[1] National Institut e of Standards and Technology. ICAT Metabase. http:PPicat. nist. govP

[2] SANS Inst itute. The tw enty most critical internet security vulnerabilit ies. ht tp:PPwww. sans. orgPtop20P

[3] Cowan C, Wagle P, Pu C, et al. Buffer overflows: attacks and defenses for the vulnerability of the decade. DARPA information survivabilityconference and exposition. DISCEX. 00. Proceedings, 2000, 2: 119~ 129

[4] Conover M. w00w00 Security Team, w00w00 on heap overflows. http:PPwww. w00w00. orgPf ilesParticlesPheaptut. txt

[5] Aleph One. Smashing the stack for fun and profit. Phrack, 1996, 7( 49) ht tp:PPwww. phrack. orgPshow. php? p= 49&a= 14

[6] Wilander J. Security intrusions and intrusion prevention: [Mast er thesis]. Sweden: Linkê pings Universitet,Department of Computer and Informat ionScience. www. ida. liu. seP~ johw iP

[7] Zhang XM. Sel-f manage data buff er memory-deliver code eff iciency, simplicity, portability, and security. http:PPwww-106. ibm. comPdeveloperworksPwebPlibraryPwa-memmng

[8] Robert O. Calife: how to become root w ith one. s own password. http:PPmut t. frmug. orgPcalifeP

[9] National Institut e of Standards and Technology. ICAT Metabase. http:PPicat. nist. govPicat. cfm?cvename= CAN-2004-0188

[10] McGraw G, Viega J. Make your software behave: preventing buffer overflows.http:PPwww900.ibm.comPdeveloperWorksPcnPsecurityPbufferdefendPindexeng. shtml