Entry Wang:2008:FBB from tissec.bib
Last update: Sun Oct 15 02:58:48 MDT 2017
Top |
Symbols |
Numbers |
Math |
A |
B |
C |
D |
E |
F |
G |
H |
I |
J |
K |
L |
M |
N |
O |
P |
Q |
R |
S |
T |
U |
V |
W |
X |
Y |
Z
BibTeX entry
@Article{Wang:2008:FBB,
author = "Xiaofeng Wang and Zhuowei Li and Jong Youl Choi and
Jun Xu and Michael K. Reiter and Chongkyung Kil",
title = "Fast and Black-box Exploit Detection and Signature
Generation for Commodity Software",
journal = j-TISSEC,
volume = "12",
number = "2",
pages = "11:1--11:??",
month = dec,
year = "2008",
CODEN = "ATISBQ",
DOI = "https://doi.org/10.1145/1455518.1455523",
ISSN = "1094-9224 (print), 1557-7406 (electronic)",
ISSN-L = "1094-9224",
bibdate = "Tue Dec 23 11:58:14 MST 2008",
bibsource = "http://portal.acm.org/;
http://www.math.utah.edu/pub/tex/bib/tissec.bib",
abstract = "In biology, a {\em vaccine\/} is a weakened strain of
a virus or bacterium that is intentionally injected
into the body for the purpose of stimulating antibody
production. Inspired by this idea, we propose a {\em
packet vaccine\/} mechanism that randomizes
address-like strings in packet payloads to carry out
fast exploit detection and signature generation. An
exploit with a randomized jump address behaves like a
vaccine: it will likely cause an exception in a
vulnerable program's process when attempting to hijack
the control flow, and thereby expose itself. Taking
that exploit as a template, our signature generator
creates a set of new vaccines to probe the program in
an attempt to uncover the necessary conditions for the
exploit to happen. A signature is built upon these
conditions to shield the underlying vulnerability from
further attacks. In this way, packet vaccine detects
exploits and generates signatures in a black-box
fashion, that is, not relying on the knowledge of a
vulnerable program's source and binary code. Therefore,
it even works on the commodity software obfuscated for
the purpose of copyright protection. In addition, since
our approach avoids the expense of tracking the
program's execution flow, it performs almost as fast as
a normal run of the program and is capable of
generating a signature of high quality within seconds
