; ---------------------------------------------------------------------
; Submit by logging into grace.umd.edu and using the following command:
; 	submit 2014 fall enee 757 0101 12 my_file.bib
; ---------------------------------------------------------------------



; Required Readings

@INPROCEEDINGS{ Brumley08,
  title =	 {Automatic Patch-Based Exploit Generation is
                  Possible: Techniques and Implications},
  author =	 {David Brumley and Pongsin Poosankam and Dawn
                  Xiaodong Song and Jiang Zheng},
  booktitle =	 {IEEE Symposium on Security and Privacy},
  bibsource =	 {DBLP, http://dblp.uni-trier.de},
  abstract =	 {The automatic patch-based exploit generation problem
                  is: given a program P and a patched version of the
                  program P, automatically generate an exploit for the
                  potentially unknown vulnerability present in P but
                  fixed in P. In this paper, we propose techniques for
                  automatic patch-based exploit generation, and show
                  that our techniques can automatically generate
                  exploits for 5 Microsoft programs based upon patches
                  provided via Windows Update. Although our techniques
                  may not work in all cases, a fundamental tenant of
                  security is to conservatively estimate the
                  capabilities of attackers. Thus, our results
                  indicate that automatic patch-based exploit
                  generation should be considered practical. One
                  important security implication of our results is
                  that current patch distribution schemes which
                  stagger patch distribution over long time periods,
                  such as Windows Update, may allow attackers who
                  receive the patch first to compromise the
                  significant fraction of vulnerable hosts who have
                  not yet received the patch.},
  year =	 {2008},
  pages =	 {143-157},
  crossref =	 {DBLP:conf/sp/2008},
  studentfirstname ="",
  studentlastname ="",
  summary =	 "",
  contribution1 ="",
  contribution2 ="",
  contribution3 ="",
  contribution4 ="",
  contribution5 ="",
  weakness1 =	 "",
  weakness2 =	 "",
  weakness3 =	 "",
  weakness4 =	 "",
  weakness5 =	 "",
  interesting =	 "high/med/low",
  opinions =	 "",
}


; BibTex cross-references (don't add anything here)

@PROCEEDINGS{ DBLP:conf/sp/2008,
  title =	 {2008 IEEE Symposium on Security and Privacy (S{\&}P
                  2008), 18-21 May 2008, Oakland, California, USA},
  booktitle =	 {IEEE Symposium on Security and Privacy},
  bibsource =	 {DBLP, http://dblp.uni-trier.de},
  publisher =	 {IEEE Computer Society},
  year =	 {2008},
}