{"status":"ok","message-type":"work","message-version":"1.0.0","message":{"indexed":{"date-parts":[[2025,3,27]],"date-time":"2025-03-27T19:54:39Z","timestamp":1743105279077,"version":"3.40.3"},"publisher-location":"Cham","reference-count":53,"publisher":"Springer International Publishing","isbn-type":[{"type":"print","value":"9783031094835"},{"type":"electronic","value":"9783031094842"}],"license":[{"start":{"date-parts":[[2022,1,1]],"date-time":"2022-01-01T00:00:00Z","timestamp":1640995200000},"content-version":"tdm","delay-in-days":0,"URL":"https:\/\/www.springer.com\/tdm"},{"start":{"date-parts":[[2022,1,1]],"date-time":"2022-01-01T00:00:00Z","timestamp":1640995200000},"content-version":"vor","delay-in-days":0,"URL":"https:\/\/www.springer.com\/tdm"}],"content-domain":{"domain":["link.springer.com"],"crossmark-restriction":false},"short-container-title":[],"published-print":{"date-parts":[[2022]]},"DOI":"10.1007\/978-3-031-09484-2_1","type":"book-chapter","created":{"date-parts":[[2022,6,24]],"date-time":"2022-06-24T14:02:51Z","timestamp":1656079371000},"page":"1-22","update-policy":"https:\/\/doi.org\/10.1007\/springer_crossmark_policy","source":"Crossref","is-referenced-by-count":1,"title":["Hybrid Pruning: Towards Precise Pointer and\u00a0Taint Analysis"],"prefix":"10.1007","author":[{"given":"Dipanjan","family":"Das","sequence":"first","affiliation":[],"role":[{"role":"author","vocabulary":"crossref"}]},{"given":"Priyanka","family":"Bose","sequence":"additional","affiliation":[],"role":[{"role":"author","vocabulary":"crossref"}]},{"given":"Aravind","family":"Machiry","sequence":"additional","affiliation":[],"role":[{"role":"author","vocabulary":"crossref"}]},{"given":"Sebastiano","family":"Mariani","sequence":"additional","affiliation":[],"role":[{"role":"author","vocabulary":"crossref"}]},{"given":"Yan","family":"Shoshitaishvili","sequence":"additional","affiliation":[],"role":[{"role":"author","vocabulary":"crossref"}]},{"given":"Giovanni","family":"Vigna","sequence":"additional","affiliation":[],"role":[{"role":"author","vocabulary":"crossref"}]},{"given":"Christopher","family":"Kruegel","sequence":"additional","affiliation":[],"role":[{"role":"author","vocabulary":"crossref"}]}],"member":"297","published-online":{"date-parts":[[2022,6,24]]},"reference":[{"key":"1_CR1","unstructured":"Celery: Distributed task queue. http:\/\/www.celeryproject.org"},{"key":"1_CR2","unstructured":"Common vulnerabilities and exposures. https:\/\/cve.mitre.org"},{"key":"1_CR3","unstructured":"Coverity linux scan. https:\/\/scan.coverity.com\/projects\/linux"},{"key":"1_CR4","unstructured":"Darpa cyber grand challenge. https:\/\/www.darpa.mil\/program\/cyber-grand-challenge"},{"key":"1_CR5","unstructured":"The llvm compiler infrastructure. https:\/\/llvm.org"},{"key":"1_CR6","unstructured":"Llvm dataflowsanitizer pass. https:\/\/clang.llvm.org\/docs\/DataFlowSanitizer.html"},{"key":"1_CR7","doi-asserted-by":"crossref","unstructured":"Banerjee, S., Devecsery, D., Chen, P., Narayanasamy, S.: Iodine: fast dynamic taint tracking using rollback-free optimistic hybrid analysis (2019)","DOI":"10.1109\/SP.2019.00043"},{"key":"1_CR8","doi-asserted-by":"publisher","first-page":"66","DOI":"10.1145\/1646353.1646374","volume":"53","author":"A Bessey","year":"2010","unstructured":"Bessey, A., et al.: A few billion lines of code later: using static analysis to find bugs in the real world. Commun. ACM 53, 66\u201375 (2010)","journal-title":"Commun. ACM"},{"key":"1_CR9","doi-asserted-by":"crossref","unstructured":"Biallas, S., Olesen, M.C., Cassez, F., Huuck, R.: