1 |
Kim Won-il, Yoo Sang-Hyun, Kwak Ju-Hyun, and Lee Chang_hoon, "A Study for Task Decetion Acquiring Abnormal Permission in Linux," KIPS, Vol.3, No.11, pp.427-432, 2014.
|
2 |
A. Johri and G. L. Luckenbaugh, "Trusted path mechanism for an operating system," U.S. Patent, No.4,918,653, 1990.
|
3 |
M. Tran et al., "On the expressiveness of return-into-libc attacks," in International Workshop on Recent Advances in Intrusion Detection, Springer Berlin Heidelberg, pp.121-141, 2011.
|
4 |
C. Cowan et al., "StackGuard : Automatic adaptive detection and prevention of buffer-overflow attacks," Proceedings of the 7th USENIX Security Symposium, Vol.81, 1998.
|
5 |
One Aleph, "Smashing the stack for fun and profit," Phrack Magazine, Vol.7, No.49, pp.14-16, 1996.
|
6 |
Jeong Min Lee, Hyun Wook Kim, and Woo Hyun Ahn, "BinaryReviser: A Study of Detecting Buffer Overflow Vulnerabilities Using Binary Code Patching," Korea computer congress, Vol.38, No.1, pp.122-125, 2011.
|
7 |
Ruwase Olatunji and Monica S. Lam, "A Practical Dynamic Buffer Overflow Detector," NDDS, 2004.
|
8 |
Kim Ju-Hyuk and Oh Soo-Hyun, "Detection in Stack region," Journal of the Korea Academia-Industrial Cooperation Society, Vol.15, No.5, pp.3132-3131, 2014.
DOI
|
9 |
Pax Team, "address space layout randomization(ASLR)" [Internet], htte://pax.grsecurity.net/docs/aslr.txt.
|
10 |
Hilmi Ozdoganoglu, et al., "SmashGuard: A hardware solution to prevent security attacks on the function return address," IEEE Transactions on Computers, Vol.55, No.10, pp.1271-1285, 2006.
DOI
|
11 |
Mark G. Graff and Kenneth R. van Wyk, "Secure coding: principles and practices," O'Reilly Media. Inc., 2003.
|
12 |
Common Weakness Enumeration [Internet], http://cwe.mitre.org/ (2014. 10. 29.).
|
13 |
Vendicator. Stack Shield, "A stack smashing technique protection tool for Linux," [Internet], http://www.angelfire.com/sk/stackshield/info.html (2000).
|
14 |
The su Command [Internet], http://www.linfo.org/su.html.
|
15 |
Etoh. Hiroaki, "GCC extension for protecting applications from stack-smashing attacks (propolice)" [Internet], http://www.trl.ibm.com/projects/security/ssp (2003).
|
16 |
Common Vulnerabilities and Exposures [Internet], http://cve.mitre.org/ (2014. 10. 29).
|
17 |
CREDENTIALS IN LINUX [Internet], http://www.kernel.org/doc/Documentation/security/credentials.txt.
|
18 |
The Linux Information Project, "User ID Definition" [Internet], http://www.linfo.org/uid.html (2014. 10. 1).
|