参考文献 [1] Lam M S, Martin M C, Livshits V B, et al. Securing Web Applications with Static and Dynamic Information Flow Tracking[C]//Proc. of 2008 ACM SIGPLAN Symposium on Partial Evaluation and Semantics-based Program Manipulation. New York, USA: ACM Press, 2008: 3-12. [2] Newsome J, Song D. Dynamic Taint Analysis for Automatic Detection, Analysis, and Signature Generation of Exploits on Commodity Software[C]//Proc. of the 12th Annual Network and Distributed System Security Symposium. San Diego, USA: 2005. [3] Sharif M, Lanzi A, Giffin J, et al. Automatic Reverse En- gineering of Malware Emulators[C]//Proc. of 2009 IEEE Symposium on Security and Privacy. Oakland, USA: IEEE Press, 2009: 94-109. (下转第22页) (上接第17页) [4] Comparetti P M, Wondracek G, Kruegel C, et al. Prospex: Protocol Speci?cation Extraction[C]//Proc. of the 30th IEEE Symposium on Security and Privacy. Washington D. C., USA: IEEE Computer Society, 2009: 110-125. [5] Yin Heng, Song D, Egele M, et al. Panorama: Capturing System-wide Information Flow for Malware Detection and Analysis[C]//Proc. of ACM Conference on Computer and Communication Security. Alexandria, USA: ACM Press, 2007: 116-127. [6] Kohli P. Coarse-grained Dynamic Taint Analysis for Defeating Control and Non-control Data[EB/OL]. (2009-06-24). http:// arxiv.org/abs/0906.4481. [7] Nethercote N, Seward J. How to Shadow Every Byte of Memory Used by a Program[C]//Proc. of the 3rd International ACM SIGPLAN/SIGOPS Conference on Virtual Execution Environments. San Diego, USA: ACM Press, 2007: 65-74. [8] Bryant R E. Symbolic Boolean Manipulation with Ordered Binary-decision Diagrams[J]. ACM Computing Surveys, 1992, 24(3): 293-318. [9] 黄 强, 曾庆凯. 基于信息流策略的污点传播分析及动态验证[J]. 软件学报, 2011, 22(9): 2036-2048. [10] Denning D E. A Lattice Model of Secure Information Flow[J]. Communications of the ACM, 1976, 19(5): 236-243. [11] Kang M G, McCamant S, Poosankam P. DTA++: Dynamic Taint Analysis with Targeted Control-Fow Pro- pagation[C]// Proc. of the 18th Annual Network and Distributed System Security Symposium. San Diego, USA: [s. n.], 2011. [12] Bellard F. Qemu: A Fast and Portable Dynamic Translator[C]// Proc. of USENIX’05. Berkeley, USA: [s. n.], 2005: 41-46. 编辑 金胡考 |