-
آرشیو :
نسخه بهار 1399 - جلد اول
-
نوع مقاله :
پژوهشی
-
کد پذیرش :
1363
-
نویسنده/گان :
محمد هادیان، رامین نصیری، افشین سلاجقه
-
کلید واژه :
اکسپلویت، شلکد، تایید سه گانه.
-
مراجع :
[1] hairul Anuar Ishak, "Matlab Tutorial of Fundamental Programming", Department of Electrical, Electronic & System Engineering Faculty of Engineering University Kebangsaan Malaysi, 2012.
[2] Greg Hoglund, Gary McGraw , Exploiting Software: How to Break code. 2011,
[3] Jon Erickson, the Art of exploit software. 2008,
[4] McReynolds, Joren Bartley. "Systems and methods to detect and neutralize malware infected electronic communications." U.S. Patent 9,710,645, issued July 18, 2017.
[5] Sunder, Divya Naidu Kolar, David M. Durham, and Hormuzd M. Khosravi. "Providing authenticated anti-virus agents a direct access to scan memory." U.S. Patent 9,087,188, issued July 21, 2015.
[6] Largman, Kenneth, Anthony B. More, and Jeffrey Blair. "Computer system and method of controlling communication port to prevent computer contamination by virus or malicious code." U.S. Patent 7,849,360, issued December 7, 2010.
[7] Shukla, Jayant. "Application Sandbox to Detect, Remove, and Prevent Malware." U.S. Patent Application 11/769,297, filed June 27, 2007..
[8] Pavlyushchik, Mikhail A. "Method and system for antimalware scanning with variable scan settings." U.S. Patent 7,725,941, issued May 25, 2010.
[9] S. Honiden, "Goal Model Elaboration for Software Evolution," Engineering of Complex Computer Systems (ICECCS), 2013 18th International Conference on, Singapore, 2013, pp. 3-3.
[10] Gupta, R. Kaushal, "Improving Spam Detection in Online Social Networks", Springer, pp. 1-2, 2015.
[11] Sallam, Ahmed Said. "Systems and methods for identifying hidden processes." U.S. Patent 8,549,648, issued October 1, 2013.
[12] Gupta, Rajarshi, Soorgoli Ashok Halambi, Sudha A. Gathala, and Vinay Sridhara. "Communicating behavior information in a mobile computing device." U.S. Patent 9,690,635, issued June 27, 2017.
[13] Gupta, Rajarshi, Xuetao Wei, Anil Gathala, and Vinay Srishara. "Architecture for Client-Cloud Behavior Analyzer." U.S. Patent Application 13/776,414, filed February 25, 2013.
[14] T. Parker, J. Johnson, M. Tummala, J. McEachen and J. Scrofani, "Dynamic state determination of a software-defined network via dual basis representation," Signal Processing and Communication Systems (ICSPCS), 2014 8th International Conference on, Gold Coast, QLD, 2014, pp. 1-7.
[15] D. M. Stanley, D. Xu and E. H. Spafford, "Improved kernel security through memory layout randomization," 2013 IEEE 32nd International Performance Computing and Communications Conference (IPCCC), San Diego, CA, 2013, pp. 1-10.
[16] David Hammarberg. “The Best Defenses Against Zero-day Exploits for Various-sized Organizations” .Sans. https://www.sans.org/reading-room/whitepapers/bestprac/defenses-zero-day-exploits-various-sized-organizations-35562 .2014 [ACCESS AVAILABLE[1 sept 2017]
[17] Microsoft develop,2015 https://msdn.microsoft.com/en-us/library/8wtf2dfz.aspx[ACCESS AVAILABLE[22 apr 2017]
[18] Alexander Sotirov , 2009 https://www.usenix.org/legacy/event/sec09/tech/slides/sotirov.pdf" ACCESS AVAILABLE[15 sept 2017]
[19] A detailed description of the Data Execution Prevention (DEP) feature in Windows XP Service Pack 2, Windows XP Tablet PC Edition 2005, and Windows Server 2003. http://support. microsoft. com/kb/875352/EN-US/
[20] Timm, Kevin, Intrusion Detection FAQ: How does and attacker evade IDS with Session Splicing, SANS. http://www. sans. org/securityresources/idfaq/sess- splicing. php.\
[21] R. Roemer, E. Buchanan, H. Shacham, and S. Savage. Return-oriented programming: Systems, languages, and applications. Manuscript, 2009. Online: https://cseweb. ucsd. edu/~hovav/papers/rbss09. Html
[22] H. Shacham. The geometry of innocent flesh on the bone: Return-intolibc without function calls (on the x86). In S. De Capitani di Vimercati and P. Syverson, editors, Proceedings of CCS 2007, pages 552-61. ACM Press, Oct. 2007.
[23] Welch, X Gao, P Komisarczuk Computer Networks “Detecting Heap-Spray Attacks in Drive-by Downloads: Giving Attackers a Hand” 2013 - ieeexplore.ieee.org
[24] Dr. Anatoliy S. Gordonov . “The Cost of Preventing a Buffer Overflow”. conferace paper .2014
[25] Scarfone, Karen and Mell, Peter. Guide to Intrusion Detection and Prevention Systems, Computer Security Resource Center (National Institute of Standards and Technology) (800-94) February 2007.
[26] Serna, Fermin J., Polymorphic shellcodes vs. application IDSs, Next Generation Security Technologies. January 2002.
[27] PaX Team. PaX Address Space Layout Randomization. http://pax. grsecurity. net/docs/aslr. txt
[28] Encapsulation Security Payload, http://social.technet.microsoft.com/wiki/contents/articles/4399.private-cloud-reference-model.aspx.
[29] Dynamic-Link Library Hijacking ,Max “RIVAL” ,https://www.exploit-db.com/docs/english/31687-dynamic-link-library-hijacking.pdf
[30] Ashfaq Ansari, HEAP SPRAYING – ACTIVEX CONTROLS UNDER ATTACK , https://www.exploit-db.com/docs/english/31019-heap-spraying---activex-controls-under-attack.pdf
[31] Paruj Ratanaworabhan, Benjamin Livshits, Benjamin Zorn, NOZZLE: A Defense Against Heap-spraying Code Injection Attacks,2016
[32] SEH overwrite and its exploitability, Shuichiro Suzuki, https://www.ffri.jp/assets/files/research/research_papers/SEH_Overwrite_CanSecWest2010.pdf,2010
[33] Detecting and preventing null pointer errors with pluggable type-checking, CSE 331, University of Washington, https://pdfs.semanticscholar.org/presentation/f2ad/0e46065a31ca2501258a616b692e6373130d.pdf, [access available 2018]
[34] Stack Smashing as of Today A State-of-the-Art Overview on Buffer Overflow Protections on linux_x86_64, Hagen Fritsch, Black Hat Europe,2009
[35] rop&dep, Modern Binary Exploitation , Markus Gaasedelen, http://security.cs.rpi.edu/courses/binexp-spring2015/lectures/11/07_lecture.pdf ,[access available 2015]
[36] Advanced Attacks: How One Exploited Endpoint Leads to Total Datacenter Breach, Nati Davidi, Sebastian Goodwin ,RSA Conference 2015.
- صفحات : 85-98
-
دانلود فایل
( 907.26 KB )