Ptrtracker: pragmatic pointer analysis. In: 2013 IEEE 13th International Working Conference on Source Code Analysis and Manipulation (SCAM), pp. 69\u201373. IEEE (2013)","DOI":"10.1109\/SCAM.2013.6648186"},{"key":"1_CR10","doi-asserted-by":"crossref","unstructured":"Borrello, P., D\u2019Elia, D.C., Querzoni, L., Giuffrida, C.: Constantine: automatic side-channel resistance using efficient control and data flow linearization. In: CCS 2021 (2021)","DOI":"10.1145\/3460120.3484583"},{"issue":"11","key":"1_CR11","doi-asserted-by":"publisher","first-page":"921","DOI":"10.1016\/j.scico.2009.08.002","volume":"75","author":"M Buss","year":"2010","unstructured":"Buss, M., Brand, D., Sreedhar, V., Edwards, S.A.: A novel analysis space for pointer analysis and its application for bug finding. Sci. Comput. Program. 75(11), 921\u2013942 (2010)","journal-title":"Sci. Comput. Program."},{"key":"1_CR12","unstructured":"Buss, M., Edwards, S.A., Yao, B., Waddington, D.: Pointer analysis for C programs through AST traversal (2005)"},{"key":"1_CR13","unstructured":"Caswell, B.: Cyber grand challenge corpus (2017)"},{"issue":"2","key":"1_CR14","doi-asserted-by":"publisher","first-page":"8","DOI":"10.1145\/1348250.1348254","volume":"17","author":"C Csallner","year":"2008","unstructured":"Csallner, C., Smaragdakis, Y., Xie, T.: DSD-crasher: a hybrid analysis tool for bug finding. ACM Trans. Softw. Eng. Methodol. (TOSEM) 17(2), 8 (2008)","journal-title":"ACM Trans. Softw. Eng. Methodol. (TOSEM)"},{"key":"1_CR15","doi-asserted-by":"crossref","unstructured":"Devecsery, D., Chen, P.M., Flinn, J., Narayanasamy, S.: Optimistic hybrid analysis: accelerating dynamic analysis through predicated static analysis (2018)","DOI":"10.1145\/3173162.3177153"},{"key":"1_CR16","doi-asserted-by":"crossref","unstructured":"Dor, N., Rodeh, M., Sagiv, M.: CSSV: towards a realistic tool for statically detecting all buffer overflows in C. In: Proceedings of the ACM SIGPLAN 2003 Conference on Programming Language Design and Implementation, PLDI 2003, pp. 155\u2013167. ACM, New York (2003)","DOI":"10.1145\/780822.781149"},{"key":"1_CR17","doi-asserted-by":"crossref","unstructured":"Engler, D., Chen, D.Y., Hallem, S., Chou, A., Chelf, B.: Bugs as deviant behavior: a general approach to inferring errors in systems code. In: Proceedings of the Eighteenth ACM Symposium on Operating Systems Principles (2001)","DOI":"10.1145\/502034.502041"},{"key":"1_CR18","doi-asserted-by":"crossref","unstructured":"Ganapathy, V., Jha, S., Chandler, D., Melski, D., Vitek, D.: Buffer overrun detection using linear programming and static analysis. In: Proceedings of the 10th ACM Conference on Computer and Communications Security, CCS 2003, pp. 345\u2013354. ACM, New York (2003)","DOI":"10.1145\/948109.948155"},{"key":"1_CR19","unstructured":"Gross, A.: Evaluation of dynamic points-to analysis (2004)"},{"key":"1_CR20","unstructured":"Hardekopf, B., Wiedermann, B., Cook, W.R., Lin, C.: A formal specification of pointer analysis approximations. In: submission to Programming Language Design and Implementation (PLDI) (2009)"},{"key":"1_CR21","doi-asserted-by":"crossref","unstructured":"Ho, A., Fetterman, M., Clark, C., Warfield, A., Hand, S.: Practical taint-based protection using demand emulation. In: ACM SIGOPS Operating Systems Review, vol. 40, pp. 29\u201341. ACM (2006)","DOI":"10.1145\/1218063.1217939"},{"key":"1_CR22","doi-asserted-by":"crossref","unstructured":"Jee, K., Kemerlis, V.P., Keromytis, A.D., Portokalidis, G.: