{"status":"ok","message-type":"work","message-version":"1.0.0","message":{"indexed":{"date-parts":[[2025,3,25]],"date-time":"2025-03-25T21:42:57Z","timestamp":1742938977531,"version":"3.40.3"},"publisher-location":"Cham","reference-count":35,"publisher":"Springer Nature Switzerland","isbn-type":[{"type":"print","value":"9783031413254"},{"type":"electronic","value":"9783031413261"}],"license":[{"start":{"date-parts":[[2023,1,1]],"date-time":"2023-01-01T00:00:00Z","timestamp":1672531200000},"content-version":"tdm","delay-in-days":0,"URL":"https:\/\/www.springernature.com\/gp\/researchers\/text-and-data-mining"},{"start":{"date-parts":[[2023,1,1]],"date-time":"2023-01-01T00:00:00Z","timestamp":1672531200000},"content-version":"vor","delay-in-days":0,"URL":"https:\/\/www.springernature.com\/gp\/researchers\/text-and-data-mining"}],"content-domain":{"domain":["link.springer.com"],"crossmark-restriction":false},"short-container-title":[],"published-print":{"date-parts":[[2023]]},"DOI":"10.1007\/978-3-031-41326-1_2","type":"book-chapter","created":{"date-parts":[[2023,8,23]],"date-time":"2023-08-23T21:02:24Z","timestamp":1692824544000},"page":"16-35","update-policy":"https:\/\/doi.org\/10.1007\/springer_crossmark_policy","source":"Crossref","is-referenced-by-count":0,"title":["The Good, the\u00a0Bad, and\u00a0the\u00a0Binary: An LSTM-Based Method for\u00a0Section Boundary Detection in\u00a0Firmware Analysis"],"prefix":"10.1007","author":[{"given":"Riccardo","family":"Remigio","sequence":"first","affiliation":[],"role":[{"role":"author","vocabulary":"crossref"}]},{"given":"Alessandro","family":"Bertani","sequence":"additional","affiliation":[],"role":[{"role":"author","vocabulary":"crossref"}]},{"given":"Mario","family":"Polino","sequence":"additional","affiliation":[],"role":[{"role":"author","vocabulary":"crossref"}]},{"given":"Michele","family":"Carminati","sequence":"additional","affiliation":[],"role":[{"role":"author","vocabulary":"crossref"}]},{"given":"Stefano","family":"Zanero","sequence":"additional","affiliation":[],"role":[{"role":"author","vocabulary":"crossref"}]}],"member":"297","published-online":{"date-parts":[[2023,8,24]]},"reference":[{"key":"2_CR1","doi-asserted-by":"crossref","unstructured":"Cova, M., Felmetsger, V., Banks, G., Vigna, G.: Static detection of vulnerabilities in x86 executables. In: Proceedings 22nd Annual Computer Security Applications Conference, ACSAC, pp. 269\u2013278. IEEE (2006)","DOI":"10.1109\/ACSAC.2006.50"},{"key":"2_CR2","series-title":"Lecture Notes in Computer Science","doi-asserted-by":"publisher","first-page":"1","DOI":"10.1007\/978-3-540-89862-7_1","volume-title":"Information Systems Security","author":"D Song","year":"2008","unstructured":"Song, D., et al.: BitBlaze: a new approach to computer security via binary analysis. In: Sekar, R., Pujari, A.K. (eds.) ICISS 2008. LNCS, vol. 5352, pp. 1\u201325. Springer, Heidelberg (2008). https:\/\/doi.org\/10.1007\/978-3-540-89862-7_1"},{"key":"2_CR3","series-title":"Lecture Notes in Computer Science","doi-asserted-by":"publisher","first-page":"463","DOI":"10.1007\/978-3-642-22110-1_37","volume-title":"Computer Aided Verification","author":"D Brumley","year":"2011","unstructured":"Brumley, D., Jager, I., Avgerinos, T., Schwartz, E.J.: BAP: a binary analysis platform. In: Gopalakrishnan, G., Qadeer, S. (eds.) CAV 2011. LNCS, vol. 6806, pp. 463\u2013469. Springer, Heidelberg (2011). https:\/\/doi.org\/10.1007\/978-3-642-22110-1_37"},{"key":"2_CR4","doi-asserted-by":"crossref","unstructured":"Shoshitaishvili, Y., et al.: SoK: (state of) the art of war: offensive techniques in binary analysis. In: Proceedings of 2016 IEEE Symposium on Security and Privacy, SP, pp. 138\u2013157 (2016)","DOI":"10.1109\/SP.2016.17"},{"key":"2_CR5","doi-asserted-by":"crossref","unstructured":"Shoshitaishvili, Y., Wang, R., Hauser, C., Kruegel, C., Vigna, G.: