{"status":"ok","message-type":"work","message-version":"1.0.0","message":{"indexed":{"date-parts":[[2026,2,24]],"date-time":"2026-02-24T17:45:36Z","timestamp":1771955136801,"version":"3.50.1"},"publisher-location":"Cham","reference-count":41,"publisher":"Springer Nature Switzerland","isbn-type":[{"value":"9783031355035","type":"print"},{"value":"9783031355042","type":"electronic"}],"license":[{"start":{"date-parts":[[2023,1,1]],"date-time":"2023-01-01T00:00:00Z","timestamp":1672531200000},"content-version":"tdm","delay-in-days":0,"URL":"https:\/\/www.springernature.com\/gp\/researchers\/text-and-data-mining"},{"start":{"date-parts":[[2023,1,1]],"date-time":"2023-01-01T00:00:00Z","timestamp":1672531200000},"content-version":"vor","delay-in-days":0,"URL":"https:\/\/www.springernature.com\/gp\/researchers\/text-and-data-mining"}],"content-domain":{"domain":["link.springer.com"],"crossmark-restriction":false},"short-container-title":[],"published-print":{"date-parts":[[2023]]},"DOI":"10.1007\/978-3-031-35504-2_11","type":"book-chapter","created":{"date-parts":[[2023,6,9]],"date-time":"2023-06-09T08:01:47Z","timestamp":1686297707000},"page":"211-232","update-policy":"https:\/\/doi.org\/10.1007\/springer_crossmark_policy","source":"Crossref","is-referenced-by-count":2,"title":["Divak: Non-invasive Characterization of\u00a0Out-of-Bounds Write Vulnerabilities"],"prefix":"10.1007","author":[{"given":"Linus","family":"Hafkemeyer","sequence":"first","affiliation":[],"role":[{"role":"author","vocabulary":"crossref"}]},{"given":"Jerre","family":"Starink","sequence":"additional","affiliation":[],"role":[{"role":"author","vocabulary":"crossref"}]},{"given":"Andrea","family":"Continella","sequence":"additional","affiliation":[],"role":[{"role":"author","vocabulary":"crossref"}]}],"member":"297","published-online":{"date-parts":[[2023,6,10]]},"reference":[{"key":"11_CR1","doi-asserted-by":"crossref","unstructured":"Anderson, J.P.: Computer security technology planning study. Tech. rep., U.S. Air Force Electronic Systems Division (1972)","DOI":"10.21236\/AD0772806"},{"key":"11_CR2","doi-asserted-by":"crossref","unstructured":"Assaiante, C., D\u2019Elia, D.C., Di Luna, G.A., Querzoni, L.: Where did my variable go? Poking Holes in incomplete debug information. In: Proceedings of the ACM International Conference on Architectural Support for Programming Languages and Operating Systems (ASPLOS) (2023)","DOI":"10.1145\/3575693.3575720"},{"key":"11_CR3","unstructured":"Avgerinos, T., Cha, S.K., Hao, B.L.T., Brumley, D.: AEG: automatic exploit generation. In: Proceedings of the Network and Distributed System Security Symposium (NDSS) (2011)"},{"key":"11_CR4","unstructured":"B\u00f6hme, M.: oss-security - Invalid writes and reads in libxml2 (2017)"},{"key":"11_CR5","doi-asserted-by":"crossref","unstructured":"Cha, S.K., Avgerinos, T., Rebert, A., Brumley, D.: Unleashing Mayhem on Binary Code. In: Proceedings of the IEEE Symposium on Security and Privacy (S &P) (2012)","DOI":"10.1109\/SP.2012.31"},{"key":"11_CR6","unstructured":"Chen, W., Zou, X., Li, G., Qian, Z.: KOOBE: towards facilitating exploit generation of kernel out-of-bounds write vulnerabilities. In: Proceedings of the USENIX Security Symposium (2020)"},{"key":"11_CR7","doi-asserted-by":"crossref","unstructured":"Chipounov, V., Kuznetsov, V., Candea, G.: S2E: a platform for in-vivo multi-path analysis of software systems. In: Proceedings of the International Conference on Architectural Support for Programming Languages and Operating Systems (ASPLOS) (2011)","DOI":"10.1145\/1950365.1950396"},{"key":"11_CR8","unstructured":"Clang: hardware-assisted addresssanitizer design documentation (2022)"},{"key":"11_CR9","unstructured":"Cowan, C., et al.: StackGuard: automatic adaptive detection and prevention of buffer-overflow attacks. In: Proceedings of the USENIX Security Symposium (1998)"},{"key":"11_CR10","doi-asserted-by":"crossref","unstructured":"Di Luna, G.A., Italiano, D., Massarelli, L., \u00d6sterlund, S., Giuffrida, C., Querzoni, L.: Who\u2019s debugging the debuggers? Exposing