|
| This Article | ||
| ||
| Share | ||
| Bibliographic References | ||
| Add to: | ||
 Digg  Furl  Spurl  Blink  Simpy  Google  Del.icio.us  Y!MyWeb | ||
| Search | ||
| ||
| ASCII Text | x | ||
| Thomas F. Bowen, Mark E. Segal, "Remediation of Application-Specific Security Vulnerabilities at Runtime," IEEE Software, vol. 17, no. 5, pp. 59-67, September/October, 2000. | |||
| BibTex | x | ||
| @article{ 10.1109/52.877867, author = {Thomas F. Bowen and Mark E. Segal}, title = {Remediation of Application-Specific Security Vulnerabilities at Runtime}, journal ={IEEE Software}, volume = {17}, number = {5}, issn = {0740-7459}, year = {2000}, pages = {59-67}, doi = {http://doi.ieeecomputersociety.org/10.1109/52.877867}, publisher = {IEEE Computer Society}, address = {Los Alamitos, CA, USA}, } | |||
| RefWorks Procite/RefMan/Endnote | x | ||
| TY - MGZN JO - IEEE Software TI - Remediation of Application-Specific Security Vulnerabilities at Runtime IS - 5 SN - 0740-7459 SP59 EP67 EPD - 59-67 A1 - Thomas F. Bowen, A1 - Mark E. Segal, PY - 2000 VL - 17 JA - IEEE Software ER - | |||
1. S. Nitzberg, "Conflict and the Computer: Information Warfare and Related Ethical Issues," Proc. 21st Nat'l Information System Security Conf., Nat'l Computer Security Center,Fort Meade, Md., pp. 126-135.
2. G. McGraw and E. Felten, Securing Java, John Wiley&Sons, New York, 1998.
3. Aleph One, "Smashing the Stack for Fun and Profit," Phrack Online, Vol. 7, No. 49, Nov.9 1996; www.phrack.com(current Sept. 2000).
4. E. Spafford, "The Internet Worm Program: Analysis," Computer Comm. Review, Vol. 19, No. 1, Jan. 1989.
5. CERT/CC Advisories 1988-2000, Carnegie Mellon Software Eng. Inst.; www.cert.orgadvisories(current Sept. 2000).
6. M. Bishop and M. Dilger, "Checking for Race Conditions in File Accesses," Computing Systems, Vol. 9, No. 2, Spring 1996, pp. 131-152.
7. T.A. Linden, Operating System Structures to Support Security and Reliable Software, Tech. Report NBS 919, Inst. for Computer Sciences and Technology, Nat'l Bureau of Standards, US Dept. of Commerce, Washington, D.C., 1976.
8. C. Cowan et al., "StackGuard: Automatic Adaptive Detection and Prevention of Buffer-Overflow Attacks," Proc. Seventh USENIX Security Symp., USENIX, Berkeley, Calif., 1998, pp. 63-78.
9. R. Sekar, T. Bowen, and M. Segal, "On Preventing Intrusions by Process Behavior Monitoring," Proc. Workshop on Intrusion Detection and Network Monitoring Proceedings,Berkeley, Calif., USENIX, 1999, pp. 29-40.
10. G.H. Kim and E.H. Spafford, "Experiences with Tripwire: Using Integrity Checkers for Intrusion Detection," Proc. Systems Administration, Networking, and Security Conf. III, USENIX, Berkeley, Calif., 1994, pp. 89-101.
11. M. Russinovich and Z. Segall, "Fault-Tolerance for Off-the-Shelf Applications and Hardware," Proc. 25th Int'l Symp. Fault-Tolerant Computing, pp. 67-71,Pasadena, Calif., June 1995.
12. T. Mitchem, R. Lu, and R. O'Brien, "Using Kernel Hypervisors to Secure Applications," Proc. Ann. Computer Security Application Conf., IEEE Computer Soc. Press, Los Alamitos, Calif., 1997, pp. 175-181.
13. eTrust Access Control for UNIX, Computer Associates white paper, Jan. 2000; www.ca.com/solutions/enterprise/etrustwhitepapers.htm (current Sept. 2000).
14. T. Fraser, L. Badger, and M. Feldman, "Hardening COTS Software with Generic Software Wrappers," Proc. 1999 Symp. Security and Privacy, IEEE Computer Soc. Press, Los Alamitos, Calif., 1999, pp. 2-16.
15. S. Forrest, S.A. Hofmeyer, and A. Somayaji, “Computer Immunology,” Comm. ACM, vol. 40, no. 10, pp. 88-96, Oct. 1997.
16. R.M. Balzer and N.M. Goldman, "Mediating Connectors," Proc. 1999 Int'l Conf. Distributed Computing Systems Workshop on Electronic Commerce and Web-Based Applications/Middleware, IEEE Computer Soc. Press, Los Alamitos, Calif., 1999, pp. 73-77.