{"status":"ok","message-type":"work","message-version":"1.0.0","message":{"indexed":{"date-parts":[[2025,3,26]],"date-time":"2025-03-26T21:11:20Z","timestamp":1743023480333,"version":"3.40.3"},"publisher-location":"Cham","reference-count":18,"publisher":"Springer International Publishing","isbn-type":[{"type":"print","value":"9783030262495"},{"type":"electronic","value":"9783030262501"}],"license":[{"start":{"date-parts":[[2019,1,1]],"date-time":"2019-01-01T00:00:00Z","timestamp":1546300800000},"content-version":"tdm","delay-in-days":0,"URL":"http:\/\/www.springer.com\/tdm"}],"content-domain":{"domain":["link.springer.com"],"crossmark-restriction":false},"short-container-title":[],"published-print":{"date-parts":[[2019]]},"DOI":"10.1007\/978-3-030-26250-1_4","type":"book-chapter","created":{"date-parts":[[2019,9,1]],"date-time":"2019-09-01T19:02:43Z","timestamp":1567364563000},"page":"49-61","update-policy":"https:\/\/doi.org\/10.1007\/springer_crossmark_policy","source":"Crossref","is-referenced-by-count":2,"title":["Comparative Evaluation of Security Fuzzing Approaches"],"prefix":"10.1007","author":[{"given":"Loui","family":"Al Sardy","sequence":"first","affiliation":[],"role":[{"role":"author","vocabulary":"crossref"}]},{"given":"Andreas","family":"Neubaum","sequence":"additional","affiliation":[],"role":[{"role":"author","vocabulary":"crossref"}]},{"given":"Francesca","family":"Saglietti","sequence":"additional","affiliation":[],"role":[{"role":"author","vocabulary":"crossref"}]},{"given":"Daniel","family":"Rudrich","sequence":"additional","affiliation":[],"role":[{"role":"author","vocabulary":"crossref"}]}],"member":"297","published-online":{"date-parts":[[2019,8,9]]},"reference":[{"key":"4_CR1","series-title":"Lecture Notes in Computer Science","doi-asserted-by":"publisher","first-page":"99","DOI":"10.1007\/978-3-319-99229-7_10","volume-title":"Computer Safety, Reliability, and Security","author":"L Al Sardy","year":"2018","unstructured":"Al Sardy, L., Saglietti, F., Tang, T., Sonnenberg, H.: Constraint-based testing for buffer overflows. In: Gallina, B., Skavhaug, A., Schoitsch, E., Bitsch, F. (eds.) SAFECOMP 2018. LNCS, vol. 11094, pp. 99\u2013111. Springer, Cham (2018). \n                      https:\/\/doi.org\/10.1007\/978-3-319-99229-7_10"},{"key":"4_CR2","unstructured":"Cadar, C., Dunbar, D., Engler, D.: KLEE: unassisted and automatic generation of high-coverage tests for complex systems programs. In: USENIX Symposium on Operating Systems Design and Implementation (OSDI 2008). USENIX Association (2008)"},{"key":"4_CR3","unstructured":"Cisco: Most Common CWE Vulnerabilities, annual cybersecurity report (2018)"},{"key":"4_CR4","unstructured":"Cisco: CWE threat category activity, midyear security report (2015)"},{"key":"4_CR5","unstructured":"Eddington, M.: Peach Fuzzer (2019). \n                      http:\/\/peachfuzzer.com\/"},{"key":"4_CR6","doi-asserted-by":"publisher","first-page":"42","DOI":"10.1109\/52.976940","volume":"19","author":"D Evans","year":"2002","unstructured":"Evans, D., Larochelle, D.: Improving security using extensible lightweight static analysis. IEEE Softw. 19, 42\u201351 (2002). \n                      https:\/\/doi.org\/10.1109\/52.976940","journal-title":"IEEE Softw."