or even subseconds. We present the design of the packet
vaccine mechanism and an example of its application. We
also describe our proof-of-concept implementation and
the evaluation of our technique using real exploits.",
acknowledgement = ack-nhfb,
articleno = "11",
fjournal = "ACM Transactions on Information and System Security",
journal-URL = "http://portal.acm.org/browse_dl.cfm?idx=J789",
keywords = "black-box defense; exploit detection; signature
generation; vaccine injection; worm",
}
Related entries
- addition,
2(1)3,
2(2)177,
2(3)230,
9(2)181,
10(4)1,
10(4)2,
11(3)15,
12(3)16,
12(3)18,
13(3)27,
13(4)35,
13(4)40,
15(1)4,
17(3)12,
18(3)11
- address,
2(1)65,
2(4)390,
10(2)8,
10(3)12,
11(1)4,
11(2)3,
11(3)12,
13(3)22,
13(3)26,
13(4)31,
13(4)38,
13(4)40,
14(1)3,
15(1)2,
15(2)6,
15(2)8,
16(3)11,
16(4)14,
17(1)1,
17(1)2,
17(1)4,
17(2)8,
17(3)11
- almost,
9(4)461,
11(4)21,
13(1)10,
14(1)14
- application,
1(1)66,
2(2)159,
2(2)177,
2(4)354,
4(2)103,
7(1)1,
7(1)97,
8(3)287,
9(1)1,
9(1)94,
10(1)2,
10(2)6,
10(4)3,
11(1)2,
11(1)3,
11(3)14,
11(3)16,
11(4)22,
12(1)2,
12(1)3,
12(3)14,
12(4)21,
13(1)4,
13(1)10,
13(2)17,
13(3)22,
13(3)26,
13(4)38,
13(4)39,
14(1)2,
14(1)3,
14(1)6,
14(1)8,
14(1)9,
14(2)19,
14(3)27,
15(1)2,
15(1)4,
16(1)1,
16(1)2,
16(2)6,
16(3)9,
16(4)13,
16(4)17,
17(2)5,
17(4)13,
18(3)10,
18(4)12
- approach,
1(1)3,
1(1)26,
2(1)34,
2(2)138,
2(3)269,
2(3)295,
5(2)119,
5(3)203,
6(1)128,
7(3)392,
9(4)391,
9(4)421,
10(1)2,
10(1)4,
10(3)11,
10(3)12,
10(4)4,
11(1)3,
11(3)15,
11(3)16,
11(4)17,
11(4)19,
12(1)1,
12(1)4,
12(3)14,
13(3)20,
13(3)24,
13(4)31,
13(4)35,
13(4)36,
14(1)8,
14(3)23,
14(4)29,
15(1)4,
15(3)12,
15(3)13,
15(4)15,
15(4)17,
15(4)18,
16(2)5,
16(2)7,
16(2)8,
16(4)15,
16(4)16,
17(3)12,
17(4)14,
18(2)5,
18(2)7,
18(3)11
- attempt,
11(4)19,
12(1)5,
12(2)12,
12(4)22,
13(4)41,
14(3)27,
15(3)12,
17(4)16,
18(3)9
- attempting,
12(3)19,
18(2)6
- avoid,
11(4)20,
12(3)16,
12(3)17
- behave,
10(4)6,
12(3)19,
18(3)9,
18(4)14
- binary,
13(1)10,
14(1)6,
15(1)4,
18(1)4
- black-box,
15(3)14
- body,
10(3)10,
14(1)14
- box, black-,
15(3)14
- built,
13(4)30,
16(3)9,
18(1)1
- capable,
14(4)29,
17(2)7,
17(4)14
- carry,
2(3)230,
2(4)416,
10(3)12
- cause,
6(4)443,
12(2)10,
