{"status":"ok","message-type":"work","message-version":"1.0.0","message":{"indexed":{"date-parts":[[2025,3,26]],"date-time":"2025-03-26T00:05:10Z","timestamp":1742947510708,"version":"3.40.3"},"publisher-location":"Cham","reference-count":37,"publisher":"Springer International Publishing","isbn-type":[{"type":"print","value":"9783031212796"},{"type":"electronic","value":"9783031212802"}],"license":[{"start":{"date-parts":[[2022,1,1]],"date-time":"2022-01-01T00:00:00Z","timestamp":1640995200000},"content-version":"tdm","delay-in-days":0,"URL":"https:\/\/www.springer.com\/tdm"},{"start":{"date-parts":[[2022,1,1]],"date-time":"2022-01-01T00:00:00Z","timestamp":1640995200000},"content-version":"vor","delay-in-days":0,"URL":"https:\/\/www.springer.com\/tdm"}],"content-domain":{"domain":["link.springer.com"],"crossmark-restriction":false},"short-container-title":[],"published-print":{"date-parts":[[2022]]},"DOI":"10.1007\/978-3-031-21280-2_15","type":"book-chapter","created":{"date-parts":[[2022,11,18]],"date-time":"2022-11-18T08:30:15Z","timestamp":1668760215000},"page":"268-286","update-policy":"https:\/\/doi.org\/10.1007\/springer_crossmark_policy","source":"Crossref","is-referenced-by-count":0,"title":["Detect Compiler Inserted Run-time Security Checks in\u00a0Binary Software"],"prefix":"10.1007","author":[{"given":"Koyel","family":"Pramanick","sequence":"first","affiliation":[]},{"given":"Prasad A.","family":"Kulkarni","sequence":"additional","affiliation":[]}],"member":"297","published-online":{"date-parts":[[2022,11,19]]},"reference":[{"key":"15_CR1","doi-asserted-by":"crossref","unstructured":"Abadi, M., Budiu, M., Erlingsson, U., Ligatti, J.: Control-flow integrity principles, implementations, and applications. ACM Trans. Inf. Syst. Secur. 13(1) (2009)","DOI":"10.1145\/1609956.1609960"},{"key":"15_CR2","doi-asserted-by":"publisher","first-page":"107143","DOI":"10.1016\/j.compeleceng.2021.107143","volume":"92","author":"S Abijah Roseline","year":"2021","unstructured":"Abijah Roseline, S., Geetha, S.: A comprehensive survey of tools and techniques mitigating computer and mobile malware attacks. Comput. Electr. Eng. 92, 107143 (2021)","journal-title":"Comput. Electr. Eng."},{"key":"15_CR3","doi-asserted-by":"publisher","DOI":"10.1007\/0-387-34188-9","volume-title":"Computer Viruses and Malware (Advances in Information Security)","author":"J Aycock","year":"2006","unstructured":"Aycock, J.: Computer Viruses and Malware (Advances in Information Security). Springer, Heidelberg (2006). https:\/\/doi.org\/10.1007\/0-387-34188-9"},{"key":"15_CR4","series-title":"Advances in Intelligent Systems and Computing","doi-asserted-by":"publisher","first-page":"1083","DOI":"10.1007\/978-3-030-01177-2_79","volume-title":"Intelligent Computing","author":"TN Brooks","year":"2019","unstructured":"Brooks, T.N.: Survey of automated vulnerability detection and exploit generation techniques in cyber reasoning systems. In: Arai, K., Kapoor, S., Bhatia, R. (eds.) SAI 2018. AISC, vol. 857, pp. 1083\u20131102. Springer, Cham (2019). https:\/\/doi.org\/10.1007\/978-3-030-01177-2_79"},{"key":"15_CR5","unstructured":"Cadar, C., Dunbar, D., Engler, D.R., et al.: Klee: unassisted and automatic generation of high-coverage tests for complex systems programs. In: OSDI, vol. 8, pp. 209\u2013224 (2008)"},{"key":"15_CR6","doi-asserted-by":"crossref","unstructured":"Cha, S.K., Avgerinos, T., Rebert, A., Brumley, D.: Unleashing mayhem on binary code. In: Proceedings of the 2012 IEEE Symposium on Security and Privacy, SP 2012, pp. 380\u2013394. IEEE Computer Society, USA (2012)","DOI":"10.1109\/SP.2012.31"},{"key":"15_CR7","unstructured":"Cowan, C., et al.: StackGuard: automatic adaptive detection and prevention of Buffer-Overflow Attacks. In: Proceedings of the 7th Conference on USENIX Security Symposium, SSYM 1998, vol. 7, pp. 5 (1998)"},{"key":"15_CR8","unstructured":"CVE: A buffer overflow vulnerability in whatsapp voip stack (2019). https:\/\/www.cvedetails.com\/cve\/CVE-2019-3568\/"},{"key":"15_CR9","unstructured":"CWE: CWE Top 25 Most Dangerous Software Weaknesses (2022). https:\/\/cwe.mitre.org\/top25\/archive\/2021\/2021_cwe_top25.html"},{"key":"15_CR10","unstructured":"Cybersecurity, U., Agency, I.S.: Top routinely exploited vulnerabilities (2021). https:\/\/www.cisa.gov\/uscert\/ncas\/alerts\/aa21-209a"},{"key":"15_CR11","unstructured":"Database, N.N.V.: Cvss severity distribution over time (2021). https:\/\/nvd.nist.gov\/general\/visualizations\/vulnerability-visualizations\/cvss-severity-distribution-over-time"},{"key":"15_CR12","doi-asserted-by":"crossref","unstructured":"Eschweiler, S., Yakdan, K., Gerhards-Padilla, E.: discovre: efficient cross-architecture identification of bugs in binary code. In: NDSS, vol. 52, pp. 58\u201379 (2016)","DOI":"10.14722\/ndss.2016.23185"},{"key":"15_CR13","doi-asserted-by":"crossref","unstructured":"Feng, Q., Zhou, R., Xu, C., Cheng, Y., Testa, B., Yin, H.: Scalable graph-based bug search for firmware images. In: Proceedings of the 2016 ACM SIGSAC Conference on Computer and Communications Security, pp. 480\u2013491 (2016)","DOI":"10.1145\/2976749.2978370"},{"key":"15_CR14","series-title":"Lecture Notes in Computer Science","doi-asserted-by":"publisher","first-page":"238","DOI":"10.1007\/978-3-540-88625-9_16","volume-title":"Information and Communications Security","author":"D Gao","year":"2008","unstructured":"Gao, D., Reiter, M.K., Song, D.: BinHunt: automatically finding semantic differences in binary programs. In: Chen, L., Ryan, M.D., Wang, G. (eds.) ICICS 2008. LNCS, vol. 5308, pp. 238\u2013255. Springer, Heidelberg (2008). https:\/\/doi.org\/10.1007\/978-3-540-88625-9_16"},{"key":"15_CR15","series-title":"Lecture Notes in Computer Science","doi-asserted-by":"publisher","first-page":"101","DOI":"10.1007\/978-3-642-04342-0_6","volume-title":"Recent Advances in Intrusion Detection","author":"K Griffin","year":"2009","unstructured":"Griffin, K., Schneider, S., Hu, X., Chiueh, T.: Automatic generation of string signatures for malware detection. In: Kirda, E., Jha, S., Balzarotti, D. (eds.) RAID 2009. LNCS, vol. 5758, pp. 101\u2013120. Springer, Heidelberg (2009). https:\/\/doi.org\/10.1007\/978-3-642-04342-0_6"},{"key":"15_CR16","volume-title":"GCC: The Complete Reference","author":"A Griffith","year":"2002","unstructured":"Griffith, A.: GCC: The Complete Reference, 1st edn. McGraw-Hill Inc., USA (2002)","edition":"1"},{"issue":"4","key":"15_CR17","doi-asserted-by":"publisher","first-page":"1","DOI":"10.1145\/1186736.1186737","volume":"34","author":"JL Henning","year":"2006","unstructured":"Henning, J.L.: Spec cpu2006 benchmark