},{"key":"4_CR7","volume-title":"Steuerung einer Destillationsanlage, interner Bericht","author":"A Makarov","year":"2008","unstructured":"Makarov, A., Billowie, O.: Steuerung einer Destillationsanlage, interner Bericht. Hochschule Magdeburg-Stendal, Fachbereich IWID, Institut f\u00fcr Elektrotechnik (2008)"},{"key":"4_CR8","unstructured":"MITRE Corporation: A buffer overflow vulnerability in WhatsApp VOIP stack allowed remote code execution via specially crafted series of SRTCP packets sent to a target phone number, Common Vulnerabilities and Exposures Database (CVE), CVE-2019-3568 (2019)"},{"key":"4_CR9","unstructured":"MITRE Corporation: Buffer overflow in the skey_challenge function in ftpd.c for wu-ftp daemon (wu-ftpd) 2.6.2, Common Vulnerabilities and Exposures Database (CVE), CVE-2004-0185 (2004)"},{"key":"4_CR10","unstructured":"MITRE Corporation: Buffer overflow in the SockPrintf function in wu-ftpd 2.6.2, Common Vulnerabilities and Exposures Database (CVE), CVE-2003-1327 (2003)"},{"key":"4_CR11","unstructured":"MITRE Corporation: Off-by-one Error in fb_realpath(), Common Vulnerabilities and Exposures Database (CVE), CVE-2003-0466 (2003)"},{"key":"4_CR12","unstructured":"Oulu University Secure Programming Group (OUSPG): Radamsa (2010). \n                      https:\/\/www.ee.oulu.fi\/roles\/ouspg\/Radamsa"},{"key":"4_CR13","series-title":"Lecture Notes in Computer Science","doi-asserted-by":"publisher","first-page":"222","DOI":"10.1007\/978-3-319-45480-1_18","volume-title":"Computer Safety, Reliability, and Security","author":"F Saglietti","year":"2016","unstructured":"Saglietti, F., Meitner, M., von Wardenburg, L., Richthammer, V.: Analysis of informed attacks and appropriate countermeasures for cyber-physical systems. In: Skavhaug, A., Guiochet, J., Schoitsch, E., Bitsch, F. (eds.) SAFECOMP 2016. LNCS, vol. 9923, pp. 222\u2013233. Springer, Cham (2016). \n                      https:\/\/doi.org\/10.1007\/978-3-319-45480-1_18"},{"key":"4_CR14","unstructured":"Schneider Electric Software Security Response Center: InduSoft Web Studio and InTouch Machine Edition \u2013 Remote Code Execution Vulnerability, Security Bulletin LFSEC00000125 (2018)"},{"key":"4_CR15","doi-asserted-by":"publisher","unstructured":"Shahriar, H., Zulkernine, M.: Classification of static analysis-based buffer overflow detectors. In: 4th International Conference on Secure Software Integration and Reliability Improvement Companion (SSIRI-C). IEEE (2010). \n                      https:\/\/doi.org\/10.1109\/ssiri-c.2010.28","DOI":"10.1109\/ssiri-c.2010.28"},{"key":"4_CR16","doi-asserted-by":"crossref","unstructured":"Shoshitaishvili, Y., Wang, R., et al.: (State of) the art of war: offensive techniques in binary analysis. In: IEEE Symposium on Security and Privacy. IEEE (2016)","DOI":"10.1109\/SP.2016.17"},{"key":"4_CR17","unstructured":"Swiecki, R.: Hongfuzz (2018). \n                      www.github.com\/google\/hongfuzz"},{"key":"4_CR18","unstructured":"Zalewski, M.: American Fuzzy Lop (AFL) (2017). \n                      http:\/\/lcamtuf.coredump.cx\/afl\/"}],"container-title":["Lecture Notes in Computer Science","Computer Safety, Reliability, and Security"],"original-title":[],"language":"en","link":[{"URL":"http:\/\/link.springer.com\/content\/pdf\/10.1007\/978-3-030-26250-1_4","content-type":"unspecified","content-version":"vor","intended-application":"similarity-checking"}],"deposited":{"date-parts":[[2019,10,30]],"date-time":"2019-10-30T16:58:58Z","timestamp":1572454738000},"score":1,"resource":{"primary":{"URL":"http:\/\/link.springer.com\/10.1007\/978-3-030-26250-1_4"}},"subtitle":[],"short-title":[],"issued":{"date-parts":[[2019]]},"ISBN":["9783030262495","9783030262501"],"references-count":18,"URL":"https:\/\/doi.org\/10.1007\/978-3-030-26250-1_4","relation":{},"ISSN":["0302-9743","1611-3349"],"issn-type":[{"type":"print","value":"0302-9743"},{"type":"electronic","value":"1611-3349"}],"subject":[],"published":{"date-parts":[[2019]]},"assertion":[{"value":"9 August 2019","order":1,"name":"first_online","label":"First Online","group":{"name":"ChapterHistory","label":"Chapter History"}},{"value":"SAFECOMP","order":1,"name":"conference_acronym","label":"Conference