Check out the new USENIX Web site. next up previous
Up: Type-Assisted Dynamic Buffer Overflow Previous: Conclusions and future work

Bibliography

1
AlephOne.
Smashing the stack for fun and profit.
Phrack, 7(49), Nov. 1996.

2
T. M. Austin, S. E. Breach, and G. S. Sohi.
Efficient detection of all pointer and array access errors.
In ACM SIGPLAN 94 Conference on Programming Language Design and Implementation, June 1994.

3
A. Baratloo, N. Singh, and T. Tsai.
Transparent run-time defense against stack smashing attacks.
In Proceedings of the 2000 USENIX Annual Technical Conference, pages 251-262, San Jose, CA, June 2000. USENIX.

4
Bulba and Kil3r.
Bypassing stackguard and stackshield.
Phrack, 10(56), May 2000.

5
M. Conover and w00w00 Security Team.
w00w00 on heap overflows.
https://www.w00w00.org/files/articles/heaptut.txt, Jan. 1999.

6
C. Cowan, C. Pu, D. Maier, H. Hinton, J. Walpole, P. Bakke, S. Beattie, A. Grier, P. Wagle, and QianZhang.
Stackguard: Automatic adaptive detection and prevention of buffer-overflow attacks.
In Proceedings of the 7th USENIX Security Symposium, pages 63-77, San Antonio, TX, Jan. 1998. USENIX.

7
C. Cowan, P. Wagle, C. Pu, S. Beattie, and J. Walpole.
Buffer overflows: Attacks and defenses for the vulnerability of the decade.
In Proceedings DARPA Information Survivability Conference and Exposition, pages 119-129, Hilton Head, SC, Jan. 2000.

8
D. Evans, J. Guttag, J. Horning, and Y. M. Tan.
Lclint: A tool for using specifications to check code.
In SIGSOFT Symposium on the Foundations of Software Engineering, pages 87-96. ACM, Dec. 1994.

9
A. J. Ferrari, S. J. Chapin, and A. S. Grimshaw.
Heterogeneous process state capture and recovery through process introspection.
Cluster Computing, 3(2):63-73, 2000.

10
R. W. M. Jones and P. H. J. Kelly.
Backwards-compatible bounds checking for arrays and pointers in c programs.
In Proceedings of the third International Workshop on Automatic Debugging, pages 13-26, Sweden, May 1997.

11
M. Kaempf.
Vudo - an object superstitiously believed to embody magical powers.
https://www.synnergy.net/downloads/papers/vudo-howto.txt.

12
D. Larochelle and D. Evans.
Statically detecting likely buffer overflow vulnerabilities.
In Proceedings of the 10th USENIX Security Symposium, Washington D.C, Aug. 2001. USENIX.

13
Nergal.
The advanced return-into-lib(c) exploits: Pax case study.
Phrack, 10(58), Dec. 2001.

14
PaX.
https://pageexec.virtualave.net.

15
J. M. B. Rivas.
Overwriting the .dtors section.
https://www.synnergy.net/downloads/papers/dtors.txt.

16
Rix.
Smashing c++ vptrs.
Phrack, 10(56), May 2000.

17
SolarDesigner.
Non-executable stack patch.
https://www.openwall.com/linux.

18
SolarDesigner.
Getting around non-executable stack (and fix).
Bugtraq mailing list, https://www.securityfocus.com/archive/1/7480, Aug. 1997.

19
StackShield.
https://www.angelfire.com/sk/stackshield.

20
D. Wagner, J. S. Foster, E. A. Brewer, and A. Aiken.
A first step towards automated detection of buffer overrun vulnerabilities.
In Network and Distributed System Security Symposium, pages 3-17, San Diego, CA, Feb. 2000.

21
R. Wojtczuk.
Defeating solar designer non-executable stack patch.
Bugtraq mailing list, https://www.securityfocus.com/archive/1/8470.