1 |
ICAT Metabase A CVE Based Vulnerability Database, http://www.icat.nist.gov/icat.cfm
|
2 |
C.C. Center. CERT/cc statistics 1988-2003. http://www.cert.org/stats
|
3 |
Mark W. Eichin and Jon A.Rochlis. With microscope and tweezers: An analysis of the Internet virus of November 1988. Proceeding of the IEEE Symposium on Research in Security and Privacy, 1989.
|
4 |
Roman Danyliw and Allen Householder. CERT Advisory CA-2001-19: Code Red Worm Exploiting Buffer Overflow IN IIS Indexing Service DLL. http://www.cert.org/advisories/CA-2001-19.html, Jul. 2001.
|
5 |
The SimpleScalar Toolset, Version 3.0. http://www.simplescalar.com
|
6 |
Lee, R. B., Karig, D. K., McGregor, J. P., and Shi, Z., "Enlisting Hardware Architecture to Thwart Malicious Code Injection," in Proceedings of the Security in Pervasive Computing, Boppard, Germany, 2003, pp.237-252.
|
7 |
SPEC: Standard Performance Evaluation Corporation. http://www.spec.org, September 2000.
|
8 |
clint : A source code checker for C++, http://www.sourceforge.net/projects/clint/
|
9 |
Wagner, D., Foster, J.S, Brewer, E. A., and Aiken, A., "A First Step Towards Automated Detection of Buffer Overrun Vulnerabilities," in Proceedings of the Networks and Distributed System Security Symposium (NDCS), San Diego, CA, USA, 2000.
|
10 |
Cowan, C., Pu, C., Maier, D., Walpole, J., Bakke, P., Beattie, S., Grier, A., Wagle, P., Zhang, Q., and Hinton, H., "Stackguard: Automatic Adaptive Detection and Prevention of Buffer Overflow Attacks," in Proceedings of the 7th USENIX Security Conference, San Antonio, TX, USA, pp. 63-78, 1998.
|
11 |
Oppenheimer, D. L. and Martonosi, M. R., "Performance Signatures: A Mechanism for Intrusion Detection," in Proceedings of the 1997 IEEE Information Survivability Workshop, San Diego, CA, USA, 1997.
|
12 |
Sekar, R., Bendre, M., Dhurjati, D., and Bollineni, P., "A Fast Automaton-Based Method for Detecting Anomalous Program Behaviors," in Proceedings of the IEEE Symposium on Security and Privacy, Oakland, CA, USA, 144-155, 2001.
|
13 |
Ozdoganoglu, H., Brodley, C. E., Vijaykumar, T. N., Kuperman, B. A., and Jalote, A., "SmashGuard: A Hardware Solution to Prevent Security Attacks on the Function Return Address," Purdue University, TR-ECE 03-13, November 22, 2003.
|
14 |
Ye, D. and Kaeli, D., "A Reliable Return Address Stack: Microarchitectural Features to Defeat Stack Smashing," in Proceedings of the Workshop on Architectural Support for Security and Anti-Virus (WASSA), Boston, MA, USA, pp. 69-76, 2004.
|
15 |
Nergel, "The advanced return-into-lib(c) exploits: PaX case study". Phrack Magazine 11(56), Oct. 2004
|
16 |
Ralph Merkle. "Protocols for public key cryptosystems". IEEE Symposium on Security and privacy, pp. 122-134. 1980.
|
17 |
Yong-Joon Park, Gyungo Lee, "Microarchitectural Protection Against Stack-Based Buffer Overflow Attacks", IEEE Micro 2006, Vol. 26, No. 4, pp. 62-71
|
18 |
INOUE Koji, "Return address protection on cache memories". IEICE transactions on electronics (IEICE trans. electron.) 2006, vol. 89, no12, pp. 1937-1947
|
19 |
D. Evans and D. Larochelle. "Improving security using extensible lightweight static analysis". IEEE Software, Vol.19, No. 1, pp.42-51, February 2002.
DOI
ScienceOn
|
20 |
D.Wagner, J. S. Foster, E. A. Brewer, and A. Aiken. "A first step towards automated detection of buffer overrun vulnerabilities". In Proceedings of Network and Distributed System Security Symposium, pp.3-7, Feb. 2000.
|