RICB: Integer Overflow Vulnerability Dynamic Analysis via Buffer Overflow
RICB: Integer Overflow Vulnerability Dynamic Analysis via Buffer Overflow
基金
Supported by the National Natural Science Foundation of China (60903188), Shanghai Education Commission Innovation Foundation (11YZ192) and World Expo Science and Technology Special Fund of Shanghai Science and Technology Commission (08dz0580202).
参考文献15
-
1WANG T L, WEI T, LIN Z Q, et al. Intscope: Automatically Detecting Integer Overflow Vulnerability in x86 Binary Using Symbolic Execution [C]// Proceedings of the 16th Network and Distributed System Security Symposium. San Diego, CA, 2009: 1-14.
-
2张实睿,许蕾,徐宝文.一种防止缓冲区溢出的整数溢出检测方法(英文)[J].Journal of Southeast University(English Edition),2009,25(2):219-223. 被引量:3
-
3CADAR C, DUNBAR D, ENGLER D. Klee: Unassisted and Automatic Generation of High-coverage Tests for Complex Systems Programs [C]//Proceedings of the USENIX Symposium on Operating Systems Design and Implementation (OSDI'08). San Diego, CA, 2008: 209-224.
-
4BRUNMLEY D, CHIUEH T C, JOHNSON R, et al. Rich: Automatically Protecting Against Integer-based Vulnerabilities [C]// Proceedings of the 14th Annual Network and Distributed System Security Symposium(NDSS). San Diego, 2007.
-
5CADAR C, GANESHA V, PAWLOWSKI P M, et al. Exe:Automatically Generating Inputs of Death [C]//Proceedings of the 13th ACM Conference on CCS, Virginia. New York: ACM, 2006: 322-335.
-
6DOR N, RODEH M, SAGIV M. Cssv: Towards a Realistic Tool for Statically Detecting All Buffer Overflows [C]// Proceedings of the ACM SIGPLAN2003 Conference on Programming Language Design and Implementation. New York: ACM, 2003: 155-167.
-
7HAUGH E, BISHOP M. Testing C Programs for Buffer Overflow Vulnerabilities [C]//Proceedings of the 10th Network and Distributed System Security Symposium. SanDiego, 2003: 123-130.
-
8WILANDER J, KAMKAR M. A Comparison of Publicly Available Tools for Dynamic Buffer Overflow Prevention [C]// Proceedings of the 10th NDSS. SanDiego, 2003: 149-162.
-
9LHEE K S, CHAPIN S J. Buffer Overflow and Format String Overflow Vulnerabilities [J]. Sofware: Practice and Experience, 2003, 33(5): 423-460.
-
10GOK M. Integer Squarers with Overflow Detection [J]. Computers and Electrical Engineering, 2008, 34 (5): 378- 391.
-
1Liu Sidong Zen TaoYu Yongquan.Analysis and Study of Buffer Overflow[J].中国电子商情(通信市场),2009(2):284-289.
-
2近期Linux漏洞关注重点——Linux系统存在内核本地整数溢出以及内存泄露漏洞[J].网管员世界,2005(2):87-87.
-
3北京大学计算机科学技术研究所在国际系统安全顶级会议NDSS发表高水平论文[J].北京大学学报(自然科学版),2009,45(2):370-370.
-
4惠战伟,黄松,嵇孟雨.基于程序特征谱整数溢出错误定位技术研究[J].计算机学报,2012,35(10):2204-2214. 被引量:7
-
5张实睿,许蕾,徐宝文.一种防止缓冲区溢出的整数溢出检测方法(英文)[J].Journal of Southeast University(English Edition),2009,25(2):219-223. 被引量:3
-
6郑燕飞,李晖,陈克非.Buffer Overflow Detection on Binary Code[J].Journal of Shanghai Jiaotong university(Science),2006,11(2):224-229. 被引量:2
-
7黄晖,陆余良,刘林涛,赵军.一种面向源代码的整数溢出缺陷静态检测方法[J].中国科学技术大学学报,2015,45(7):601-607.
-
8邱强.缓冲区溢出的危害及防范[J].计算机系统应用,2003,12(7):38-39.
-
9Gao Yang,Peng Yong,Xie Feng,Dai Zhonghua,Xu Guo'ai.Modeling and Dynamic Analysis in Software Systems Based on Complex Networks[J].China Communications,2012,9(12):137-143.
-
10敬茂华.防范Linux下缓冲区溢出攻击[J].开放系统世界,2004(1):69-70.