Firmalice-automatic detection of authentication bypass vulnerabilities in binary firmware. In: Proceedings of 2015 Network and Distributed System Security Symposium, NDSS (2015)","DOI":"10.14722\/ndss.2015.23294"},{"key":"2_CR6","unstructured":"Haller, I., Slowinska, A., Neugschwandtner, M., Bos, H.: Dowsing for overflows: a guided fuzzer to find buffer boundary violations. In: Proceedings 22nd USENIX Security Symposium, USENIX Security 2013, pp. 49\u201364 (2013)"},{"key":"2_CR7","doi-asserted-by":"crossref","unstructured":"Corina, J., et al.: Difuze: interface aware fuzzing for kernel drivers. In: Proceedings of the 2017 ACM SIGSAC Conference on Computer and Communications Security, CCS 2017, pp. 2123\u20132138 (2017)","DOI":"10.1145\/3133956.3134069"},{"key":"2_CR8","doi-asserted-by":"crossref","unstructured":"Stephens, N., et al.: Driller: augmenting fuzzing through selective symbolic execution. In: Proceedings of 2016 Network and Distributed System Security Symposium, NDSS, vol. 16, pp. 1\u201316 (2016)","DOI":"10.14722\/ndss.2016.23368"},{"key":"2_CR9","series-title":"Lecture Notes in Computer Science (Lecture Notes in Artificial Intelligence)","doi-asserted-by":"publisher","first-page":"522","DOI":"10.1007\/978-3-642-23808-6_34","volume-title":"Machine Learning and Knowledge Discovery in Databases","author":"R Wartell","year":"2011","unstructured":"Wartell, R., Zhou, Y., Hamlen, K.W., Kantarcioglu, M., Thuraisingham, B.: Differentiating code from data in x86 binaries. In: Gunopulos, D., Hofmann, T., Malerba, D., Vazirgiannis, M. (eds.) ECML PKDD 2011. LNCS (LNAI), vol. 6913, pp. 522\u2013536. Springer, Heidelberg (2011). https:\/\/doi.org\/10.1007\/978-3-642-23808-6_34"},{"key":"2_CR10","series-title":"Lecture Notes in Computer Science","doi-asserted-by":"publisher","first-page":"351","DOI":"10.1007\/978-3-319-93411-2_16","volume-title":"Detection of Intrusions and Malware, and Vulnerability Assessment","author":"P De Nicolao","year":"2018","unstructured":"De Nicolao, P., Pogliani, M., Polino, M., Carminati, M., Quarta, D., Zanero, S.: ELISA: ELiciting ISA of raw binaries for fine-grained code and data separation. In: Giuffrida, C., Bardin, S., Blanc, G. (eds.) DIMVA 2018. LNCS, vol. 10885, pp. 351\u2013371. Springer, Cham (2018). https:\/\/doi.org\/10.1007\/978-3-319-93411-2_16"},{"key":"2_CR11","doi-asserted-by":"crossref","unstructured":"McDaniel, M., Heydari, M.H.: Content based file type detection algorithms. In: Proceedings of 36th Annual Hawaii International Conference on System Sciences (2003)","DOI":"10.1109\/HICSS.2003.1174905"},{"key":"2_CR12","unstructured":"Li, W.-J., Wang, K., Stolfo, S.J., Herzog, B.: Fileprints: identifying file types by n-gram analysis. In: Proceedings of the 6th Annual IEEE SMC Information Assurance Workshop, IAW 2005, pp. 64\u201371. IEEE (2005)"},{"key":"2_CR13","series-title":"IFIP Advances in Information and Communication Technology","doi-asserted-by":"publisher","first-page":"67","DOI":"10.1007\/978-3-642-33962-2_5","volume-title":"Advances in Digital Forensics VIII","author":"L Sportiello","year":"2012","unstructured":"Sportiello, L., Zanero, S.: Context-based file block classification. In: Peterson, G., Shenoi, S. (eds.) DigitalForensics 2012. IAICT, vol. 383, pp. 67\u201382. Springer, Heidelberg (2012). https:\/\/doi.org\/10.1007\/978-3-642-33962-2_5"},{"issue":"4","key":"2_CR14","doi-asserted-by":"publisher","first-page":"372","DOI":"10.1016\/j.diin.2013.08.004","volume":"10","author":"P Penrose","year":"2013","unstructured":"Penrose, P., Macfarlane, R., Buchanan, W.J.: Approaches to the classification of high entropy file fragments. Digit. Investig. 10(4), 372\u2013384 (2013)","journal-title":"Digit. Investig."},{"key":"2_CR15","doi-asserted-by":"crossref","unstructured":"Clemens, J.: Automatic classification of object code using machine learning. Digit. Invest. 