12(2)12,
12(4)20,
14(1)2,
14(1)13,
17(1)2,
18(4)14
- code,
5(3)238,
6(2)258,
11(4)23,
12(2)10,
12(3)14,
12(3)19,
13(1)10,
13(2)17,
13(3)21,
15(1)2,
15(1)3,
15(2)10,
16(1)1,
16(2)6,
16(2)7,
16(3)9,
18(4)12
- commodity,
16(2)6,
17(2)8
- concept, proof-of-,
11(1)3,
17(1)1
- condition,
1(1)26,
2(3)295,
10(4)1,
11(1)3,
11(2)2,
11(4)21,
13(3)26,
16(1)3,
17(1)2,
18(1)2,
18(2)5,
18(2)6
- create,
12(2)12,
14(1)9,
18(1)1,
18(2)5,
18(4)13
- defense,
2(3)230,
11(2)3,
14(1)7,
14(3)24,
14(3)27,
14(4)31,
15(2)6,
15(4)16,
16(4)13,
17(2)8,
17(3)11
- describe,
1(1)66,
2(1)3,
2(1)34,
2(1)105,
2(2)159,
2(2)177,
2(3)230,
2(4)354,
2(4)390,
7(2)319,
10(4)3,
11(4)21,
12(1)1,
12(3)16,
12(4)21,
13(4)30,
13(4)34,
14(3)24,
14(3)27,
15(3)11,
15(3)13,
16(3)10,
16(3)12,
16(4)14,
17(2)5,
18(2)8
- design,
1(1)66,
2(1)34,
2(1)105,
2(2)138,
2(3)269,
2(4)390,
2(4)416,
10(2)7,
10(3)11,
10(4)1,
11(1)2,
11(2)1,
11(4)18,
11(4)23,
12(1)3,
12(2)8,
12(3)17,
12(4)20,
12(4)22,
13(1)10,
13(4)29,
13(4)32,
14(1)8,
14(3)24,
15(3)13,
16(2)5,
16(2)6,
16(2)8,
16(4)16,
17(1)4,
17(2)7,
17(2)8,
17(4)13,
18(1)1,
18(1)3,
18(4)12
- detect,
2(3)295,
10(4)6,
11(3)14,
11(3)15,
12(2)10,
12(2)13,
12(3)19,
14(1)13,
15(2)6,
16(2)5,
16(4)14,
17(4)16,
18(2)7,
18(3)9
- detection,
2(2)159,
2(3)295,
3(1)1,
3(3)186,
3(4)227,
3(4)262,
4(4)407,
5(3)203,
6(2)173,
6(4)443,
7(4)591,
9(1)61,
10(1)4,
11(2)2,
11(3)12,
11(3)15,
11(4)19,
11(4)20,
12(2)12,
12(2)13,
12(4)22,
13(2)12,
13(4)30,
14(1)13,
14(3)27,
15(2)6,
15(3)11,
15(4)17,
17(4)13,
17(4)15,
18(1)2,
18(2)7,
18(3)9
- evaluation,
2(3)295,
3(4)262,
10(1)3,
11(1)3,
11(4)20,
11(4)22,
12(2)8,
12(4)20,
13(2)14,
13(3)24,
13(3)25,
16(1)1,
16(1)2,
16(3)9,
16(4)13,
16(4)17,
17(4)14,
18(1)1
- even,
1(1)66,
2(3)332,
2(4)416,
10(1)2,
11(1)4,
11(2)6,
11(4)22,
12(4)20,
13(1)10,
13(4)30,
13(4)35,
13(4)41,
14(3)25,
14(3)27,
15(1)5,
16(3)12,
17(3)11,
17(3)12,
18(1)1
- example,
10(4)5,
12(1)1,
12(3)19,
12(4)20,
13(3)20,
13(4)30,
13(4)35,
13(4)39,
13(4)40,
15(2)10,
16(1)3,
16(2)5,
16(3)10,
17(1)2,
17(1)4,
18(1)1,
18(2)8,
18(4)13
- exception,
1(1)26
- execution,
1(1)26,
10(4)3,
12(2)10,
12(3)14,
14(1)6,
14(2)15,
14(4)32,
15(1)2,
15(2)10,
15(3)13,
16(1)3,
16(2)6,
16(2)7,
18(1)2,
18(1)4
- expense,
12(3)18,
