[1]
|
Bass, T. (2000) Intrusion Detection Systems and Multi-Sensor Data Fusion. Communications of the ACM, 43, 4. http://dx.doi.org/10.1145/332051.332079
|
[2]
|
Cova, M., Felmetsger, V., Banks, G. and Vigna, G. (2006) Static Detection of Vulnerabilities in x86 Executables. ACSAC ‘06 Proceedings of the 22nd Annual Computer Security Applications Conference, Miami Beach, December 2006, 269-278.
|
[3]
|
Mutz, D., Valeur, F., Vigna, G. and Kruegel, C. (2006) Anomalous System Call Detection. ACM Transactions on Information and System Security, 9, 1. http://dx.doi.org/10.1145/1127345.1127348
|
[4]
|
Wang, T. and Roychoudhury, A. (2007) Hierarchical Dynamic Slicing. Proceedings of the 2007 International Symposium on Software Testing and Analysis, 228-238.
|
[5]
|
Zhang, X. and Gupta, R. (2004) Whole Execution Traces. 37th International Symposium on Microarchitectures. IEEE Press.
|
[6]
|
Zheng, J., Williams, L., Nagappan, N., Snipes, W., Hudepohl, J. and Vouk, M. (2006) On the Value of Static Analysis for Fault Detection in Software. IEEE Transactions on Software Engineering, 32, 240-253. http://dx.doi.org/10.1109/TSE.2006.38
|
[7]
|
Hovemeyer, D. and Pugh, W. (2004) Finding Bugs Is Easy. Proceedings of the 19th ACM Conference on ObjectOriented Programming, Systems, Languages, and Applications, Vancouver.
|
[8]
|
Heckman, S. and Williams, L. (2009) A Model Building Process for Identifying Actionable Static Analysis Alerts. Proceedings of the 2nd IEEE International Conference on Software Testing, Verification and Validation, Denver, 1-4 April 2009, 161-170.
|
[9]
|
Chess, B. and McGraw, G. (2004) Static Analysis for Security. IEEE Security & Privacy, 2, 76-79. http://dx.doi.org/10.1109/MSP.2004.111
|
[10]
|
Yi, K., Choi, H., Kim, J. and Kim, Y. (2007) An Empirical Study on Classification Methods for Alarms from a BugFinding Static C Analyzer. Information Processing Letters, 102, 118-123. http://dx.doi.org/10.1016/j.ipl.2006.11.004
|
[11]
|
Schwartz, E.J., Avgerinos, T. and Brumley, D. (2010) All You Ever Wanted to Know about Dynamic Taint Analysis and Forward Symbolic Execution (but Might Have Been Afraid to Ask). Proceedings of the 2010 IEEE Symposium on Security and Privacy, Oakland, 16-19 May 2010, 317-331. http://dx.doi.org/10.1109/SP.2010.26
|
[12]
|
Cavallaro, L., Saxena, P. and Sekar, R. (2008) On the Limits of Information Flow Techniques for Malware Analysis and Containment. Proceedings of the 5th International Conference on Detection of Intrusions and Malware, and Vulnerability Assessment (DIMVA), Springer.
|
[13]
|
Pasareanu, C.S. and Visser, W. (2009) A Survey of New Trends in Symbolic Execution for Software Testing and Analysis. International Journal of Tools Technology Transfer, 11, 339-353. http://dx.doi.org/10.1007/s10009-009-0118-1
|
[14]
|
Crandall, J., Su, Z., Wu, S.F. and Chong, F. (2005) On Deriving Unknown Vulnerabilities from Zero-Day Polymorphic and Metamorphic Worm Exploits. Proceedings of the ACM Conference on Computer and Communications Security, 235-248. http://dx.doi.org/10.1145/1102120.1102152
|
[15]
|
Brumley, D., Newsome, J., Song, D., Wang, H. and Jha, S. (2008) Theory and Techniques for Automatic Generation of Vulnerability Based Signatures. IEEE Transactions on Dependable and Secure Computing, 5, 224-241. http://dx.doi.org/10.1109/TDSC.2008.55
|
[16]
|
Sharif, M., Lanzi, A., Giffin, J. and Lee, W. (2009) Automatic Reverse Engineering of Malware Emulators. Proceedings of the IEEE Symposium on Security and Privacy, 94-109.
|
[17]
|
Cadar, C., Dunbar, D. and Engler, D. (2008) Klee: Unassisted and Automatic Generation of High-Coverage Tests for Complex Systems Programs. Proceedings of the USENIX Symposium on Operating System Design and Implementation, 209-224.
|
[18]
|
Mine, A. (2001) A New Numerical Abstract Domain Based on Difference-Bound Matrices. PADO II, 2053, 155-172.
|
[19]
|
Yin, H., Poosankam, P., Hanna, S. and Song, D. (2010) HookScout: Proactive Binary-Centric Hook Detection. Proceedings of the Detection of Intrusions and Malware, and Vulnerability Assessment, Springer, 1-20.
|
[20]
|
Frossi, A., Maggi, F., Rizzo, G.L. and Zaneo, S. (2009) Selecting and Improving System Call Models for Anomaly Detection. Proceedings of the Detection of Intrusions and Malware, and Vulnerability Assessment, Springer.
|
[21]
|
Bockermann, C., Apel, M. and Meier, M. (2009) Learning SQL for Database Intrusion Detection Using Context-Sensitive Modelling. Proceedings of the Detection of Intrusions and Malware, and Vulnerability Assessment, Springer.
|
[22]
|
Tanenbaum, A.S. (2007) Modern Operating Systems, Pearson Education.
|
[23]
|
Abadi, M., Budiu, M., Erlingsson, U. and Ligatti, J. (2009) Control Flow Integrity Principles, Implementations and Applications. ACM Transactions on Information and Systems Security (TISSEC), 13, 1. http://dx.doi.org/10.1145/1609956.1609960
|
[24]
|
Searle, J.R. (1969) Speech Acts: An Essay in the Philosophy of Language. Cambridge Press, Cambridge. http://dx.doi.org/10.1017/CBO9781139173438
|