debug information bugs in optimized binaries. In: Proceedings of the ACM International Conference on Architectural Support for Programming Languages and Operating Systems (ASPLOS) (2021)","DOI":"10.1145\/3445814.3446695"},{"key":"11_CR11","doi-asserted-by":"crossref","unstructured":"Ding, Z.Y., Goues, C.L.: An Empirical Study of OSS-Fuzz Bugs (2021)","DOI":"10.1109\/MSR52588.2021.00026"},{"key":"11_CR12","unstructured":"Donovan, A.A., Kernighan, B.W.: The go programming language. Addison-Wesley Professional (2015)"},{"key":"11_CR13","doi-asserted-by":"crossref","unstructured":"Fioraldi, A., D\u2019Elia, D.C., Querzoni, L.: Fuzzing binaries for memory safety errors with qasan. In: Proceedings of the IEEE Secure Development Conference (2020)","DOI":"10.1109\/SecDev45635.2020.00019"},{"key":"11_CR14","unstructured":"Heelan, S.: Automatic generation of control flow hijacking exploits for software vulnerabilities, Master\u2019s thesis, University of Oxford (2009)"},{"key":"11_CR15","doi-asserted-by":"crossref","unstructured":"Huang, S.K., Huang, M.H., Huang, P.Y., Lai, C.W., Lu, H.L., Leong, W.M.: CRAX: software crash analysis for automatic exploit generation by modeling attacks as symbolic continuations. In: Proceedings of the IEEE International Conference on Software Security and Reliability (SERE) (2012)","DOI":"10.1109\/SERE.2012.20"},{"key":"11_CR16","unstructured":"ISO Central Secretary: Programming languages - C. Standard ISO\/IEC 9899:2011. International Organization for Standardization, Geneva, CH (2011)"},{"key":"11_CR17","doi-asserted-by":"crossref","unstructured":"Kemerlis, V.P., Portokalidis, G., Jee, K., Keromytis, A.D.: libdft: practical dynamic data flow tracking for commodity systems. In: Proceedings of the 8th ACM Conference on Virtual Execution Environments (2012)","DOI":"10.1145\/2151024.2151042"},{"key":"11_CR18","doi-asserted-by":"crossref","unstructured":"Kim, S.H., Zeng, D., Sun, C., Tan, G.: Binpointer: towards precise, sound, and scalable binary-level pointer analysis. In: Proceedings of the ACM International Conference on Compiler Construction (2022)","DOI":"10.1145\/3497776.3517776"},{"key":"11_CR19","unstructured":"Klabnik, S., Nichols, C.: The rust programming language. No Starch Press (2018)"},{"key":"11_CR20","doi-asserted-by":"crossref","unstructured":"Kroes, T., Koning, K., van der Kouwe, E., Bos, H., Giuffrida, C.: Delta pointers: buffer overflow checks without the checks. In: Proceedings of the EuroSys Conference (2018)","DOI":"10.1145\/3190508.3190553"},{"key":"11_CR21","unstructured":"Luo, Z.: Stack-buffer-overflow in pnm2png in function get_token (2018)"},{"key":"11_CR22","unstructured":"MITRE Corporation: CWE Top 25 Most Dangerous Software Weaknesses (2021)"},{"key":"11_CR23","doi-asserted-by":"crossref","unstructured":"Nagarakatte, S., Zhao, J., Martin, M.M., Zdancewic, S.: SoftBound: highly compatible and complete spatial memory safety for C. In: Proceedings of the ACM Conference on Programming Language Design and Implementation (PLDI) (2009)","DOI":"10.1145\/1542476.1542504"},{"key":"11_CR24","doi-asserted-by":"crossref","unstructured":"Nethercote, N., Seward, J.: Valgrind: a framework for heavyweight dynamic binary instrumentation. In: Proceedings of the ACM Conference on Programming Language Design and Implementation (PLDI) (2007)","DOI":"10.1145\/1250734.1250746"},{"key":"11_CR25","doi-asserted-by":"crossref","unstructured":"Neugschwandtner, M., Comparetti, P.M., Haller, I., Bos, H.: The BORG: nanoprobing binaries for buffer overreads. In: Proceedings of the ACM Conference on Data and Application Security and Privacy (CODASPY) (2015)","DOI":"10.1145\/2699026.2699098"},{"key":"11_CR26","doi-asserted-by":"crossref","unstructured":"Oleksenko, O., Kuvaiskii, D., Bhatotia, P., Felber, P., Fetzer, C.: Intel MPX explained: an empirical study of intel MPX and software-based bounds checking approaches (2017)","DOI":"10.1145\/3219617.3219662"},{"key":"11_CR27","unstructured":"PaX Team: Address Space Layout Randomization (2001)"},{"key":"11_CR28","unstructured":"Rosier, H.: ripe64 (2019). https:\/\/github.com\/hrosier\/ripe64"},{"key":"11_CR29","unstructured":"Serebryany, K., Bruening, D., Potapenko, A., Vyukov, D.: AddressSanitizer: a fast address sanity checker. In: Proceedings of the USENIX Annual Technical Conference (2012)"},{"key":"11_CR30","unstructured":"Serebryany, K., Stepanov, E., Shlyapnikov, A., Tsyrklevich, V., Vyukov, D.: Memory tagging and how it improves C\/C++ memory safety (2018)"},{"key":"11_CR31","unstructured":"Seward, J., Nethercote, N.: Using Valgrind to detect undefined value errors with bit-precision. In: Proceedings of the USENIX Annual Technical Conference (2005)"},{"key":"11_CR32","doi-asserted-by":"crossref","unstructured":"Shoshitaishvili, Y., et al.: Rise of the HaCRS: augmenting autonomous cyber reasoning systems with human assistance. In: Proceedings of the ACM SIGSAC Conference on Computer and Communications Security (CCS) (2017)","DOI":"10.1145\/3133956.3134105"},{"key":"11_CR33","unstructured":"Slowinska, A., Stancescu, T., Bos, H.: Body armor for binaries: preventing buffer overflows without recompilation. In: Proceedings of the USENIX Annual Technical Conference (2012)"},{"key":"11_CR34","doi-asserted-by":"crossref","unstructured":"Sui, Y., Xue, J.: SVF: interprocedural static value-flow analysis in LLVM. In: Proceedings of the ACM International Conference on Compiler Construction (2016)","DOI":"10.1145\/2892208.2892235"},{"key":"11_CR35","doi-asserted-by":"crossref","unstructured":"Sui, Y., Ye, D., Xue, J.: Static memory leak detection using full-sparse value-flow analysis. In: Proceedings of the International Symposium on Software Testing and Analysis (2012)","DOI":"10.1145\/2338965.2336784"},{"key":"11_CR36","unstructured":"The kernel development community: The Kernel Address Sanitizer (KASAN) - The Linux Kernel documentation (2021)"},{"key":"11_CR37","unstructured":"Valgrind Developers: SGCheck: an experimental stack and global array overrun detector (2012). http:\/\/valgrind.org\/docs\/manual\/sg-manual.html"},{"key":"11_CR38","doi-asserted-by":"crossref","unstructured":"Wang, Y., et al.: Revery: from proof-of-concept to exploitable. In: Proceedings of the ACM SIGSAC Conference on Computer and Communications Security (CCS) (2018)","DOI":"10.1145\/3243734.3243847"},{"key":"11_CR39","doi-asserted-by":"crossref","unstructured":"Wilander, J., Nikiforakis, N., Younan, Y., Kamkar, M., Joosen, W.: RIPE: runtime intrusion prevention evaluator. In: Proceedings of the Annual Computer Security Applications Conference (ACSAC) (2011)","DOI":"10.1145\/2076732.2076739"},{"key":"11_CR40","doi-asserted-by":"crossref","unstructured":"Xu, L., Jia, W., Dong, W., Li, Y.: Automatic exploit generation for buffer overflow vulnerabilities. In: Proceedings of the IEEE International Conference on Software Quality, Reliability and Security Companion (QRS) (2018)","DOI":"10.1109\/QRS-C.2018.00085"},{"key":"11_CR41","doi-asserted-by":"crossref","unstructured":"Younan, Y., Philippaerts, P., Cavallaro, L., Sekar, R., Piessens, F., Joosen, W.: PAriCheck: an efficient pointer arithmetic checker for C programs. In: Proceedings of the ACM Symposium on Information, Computer and Communications Security, (ASIACCS) (2010)","DOI":"10.1145\/1755688.1755707"}],"container-title":["Lecture Notes in Computer Science","Detection of Intrusions and Malware, and Vulnerability Assessment"],"original-title":[],"language":"en","link":[{"URL":"https:\/\/link.springer.com\/content\/pdf\/10.1007\/978-3-031-35504-2_11","content-type":"unspecified","content-version":"vor","intended-application":"similarity-checking"}],"deposited":{"date-parts":[[2023,7,4]],"date-time":"2023-07-04T23:04:15Z","timestamp":1688511855000},"score":1,"resource":{"primary":{"URL":"https:\/\/link.springer.com\/10.1007\/978-3-031-35504-2_11"}},"subtitle":[],"short-title":[],"issued":{"date-parts":[[2023]]},"ISBN":["9783031355035","9783031355042"],"references-count":41,"URL":"https:\/\/doi.org\/10.1007\/978-3-031-35504-2_11","relation":{},"ISSN":["0302-9743","1611-3349"],"issn-type":[{"value":"0302-9743","type":"print"},{"value":"1611-3349","type":"electronic"}],"subject":[],"published":{"date-parts":[[2023]]},"assertion":[{"value":"10 