16(3)9
- exploit,
2(4)416,
12(1)1,
12(4)22,
13(3)28,
15(1)2,
16(4)13,
17(1)1,
17(3)11
- expose,
14(1)13
- fashion,
12(1)6,
13(4)37
- fast,
7(2)242,
10(3)9,
17(3)10,
18(1)2
- flow,
1(1)26,
1(1)93,
10(2)7,
12(1)5,
13(3)26,
14(3)24,
15(1)2,
16(1)1,
16(2)6,
18(2)8
- further,
2(1)105,
2(3)230,
2(4)354,
10(2)8,
10(3)12,
11(1)2,
11(3)15,
11(4)21,
13(3)25,
13(3)27,
13(4)29,
13(4)30,
14(3)27,
15(2)7,
16(4)16,
16(4)17
- generate,
2(4)390,
10(2)5,
10(4)2,
11(4)18,
12(2)10,
13(3)24,
14(1)6,
14(1)12,
16(2)7,
16(2)8,
18(3)9
- generating,
12(2)10,
13(1)10,
18(3)9
- generation,
11(4)18,
11(4)22,
12(2)10,
12(4)21
- generator,
13(1)10,
14(1)11,
14(1)13
- high,
1(1)3,
11(3)13,
11(3)15,
11(4)18,
11(4)20,
14(4)31,
15(2)7,
15(3)12,
16(2)6,
16(2)8,
16(3)11,
17(1)1,
17(3)11,
17(4)16,
18(2)7,
18(4)12
- idea,
1(1)93,
10(3)9,
12(1)2,
14(1)4,
15(1)4,
16(1)1,
16(2)7
- implementation,
1(1)3,
1(1)26,
1(1)66,
2(1)34,
2(2)177,
2(4)390,
2(4)416,
7(2)319,
11(1)2,
11(1)3,
11(1)4,
11(3)16,
11(4)18,
11(4)22,
12(1)1,
12(2)10,
12(3)14,
12(4)22,
13(1)4,
13(3)26,
13(3)27,
14(1)3,
15(1)3,
15(2)8,
15(3)13,
15(4)16,
16(1)1,
16(1)2,
16(3)9,
16(3)10,
16(3)11,
16(4)13,
17(2)5,
17(2)8,
18(1)2,
18(1)3,
18(1)4
- injected,
14(1)13
- injection,
13(2)14,
14(1)13,
16(1)1,
16(4)13,
17(4)16
- intentionally,
11(3)15,
13(3)21
- itself,
2(1)105,
17(3)12
- knowledge,
10(3)12,
11(2)2,
11(3)15,
12(1)3,
12(1)4,
13(4)35,
15(3)14,
17(1)2,
17(3)9,
18(4)12
- like,
2(2)159,
10(4)3,
11(2)6,
12(2)8,
13(3)24,
17(3)11
- likely,
1(1)66,
13(3)25,
14(1)2,
15(3)14,
15(4)15,
16(2)8,
17(2)8
- mechanism,
2(2)177,
3(1)51,
10(2)8,
10(4)4,
10(4)6,
11(2)5,
11(3)12,
11(3)16,
12(1)4,
12(2)9,
12(2)13,
12(3)15,
12(3)19,
12(4)22,
13(3)21,
13(3)24,
13(3)25,
13(3)28,
13(4)29,
14(1)3,
14(1)11,
14(3)24,
14(3)27,
15(1)5,
15(2)6,
15(2)10,
16(1)3,
16(2)5,
16(3)12,
17(1)3,
17(2)5,
17(3)10,
18(4)14
- necessary,
2(2)177,
2(4)416,
10(2)5,
11(3)16,
12(3)16,
12(4)20,
14(1)13,
16(1)3
- new,
1(1)3,
1(1)93,
2(1)105,
2(2)138,
2(3)295,
9(2)181,
9(4)461,
10(1)3,
10(2)6,
10(4)6,
11(4)17,
12(1)2,
12(1)3,
12(3)14,
12(3)15,
12(3)16,
12(4)21,
12(4)22,
13(2)15,
13(4)29,
13(4)34,
14(1)4,
14(1)5,
14(1)6,
14(1)13,
14(3)23,
14(3)27,
14(4)30,
15(1)3,
15(2)7,
15(2)9,
15(2)10,
15(3)12,
