[1] |
段钢 . 加密与解密(第三版)[M]. 北京: 电子工业出版社. 2008.
|
|
DUAN G . Encryption and decryption(Third Edition)[M]. Beijing: Electronic Industry Press. 2008.
|
[2] |
李舟军, 张俊贤, 廖湘科 , 等. 软件安全漏洞检测技术[J]. 计算机学报, 2015,38(4): 717-732.
|
|
LI Z J , ZHANG J X , LIAO X K , et al. Software security vulnerability detection technology[J]. Chinese Journal of Computers. 2015,38(4): 717-732.
|
[3] |
EGELE M , BRUMLEY D , FRATANTONIO Y , et al. An empirical study of cryptographic misuse in android applications[C]// ACM Sigsac Conference on Computer & Communications Security. 2013:73-84.
|
[4] |
SHAO S , DONG G , GUO T , et al. Modelling analysis and au-to-detection of cryptographic misuse in android applications[C]// IEEE International Conference on Dependable,Autonomic and Secure Computing. 2014:75-80.
|
[5] |
LI Y , ZHANG Y , LI J , et al. iCryptoTracer:Dynamic Analysis on Misuse of Cryptography Functions in iOS Applications[C]// Interna-tional Conference on Network and System Security. 2014:349-362.
|
[6] |
MA S , LO D , LI T , et al. CDRep:automatic repair of cryptographic misuses in android applications[C]// ACM on Asia Conference on Computer and Communications Security. 2016:711-722.
|
[7] |
CHATZIKONSTANTINOU A , NTANTOGIAN C , KAROPOU-LOS G , et al. Evaluation of cryptography usage in android applica-tions[C]// Eai International Conference on Bio-Inspired Information and Communications Technologies. 2016:83-90.
|
[8] |
ALMEIDA J B , BARBOSA M , FILLI?TRE J C , et al. CAOVerif:an open-source deductive verification platform for cryptographic software implementations[J]. Science of Computer Programmin, 2014,91(91): 216-333.
|
[9] |
FAHL S , HARBACH M , MUDERS T , et al. Why eve and mallory love Android:an analysis of android SSL (in)security[C]// ACM Confe-rence on Computer and Communications Security. 2012:50-61.
|
[10] |
RIZZO J , DUONG T . Practical padding oracle attacks[C]// Usenix Conference on Offensive Technologies. 2010:1-8.
|
[11] |
BARENGHI A , BREVEGLIERI L , KOREN I , et al. Fault injection attacks on cryptographic devices:theory,practice,and countermeasures[C]// Proceedings of the IEEE. 2012:3056-3076.
|
[12] |
Automated testing of crypto software using differential fuzz-ing[EB/OL]. .
|
[13] |
LAZAR D , CHEN H , WANG X , et al. Why does cryptographic software fail?case study and open problems[C]// Asia-Pacific Workshop. 2014:1-7.
|
[14] |
安天针对勒索蠕虫“魔窟”(WannaCry)的深度分析报告[EB/OL]. .
|
[15] |
NEWSOME J , SONG D . Dynamic taint analysis for automatic detection,analysis,and signature generation of exploits on com-modity software[C]// Conference on NDSS. 2015.
|
[16] |
NETHERCOTE N . Dynamic binary analysis and instrumentation or building tools is easy[D]. Trinity Lane,Cambridge:University of Cambridge. 2004.
|
[17] |
LUK C K , COHN R , MUTH R , et al. Pin:building customized program analysis tools with dynamic instrumentation[J]. ACM Sig-plan Notices, 2005,40(6): 190-200.
|
[18] |
BRUENING D L . Efficient,transparent,and comprehensive run-time code manipulation[C]// Massachusetts Institute of Technolo-gy. 2004.
|
[19] |
NETHERCOTE N , SEWARD J . Valgrind:a framework for heavyweight dynamic binary instrumentation[C]// ACM Sigplan Conference on Pro-gramming Language Design & Implementation. 2007:89-100.
|