descriptions. SIGARCH Comput. Arch. News 34(4), 1\u201317 (2006)","journal-title":"SIGARCH Comput. Arch. News"},{"key":"15_CR18","doi-asserted-by":"crossref","unstructured":"Hu, Y., Zhang, Y., Li, J., Gu, D.: Binary code clone detection across architectures and compiling configurations. In: 2017 IEEE\/ACM 25th International Conference on Program Comprehension (ICPC), pp. 88\u201398 (2017)","DOI":"10.1109\/ICPC.2017.22"},{"key":"15_CR19","unstructured":"Kamathe, G.: Identify security properties on linux using checksec (2021). https:\/\/opensource.com\/article\/21\/6\/linux-checksec"},{"key":"15_CR20","unstructured":"Kuznetsov, V., Szekeres, L., Payer, M., Candea, G., Sekar, R., Song, D.: Code-Pointer integrity. In: 11th USENIX Symposium on Operating Systems Design and Implementation, Broomfield, CO, pp. 147\u2013163 (2014)"},{"key":"15_CR21","doi-asserted-by":"crossref","unstructured":"Nagarakatte, S., Zhao, J., Martin, M.M., Zdancewic, S.: Softbound: highly compatible and complete spatial memory safety for c. In: Proceedings of the 30th ACM SIGPLAN Conference on Programming Language Design and Implementation, pp. 245\u2013258 (2009)","DOI":"10.1145\/1543135.1542504"},{"key":"15_CR22","unstructured":"National Security Agency ghidra, N.: Ghidra (2019). https:\/\/www.nsa.gov\/resources\/everyone\/ghidra\/"},{"key":"15_CR23","unstructured":"NIST: National Vulnerability Database (2022). https:\/\/nvd.nist.gov\/general\/visualizations\/vulnerability-visualizations\/cvss-severity-distribution-over-time"},{"key":"15_CR24","doi-asserted-by":"crossref","unstructured":"Pewny, J., Garmany, B., Gawlik, R., Rossow, C., Holz, T.: Cross-architecture bug search in binary executables. In: 2015 IEEE Symposium on Security and Privacy, pp. 709\u2013724. IEEE (2015)","DOI":"10.1109\/SP.2015.49"},{"key":"15_CR25","doi-asserted-by":"crossref","unstructured":"Preda, M.D., Christodorescu, M., Jha, S., Debray, S.: A semantics-based approach to malware detection. ACM Trans. Program. Lang. Syst. 30(5) (2008)","DOI":"10.1145\/1387673.1387674"},{"key":"15_CR26","doi-asserted-by":"crossref","unstructured":"Qasem, A., Shirani, P., Debbabi, M., Wang, L., Lebel, B., Agba, B.L.: Automatic vulnerability detection in embedded devices and firmware: Survey and layered taxonomies. ACM Comput. Surv. 54(2) (2021)","DOI":"10.1145\/3432893"},{"key":"15_CR27","unstructured":"Rebert, A., et al.: Optimizing seed selection for fuzzing. In: 23rd USENIX Security Symposium (USENIX Security 2014), pp. 861\u2013875 (2014)"},{"key":"15_CR28","unstructured":"Sarda, S., Pandey, M.: LLVM Essentials. Packt Publishing, Birmingham (2015)"},{"key":"15_CR29","unstructured":"Serebryany, K., Bruening, D., Potapenko, A., Vyukov, D.: Addresssanitizer: a fast address sanity checker. In: USENIX ATC 2012 (2012)"},{"key":"15_CR30","doi-asserted-by":"crossref","unstructured":"Shabtai, A., Menahem, E., Elovici, Y.: F-sign: automatic, function-based signature generation for malware. IEEE Trans. Syst. Man Cybern. Part C (Appl. Rev.) 41(4), 494\u2013508 (2011)","DOI":"10.1109\/TSMCC.2010.2068544"},{"key":"15_CR31","doi-asserted-by":"crossref","unstructured":"Stephens, N., et al.: Driller: augmenting fuzzing through selective symbolic execution. In: NDSS, vol. 16, pp. 1\u201316 (2016)","DOI":"10.14722\/ndss.2016.23368"},{"key":"15_CR32","doi-asserted-by":"crossref","unstructured":"Szekeres, L., Payer, M., Wei, T., Song, D.: Sok: eternal war in memory. In: IEEE Symposium on Security and Privacy, SP 2013, pp. 48\u201362 (2013)","DOI":"10.1109\/SP.2013.13"},{"key":"15_CR33","volume-title":"The Art of Computer Virus Research and Defense","author":"P Szor","year":"2005","unstructured":"Szor, P.: The Art of Computer Virus Research and Defense. Addison-Wesley Professional, Boston (2005)"},{"key":"15_CR34","unstructured":"Tice, C., et al.: Enforcing forward-edge control-flow integrity in GCC & LLVM. In: 23rd USENIX Security Symposium (USENIX Security 2014), pp. 941\u2013955. USENIX Association, San Diego (2014)"},{"key":"15_CR35","doi-asserted-by":"publisher","first-page":"123","DOI":"10.1016\/j.cose.2018.11.001","volume":"81","author":"D Ucci","year":"2019","unstructured":"Ucci, D., Aniello, L., Baldoni, R.: Survey of machine learning techniques for malware analysis. Comput. Secur. 81, 123\u2013147 (2019)","journal-title":"Comput. Secur."},{"issue":"8","key":"15_CR36","doi-asserted-by":"publisher","first-page":"80","DOI":"10.1109\/MC.2014.217","volume":"47","author":"DA Wheeler","year":"2014","unstructured":"Wheeler, D.A.: Preventing heartbleed. IEEE Comput. 47(8), 80\u201383 (2014). https:\/\/doi.org\/10.1109\/MC.2014.217","journal-title":"IEEE Comput."},{"key":"15_CR37","unstructured":"Wired: The reaper iot botnet has already infected a million networks (2017). https:\/\/www.wired.com\/story\/reaper-iot-botnet-infected-million-networks\/"}],"container-title":["Lecture Notes in Computer Science","Information Security Practice and Experience"],"original-title":[],"language":"en","link":[{"URL":"https:\/\/link.springer.com\/content\/pdf\/10.1007\/978-3-031-21280-2_15","content-type":"unspecified","content-version":"vor","intended-application":"similarity-checking"}],"deposited":{"date-parts":[[2022,11,18]],"date-time":"2022-11-18T08:32:59Z","timestamp":1668760379000},"score":1,"resource":{"primary":{"URL":"https:\/\/link.springer.com\/10.1007\/978-3-031-21280-2_15"}},"subtitle":[],"short-title":[],"issued":{"date-parts":[[2022]]},"ISBN":["9783031212796","9783031212802"],"references-count":37,"URL":"https:\/\/doi.org\/10.1007\/978-3-031-21280-2_15","relation":{},"ISSN":["0302-9743","1611-3349"],"issn-type":[{"type":"print","value":"0302-9743"},{"type":"electronic","value":"1611-3349"}],"subject":[],"published":{"date-parts":[[2022]]},"assertion":[{"value":"19 November 2022","order":1,"name":"first_online","label":"First Online","group":{"name":"ChapterHistory","label":"Chapter History"}},{"value":"ISPEC","order":1,"name":"conference_acronym","label":"Conference Acronym","group":{"name":"ConferenceInfo","label":"Conference Information"}},{"value":"International Conference on Information Security Practice and Experience","order":2,"name":"conference_name","label":"Conference Name","group":{"name":"ConferenceInfo","label":"Conference Information"}},{"value":"Taipei","order":3,"name":"conference_city","label":"Conference City","group":{"name":"ConferenceInfo","label":"Conference Information"}},{"value":"Taiwan","order":4,"name":"conference_country","label":"Conference Country","group":{"name":"ConferenceInfo","label":"Conference Information"}},{"value":"2022","order":5,"name":"conference_year","label":"Conference