vbrandl/WIS-SEC-BOF
1
0
Fork 0
Code Issues Pull Requests Releases Wiki Activity

Formatting

Browse Source
This commit is contained in:
Valentin Brandl 2019-12-15 13:01:42 +01:00
parent 5bd8c61a69
commit cb948467bf
No known key found for this signature in database
GPG Key ID: 30D341DD34118D7D
1 changed files with 41 additions and 31 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

72
work/bibliography.bib
View File

@ -1,7 +1,7 @@
own: own:
@inproceedings{TypeAssisted2002, @inproceedings{TypeAssisted2002,
author = {{Lhee, Kyung-suk and Chapin, Steve J.}}, author = {{{Lhee}, Kyung-suk and {Chapin}, Steve J.}},
booktitle = {{11\textsuperscript{th} USENIX Security Symposium}}, booktitle = {{11\textsuperscript{th} USENIX Security Symposium}},
% no conference abbreviation % no conference abbreviation
title = {{Type-Assisted Dynamic Buffer Overflow Detection}}, title = {{Type-Assisted Dynamic Buffer Overflow Detection}},
@ -9,44 +9,53 @@ own:
} }
@inproceedings{Rop2007, @inproceedings{Rop2007,
author = {{Shacham, Hovav}}, author = {{Shacham}, Hovav},
booktitle = {{Proceedings of the 14th ACM conference on Computer and communications security (CCS)}}, booktitle = {{Proceedings of the 14th ACM conference on Computer and
title = {{The Geometry of Innocent Flesh on the Bone: Return-into-libc without Function Calls (on the x86)}}, communications security (CCS)}},
title = {{The Geometry of Innocent Flesh on the Bone: Return-into-libc without
Function Calls (on the x86)}},
year = {2007} year = {2007}
} }
@inproceedings{Detection2018, @inproceedings{Detection2018,
author = {{Chaim, Marcos and Santos, Daniel and Cruzes, Daniela}}, author = {{{Chaim}, Marcos and {Santos}, Daniel and {Cruzes}, Daniela}},
booktitle = {{International Journal of Systems and Software Security and Protection (IJSSSP)}}, booktitle = {{International Journal of Systems and Software Security and
title = {{What Do We Know About Buffer Overflow Detection?: A Survey on Techniques to Detect A Persistent Vulnerability}}, Protection (IJSSSP)}},
title = {{What Do We Know About Buffer Overflow Detection?: A Survey on
Techniques to Detect A Persistent Vulnerability}},
year = {2018} year = {2018}
} }
@inproceedings{AtkDef2016, @inproceedings{AtkDef2016,
author = {{Wang, Wei}}, author = {{{Wang}, Wei}},
booktitle = {{7\textsuperscript{th} International Conference on Education, Management, Information and Computer Science (ICEMC 2017)}}, booktitle = {{7\textsuperscript{th} International Conference on Education,
title = {{Survey of Attacks and Defenses on Stack-based Buffer Overflow Vulnerability}}, Management, Information and Computer Science (ICEMC 2017)}},
title = {{Survey of Attacks and Defenses on Stack-based Buffer Overflow
Vulnerability}},
year = {2017} year = {2017}
} }
@INPROCEEDINGS{Effectiveness2014, @INPROCEEDINGS{Effectiveness2014,
author={{H. M. {Gisbert} and I. {Ripoll}}}, author={{{Gisbert}, H. M. and {Ripoll}, I.}},
booktitle={{IEEE 13\textsuperscript{th} International Symposium on Network Computing and Applications (ISNCA)}}, booktitle={{IEEE 13\textsuperscript{th} International Symposium on Network
title={{On the Effectiveness of NX, SSP, RenewSSP, and ASLR against Stack Buffer Overflows}}, Computing and Applications (ISNCA)}},
title={{On the Effectiveness of NX, SSP, RenewSSP, and ASLR against Stack Buffer
Overflows}},
year={2014}, year={2014},
} }
@inproceedings{Rad2001, @inproceedings{Rad2001,
author = {{Chiueh, Tzi-cker and Hsu, Fu-Hau}}, author = {{{Chiueh}, Tzi-cker and {Hsu}, Fu-Hau}},
booktitle = {{21\textsuperscript{st} International Conference on Distributed Computing Systems}}, booktitle = {{21\textsuperscript{st} International Conference on Distributed
Computing Systems}},
