⟩

Abstract

Keywords

References

  1. 한국정보처리학회지(C) v.9 no.4 버퍼오버플로우 공격방지를 위한 컴파일러 기법(Improving Compiler to Prevent Buffer Overflow Attack) 김종의;이성욱;홍만표
  2. Code_Red_II
  3. SQL_Overflow
  4. OctaveSM Criteria Version2.0 TECHNICAL REPORT CMU/SEI-2001-TR-016 C.J. Alberts;A.J. Dorofee
  5. technique protection tool for Linux stack smashing Stack Shiedl-A
  6. Proceedings of USENIX Annual Technical Conference Transparent run-time defense against stack smashing attacks A. Baratloo;N. Singh;T. Tsai
  7. Compiler Security Checks In Depth B. Bray
  8. LibMib Allocated String Functions F. J. Cavalier III.
  9. proc. of ICDSC RAD: A compile time solution for buffer overflow attacks T. Chiueh;F. Hsu
  10. Capability Maturity Model Integrated(CMMI) main page
  11. proc. of the 7th USENIX Security Conference Stackguard: Automatic adaptive detection and prevention of buffer-overflow attacks C.Cowan(et al.)
  12. Proc. 12th USENIX Security Symposium PointGuard TM: Protecting Pointers from Buffer Overflow Vulnerabilities C. Cowan(et al.)
  13. Static Analysis Symposium(SAS01) Cleanness Checking of String Manipulations in C Programs via Integer Analysis N. Dor;M. Rodeh;M. Sagiv
  14. GCC extension for protecting applications from stack-smashing attacks H. Etoh(et al.)
  15. proc. of the 19th national information systems security conference System Security Engineering Capability Maturity Model, Model K. Ferraiolo
  16. ACM SIGSOFT Software Engineering Notes v.22 no.4 Property Based Testing:A New Approach to Testing for Assurance G. Fink;M. Bishop
  17. Proc. 10th USENIX Security Symposium Stackghost: Hardware facilitated stack protection M. Frantzen;M. Shuey
  18. Pro.of the IEEE Symposium on Security and Privacy An automated approach for identifying potential vulnerabilities in software A. Ghosh;T. O'Connor;G. McGraw
  19. proc. of the Network and Distributed System Security Security Symposium Testing C Programs for Buffer Overflow Vulner-abilities E. Haugh;M. Bishop
  20. Writing Secure Code M. Howard;D. LeBlanc
  21. Stackgurad
  22. 11th USENIX Security Symposium Secure execution via program shepherding V. Kiriansky;D. Bruening;S. Amarasinghe
  23. proc. of the 21st NIST-NCSC National Information Systems Security Conference An Analysis of Some Software Vulnerabilities I. Krsul;E. Spafford;M. Tripunitara
  24. proc. of 2001 USENIX Security Symposium Statically Detecting Likely Buffer Overflow Vulnerabilities D. Larochelle;D.Evans
  25. Technical Report CMU/SEI-2002-TR-026 Life-Cycle Models for Survivable Systems N. R. Mead(et. al.)
  26. Technical report Fuzz Revisited:A Re-examination of the Reliability of UNIX Utilities and Services B. P. Miller(et. al.)
  27. Best Practice for Secure Development R. Peteanu
  28. proc. of USENIX Annual Technical Conference A Binary Rewriting Defense against Stack-based Buffer Overflow Attacks M. Prasad;T. Chiueh
  29. proc. of the 10th USENIX Security Symposium Detecting format string vulnerabilities with type qualifiers U. Shankar(et. al.)
  30. Rats(the Rough Auditing Tool for Security)
  31. IEEE Symposium on Security and Privacy A Fast Automaton Based Method for Detecting Anomalous Program Behaviors R. Sekar(et. al.)
  32. SSE-CMM(Systems Security Engineering-Capability Maturity Model)
  33. SANS Security Essential GSEC Practical Assignment Improving Software Security During Development, SANS InfoSec Reading Room R. Usher
  34. Annual Computer Security Applications Conference ITS4: A static vulnerability scanner for C and C++ code J. Viega;J.T.(et. al.)
  35. Proceedings of the Network and distributed system security symposium A first step towards automated detection of buffer overrun vulner-abilities D. Wagner(et. al)
  36. proc of 2001 IEEE Symposium on Security and Privacy Intrusion Detection via Static Analysis D. Wagner;D. Dean
  37. FlawFinder Document D. Wheeler
  38. Secure Programming for Linux and Unix HOWTO D. Wheeler
  39. proc. of the 7th Nordic Workshop on Secure IT Systems(Nordsec 2002) A Comparison of Publicly Available Tools for Static Intrusion Prevention J. Wilander;M. Kamkar
  40. proc. of the 10th Network and Distributed System Security Symposium (NDSS'03) A Comparison of Publicly Available Tools for Dynamic Buffer Overflow Prevention J. Wilander;M. Kamkar