[1] |
NAGARAJU S S , CRAIOVEANU C , FLORIO E , et al. Software vulnerability exploitation trends[R]. 2013.
|
[2] |
吴世忠, 郭涛, 董国伟 , 等. 软件漏洞分析技术进展[J]. 清华大学学报(自然科学版), 2012,52(10): 1309-1319.
|
|
WU S Z , GUO T , DONG G W , et al. Software vulnerability analy-sis: a road map[J]. Journal of Tsinghua University(Science and Technology), 2012,52(10): 1309-1319.
|
[3] |
杨丁宁, 肖晖, 张玉清 , 等. 基于fuzzing的ActiveX控件漏洞挖掘技术研究[J]. 计算机研究与发展, 2012,49(7): 1525-1532.
|
|
YANG D N , XIAO H , ZHANG Y Q , et al. Vulnerability detection in ActiveX controls based on Fuzzing technology[J]. Journal of Computer Research and Development, 2012,49(7): 1525-1532.
|
[4] |
刘奇旭, 温涛, 闻观行 , 等. Flash跨站脚本漏洞挖掘技术研究[J]. 计算机研究与发展 2014,51(7): 1624-1632.
|
|
LIU Q X , WEN T , WEN G X , et al. Detection of XSS vulnerabili-ties in online flash[J]. Journal of Computer Research and Devel-opment, 2014,51(7): 1624-1632.
|
[5] |
REBERT A , CHA S K , AVGERINOS T , et al. Optimizing seed selection for Fuzzing[C]// The 23rd USENIX Security Symposium, San Diego. 2014: 861-875.
|
[6] |
史飞悦, 傅德胜 . 缓冲区溢出漏洞挖掘分析及利用的研究[J]. 计算机科学 2013,40(11): 143-146.
|
|
SHI F Y , FU D S . Research of buffer overflow vulnerability dis-covering analysis and exploiting[J]. Computer Science, 2013,40(11): 143-146.
|
[7] |
乐德广, 章亮, 郑力新 , 等. 面向RTF文件的Word漏洞分析[J]. 华侨大学学报(自然科学版), 2015,36(1): 17-22.
|
|
LE D G , ZHANG L , ZHENG L X , et al Research on word vulner-ability analysis for the RTF file[J]. Journal of Huaqiao University(Natural Science), 2015,36(1): 17-22.
|
[8] |
LEATHERY J . Microsoft office zero day CVE-2015-2424[EB/OL]. .
|
[9] |
LI H F , SUN B . Attacking interoperability: an OLE edition[EB/OL]. .
|
[10] |
MICROSOFT . OLE concepts and requirements overview[EB/OL]. .
|
[11] |
MICROSOFT . The microsoft office visualization tool (OffVis)[EB/OL]. .
|
[12] |
MICROSOFT . Rich text format (RTF) specification version 1.9.1[J]. 2008.
|
[13] |
MICROSOFT . Microsoft security bulletin MS12-060[EB/OL]. .
|
[14] |
MICROSOFT . Microsoft security bulletin MS12-027[EB/OL]. .
|
[15] |
MICROSOFT . Microsoft security bulletin MS13-096[EB/OL]. .
|
[16] |
王明华, 应凌云, 冯登国 . 基于异常控制流识别的漏洞利用攻击检测方法[J]. 通信学报, 2014,35(9): 20-31.
|
|
WANG M H , YING L Y , FENG D G . Exploit detection based on illegal control flow transfers identification[J]. Journal on Communications, 2014,35(9): 20-31.
|
[17] |
HUND R , WILLENS C , HOLZ T . Practical timing side channel attacks against kernel space ASLR[C]// IEEE Symposium on Security and Pri-vacy (SP). Berkeley,c 2013: 191-205.
|
[18] |
BOLDEWIN F . OfficeMalScanner/RTFScan[EB/OL]. .
|
[19] |
BONFA G E . PyOLEScanner[EB/OL]. .
|
[20] |
X-WAYS AG . WinHex hex editor[EB/OL]. .
|
[21] |
MICROSOFT . Debugging tools for windows[EB/OL]. .
|
[22] |
PARKOUR M . Malicious files for signature testing and research[EB/OL]. .
|