Abstract
Enlist hacker expertise, but stay with academic fault naming conventions, when defending against the risk of exploitation of vulnerabilities and intrusions.
- Barrantes, E., Ackley, D., Forrest, S., Palmer, T., Stefanopvic, D., and Zovi, D. Randomized instruction set emulation to disrupt binary code injection attacks. In Proceedings of the 10th ACM Conference on Computer and Communications Security (2003); www.cs.unm.edu/~gbarrant/RISE.html. Google ScholarDigital Library
- Cespedes, J. ltrace. Online documentation; packages.debian.org/unstable/utils/ltrace.html.Google Scholar
- Etoh, H. GCC Extension for Protecting Applications from Stack-smashing Attacks. Technical report and source code, first published May 8, 2001; www.trl.ibm.com/projects/security/ssp/.Google Scholar
- Flake, H. Structural comparison of executable objects. In Proceedings of the Conference on Detection of Intrusions and Malware & Vulnerability Assessment (Dortmund, Germany, July 6--7, 2004), 161--173.Google Scholar
- Kuperman, B., Brodley, C., Ozdoganoglu, H., Vijaykumar, T., and Jalote, A. Detection and prevention of stack buffer overflow attacks. Commun. ACM 11, 48 (Nov. 2005), 50--56. Google ScholarDigital Library
- Microsoft. Visual C Compiler Stack Protection. Microsoft Visual Studio 2005 documentation; msdn.microsoft.com/library/en-us/vccore/html/vclrfGSBufferSecurity.asp.Google Scholar
- National Institute of Standards and Technology. National Vulnerability Database, Gaithersburg, MD; nvd.nist.gov/.Google Scholar
- Reidel, D. Expository practice: Social, cognitive and epistemological linkages. In Expository Science, T. Shinn and R. Witley, Eds., 1985, 31--60.Google Scholar
- Trenn, T. and Merton, R., Eds. The Genesis and Development of a Scientific Fact. University of Chicago Press, Chicago, 1979.Google Scholar
Index Terms
Software security is software reliability
Recommendations
Software security: vulnerabilities and countermeasures for two attacker models
DATE '16: Proceedings of the 2016 Conference on Design, Automation & Test in EuropeHistory has shown that attacks against network-connected software based systems are common and dangerous. An important fraction of these attacks exploit implementation details of the software based system. These attacks -- sometimes called low-level ...
A Practical Framework for Dynamically Immunizing Software Security Vulnerabilities
ARES '06: Proceedings of the First International Conference on Availability, Reliability and SecurityMany security attacks are caused by software vulnerabilities such as buffer overflow. How to eliminate or mitigate these vulnerabilities, in particular with unstoppable software, is a great challenge for security researchers and practitioners. In this ...
Comments