Shadowreplica: efficient parallelization of dynamic data flow tracking. In: Proceedings of the 2013 ACM SIGSAC Conference on Computer & Communications Security, pp. 235\u2013246. ACM (2013)","DOI":"10.1145\/2508859.2516704"},{"key":"1_CR23","doi-asserted-by":"crossref","unstructured":"Kahlon, V.: Bootstrapping: a technique for scalable flow and context-sensitive pointer alias analysis. In: Proceedings of the 29th ACM SIGPLAN Conference on Programming Language Design and Implementation, pp. 249\u2013259 (2008)","DOI":"10.1145\/1379022.1375613"},{"key":"1_CR24","doi-asserted-by":"crossref","unstructured":"Kelsey, K., Bai, T., Ding, C., Zhang, C.: Fast track: a software system for speculative program optimization. In: International Symposium on Code Generation and Optimization, CGO 2009 (2009)","DOI":"10.1109\/CGO.2009.18"},{"key":"1_CR25","doi-asserted-by":"crossref","unstructured":"Kemerlis, V.P., Portokalidis, G., Jee, K., Keromytis, A.D.: libdft: practical dynamic data flow tracking for commodity systems. In: ACM Sigplan Notices, vol. 47, pp. 121\u2013132. ACM (2012)","DOI":"10.1145\/2365864.2151042"},{"issue":"3","key":"1_CR26","doi-asserted-by":"publisher","first-page":"777","DOI":"10.1007\/s11277-015-3152-1","volume":"89","author":"S Kim","year":"2016","unstructured":"Kim, S., Kim, R., Park, Y.B.: Software vulnerability detection methodology combined with static and dynamic analysis. Wirel. Pers. Commun. 89(3), 777\u2013793 (2016)","journal-title":"Wirel. Pers. Commun."},{"key":"1_CR27","doi-asserted-by":"crossref","unstructured":"Lhot\u00e1k, O., Chung, K.C.A.: Points-to analysis with efficient strong updates. In: Proceedings of the 38th Annual ACM SIGPLAN-SIGACT Symposium on Principles of Programming Languages, pp. 3\u201316 (2011)","DOI":"10.1145\/1926385.1926389"},{"key":"1_CR28","unstructured":"Machiry, A.: The need for extensible and configurable static taint tracking for c\/c++ (2017). https:\/\/machiry.github.io\/blog\/2017\/05\/31\/static-taint-tracking"},{"key":"1_CR29","unstructured":"Machiry, A., Spensky, C., Corina, J., Stephens, N., Kruegel, C., Vigna, G.: DR. CHECKER: a soundy analysis for linux kernel drivers. In: 26th USENIX Security Symposium (USENIX Security 2017), Vancouver, BC, pp. 1007\u20131024. USENIX Association (2017)"},{"key":"1_CR30","unstructured":"Ming, J., Wu, D., Xiao, G., Wang, J., Liu, P.: Taintpipe: pipelined symbolic taint analysis. In: USENIX Security Symposium (2015)"},{"key":"1_CR31","doi-asserted-by":"crossref","unstructured":"Mock, M., Atkinson, D.C., Chambers, C., Eggers, S.J.: Improving program slicing with dynamic points-to data. In: Proceedings of the 10th ACM SIGSOFT Symposium on Foundations of Software Engineering, SIGSOFT 2002\/FSE-10, pp. 71\u201380 (2002)","DOI":"10.1145\/605466.605477"},{"key":"1_CR32","doi-asserted-by":"crossref","unstructured":"Mock, M., Das, M., Chambers, C., Eggers, S.J.: Dynamic points-to sets: a comparison with static analyses and potential applications in program understanding and optimization. In: Proceedings of the 2001 ACM SIGPLAN-SIGSOFT Workshop on Program Analysis for Software Tools and Engineering, PASTE 2001, pp. 66\u201372 (2001)","DOI":"10.1145\/379605.379671"},{"key":"1_CR33","unstructured":"Trail of Bits. Darpa challenge binaries on linux, osx, and windows (2016). https:\/\/github.com\/trailofbits\/cb-multios"},{"key":"1_CR34","doi-asserted-by":"crossref","unstructured":"Palit, T., Moon, J.F., Monrose, F., Polychronakis, M.: Dynpta: combining static and dynamic analysis