15(4)15,
16(2)5,
16(2)7,
16(3)12,
16(4)16,
16(4)17,
17(1)4,
17(2)7,
17(3)10,
17(4)15,
18(1)1,
18(1)2,
18(3)10,
18(3)11
- normal,
11(4)18,
11(4)23
- not,
1(1)26,
2(1)65,
2(2)177,
2(3)230,
2(3)269,
2(4)390,
9(4)421,
10(1)3,
10(4)2,
11(1)3,
11(1)4,
11(2)2,
11(2)4,
11(2)5,
11(3)12,
11(3)13,
11(3)15,
11(3)16,
11(4)19,
11(4)20,
11(4)22,
12(1)1,
12(1)2,
12(1)3,
12(1)6,
12(2)10,
12(2)13,
12(3)14,
12(4)22,
13(1)10,
13(3)28,
13(4)33,
13(4)35,
13(4)36,
13(4)37,
13(4)39,
13(4)40,
14(3)23,
14(3)27,
14(4)28,
14(4)29,
14(4)31,
15(2)6,
15(2)9,
15(2)10,
15(3)12,
15(3)13,
16(1)1,
16(2)5,
16(2)6,
16(3)9,
16(3)12,
16(4)13,
16(4)15,
16(4)16,
17(1)2,
17(3)10,
17(4)15,
18(1)1,
18(3)9,
18(4)13
- obfuscated,
15(3)12,
18(1)1
- of-concept, proof-,
17(1)1
- packet,
2(3)269,
7(2)319,
11(2)2,
11(3)15,
12(2)10,
12(2)13,
12(4)22,
13(4)35,
14(1)5,
14(1)7,
15(2)6,
15(4)16
- payload,
11(2)2,
13(2)15
- perform,
2(2)177,
2(3)269,
9(4)461,
13(4)40,
15(2)6,
15(2)10,
15(3)14,
15(4)17,
16(1)4,
16(2)8,
17(2)6
- present,
1(1)26,
2(1)3,
2(1)65,
2(2)177,
2(3)230,
2(3)269,
2(3)295,
2(4)354,
7(2)319,
9(2)181,
9(4)461,
10(1)2,
10(2)7,
10(3)10,
10(3)11,
10(3)12,
10(4)2,
10(4)3,
11(1)2,
11(1)4,
11(2)2,
11(2)5,
11(3)14,
11(4)22,
12(1)2,
12(1)4,
12(2)10,
12(3)14,
12(3)15,
12(3)16,
12(3)17,
12(4)22,
13(1)10,
13(3)20,
13(3)22,
13(3)25,
13(3)28,
13(4)29,
13(4)41,
14(1)4,
14(1)5,
14(1)6,
15(1)2,
15(2)6,
15(2)8,
15(2)10,
15(3)12,
15(3)13,
15(4)16,
15(4)18,
16(2)6,
16(2)7,
16(4)13,
16(4)14,
17(1)4,
17(2)6,
17(2)7,
17(2)8,
17(3)9,
17(3)12,
17(4)14,
17(4)15,
17(4)16,
18(1)3,
18(1)4,
18(2)7,
18(3)9,
18(3)10,
18(3)11,
18(4)12,
18(4)14
- process,
1(1)26,
2(1)65,
9(4)421,
10(3)9,
10(4)4,
11(1)2,
11(1)4,
11(4)18,
11(4)20,
12(3)14,
13(1)10,
13(3)25,
13(4)36,
15(3)13,
16(2)5,
16(2)7,
17(2)6,
17(4)14,
18(1)3
- program,
2(1)65,
2(3)332,
11(3)14,
12(1)1,
12(2)10,
12(3)16,
12(3)19,
13(3)21,
14(3)24,
15(1)2,
15(2)10,
16(2)7,
17(1)2,
17(3)11,
18(1)4
- proof-of-concept,
11(1)3,
17(1)1
- propose,
1(1)26,
2(1)65,
2(2)138,
2(3)269,
9(2)162,
9(4)391,
9(4)421,
10(1)3,
10(1)4,
10(3)12,
10(4)1,
10(4)3,
10(4)4,
10(4)6,
11(1)3,
11(1)4,
11(3)12,
11(3)15,
11(4)18,
11(4)19,
11(4)23,
12(1)4,
12(2)8,
12(2)13,
12(3)18,
13(3)28,
13(4)32,
13(4)36,