14, S156\u2013S162 (2015)","DOI":"10.1016\/j.diin.2015.05.007"},{"key":"2_CR16","doi-asserted-by":"publisher","first-page":"40","DOI":"10.1109\/MSP.2007.48","volume":"5","author":"R Lyda","year":"2007","unstructured":"Lyda, R., Hamrock, J.: Using entropy analysis to find encrypted and packed malware. IEEE Secur. Priv. 5, 40\u201345 (2007)","journal-title":"IEEE Secur. Priv."},{"key":"2_CR17","unstructured":"Granboulan, L.: cpu_rec: recognize CPU instructions in an arbitrary binary file (2017). https:\/\/github.com\/airbus-seclab\/cpu_rec"},{"key":"2_CR18","unstructured":"ReFirmLabs: Binwalk"},{"key":"2_CR19","doi-asserted-by":"crossref","unstructured":"Kairaj\u00e4rvi, S., Costin, A., H\u00e4m\u00e4l\u00e4inen, T.: Isadetect: usable automated detection of CPU architecture and endianness for executable binary files and object code. In: Proceedings of the Tenth ACM Conference on Data and Application Security and Privacy, CODASPY 2020, pp. 376\u2013380. Association for Computing Machinery, New York (2020)","DOI":"10.1145\/3374664.3375742"},{"key":"2_CR20","unstructured":"Andriesse, D., Chen, X., Van Der Veen, V., Slowinska, A., Bos, H.: An in-depth analysis of disassembly on full-scale x86\/x64 binaries. In: Proceedings of 25th USENIX Security Symposium, USENIX Security 2016, pp. 583\u2013600 (2016)"},{"key":"2_CR21","doi-asserted-by":"crossref","unstructured":"Linn, C., Debray, S.: Obfuscation of executable code to improve resistance to static disassembly. In: Proceedings of 10th ACM Conference on Computer and Communications Security, CCS 2003, pp. 290\u2013299. ACM (2003)","DOI":"10.1145\/948109.948149"},{"key":"2_CR22","unstructured":"Kruegel, C., Robertson, W., Valeur, F., Vigna, G.: Static disassembly of obfuscated binaries. In: Proceedings of 13th USENIX Security Symposium (2004)"},{"key":"2_CR23","doi-asserted-by":"crossref","unstructured":"Chen, J.-Y., Shen, B.-Y., Ou, Q.-H., Yang, W., Hsu, W.-C.: Effective code discovery for ARM\/Thumb mixed ISA binaries in a static binary translator. In: Proceedings of 2013 International Conference on Compilers, Architectures and Synthesis for Embedded Systems, CASES 2013, pp. 1\u201310 (2013)","DOI":"10.1109\/CASES.2013.6662525"},{"key":"2_CR24","unstructured":"Karampatziakis, N.: Static analysis of binary executables using structural SVMs. In: Lafferty, J.D., Williams, C.K.I., Shawe-Taylor, J., Zemel, R.S., Culotta, A. (eds.) Advances in Neural Information Processing Systems, vol. 23, pp. 1063\u20131071. Curran Associates Inc. (2010)"},{"key":"2_CR25","unstructured":"Rosenblum, N., Zhu, X., Miller, B., Hunt, K.: Learning to analyze binary computer code. In: Proceedings of 23th AAAI Conference on Artificial Intelligence, AAAI 2008, pp. 798\u2013804. AAAI Press (2008)"},{"key":"2_CR26","unstructured":"Lafferty, J.D., McCallum, A., Pereira, F.C.N.: Conditional random fields: probabilistic models for segmenting and labeling sequence data. In: Proceedings of 18th International Conference on Machine Learning, ICML 2001, pp. 282\u2013289. Morgan Kaufmann Publishers Inc. (2001)"},{"key":"2_CR27","unstructured":"Bao, T., Burket, J., Woo, M., Turner, R., Brumley, D.: ByteWeight: learning to recognize functions in binary code. In: Proceedings of 23rd USENIX Security Symposium, pp. 845\u2013860 (2014)"},{"key":"2_CR28","unstructured":"Shin, E.C.R., Song, D., Moazzezi, R.: Recognizing functions in binaries with neural networks. In: Proceedings of 24th USENIX Security Symposium, pp. 611\u2013626 (2015)"},{"issue":"3","key":"2_CR29","doi-asserted-by":"publisher","first-page":"379","DOI":"10.1002\/j.1538-7305.1948.tb01338.x","volume":"27","author":"CE Shannon","year":"1948","unstructured":"Shannon, C.E.: A mathematical theory of communication. Bell Syst. Tech. J. 27(3), 379\u2013423 (1948)","journal-title":"Bell Syst. Tech. J."