for practical selective data protection. In: 2021 IEEE Symposium on Security and Privacy (SP) (2021)","DOI":"10.1109\/SP40001.2021.00082"},{"key":"1_CR35","unstructured":"Sarkar, D., Jagannathan, M., Thiagarajan, J., Venkatapathy, R.: Flow-insensitive static analysis for detecting integer anomalies in programs. In: Proceedings of the 25th Conference on IASTED International Multi-Conference: Software Engineering, pp. 334\u2013340. ACTA Press (2007)"},{"key":"1_CR36","doi-asserted-by":"crossref","unstructured":"Schwartz, E.J., Avgerinos, T., Brumley, D.: All you ever wanted to know about dynamic taint analysis and forward symbolic execution (but might have been afraid to ask). In: Proceedings of the 2010 IEEE Symposium on Security and Privacy (2010)","DOI":"10.1109\/SP.2010.26"},{"key":"1_CR37","unstructured":"Serebryany, K., Bruening, D., Potapenko, A., Vyukov, D.: Addresssanitizer: a fast address sanity checker. In: USENIX ATC (2012)"},{"key":"1_CR38","unstructured":"Shankar, U., Talwar, K., Foster, J.S., Wagner, D.: Detecting format string vulnerabilities with type qualifiers. In: Proceedings of the 10th Conference on USENIX Security Symposium, SSYM 2001, Berkeley, CA, USA, vol. 10. USENIX Association (2001)"},{"key":"1_CR39","series-title":"Lecture Notes in Computer Science","doi-asserted-by":"publisher","first-page":"26","DOI":"10.1007\/978-3-319-66332-6_2","volume-title":"Research in Attacks, Intrusions, and Defenses","author":"B Shastry","year":"2017","unstructured":"Shastry, B., et al.: Static program analysis as a fuzzing aid. In: Dacier, M., Bailey, M., Polychronakis, M., Antonakakis, M. (eds.) RAID 2017. LNCS, vol. 10453, pp. 26\u201347. Springer, Cham (2017). https:\/\/doi.org\/10.1007\/978-3-319-66332-6_2"},{"key":"1_CR40","unstructured":"Shastry, B., Maggi, F., Yamaguchi, F., Rieck, K., Seifert, J.P.: Static exploration of taint-style vulnerabilities found by fuzzing. In: 11th USENIX Workshop on Offensive Technologies. USENIX Association (2017)"},{"key":"1_CR41","doi-asserted-by":"crossref","unstructured":"Slowinska, A., Bos, H.: Pointless tainting?: evaluating the practicality of pointer tainting. In: Proceedings of the 4th ACM European Conference on Computer systems, pp. 61\u201374. ACM (2009)","DOI":"10.1145\/1519065.1519073"},{"issue":"1","key":"1_CR42","doi-asserted-by":"publisher","first-page":"1","DOI":"10.1561\/2500000014","volume":"2","author":"Y Smaragdakis","year":"2015","unstructured":"Smaragdakis, Y., Balatsouras, G., et al.: Pointer analysis. Found. Trends Program. Lang. 2(1), 1\u201369 (2015)","journal-title":"Found. Trends Program. Lang."},{"key":"1_CR43","doi-asserted-by":"crossref","unstructured":"Sridharan, M., Fink, S.J.: The complexity of Andersen\u2019s analysis in practice. In: Proceedings of the 16th International Symposium on Static Analysis (2009)","DOI":"10.1007\/978-3-642-03237-0_15"},{"key":"1_CR44","doi-asserted-by":"crossref","unstructured":"Steensgaard, B.: Points-to analysis in almost linear time. In: Proceedings of the 23rd ACM SIGPLAN-SIGACT Symposium on Principles of Programming Languages (1996)","DOI":"10.1145\/237721.237727"},{"key":"1_CR45","doi-asserted-by":"crossref","unstructured":"Sui, Y., Xue, J.: SVF: interprocedural static value-flow analysis in LLVM. In: Proceedings of the 25th International Conference on Compiler Construction (2016)","DOI":"10.1145\/2892208.2892235"},{"key":"1_CR46","doi-asserted-by":"crossref","unstructured":"Trabish, D., Kapus, T., Rinetzky, N., Cadar, C.: Past-sensitive pointer analysis for symbolic