| 1 | P. Cousot, R. Cousot. 'Abstract Interpretation: A Unified Lattice Model for Static Analysis of Programs by Construction or Approximation of Fixpoints', POPL'77 |
| 2 | http://www.polyspace.com/ |
| 3 | S. Hallem, B. Chelf, Y. Xie, D. Engler, 'A System and Language for Building System-Specific, Static Analyses', PLDI'02 |
| 4 | B. Steensgaard, 'Points-to Analysis in Almost Linear Time', PLDI'96 |
| 5 | M. Zitser, R. Lippmann, T. Leek, 'Testing Static Analysis Tools using Exploitable Buffer Overflows from Open Source Code', SIGSOFT'04/FSE-12 |
| 6 | http://manju.cs.berkeley.edu/cil/ |
| 7 | D. Wagner, J. Foster, E. Brewer, A. Aiken, 'A First Step Towards Automated Detection of Buffer Overrun Vulnerabilities', NDSS'00 |
| 8 | http://ropas.snu.ac.kr/2005/airac5/ |
| 9 | J. Pincus, B. Baker, 'Beyond Stack Smashing: Recent Advances in Exploiting Buffer Overruns', IEEE Security & Privacy, 2(4), pp. 20-27, Jul/Aug 2004 |
| 10 | M. Kaempf, 'Vudo - An object superstitiously believed to embody magical powers', Phrack 57, 2001 |
| 11 | Y. Jung, J. Kim, J. Shin, K. Yi, 'Taming False Alarms from a Domain-Unaware C Analyzer by a Bayesian Statistical Post Analysis', SAS'05 |
| 12 | Y. Xie, A. Chou, D. Engler, 'ARCHER: Using Symbolic, Path-sensitive Analysis to Detect Memory Access Errors', ESEC/FSE'03 |
| 13 | Aleph One, 'Smashing the Stack for Fun and Profit', Phrack, 49, 1996 |
| 14 | http://www.coverity.com/ |
| 15 | P. Cousot, R. Cousot, 'Automatic Discovery of Linear Restraints Among Variables of a Program', POPL'78 |
| 16 | R. Secord, Secure Coding in C and C++, Addison Wesley, 2006 |
| 17 | A. Mine, 'Weakly Relational Abstract Domains: Theory and Applications', NSAD'05 |
| 18 | D. Larochelle, D. Evans, 'Statically Detecting Likely Buffer Overflow Vulnerabilities', USENIX Security 2001 |
 |
Korea Institute of Science and Technology Information
Gwahangno, Yuseong-gu, Daejeon, 305-806, Korea TEL : +82-42-869-1752
Copyright (c) 2009 KISTI. All Rights Reserved. For more information mail to
webmaster