13(4)40,
13(4)41,
14(1)5,
14(1)10,
14(1)11,
14(3)24,
14(3)26,
14(4)30,
15(2)7,
15(4)17,
16(1)2,
16(4)15,
16(4)16,
17(1)1,
17(3)10,
17(3)11,
17(3)12,
17(4)13,
17(4)14,
18(1)2,
18(2)7
- protection,
1(1)3,
1(1)26,
1(1)66,
1(1)93,
2(1)3,
2(1)34,
2(1)105,
2(2)138,
2(2)177,
2(3)230,
2(3)295,
2(4)354,
2(4)390,
10(1)3,
10(3)9,
11(4)20,
12(2)9,
13(3)22,
14(3)24,
15(1)2,
15(2)8,
16(2)6
- purpose,
10(3)9,
10(4)4,
11(4)20,
13(3)22,
13(3)24,
14(1)14,
16(3)10,
16(4)17,
17(1)3,
17(3)12,
18(1)1
- quality,
2(3)269,
2(3)295,
11(4)17,
15(2)7,
18(1)1
- randomized,
8(1)3
- real,
10(1)2,
10(4)1,
10(4)4,
11(2)3,
11(3)16,
11(4)17,
12(2)10,
12(2)13,
13(4)30,
14(4)30,
16(3)10,
16(4)14,
16(4)17,
17(4)16,
18(1)3,
18(3)9,
18(4)12
- Reiter, Michael K.,
1(1)66,
2(2)138,
4(4)453,
14(1)2,
14(1)13,
14(4)32,
15(2)9,
17(2)8
- relying,
9(4)421,
10(2)8,
12(3)16,
13(4)39
- run,
2(2)177,
12(2)10,
12(3)14,
12(3)19,
13(1)10,
14(1)8,
14(4)31,
18(1)1
- second,
9(2)181,
9(4)461,
11(2)3,
11(2)6,
11(4)22,
12(1)3,
12(1)5,
13(4)31,
13(4)37,
16(3)9,
16(3)10,
16(3)12,
17(3)10,
18(3)9
- set,
2(1)34,
2(2)138,
2(4)390,
8(1)3,
9(4)421,
10(2)5,
10(3)12,
10(4)2,
10(4)3,
10(4)5,
11(2)1,
11(2)3,
11(3)13,
11(4)18,
11(4)21,
12(3)18,
12(3)19,
12(4)20,
12(4)21,
13(1)9,
13(1)10,
13(3)27,
13(4)40,
14(1)12,
14(3)25,
14(4)31,
15(1)2,
15(2)7,
15(2)10,
15(3)13,
15(4)15,
16(1)4,
17(1)2,
17(2)8,
17(3)11,
17(4)13,
17(4)14,
18(1)4,
18(3)10,
18(3)11
- signature,
3(3)161,
7(1)1,
12(1)3,
12(3)15,
13(4)37,
14(1)4,
14(1)5,
15(2)9,
17(3)10
- since,
2(2)177,
11(4)17,
13(1)10,
13(3)22,
13(4)35,
13(4)37,
13(4)39,
15(2)6,
15(2)10,
17(2)6
- software,
1(1)3,
2(1)3,
2(1)34,
2(1)105,
2(2)138,
2(2)177,
2(3)295,
2(4)354,
3(1)51,
11(1)2,
12(2)12,
12(3)14,
12(3)19,
14(1)8,
14(3)24,
14(4)32,
15(2)8,
17(1)1,
17(3)11
- source,
1(1)66,
5(3)238,
12(2)13,
13(1)8,
13(3)21,
14(1)8,
14(3)23,
14(3)25,
15(2)6,
15(3)13,
18(4)12
- string,
9(2)181,
16(2)8
- taking,
13(3)24,
16(2)5
- technique,
1(1)3,
2(2)138,
2(3)230,
2(3)295,
2(4)416,
7(2)274,
9(4)391,
9(4)461,
10(2)6,
10(3)9,
10(4)6,
11(2)2,
11(3)12,
11(3)16,
11(4)17,
11(4)18,
11(4)22,
12(1)4,
12(2)13,
12(3)16,
12(3)18,
13(3)22,
13(3)25,
13(3)28,
13(4)32,
13(4)33,
13(4)35,
13(4)36,
13(4)39,
14(1)3,
14(1)5,
14(1)6,
