WU Yi-lun ZHANG Bo-feng LAI Zhi-quan SU Jin-shu. Software network behavior analysis based on message semantics analysis[J]. Journal of Computer Applications, 2012, 32(01): 25-29.
[1]BETHENCOURT J, SONG D, WATERS B. Analysis-resistant malware [C]// Proceedings of the 15th IEEE Network and Distributed System Security Symposium. San Diego: The Internet Society Press, 2008: 10-13.[2]BELLARD F. QEMU: A fast and portable dynamic translator [C]// Proceedings of the Annual Conference on USENIX Annual Technical Conference. Berkeley: USENIX Press, 2005: 41-46.[3]BAYER U, KRUEGEL C, KIRDA E. TTAnalyze: A tool for analyzing malware [EB/OL]. [2011-03-25]. http://www.iseclab.org/projects/ttanalyze/.[4]BAYER U. ANUBIS [EB/OL]. [2011-03-20]. http://anubis.iseclab.org.[5]李根.基于动态测试用例生成的二进制软件缺陷自动发掘技术研究[D].长沙:国防科学技术大学,2010.[6]SCHWARTZ E J, AVGERINOS T, BRUMLEY D. All you ever wanted to know about dynamic taint analysis and forward symbolic execution (but might have been afraid to ask) [C]// Proceedings of 2010 IEEE Symposium on Security and Privacy. Piscataway: IEEE, 2010: 317-331.[7]SONG D. TEMU [EB/OL]. [2011-04-20]. http://bitblaze.cs.berkeley.edu/temu.html.[8]SONG D, BRUMLEY D, YIN H. BitBlaze: A new approach to computer security via binary analysis [C]// Proceedings of 2008 International Conference on Information Systems Security. Berlin: Springer-Verlag, 2008: 1-25.[9]WANG T, WEI T, GU G. TaintScope: A checksum-aware directed fuzzing tool for automatic software vulnerability detection [C]// Proceedings of 2010 IEEE Symposium on Security and Privacy. Piscataway: IEEE, 2010: 497-512.[10]LIN Z, JIANG X, XU D. Automatic protocol format reverse engineering through context-aware monitored execution [C]// Proceedings of 2008 Network and Distributed System Security Symposium. San Diego: The Internet Society Press, 2008: 1-15.[11]COMPARETTI P M, WONDRACEK G, KRUEGEL C. Prospex: Protocol specification extraction [C]// Proceedings of 2009 IEEE Symposium on Security and Privacy. Piscataway: IEEE, 2009: 110-125.[12]CABALLERO J, YIN H, LIANG Z. Polyglot: Automatic extraction of protocol message format using dynamic binary analysis [C]// Proceedings of the 14th ACM Conference on Computer and Communications Security. New York: ACM Press, 2007: 317-329.