Acronym","group":{"name":"ConferenceInfo","label":"Conference Information"}},{"value":"International Conference on Computer Safety, Reliability, and Security","order":2,"name":"conference_name","label":"Conference Name","group":{"name":"ConferenceInfo","label":"Conference Information"}},{"value":"Turku","order":3,"name":"conference_city","label":"Conference City","group":{"name":"ConferenceInfo","label":"Conference Information"}},{"value":"Finland","order":4,"name":"conference_country","label":"Conference Country","group":{"name":"ConferenceInfo","label":"Conference Information"}},{"value":"2019","order":5,"name":"conference_year","label":"Conference Year","group":{"name":"ConferenceInfo","label":"Conference Information"}},{"value":"10 September 2019","order":7,"name":"conference_start_date","label":"Conference Start Date","group":{"name":"ConferenceInfo","label":"Conference Information"}},{"value":"13 September 2019","order":8,"name":"conference_end_date","label":"Conference End Date","group":{"name":"ConferenceInfo","label":"Conference Information"}},{"value":"38","order":9,"name":"conference_number","label":"Conference Number","group":{"name":"ConferenceInfo","label":"Conference Information"}},{"value":"safecomp2019","order":10,"name":"conference_id","label":"Conference ID","group":{"name":"ConferenceInfo","label":"Conference Information"}},{"value":"https:\/\/conferences.ncl.ac.uk\/safecomp2019\/","order":11,"name":"conference_url","label":"Conference URL","group":{"name":"ConferenceInfo","label":"Conference Information"}},{"value":"Single-blind","order":1,"name":"type","label":"Type","group":{"name":"ConfEventPeerReviewInformation","label":"Peer Review Information (provided by the conference organizers)"}},{"value":"EasyChair","order":2,"name":"conference_management_system","label":"Conference Management System","group":{"name":"ConfEventPeerReviewInformation","label":"Peer Review Information (provided by the conference organizers)"}},{"value":"65","order":3,"name":"number_of_submissions_sent_for_review","label":"Number of Submissions Sent for Review","group":{"name":"ConfEventPeerReviewInformation","label":"Peer Review Information (provided by the conference organizers)"}},{"value":"16","order":4,"name":"number_of_full_papers_accepted","label":"Number of Full Papers Accepted","group":{"name":"ConfEventPeerReviewInformation","label":"Peer Review Information (provided by the conference organizers)"}},{"value":"5","order":5,"name":"number_of_short_papers_accepted","label":"Number of Short Papers Accepted","group":{"name":"ConfEventPeerReviewInformation","label":"Peer Review Information (provided by the conference organizers)"}},{"value":"25% - The value is computed by the equation \"Number of Full Papers Accepted \/ Number of Submissions Sent for Review * 100\" and then rounded to a whole number.","order":6,"name":"acceptance_rate_of_full_papers","label":"Acceptance Rate of Full Papers","group":{"name":"ConfEventPeerReviewInformation","label":"Peer Review Information (provided by the conference organizers)"}},{"value":"3","order":7,"name":"average_number_of_reviews_per_paper","label":"Average Number of Reviews per Paper","group":{"name":"ConfEventPeerReviewInformation","label":"Peer Review Information (provided by the conference organizers)"}},{"value":"4","order":8,"name":"average_number_of_papers_per_reviewer","label":"Average Number of Papers per Reviewer","group":{"name":"ConfEventPeerReviewInformation","label":"Peer Review Information (provided by the conference organizers)"}},{"value":"Yes","order":9,"name":"external_reviewers_involved","label":"External Reviewers Involved","group":{"name":"ConfEventPeerReviewInformation","label":"Peer Review Information (provided by the conference organizers)"}}]}}