execution. In: Proceedings of the 28th ACM Joint Meeting on European Software Engineering Conference and Symposium on the Foundations of Software Engineering, pp. 197\u2013208 (2020)","DOI":"10.1145\/3368089.3409698"},{"key":"1_CR47","doi-asserted-by":"crossref","unstructured":"Venkataramani, G., Doudalis, I., Solihin, Y., Prvulovic, M.: Flexitaint: a programmable accelerator for dynamic taint propagation. In: High Performance Computer Architecture (2008)","DOI":"10.1109\/HPCA.2008.4658637"},{"key":"1_CR48","unstructured":"Wang, X., Chen, H., Jia, Z., Zeldovich, N., Kaashoek, M.F.: Improving integer security for systems with kint. In: OSDI (2012)"},{"key":"1_CR49","doi-asserted-by":"crossref","unstructured":"Xie, Y., Aiken, A.: Context-and path-sensitive memory leak detection. In: ACM SIGSOFT Software Engineering Notes. ACM (2005)","DOI":"10.1145\/1081706.1081728"},{"key":"1_CR50","doi-asserted-by":"crossref","unstructured":"Xie, Y., Chou, A., Engler, D.: Archer: using symbolic, path-sensitive analysis to detect memory access errors. In: Proceedings of the 9th European Software Engineering Conference Held Jointly with 11th ACM SIGSOFT International Symposium on Foundations of Software Engineering, ESEC\/FSE-11 (2003)","DOI":"10.1145\/940071.940115"},{"key":"1_CR51","unstructured":"Xie, Y., Naik, M., Hackett, B., Aiken, A.: Soundness and its role in bug detection systems. In: Workshop on the Evaluation of Software Defect Detection Tools (2005)"},{"issue":"4","key":"1_CR52","doi-asserted-by":"publisher","first-page":"393","DOI":"10.1145\/1189256.1189259","volume":"24","author":"J Yang","year":"2006","unstructured":"Yang, J., Twohey, P., Engler, D., Musuvathi, M.: Using model checking to find serious file system errors. ACM Trans. Comput. Syst. (TOCS) 24(4), 393\u2013423 (2006)","journal-title":"ACM Trans. Comput. Syst. (TOCS)"},{"key":"1_CR53","doi-asserted-by":"crossref","unstructured":"Zitser, M., Lippmann, R., Leek, T.: Testing static analysis tools using exploitable buffer overflows from open source code. In: ACM SIGSOFT Software Engineering Notes, vol. 29, pp. 97\u2013106. ACM (2004)","DOI":"10.1145\/1041685.1029911"}],"container-title":["Lecture Notes in Computer Science","Detection of Intrusions and Malware, and Vulnerability Assessment"],"original-title":[],"language":"en","link":[{"URL":"https:\/\/link.springer.com\/content\/pdf\/10.1007\/978-3-031-09484-2_1","content-type":"unspecified","content-version":"vor","intended-application":"similarity-checking"}],"deposited":{"date-parts":[[2022,6,24]],"date-time":"2022-06-24T14:03:32Z","timestamp":1656079412000},"score":1,"resource":{"primary":{"URL":"https:\/\/link.springer.com\/10.1007\/978-3-031-09484-2_1"}},"subtitle":[],"short-title":[],"issued":{"date-parts":[[2022]]},"ISBN":["9783031094835","9783031094842"],"references-count":53,"URL":"https:\/\/doi.org\/10.1007\/978-3-031-09484-2_1","relation":{},"ISSN":["0302-9743","1611-3349"],"issn-type":[{"type":"print","value":"0302-9743"},{"type":"electronic","value":"1611-3349"}],"subject":[],"published":{"date-parts":[[2022]]},"assertion":[{"value":"24 June 2022","order":1,"name":"first_online","label":"First Online","group":{"name":"ChapterHistory","label":"Chapter History"}},{"value":"DIMVA","order":1,"name":"conference_acronym","label":"Conference Acronym","group":{"name":"ConferenceInfo","label":"Conference Information"}},{"value":"International Conference on Detection of Intrusions and Malware, and Vulnerability Assessment","order":2,"name":"conference_name","label":"Conference