Year","group":{"name":"ConferenceInfo","label":"Conference Information"}},{"value":"23 November 2022","order":7,"name":"conference_start_date","label":"Conference Start Date","group":{"name":"ConferenceInfo","label":"Conference Information"}},{"value":"25 November 2022","order":8,"name":"conference_end_date","label":"Conference End Date","group":{"name":"ConferenceInfo","label":"Conference Information"}},{"value":"17","order":9,"name":"conference_number","label":"Conference Number","group":{"name":"ConferenceInfo","label":"Conference Information"}},{"value":"ispec2022","order":10,"name":"conference_id","label":"Conference ID","group":{"name":"ConferenceInfo","label":"Conference Information"}},{"value":"https:\/\/ispec2022.ndhu.edu.tw\/","order":11,"name":"conference_url","label":"Conference URL","group":{"name":"ConferenceInfo","label":"Conference Information"}},{"value":"Single-blind","order":1,"name":"type","label":"Type","group":{"name":"ConfEventPeerReviewInformation","label":"Peer Review Information (provided by the conference organizers)"}},{"value":"EasyChair","order":2,"name":"conference_management_system","label":"Conference Management System","group":{"name":"ConfEventPeerReviewInformation","label":"Peer Review Information (provided by the conference organizers)"}},{"value":"87","order":3,"name":"number_of_submissions_sent_for_review","label":"Number of Submissions Sent for Review","group":{"name":"ConfEventPeerReviewInformation","label":"Peer Review Information (provided by the conference organizers)"}},{"value":"33","order":4,"name":"number_of_full_papers_accepted","label":"Number of Full Papers Accepted","group":{"name":"ConfEventPeerReviewInformation","label":"Peer Review Information (provided by the conference organizers)"}},{"value":"0","order":5,"name":"number_of_short_papers_accepted","label":"Number of Short Papers Accepted","group":{"name":"ConfEventPeerReviewInformation","label":"Peer Review Information (provided by the conference organizers)"}},{"value":"38% - The value is computed by the equation \"Number of Full Papers Accepted \/ Number of Submissions Sent for Review * 100\" and then rounded to a whole number.","order":6,"name":"acceptance_rate_of_full_papers","label":"Acceptance Rate of Full Papers","group":{"name":"ConfEventPeerReviewInformation","label":"Peer Review Information (provided by the conference organizers)"}},{"value":"2.3","order":7,"name":"average_number_of_reviews_per_paper","label":"Average Number of Reviews per Paper","group":{"name":"ConfEventPeerReviewInformation","label":"Peer Review Information (provided by the conference organizers)"}},{"value":"4","order":8,"name":"average_number_of_papers_per_reviewer","label":"Average Number of Papers per Reviewer","group":{"name":"ConfEventPeerReviewInformation","label":"Peer Review Information (provided by the conference organizers)"}},{"value":"No","order":9,"name":"external_reviewers_involved","label":"External Reviewers Involved","group":{"name":"ConfEventPeerReviewInformation","label":"Peer Review Information (provided by the conference organizers)"}},{"value":"2 invited papers","order":10,"name":"additional_info_on_review_process","label":"Additional Info on Review Process","group":{"name":"ConfEventPeerReviewInformation","label":"Peer Review Information (provided by the conference organizers)"}}]}}