|
1. MITRE. CVE Official Website. Available from: https://cve.mitre.org/. 2. Brumley, D., et al., Automatic exploit generation, in Communications of the ACM. 2014. p. 74-84. 3. Huang, S.-K., et al., CRAX: Software Crash Analysis for Automatic Exploit Generation by Modeling Attacks as Symbolic Continuations, in IEEE Sixth International Conference on Software Security and Reliability. 2012, IEEE: Gaithersburg, MD, USA. 4. Chipounov, V., V. Kuznetsov, and G. Candea, S2E: a platform for in-vivo multi-path analysis of software systems. ACM SIGARCH Computer Architecture News - ASPLOS '11, 2011. 39(1): p. 265-278. 5. King, J.C., Symbolic execution and program testing, in Communications of the ACM. 1976. p. 385-394. 6. Phang, K.Y., et al., STP constraint solver. 7. Moura, L.d. and N. Bjørner, Z3: An Efficient SMT Solver, in International Conference on Tools and Algorithms for the Construction and Analysis of Systems. 2008, Springer, Berlin, Heidelberg. p. 337-340. 8. Yeh, C.-C., H. Chung, and S.-K. Huang, CRAXfuzz: Target-Aware Symbolic Fuzz Testing, in IEEE 39th Annual Computer Software and Applications Conference. 2015, IEEE: Taichung, Taiwan. 9. Sen, K. Concolic testing. in the twenty-second IEEE/ACM international conference on Automated software engineering. 2007. Atlanta, Georgia, USA. 10. Bellard, F. QEMU, a Fast and Portable Dynamic Translator. in USENIX Annual Technical Conference. 2005. Anaheim, CA, USA. 11. Dunbar, D. and D. Engler, KLEE: Unassisted and Automatic Generation of High-Coverage Tests for Complex Systems Programs, in USENIX Symposium on Operating Systems Design and Implementation. 2008: San Diego, CA, USA. 12. Lattner, C. and V. Adve. LLVM: A Compilation Framework for Lifelong Program Analysis & Transformation. in the international symposium on Code generation and optimization: feedback-directed and runtime optimization. 2004. Palo Alto, California. 13. Cowan, C., F. Wagle, and C. Pu. Buffer overflows: attacks and defenses for the vulnerability of the decade. in DARPA Information Survivability Conference and Exposition. 2000. Hilton Head, SC, USA: IEEE. 14. DARPA. Cyber Grand Challenge - THE WORLD'S FIRST ALL-MACHINE HACKING TOURNAMENT. Available from: http://archive.darpa.mil/cybergrandchallenge/. 15. Walker, M. Could a purpose built supercomputer play DEF CON Capture the Flag? in International Symposium on Software Testing and Analysis. 2014. Bay Area, California. 16. Song, D., et al., BitBlaze: A New Approach to Computer Security via Binary Analysis, in International Conference on Information Systems Security. 2008, Springer, Berlin, Heidelberg. p. 1-25. 17. Böhme, M., V.-T. Pham, and A. Roychoudhury. Coverage-based Greybox Fuzzing as Markov Chain. in ACM SIGSAC Conference on Computer and Communications Security. 2016. Vienna, Austria.
|