{"status":"ok","message-type":"work","message-version":"1.0.0","message":{"indexed":{"date-parts":[[2025,10,27]],"date-time":"2025-10-27T20:29:03Z","timestamp":1761596943651},"publisher-location":"Boston, MA","reference-count":12,"publisher":"Springer US","isbn-type":[{"type":"print","value":"9781475780161"},{"type":"electronic","value":"9781402081439"}],"content-domain":{"domain":[],"crossmark-restriction":false},"short-container-title":[],"published-print":{"date-parts":[[2004]]},"DOI":"10.1007\/1-4020-8143-x_6","type":"book-chapter","created":{"date-parts":[[2005,12,23]],"date-time":"2005-12-23T16:39:43Z","timestamp":1135355983000},"page":"83-99","source":"Crossref","is-referenced-by-count":11,"title":["Formal Reasoning of Various Categories of Widely Exploited Security Vulnerabilities Using Pointer Taintedness Semantics"],"prefix":"10.1007","author":[{"given":"Shuo","family":"Chen","sequence":"first","affiliation":[]},{"given":"Karthik","family":"Pattabiraman","sequence":"additional","affiliation":[]},{"given":"Zbigniew","family":"Kalbarczyk","sequence":"additional","affiliation":[]},{"given":"Ravi K.","family":"Iyer","sequence":"additional","affiliation":[]}],"member":"297","reference":[{"key":"6_CR1","volume-title":"Improving Security Using Extensible Lightweight Static Analysis","author":"D Evans","year":"2002","unstructured":"D. Evans and D. Larochelle. Improving Security Using Extensible Lightweight Static Analysis. In IEEE Software, Jan\/Feb 2002"},{"key":"6_CR2","doi-asserted-by":"publisher","DOI":"10.1109\/SECPRI.2002.1004369","volume-title":"Improving Computer Security Using Extended Static Checking","author":"B Chess","year":"2002","unstructured":"B. Chess. Improving Computer Security Using Extended Static Checking. IEEE Symposium on Security and Privacy 2002"},{"key":"6_CR3","doi-asserted-by":"crossref","DOI":"10.7551\/mitpress\/1188.001.0001","volume-title":"Algebraic Semantics of Imperative Programs","author":"JA Goguen","year":"1996","unstructured":"J. A. Goguen and G. Malcolm. Algebraic Semantics of Imperative Programs. MIT Press, 1996, ISBN 0\u2013262-07172-X"},{"key":"6_CR4","volume-title":"Proc. Rewriting Techniques and Applications","author":"M Clavel","year":"2003","unstructured":"M. Clavel, F. Dur\u00e1n, S. Eker, P. Lincoln, N. Marti-Oliet, J. Meseguer and C. Talcott The Maude 2.0 System. In Proc. Rewriting Techniques and Applications, 2003, 2003."},{"key":"6_CR5","volume-title":"Transparent Runtime Randomization for Security","author":"J Xu","year":"2003","unstructured":"J. Xu, Z. Kalbarczyk and R. K. Iyer. Transparent Runtime Randomization for Security. To appear in Proc. Symposium on Reliable and Distributed Systems, 2003."},{"key":"6_CR6","volume-title":"A First Step Towards Automated Detection of Buffer Overrun Vulnerabilities","author":"D Wagner","year":"2000","unstructured":"D. Wagner, J. Foster, E. Brewer, and A. Aiken. A First Step Towards Automated Detection of Buffer Overrun Vulnerabilities. Network and Distributed System Security Symposium (NDSS 2000)."},{"key":"6_CR7","volume-title":"Detecting Format String Vulnerabilities With Type Qualifiers","author":"U Shankar","year":"2001","unstructured":"U. Shankar, K. Talwar, J. Foster, and D. Wagner. Detecting Format String Vulnerabilities With Type Qualifiers. 10th USENIX Security Symposium, 2001."},{"key":"6_CR8","volume-title":"Automatic Detection and Prevention of Buffer-Overflow Attacks","author":"C Cowan","year":"1998","unstructured":"C. Cowan, C. Pu, D. Maier, et al. Automatic Detection and Prevention of Buffer-Overflow Attacks. 7th USENIX Security Symposium, San Antonio, TX, January 1998."},{"key":"6_CR9","volume-title":"Transparent Run-Time Defense Against Stack Smashing Attacks","author":"A Baratloo","year":"2000","unstructured":"A. Baratloo, T. Tsai, N. Singh, Transparent Run-Time Defense Against Stack Smashing Attacks, Proc. USENIX Annual Technical Conference, June 2000."},{"key":"6_CR10","volume-title":"IEEE International Conf. on Dependable Systems and Networks","author":"S Chen","year":"2003","unstructured":"S. Chen, Z. Kalbarczyk, J. Xu, R. K. Iyer. \u201cA Data-Driven Finite State Machine Model for Analyzing Security Vulnerabilities\u201d. in IEEE International Conf. on Dependable Systems and Networks, 2003."},{"key":"6_CR11","unstructured":"Introduction to equational logic. http:\/\/www.cs.cornell.edu \/Info\/People\/gries\/Logic\/Equational.html"},{"key":"6_CR12","unstructured":"S. Chen, K. Pattabiraman, Z. Kalbarczyk, R. K. Iyer. Formal Reasoning of Various Categories of Widely Exploited Security Vulnerabilities By Pointer Taintedness Semantics (Full Version). http:\/\/www.crhc.uiuc.edu \/~shuochen\/pointer_taintedness"}],"container-title":["Security and Protection in Information Processing Systems"],"original-title":[],"link":[{"URL":"http:\/\/link.springer.com\/content\/pdf\/10.1007\/1-4020-8143-X_6","content-type":"unspecified","content-version":"vor","intended-application":"similarity-checking"}],"deposited":{"date-parts":[[2020,4,11]],"date-time":"2020-04-11T20:11:57Z","timestamp":1586635917000},"score":1,"resource":{"primary":{"URL":"http:\/\/link.springer.com\/10.1007\/1-4020-8143-X_6"}},"subtitle":[],"short-title":[],"issued":{"date-parts":[[2004]]},"ISBN":["9781475780161","9781402081439"],"references-count":12,"URL":"https:\/\/doi.org\/10.1007\/1-4020-8143-x_6","relation":{},"subject":[],"published":{"date-parts":[[2004]]}}}