title = {{RAD: A Compile-Time Solution to Buffer Overflow Attacks}}, title = {{RAD: A Compile-Time Solution to Buffer Overflow Attacks}},
year = {2001} year = {2001}
} }
@inproceedings{Stackguard1998, @inproceedings{Stackguard1998,
author = {{Cowan, Crispan and Po, Calton and Maier, Dave and Walpole, Jonathan author = {{{Cowan}, Crispan and {Po}, Calton and {Maier}, Dave and {Walpole},
and Bakke, Peat and Beattie, Steve and Grier, Aaron and Wagle, Perru and Jonathan and {Bakke}, Peat and {Beattie}, Steve and {Grier}, Aaron and
Yhang, Qian}}, {Wagle}, Perru and {Yhang}, Qian}},
booktitle = {{7\textsuperscript{th} USENIX Security Symposium}}, booktitle = {{7\textsuperscript{th} USENIX Security Symposium}},
title = {{StackGuard: Automatic Adaptive Detection and Prevention of title = {{StackGuard: Automatic Adaptive Detection and Prevention of
Buffer-Overflow Attacks}}, Buffer-Overflow Attacks}},
@ -55,23 +64,27 @@ year = {2001}
@inproceedings{AslrEffective2004, @inproceedings{AslrEffective2004,
year = {2004}, year = {2004},
booktitle = {{11\textsuperscript{th} ACM conference on Computer and communications security (CCS)}}, booktitle = {{11\textsuperscript{th} ACM conference on Computer and
communications security (CCS)}},
title = {{On the Effectiveness of Address-Space Randomization}}, title = {{On the Effectiveness of Address-Space Randomization}},
author = {{Shacham, Hovav and Page, Matthew and Pfaff, Ben and Goh, Eu-Jin and Modadugu, Nagendra and Boneh, Dan}} author = {{{Shacham}, Hovav and {Page}, Matthew and {Pfaff}, Ben and {Goh},
Eu-Jin and {Modadugu}, Nagendra and {Boneh}, Dan}}
} }
@ARTICLE{Smashing2004, @ARTICLE{Smashing2004,
author={J. {Pincus} and B. {Baker}}, author={{Pincus}, J. and {Baker}, B.},
journal={{IEEE Security \& Privacy}}, journal={{IEEE Security \& Privacy}},
title={{Beyond stack smashing: recent advances in exploiting buffer overruns}}, title={{Beyond stack smashing: recent advances in exploiting buffer
overruns}},
year={2004}, year={2004},
volume={2}, volume={2},
number={4}, number={4},
} }
@article{Counter2012, @article{Counter2012,
author = {{Younan, Yves and Joosen, Wouter and Piessens, Frank}}, author = {{{Younan}, Yves and {Joosen}, Wouter and {Piessens}, Frank}},
title = {{Runtime countermeasures for code injection attacks against C and C++ programs}}, title = {{Runtime countermeasures for code injection attacks against C and C++
programs}},
year={2012}, year={2012},
journal = {{ACM Computing Surveys (CSUR)}}, journal = {{ACM Computing Surveys (CSUR)}},
volume = {44}, volume = {44},
@ -80,11 +93,8 @@ year = {2001}
@InProceedings{Dep2007, @InProceedings{Dep2007,
author={{Condit, Jeremy author={{{Condit}, Jeremy and {Harren}, Matthew and {Anderson}, Zachary and
and Harren, Matthew {Gay}, David and {Necula}, George C.}},
and Anderson, Zachary
and Gay, David
and Necula, George C.}},
title={{Dependent Types for Low-Level Programming}}, title={{Dependent Types for Low-Level Programming}},
booktitle={{Programming Languages and Systems}}, booktitle={{Programming Languages and Systems}},
year={2007} year={2007}
@ -103,7 +113,7 @@ year={2007}
year = {2019}, year = {2019},
urlDate = {2019-12-10}, urlDate = {2019-12-10},
title = {{Implement Address Space Layout Randomization (ASLR)}}, title = {{Implement Address Space Layout Randomization (ASLR)}},
author = {{Konstantin Belousov}} author = {{{Belousov}, Konstantin}}
} }
@online{Linuxaslr, @online{Linuxaslr,
@ -111,7 +121,7 @@ year={2007}
year = {2013}, year = {2013},
urlDate = {2019-12-10}, urlDate = {2019-12-10},
title = {{Kernel address space layout randomization}}, title = {{Kernel address space layout randomization}},
author = {{Jake Edge}} author = {{{Edge}, Jake}}
} }
existing: existing: