|
[1] “SmartFuzz,” [線上]. Available: https://github.com/dmolnar/SmartFuzz. [2] “BFF (Basic Fuzzing Framework),” CERT, [線上]. Available: http://www.cert.org/vulnerability-analysis/tools/bff.cfm. [3] “FOE (Failure Observation Engine),” CERT, [線上]. Available: http://www.cert.org/vulnerability-analysis/tools/foe.cfm. [4] “GCOV online document,” [線上]. Available: https://gcc.gnu.org/onlinedocs/gcc/Gcov.html. [5] David Molnar, Xue Cong Li, David Wagner, “Dynamic Test Generation to Find Integer Bugs in x86 Binary Linux Programs,” USENIX, pp. 67-82, August 2009. [6] Wei Jin, Alessandro Orso, “F3: fault localization for field failures,” Proceedings of the 2013 International Symposium on Software Testing and Analysis, pp. 213-223, July 2013. [7] “GDB: The GNU Project Debugger,” [線上]. Available: https://www.gnu.org/software/gdb/. [8] “Valgrind,” [線上]. Available: http://valgrind.org/. [9] W Eric Wong, Vidroha Debroy, Yihao Li, Ruizhi Gao, “Software fault localization using DStar (D*),” IEEE Sixth International Conference (SERE), pp. 21-30, June 2012. [10] “CERT Triage Tools,” CERT, [線上]. Available: http://www.cert.org/vulnerability-analysis/tools/triage.cfm. [11] Christopher Theisen, Kim Herzig, Patrick Morrison, Brendan Murphy, Laurie Williams, “Approximating Attack Surfaces with Stack Traces,” IEEE Companion Proceedings of the 37th International Conference on Software Engineering , 2015. [12] Alexandre Rebert, Sang Kil Cha, Thanassis Avgerinos, Jonathan Foote, David Warren, Gustavo Grieco, David Brumley, “Optimizing seed selection for fuzzing,” USENIX, pp. 861-875, Augest 2014. [13] P. Willett, “Similarity-based approaches to virtual screening,” Biochemical Society Transactions 31(3), pp. 603-606, June 2003 . [14] S. Choi, S. Cha, C. C. Tappert, “A Survey of Binary Similarity and Distance Measures,” Journal of Systemics, Cybernetics and Informatics 8(1), pp. 43-48, January 2010. [15] “D3JS Data-Driven Documents,” [線上]. Available: http://d3js.org/. [16] P. UHLEY, “A basic distributed fuzzing framework for foe,” [線上]. Available: https://blogs.adobe.com/security/2012/05/. [17] GODEFROID, P., LEVIN, M. Y., AND MOLNAR, D. Sage, “Whitebox fuzzing for security testing.,” Communications of the ACM 55, pp. 40-44, March 2012. [18] LANGNER, R. Stuxnet, “Dissecting a cyberwarfare weapon,” IEEE Security & Privacy Magazine 9, 3, pp. 49-51, May 2011. [19] David A Molnar, David Wagner, “Catchconv: Symbolic execution and run-time type inference for integer conversion errors,” UC Berkeley EECS, February 2007. [20] “STP,” [線上]. Available: https://github.com/stp/stp. [21] “Pin - A Dynamic Binary Instrumentation Tool,” [線上]. Available: https://software.intel.com/en-us/articles/pin-a-dynamic-binary-instrumentation-tool. [22] Dan Hao, Tao Xie, Lu Zhang, Xiaoyin Wang, Jiasu Sun, Hong Mei, “Test input reduction for result inspection to facilitate fault localization,” Journal Automated software engineering 17, pp. 5-31, March 2010. [23] Maverick Woo, Sang Kil Cha, Samantha Gottlieb, David Brumley, “Scheduling black-box mutational fuzzing,” ACM, pp. 511-522, November 2013. [24] Shih-Kun Huang,Min-Hsiang Huang,Po-Yen Huang,Chung-Wei La,Han-Lin Lu,Wai-Meng Leong, “CRAX: Software Crash Analysis for Automatic Exploit,” Software Security and Reliability (SERE), 2012 IEEE Sixth International Conference on, pp. 78 - 87, 20-22 June 2012. [25] “S2E - A Platform for In-Vivo Multi-Path Software Analysis,” [線上]. Available: https://github.com/dslab-epfl/s2e & https://s2e.epfl.ch.
|