A Static Method to Discover Deserialization Gadget Chains in Java Programs-Reference-Cited by-同舟云学术

A Static Method to Discover Deserialization Gadget Chains in Java Programs

Published:2022-06-24 Issue: Volume: Page:
ISSN:
Container-title:Proceedings of the 2022 2nd International Conference on Control and Intelligent Robotics
language:
Short-container-title:

Author:

Wu Junjie¹,Zhao Jingling¹,Fu Junsong¹

Affiliation:

1. Beijing University of Posts and Telecommunications, China

Publisher

ACM

Link

https://dl.acm.org/doi/pdf/10.1145/3548608.3559310

Reference16 articles.

1. CVE-2016-4437 [Online] Available: http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-4437 CVE-2016-4437 [Online] Available: http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-4437

2. Ian Haken Automated Discovery of Deserialization Gadget Chains [Online] Available: https://i.blackhat.com/us-18/Thu-August-9/us-18-Haken-Automated-Discovery-of-Deserialization-Gadget-Chain-wp.pdf. Ian Haken Automated Discovery of Deserialization Gadget Chains [Online] Available: https://i.blackhat.com/us-18/Thu-August-9/us-18-Haken-Automated-Discovery-of-Deserialization-Gadget-Chain-wp.pdf.

3. Jang-Wu Jo and Byeong-Mo Chang , "Constructing control flow graph that accounts for exception induced control flows for Java," 7th Korea-Russia International Symposium on Science and Technology , Proceedings KORUS 2003 . (IEEE Cat. No.03EX737) , 2003 , pp. 160 - 165 vol. 2 . Jang-Wu Jo and Byeong-Mo Chang, "Constructing control flow graph that accounts for exception induced control flows for Java," 7th Korea-Russia International Symposium on Science and Technology, Proceedings KORUS 2003. (IEEE Cat. No.03EX737), 2003, pp. 160-165 vol.2.

4. TAJ

5. Efficient character-level taint tracking for Java

Cited by 1 articles. 订阅此论文施引文献订阅此论文施引文献，注册后可以免费订阅5篇论文的施引文献，订阅后可以查看论文全部施引文献

1. Tabby: Automated Gadget Chain Detection for Java Deserialization Vulnerabilities;2023 53rd Annual IEEE/IFIP International Conference on Dependable Systems and Networks (DSN);2023-06