From proof-of-concept to exploitable
暂无分享,去创建一个
Wei Wu | Chao Zhang | Xinyu Xing | Wei Zou | Yan Wang | Xiaorui Gong
[1] Juanru Li,et al. From Collision To Exploitation: Unleashing Use-After-Free Vulnerabilities in Linux Kernel , 2015, CCS.
[2] David Brumley,et al. Automatic Patch-Based Exploit Generation is Possible: Techniques and Implications , 2008, 2008 IEEE Symposium on Security and Privacy (sp 2008).
[3] Daniel Kroening,et al. MSc Computer Science Dissertation Automatic Generation of Control Flow Hijacking Exploits for Software Vulnerabilities , 2009 .
[4] Zhenkai Liang,et al. Automatic Generation of Data-Oriented Exploits , 2015, USENIX Security Symposium.
[5] David Brumley,et al. Automatic exploit generation , 2014, CACM.
[6] Derek Bruening,et al. AddressSanitizer: A Fast Address Sanity Checker , 2012, USENIX Annual Technical Conference.
[7] Abhik Roychoudhury,et al. Directed Greybox Fuzzing , 2017, CCS.
[8] David Brumley,et al. AEG: Automatic Exploit Generation , 2011, NDSS.
[9] Chao Zhang,et al. CollAFL: Path Sensitive Fuzzing , 2018, 2018 IEEE Symposium on Security and Privacy (SP).
[10] Stefan Mangard,et al. Prefetch Side-Channel Attacks: Bypassing SMAP and Kernel ASLR , 2016, CCS.
[11] Abhik Roychoudhury,et al. Coverage-Based Greybox Fuzzing as Markov Chain , 2016, IEEE Transactions on Software Engineering.
[12] Shih-Kun Huang,et al. CRAX: Software Crash Analysis for Automatic Exploit Generation by Modeling Attacks as Symbolic Continuations , 2012, 2012 IEEE Sixth International Conference on Software Security and Reliability.
[13] Zhenkai Liang,et al. Automatically assessing crashes from heap overflows , 2017, 2017 32nd IEEE/ACM International Conference on Automated Software Engineering (ASE).
[14] David Brumley,et al. Unleashing Mayhem on Binary Code , 2012, 2012 IEEE Symposium on Security and Privacy.
[15] Herbert Bos,et al. VUzzer: Application-aware Evolutionary Fuzzing , 2017, NDSS.
[16] Taesoo Kim,et al. Breaking Kernel Address Space Layout Randomization with Intel TSX , 2016, CCS.
[17] V. N. Venkatakrishnan,et al. Chainsaw: Chained Automated Workflow-based Exploit Generation , 2016, CCS.
[18] Christopher Krügel,et al. Driller: Augmenting Fuzzing Through Selective Symbolic Execution , 2016, NDSS.
[19] David Brumley,et al. Q: Exploit Hardening Made Easy , 2011, USENIX Security Symposium.
[20] Michael D. Ernst,et al. Automatic creation of SQL Injection and cross-site scripting attacks , 2009, 2009 IEEE 31st International Conference on Software Engineering.
[21] Christopher Krügel,et al. SOK: (State of) The Art of War: Offensive Techniques in Binary Analysis , 2016, 2016 IEEE Symposium on Security and Privacy (SP).
[22] Kosta Serebryany,et al. Continuous Fuzzing with libFuzzer and AddressSanitizer , 2016, 2016 IEEE Cybersecurity Development (SecDev).
[23] Kostya Serebryany,et al. Memory Tagging and how it improves C/C++ memory safety , 2018, ArXiv.