[1]Chen G, Jin H, Zou D, et al. Safestack:Automatically patching stackbased buffer overflow vulnerabilities[J].IEEE Transactions on Dependable and Secure Computing,2013,10(6):368379.
[2]Varma P D,Radha V.Prevention of buffer overflow attacks using advanced stackguard[C]∥Proc of the 2010 International Conference on Advances in Communication,Network,and Computing, 2010:357359.
[3]Wilander J, Kamkar M. A comparison of publicly available tools for dynamic buffer overflow prevention[C]∥Proc of NDSS,2003:149162.
[4]Gisbert H M,Ripoll I.On the effectiveness of NX,SSP,RenewSSP,and ASLR against stack buffer overflows[C]∥Proc of 2014 IEEE 13th International Symposium on Network Computing and Applications (NCA),2014:145152.
[5]Limbandit K,TengAmnuay Y.Misuse for security hardening assessment in application software deployment[J].International Journal of Future Computer and Communication,2012,1(2):147150.
[6]Hund R,Willems C,Holz T.Practical timing side channel attacks against kernel space ASLR[C]∥Proc of 2013 IEEE Symposium on Security and Privacy (SP),2013:191205.
[7]Vermeulen S. SELinux Cookbook[M].Birmingham, UK:Packt Publishing Ltd,2014.
[8]Li Xiaoqi,,Liu Qixu,Zhang Yuqing.Automatically exploiting system of kernel privilege escalation vulnerabilities based on imitating attack[J].Journal of University of Chinese Academy of Sciences,2015,32(3):384390.(in Chinese)
[9]Ni Tao, Ye Xing. Privilege escalation technology of kernel vulnerabilities in write what where mode[J].Journel of Information Engineering University,2014,15(2):232236.(in Chinese)
[10]George V, Piazza T, Jiang H. Technology Insight:Intel next generation microarchitecture codename Ivy Bridge[C]∥Intel Developer Forum, 2011:1.
[11]Perla E,Oldani M.A guide to kernel exploitation:Attacking the core[M].New York:Elsevier,2010.
[12]Kurmus A,Dech S,Tu B.Quantifiable runtime kernel attack surface reduction[C]∥Proc of the 11th International Conference on Detection of Instrusions and Malware, and Vulnerability Assessment,2014:212234.
[13]Xin Zhi, Chen Huiyu, Han Hao, et al. Kernel rootket defense based on automatic data structure randomization[J].Chinese Journal of Computers,2014,(5):11001110.(in Chinese)
[14]Vulnerability summary for CVE20132094 [DB/OL].[20130514].https:∥web.nvd.nist.gov/view/vuln/detail?vulnId=CVE20132094.
附中文参考文献:
[8]李晓琦,刘奇旭,张玉清.基于模拟攻击的内核提权漏洞自动利用系统[J].中国科学院大学学报,2015,32(3):384390.
[9]倪涛,叶星.写任意内存模式内核漏洞提权利用技术研究[J].信息工程大学学报,2014,15(2):232236.
[13]辛知,陈惠宇,韩浩,等.基于结构体随机化的内核Rootkit防御技术[J].计算机学报,2014,(5):11001110.