Check out the new USENIX Web site. next up previous
Next: About this document ... Up: A Binary Rewriting Defense Against Stack-based Buffer Overflow Attacks Previous: Acknowledgments

Bibliography

1
Tzi-cker Chiueh and Fu-hau Hsu, "RAD: A compile time solution for buffer overflow attacks", 21st IEEE International Conference on Distributed Computing Systems (ICDCS), Phoenix, AZ, April 2001

2
Aleph One, "Smashing the stack for fun and profit", Phrack Magazine 7 (49), November 1996

3
David Litchfield, "Windows NT buffer overruns" Winhlp32: https://community.core-sdi.com/ juliano/mnemonix-whlpbo.htm

4
dark spyrit, "Win32 Buffer Overflows - Location, Exploitation and Defense", Phrack Magazine 55 (15), May 2000

5
A. Srivastava and A. Eustace, "ATOM: A System for Building Customized Program Analysis Tools", SIGPLAN Conference on Programming Language Design and Implementation (PLDI), pages 196-205, June 1994.

6
James Larus and Eric Schnarr, "EEL: Machine-independent executable editing", SIGPLAN Conference on Programming Languages, Design and Implementation, pages 291-300, June 1995.

7
Ted Romer, Geoff Voelker, Dennis Lee, Alec Wolman, Wayne Wong, Hank Levy, and Brian Bershad. "Instrumentation and optimization of win32/intel executables using Etch". In USENIX Windows NT Workshop, 1997.

8
"LEEL", https://www.geocities.com/fasterlu/leel.htm

9
C. Cifuentes and M. Van Emmerik, "UQBT: Adaptable Binary Translation at Low Cost", IEEE Computer, March 2000.

10
Crispin Cowan et al., "Stackguard: Automatic adaptive detection and prevention of buffer-overflow attacks", 7th USENIX Security Symposium, San Antonio, TX, January 1998.

11
Microsoft compiler extension for buffer overflow defense, https://go.microsoft.com/fwlink/?Linkid=7260

12
Stackshield, www.angelfire.com/sk/stackshield/

13
Win32 Disassembler, www.geocities.com/ sangcho

14
Hiroaki Etoh. "GCC extension for protecting applications from stack-smashing attacks." https://www.trl.ibm.co.jp/projects/security/ssp

15
"CASH: Checking Array Bound Violation Using Segmentation Hardware", https://www.ecsl.cs.sunysb.edu/softsecure/project.html

16
R. Jones and P. Kelly, "Backwards-compatible bounds checking for arrays and pointers in C programs", https://www-ala.doc.ic.ac.uk/ phjk/BoundsChecking.html

17
Intel Architecture Software Developer's Manual: Volume 3: System Programmer's Guide

18
Bulba and Kil3r. Bypassing StackGuard and StackShield. Phrack, 5(56), May 2000.

19
Phrack Magazine 55 (8), May 2000: Klog - The frame pointer overwrite

20
Arash Baratloo, Timothy Tsai, and Navjot Singh, "Transparent run-time defense against stack smashing attacks", USENIX Annual Technical Conference, June 2000.

21
Vladimir Kiriansky, Derek Bruening, Saman Amarasinghe, "Secure Execution Via Program Shepherding", 11th USENIX Security Symposium, August 2002, San Francisco, California.

22
Benjamin Schwarz, Saumya Debray, Gregory Andrews, "Disassembly of executable code revisited", Working Conference on Reverse Engineering, Oct 2002.

23
C. Cifuentes, M. Van Emmerik, "Recovery of Jump Table Case Statements from Binary Code", International Workshop on Program Comprehension, May 1999

24
Galen Hunt and Doug Brubacher, "Detours: Binary Interception of Win32 Functions", 3rd Usenix NT Symposium, Seattle, July 1999.

25
Matt Pietrek, "An In-Depth Look into the Win32 Portable Executable File Format", MSDN magazine, Feb 2002

26
Matt Pietrek, Under the Hood, Microsoft Systems Journal, 11(5), May 1996.

27
Barton P. Miller, Mark D. Callaghan, Jonathan M. Cargille, Jeffrey K. Hollingsworth, R. Bruce Irvin, Karen L. Karavanic, Krishna Kunchithapadam and Tia Newhall, "The Paradyn Parallel Performance Measurement Tools", IEEE Computer 28, 11, pp.37-46 (November 1995).

28
Jun Xu, Zbigniew Kalbarczyk, Sanjay Patel and Ravishankar K. Iyer, "Compiler and Architecture Support for Defense against Buffer Overflow Attacks", 2nd Workshop on Evaluating and Architecting System Dependability (EASY), San Jose, CA, October, 2002.


Manish Prasad
2003-04-05