June 2023","order":1,"name":"first_online","label":"First Online","group":{"name":"ChapterHistory","label":"Chapter History"}},{"value":"DIMVA","order":1,"name":"conference_acronym","label":"Conference Acronym","group":{"name":"ConferenceInfo","label":"Conference Information"}},{"value":"International Conference on Detection of Intrusions and Malware, and Vulnerability Assessment","order":2,"name":"conference_name","label":"Conference Name","group":{"name":"ConferenceInfo","label":"Conference Information"}},{"value":"Hamburg","order":3,"name":"conference_city","label":"Conference City","group":{"name":"ConferenceInfo","label":"Conference Information"}},{"value":"Germany","order":4,"name":"conference_country","label":"Conference Country","group":{"name":"ConferenceInfo","label":"Conference Information"}},{"value":"2023","order":5,"name":"conference_year","label":"Conference Year","group":{"name":"ConferenceInfo","label":"Conference Information"}},{"value":"12 July 2023","order":7,"name":"conference_start_date","label":"Conference Start Date","group":{"name":"ConferenceInfo","label":"Conference Information"}},{"value":"14 July 2023","order":8,"name":"conference_end_date","label":"Conference End Date","group":{"name":"ConferenceInfo","label":"Conference Information"}},{"value":"20","order":9,"name":"conference_number","label":"Conference Number","group":{"name":"ConferenceInfo","label":"Conference Information"}},{"value":"dimva2023","order":10,"name":"conference_id","label":"Conference ID","group":{"name":"ConferenceInfo","label":"Conference Information"}},{"value":"https:\/\/dimva2023.de\/org\/","order":11,"name":"conference_url","label":"Conference URL","group":{"name":"ConferenceInfo","label":"Conference Information"}},{"value":"Double-blind","order":1,"name":"type","label":"Type","group":{"name":"ConfEventPeerReviewInformation","label":"Peer Review Information (provided by the conference organizers)"}},{"value":"hotcrp.com","order":2,"name":"conference_management_system","label":"Conference Management System","group":{"name":"ConfEventPeerReviewInformation","label":"Peer Review Information (provided by the conference organizers)"}},{"value":"43","order":3,"name":"number_of_submissions_sent_for_review","label":"Number of Submissions Sent for Review","group":{"name":"ConfEventPeerReviewInformation","label":"Peer Review Information (provided by the conference organizers)"}},{"value":"12","order":4,"name":"number_of_full_papers_accepted","label":"Number of Full Papers Accepted","group":{"name":"ConfEventPeerReviewInformation","label":"Peer Review Information (provided by the conference organizers)"}},{"value":"1","order":5,"name":"number_of_short_papers_accepted","label":"Number of Short Papers Accepted","group":{"name":"ConfEventPeerReviewInformation","label":"Peer Review Information (provided by the conference organizers)"}},{"value":"28% - The value is computed by the equation \"Number of Full Papers Accepted \/ Number of Submissions Sent for Review * 100\" and then rounded to a whole number.","order":6,"name":"acceptance_rate_of_full_papers","label":"Acceptance Rate of Full Papers","group":{"name":"ConfEventPeerReviewInformation","label":"Peer Review Information (provided by the conference organizers)"}},{"value":"3","order":7,"name":"average_number_of_reviews_per_paper","label":"Average Number of Reviews per Paper","group":{"name":"ConfEventPeerReviewInformation","label":"Peer Review Information (provided by the conference organizers)"}},{"value":"2.4","order":8,"name":"average_number_of_papers_per_reviewer","label":"Average Number of Papers per Reviewer","group":{"name":"ConfEventPeerReviewInformation","label":"Peer Review Information (provided by the conference organizers)"}},{"value":"Yes","order":9,"name":"external_reviewers_involved","label":"External Reviewers Involved","group":{"name":"ConfEventPeerReviewInformation","label":"Peer Review Information (provided by the conference organizers)"}}]}}