},{"issue":"9","key":"2_CR30","doi-asserted-by":"publisher","first-page":"1098","DOI":"10.1109\/JRPROC.1952.273898","volume":"40","author":"DA Huffman","year":"1952","unstructured":"Huffman, D.A.: A method for the construction of minimum-redundancy codes. Proc. IRE 40(9), 1098\u20131101 (1952)","journal-title":"Proc. IRE"},{"key":"2_CR31","unstructured":"Shin, E.C.R., Song, D., Moazzezi, R.: Recognizing functions in binaries with neural networks. In: 24th USENIX Security Symposium (USENIX Security 2015), (Washington, D.C.), pp. 611\u2013626. USENIX Association (2015)"},{"key":"2_CR32","unstructured":"Kingma, D.P., Ba, J.: Adam: a method for stochastic optimization (2014)"},{"key":"2_CR33","unstructured":"Bao, T., Burket, J., Woo, M., Turner, R., Brumley, D.: BYTEWEIGHT: learning to recognize functions in binary code. In: 23rd USENIX Security Symposium (USENIX Security 2014), (San Diego, CA), pp. 845\u2013860. USENIX Association (2014)"},{"key":"2_CR34","unstructured":"Mkhatvari, N.: Towards big scale firmware analysis (2018)"},{"key":"2_CR35","doi-asserted-by":"crossref","unstructured":"Chen, D., Egele, M., Woo, M., Brumley, D.: Towards automated dynamic analysis for linux-based embedded firmware (2016)","DOI":"10.14722\/ndss.2016.23415"}],"container-title":["Lecture Notes in Computer Science","Advances in Information and Computer Security"],"original-title":[],"language":"en","link":[{"URL":"https:\/\/link.springer.com\/content\/pdf\/10.1007\/978-3-031-41326-1_2","content-type":"unspecified","content-version":"vor","intended-application":"similarity-checking"}],"deposited":{"date-parts":[[2023,8,23]],"date-time":"2023-08-23T21:02:41Z","timestamp":1692824561000},"score":1,"resource":{"primary":{"URL":"https:\/\/link.springer.com\/10.1007\/978-3-031-41326-1_2"}},"subtitle":[],"short-title":[],"issued":{"date-parts":[[2023]]},"ISBN":["9783031413254","9783031413261"],"references-count":35,"URL":"https:\/\/doi.org\/10.1007\/978-3-031-41326-1_2","relation":{},"ISSN":["0302-9743","1611-3349"],"issn-type":[{"type":"print","value":"0302-9743"},{"type":"electronic","value":"1611-3349"}],"subject":[],"published":{"date-parts":[[2023]]},"assertion":[{"value":"24 August 2023","order":1,"name":"first_online","label":"First Online","group":{"name":"ChapterHistory","label":"Chapter History"}},{"value":"IWSEC","order":1,"name":"conference_acronym","label":"Conference Acronym","group":{"name":"ConferenceInfo","label":"Conference Information"}},{"value":"International Workshop on Security","order":2,"name":"conference_name","label":"Conference Name","group":{"name":"ConferenceInfo","label":"Conference Information"}},{"value":"Yokohama","order":3,"name":"conference_city","label":"Conference City","group":{"name":"ConferenceInfo","label":"Conference Information"}},{"value":"Japan","order":4,"name":"conference_country","label":"Conference Country","group":{"name":"ConferenceInfo","label":"Conference Information"}},{"value":"2023","order":5,"name":"conference_year","label":"Conference Year","group":{"name":"ConferenceInfo","label":"Conference Information"}},{"value":"29 August 2023","order":7,"name":"conference_start_date","label":"Conference Start Date","group":{"name":"ConferenceInfo","label":"Conference Information"}},{"value":"31 August 2023","order":8,"name":"conference_end_date","label":"Conference End Date","group":{"name":"ConferenceInfo","label":"Conference Information"}},{"value":"18","order":9,"name":"conference_number","label":"Conference Number","group":{"name":"ConferenceInfo","label":"Conference Information"}},{"value":"iwsec2023","order":10,"name":"conference_id","label":"Conference ID","group":{"name":"ConferenceInfo","label":"Conference Information"}},{"value":"https:\/\/www.iwsec.org\/2023\/index.html","order":11,"name":"conference_url","label":"Conference URL","group":{"name":"ConferenceInfo","label":"Conference Information"}}]}}