Name","group":{"name":"ConferenceInfo","label":"Conference Information"}},{"value":"Cagliari","order":3,"name":"conference_city","label":"Conference City","group":{"name":"ConferenceInfo","label":"Conference Information"}},{"value":"Italy","order":4,"name":"conference_country","label":"Conference Country","group":{"name":"ConferenceInfo","label":"Conference Information"}},{"value":"2022","order":5,"name":"conference_year","label":"Conference Year","group":{"name":"ConferenceInfo","label":"Conference Information"}},{"value":"29 June 2022","order":7,"name":"conference_start_date","label":"Conference Start Date","group":{"name":"ConferenceInfo","label":"Conference Information"}},{"value":"1 July 2022","order":8,"name":"conference_end_date","label":"Conference End Date","group":{"name":"ConferenceInfo","label":"Conference Information"}},{"value":"19","order":9,"name":"conference_number","label":"Conference Number","group":{"name":"ConferenceInfo","label":"Conference Information"}},{"value":"dimva2022","order":10,"name":"conference_id","label":"Conference ID","group":{"name":"ConferenceInfo","label":"Conference Information"}},{"value":"https:\/\/sites.unica.it\/dimva2022\/","order":11,"name":"conference_url","label":"Conference URL","group":{"name":"ConferenceInfo","label":"Conference Information"}},{"value":"Double-blind","order":1,"name":"type","label":"Type","group":{"name":"ConfEventPeerReviewInformation","label":"Peer Review Information (provided by the conference organizers)"}},{"value":"HotCRP","order":2,"name":"conference_management_system","label":"Conference Management System","group":{"name":"ConfEventPeerReviewInformation","label":"Peer Review Information (provided by the conference organizers)"}},{"value":"39","order":3,"name":"number_of_submissions_sent_for_review","label":"Number of Submissions Sent for Review","group":{"name":"ConfEventPeerReviewInformation","label":"Peer Review Information (provided by the conference organizers)"}},{"value":"10","order":4,"name":"number_of_full_papers_accepted","label":"Number of Full Papers Accepted","group":{"name":"ConfEventPeerReviewInformation","label":"Peer Review Information (provided by the conference organizers)"}},{"value":"1","order":5,"name":"number_of_short_papers_accepted","label":"Number of Short Papers Accepted","group":{"name":"ConfEventPeerReviewInformation","label":"Peer Review Information (provided by the conference organizers)"}},{"value":"26% - The value is computed by the equation \"Number of Full Papers Accepted \/ Number of Submissions Sent for Review * 100\" and then rounded to a whole number.","order":6,"name":"acceptance_rate_of_full_papers","label":"Acceptance Rate of Full Papers","group":{"name":"ConfEventPeerReviewInformation","label":"Peer Review Information (provided by the conference organizers)"}},{"value":"3","order":7,"name":"average_number_of_reviews_per_paper","label":"Average Number of Reviews per Paper","group":{"name":"ConfEventPeerReviewInformation","label":"Peer Review Information (provided by the conference organizers)"}},{"value":"2.1","order":8,"name":"average_number_of_papers_per_reviewer","label":"Average Number of Papers per Reviewer","group":{"name":"ConfEventPeerReviewInformation","label":"Peer Review Information (provided by the conference organizers)"}},{"value":"Yes","order":9,"name":"external_reviewers_involved","label":"External Reviewers Involved","group":{"name":"ConfEventPeerReviewInformation","label":"Peer Review Information (provided by the conference organizers)"}}]}}