, Coverage maximization using dynamic taint tracing, 2007.
, Klee: Unassisted and automatic generation of high-coverage tests for complex systems programs, Proceedings of the 8th USENIX Conference on Operating Systems Design and Implementation, ser. OSDI'08, pp.209-224, 2008.
, Exe: Automatically generating inputs of death, Proceedings of the 13th ACM Conference on Computer and Communications Security (CCS), 2006.
, Detecting and Debugging Insecure Information Flows, 15th International Symposium on Software Reliability Engineering, pp.198-209, 2004.
DOI : 10.1109/ISSRE.2004.17
, Statically detecting use after free on binary code, Journal of Computer Virology and Hacking Techniques, vol.89, issue.3, 2014.
DOI : 10.1007/s11416-014-0203-1
, Crash analysis with BitBlaze, 2010.
, All You Ever Wanted to Know about Dynamic Taint Analysis and Forward Symbolic Execution (but Might Have Been Afraid to Ask), 2010 IEEE Symposium on Security and Privacy, pp.317-331, 2010.
DOI : 10.1109/SP.2010.26
, TEMU: Binary code analysis via whole-system layered annotative execution, EECS Department, 2010.
, Dytan, Proceedings of the 2007 international symposium on Software testing and analysis, ISSTA '07, pp.196-206, 2007.
DOI : 10.1145/1273463.1273490
, Strict control dependence and its effect on dynamic information flow analyses, Proceedings of the 19th international symposium on Software testing and analysis, ISSTA '10, pp.13-24, 2010.
DOI : 10.1145/1831708.1831711
, A taxonomy of obfuscating transformations, 1997.
, Inputs of Coma: Static Detection of Denial-of-Service Vulnerabilities, 2009 22nd IEEE Computer Security Foundations Symposium
DOI : 10.1109/CSF.2009.13
, Taint Dependency Sequences: A Characterization of Insecure Execution Paths Based on Input-Sensitive Cause Sequences, 2010 Third International Conference on Software Testing, Verification, and Validation Workshops, pp.371-380, 2010.
DOI : 10.1109/ICSTW.2010.28
, Valgrind: A program supervision framework, Prooceeding of the third workshop on Runtime Verification, 2003.
, PIN: Building customized program analysis tools with dynamic instrumentation, Proceedings of the 2005 ACM SIGPLAN Conference on Programming Language Design and Implementation, ser. PLDI '05, pp.190-200, 2005.
, Static and dynamic analysis: Synergy and duality, WODA 2003: ICSE Workshop on Dynamic Analysis. Citeseer, pp.24-27, 2003.
, Dynamic taint analysis for automatic detection, analysis, and signature generation of exploits on commodity software, Proceedings of the Network and Distributed System Security Symposium, NDSS 2005, 2005.
, Augmenting vulnerability analysis of binary codeACSAC'12), Proceedings of the 28th Annual Computer Security Applications Conference, pp.199-208, 2012.
, Stackguard: Automatic adaptive detection and prevention of buffer-overflow attacks, Proceedings of the 7th USENIX Security Symposium, pp.63-78, 1998.
, Backwardscompatible bounds checking for arrays and pointers in C programs, Distributed Enterprise Applications. HP Labs Tech Report, pp.255-283, 1997.
, Secure program execution via dynamic information flow tracking
DOI : 10.1145/1024393.1024404
URL : http://citeseerx.ist.psu.edu/viewdoc/summary?doi=10.1.1.124.341
, Minos: Control Data Attack Prevention Orthogonal to Memory Model, 37th International Symposium on Microarchitecture (MICRO-37'04), pp.221-23226, 2004.
DOI : 10.1109/MICRO.2004.26
, WASP: Protecting Web Applications Using Positive Tainting and Syntax-Aware Evaluation, IEEE Transactions on Software Engineering, vol.34, issue.1, pp.65-81, 2008.
DOI : 10.1109/TSE.2007.70748
, Understanding data lifetime via whole system simulation, Proceedings of the 13th Conference on USENIX Security Symposium, pp.22-22, 2004.
, TaintDroid, Proceedings of the 9th USENIX Conference on Operating Systems Design and Implementation, ser. OSDI'10, pp.1-6, 2010.
DOI : 10.1145/2619091
, LIFT: A Low-Overhead Practical Information Flow Tracking System for Detecting Security Attacks, 2006 39th Annual IEEE/ACM International Symposium on Microarchitecture (MICRO'06), pp.135-148, 2006.
DOI : 10.1109/MICRO.2006.29
, CCured: type-safe retrofitting of legacy software, ACM Transactions on Programming Languages and Systems, vol.27, issue.3, pp.477-526, 2005.
DOI : 10.1145/1065887.1065892
, Taint nobody got time for crash analysis, REcon : Computer Security Conference on Reverse Engineering and Advanced Exploitation Techniques, 2013.
, Panorama, Proceedings of the 14th ACM conference on Computer and communications security , CCS '07, pp.116-127, 2007.
DOI : 10.1145/1315245.1315261
, BitBlaze: A New Approach to Computer Security via Binary Analysis, Proceedings of the 4th International Conference on Information Systems Security, 2008.
DOI : 10.1007/978-3-540-73368-3_52
, Anti-taint-analysis: Practical evasion techniques against information flow based malware defense, 2007.
, On the limits of information flow techniques for malware analysis and containment, " in Detection of Intrusions and Malware, and Vulnerability Assessment, ser. Lecture Notes in Computer Science, pp.143-163, 2008.
, Protection against Code Obfuscation Attacks Based on Control Dependencies in Android Systems, 2014 IEEE Eighth International Conference on Software Security and Reliability-Companion, 2014.
DOI : 10.1109/SERE-C.2014.33
URL : https://hal.archives-ouvertes.fr/hal-01010902
, Strict control dependence and its effect on dynamic information flow analyses, Proceedings of the 19th international symposium on Software testing and analysis, ISSTA '10, pp.13-24, 2010.
DOI : 10.1145/1831708.1831711
, Bit-Level Taint Analysis, 2014 IEEE 14th International Working Conference on Source Code Analysis and Manipulation, pp.255-264, 2014.
DOI : 10.1109/SCAM.2014.43
, Measuring the robustness of source program obfuscation, Proceedings of the 4th ACM conference on Data and application security and privacy, CODASPY '14, pp.123-126, 2014.
DOI : 10.1145/2557547.2557577
URL : https://hal.archives-ouvertes.fr/hal-00927427