14(1)13,
14(3)24,
14(4)32,
15(1)2,
15(1)5,
15(2)7,
15(2)8,
15(3)12,
15(4)17,
15(4)18,
16(1)2,
16(2)6,
16(2)7,
16(3)11,
16(4)13,
16(4)14,
17(3)9,
17(3)12,
17(4)16,
18(1)2,
18(2)6,
18(3)11
- thereby,
2(1)105,
9(4)391,
11(1)2,
14(1)3,
14(1)14,
17(3)10
- therefore,
2(2)177,
10(4)4,
11(4)19,
13(1)10,
13(3)28,
14(3)24,
15(1)5,
15(4)16,
17(1)3
- tracking,
2(4)354,
15(2)7,
15(4)17
- uncover,
17(2)7
- underlying,
12(3)14,
13(3)22,
13(3)25,
13(4)35,
14(1)4,
14(1)6,
16(4)17
- upon,
2(2)177,
11(2)4,
11(4)20,
12(2)8,
12(2)9,
12(4)20,
13(4)39,
15(1)4,
18(3)10
- using,
2(2)138,
2(2)177,
2(3)332,
4(3)289,
6(2)258,
6(3)327,
9(2)113,
9(2)162,
9(2)181,
9(3)292,
9(3)325,
9(4)461,
10(1)4,
10(2)8,
10(3)11,
10(4)3,
10(4)6,
11(1)2,
11(2)1,
11(2)2,
11(2)3,
11(3)14,
11(4)19,
11(4)21,
12(2)10,
13(1)2,
13(1)8,
13(3)20,
13(3)26,
13(4)31,
13(4)35,
13(4)39,
14(1)3,
14(1)12,
14(1)14,
14(3)27,
15(1)2,
15(3)11,
15(3)12,
15(4)15,
15(4)17,
16(1)1,
16(1)2,
16(1)4,
16(2)5,
16(2)6,
16(3)10,
16(4)17,
17(1)1,
17(2)5,
17(3)10,
17(3)11,
17(4)13,
17(4)14,
17(4)16,
18(2)7,
18(2)8,
18(3)10,
18(3)11,
18(4)14
- virus,
10(4)1
- vulnerability,
2(4)416,
7(2)319,
13(4)38,
14(1)7,
14(1)13,
17(1)1,
17(3)11
- vulnerable,
10(3)11,
10(4)5,
10(4)6,
11(3)15,
11(4)22,
13(1)10,
13(3)25,
14(3)24,
14(3)27,
15(4)16,
16(4)13,
17(1)4
- Wang, Xiaofeng,
13(2)18
- way,
2(1)3,
2(1)65,
2(3)230,
2(3)269,
2(4)416,
9(4)461,
10(4)3,
10(4)4,
11(1)2,
11(3)13,
12(1)5,
12(2)8,
12(3)14,
13(1)10,
13(3)22,
13(3)28,
13(4)34,
15(2)10,
15(4)15,
16(3)10,
16(3)11,
16(4)17,
17(2)6
- when,
2(3)295,
10(2)7,
10(3)12,
10(4)4,
10(4)6,
11(2)3,
11(2)6,
11(3)15,
11(3)16,
11(4)17,
11(4)18,
12(2)10,
12(4)20,
12(4)22,
13(1)10,
13(3)27,
13(4)32,
13(4)34,
13(4)35,
13(4)37,
15(2)6,
15(2)9,
15(2)10,
15(3)14,
16(1)3,
16(2)8,
17(3)9,
17(4)13,
18(3)9,
18(4)12
- will,
1(1)93,
2(2)159,
2(3)269,
10(4)1,
11(3)12,
11(4)20,
12(1)3,
12(2)10
- work,
2(2)138,
2(3)269,
2(4)416,
10(3)10,
10(4)6,
11(2)2,
11(2)3,
11(3)15,
11(4)17,
11(4)19,
12(2)10,
12(2)12,
12(3)16,
12(3)17,
12(3)18,
13(3)25,
13(4)38,
14(1)2,
14(1)14,
15(2)7,
15(2)10,
15(3)12,
15(4)15,
15(4)17,
16(1)3,
16(1)4,
16(2)8,
16(3)10,
16(3)11,
16(4)13,
16(4)15,
17(3)12,
18(2)6,
18(4)13
- worm,
12(2)12
- Xu, Jun,
2(3)269