{"status":"ok","message-type":"work","message-version":"1.0.0","message":{"indexed":{"date-parts":[[2026,1,26]],"date-time":"2026-01-26T20:12:47Z","timestamp":1769458367527,"version":"3.49.0"},"publisher-location":"Cham","reference-count":32,"publisher":"Springer Nature Switzerland","isbn-type":[{"value":"9783031646256","type":"print"},{"value":"9783031646263","type":"electronic"}],"license":[{"start":{"date-parts":[[2024,1,1]],"date-time":"2024-01-01T00:00:00Z","timestamp":1704067200000},"content-version":"tdm","delay-in-days":0,"URL":"https:\/\/www.springernature.com\/gp\/researchers\/text-and-data-mining"},{"start":{"date-parts":[[2024,1,1]],"date-time":"2024-01-01T00:00:00Z","timestamp":1704067200000},"content-version":"vor","delay-in-days":0,"URL":"https:\/\/www.springernature.com\/gp\/researchers\/text-and-data-mining"}],"content-domain":{"domain":["link.springer.com"],"crossmark-restriction":false},"short-container-title":[],"published-print":{"date-parts":[[2024]]},"DOI":"10.1007\/978-3-031-64626-3_12","type":"book-chapter","created":{"date-parts":[[2024,7,13]],"date-time":"2024-07-13T13:01:58Z","timestamp":1720875718000},"page":"205-223","update-policy":"https:\/\/doi.org\/10.1007\/springer_crossmark_policy","source":"Crossref","is-referenced-by-count":1,"title":["CtxFuzz: Discovering Heap-Based Memory Vulnerabilities Through Context Heap Operation Sequence Guided Fuzzing"],"prefix":"10.1007","author":[{"given":"Jiacheng","family":"Jiang","sequence":"first","affiliation":[]},{"given":"Cheng","family":"Wen","sequence":"additional","affiliation":[]},{"given":"Shengchao","family":"Qin","sequence":"additional","affiliation":[]}],"member":"297","published-online":{"date-parts":[[2024,7,14]]},"reference":[{"key":"12_CR1","doi-asserted-by":"crossref","unstructured":"Alsaeed, Z., Young, M.: Finding short slow inputs faster with grammar-based search. In: Proceedings of the 32nd ACM SIGSOFT International Symposium on Software Testing and Analysis, pp. 1068\u20131079 (2023)","DOI":"10.1145\/3597926.3598118"},{"key":"12_CR2","doi-asserted-by":"crossref","unstructured":"Arcuri, A., Briand, L.: A practical guide for using statistical tests to assess randomized algorithms in software engineering. In: Proceedings of the 33rd International Conference on Software Engineering, pp. 1\u201310 (2011)","DOI":"10.1145\/1985793.1985795"},{"issue":"4","key":"12_CR3","doi-asserted-by":"publisher","first-page":"1","DOI":"10.1145\/3532184","volume":"25","author":"W Blair","year":"2022","unstructured":"Blair, W., et al.: Hotfuzz: discovering temporal and spatial denial-of-service vulnerabilities through guided micro-fuzzing. ACM Trans. Priv. Secur. 25(4), 1\u201335 (2022)","journal-title":"ACM Trans. Priv. Secur."},{"key":"12_CR4","doi-asserted-by":"crossref","unstructured":"Chen, Z., Liu, D., Xiao, J., Wang, H.: All use-after-free vulnerabilities are not created equal: an empirical study on their characteristics and detectability. In: Proceedings of the 26th International Symposium on Research in Attacks, Intrusions and Defenses, pp. 623\u2013638 (2023)","DOI":"10.1145\/3607199.3607229"},{"issue":"5","key":"12_CR5","doi-asserted-by":"publisher","first-page":"1222","DOI":"10.3390\/math11051222","volume":"11","author":"C Du","year":"2023","unstructured":"Du, C., Cui, Z., Guo, Y., Xu, G., Wang, Z.: Memconfuzz: memory consumption guided fuzzing with data flow analysis. Mathematics 11(5), 1222 (2023)","journal-title":"Mathematics"},{"key":"12_CR6","unstructured":"Farkhani, R.M., Ahmadi, M., Lu, L.: $$\\{$$PTAuth$$\\}$$: temporal memory safety via robust points-to authentication. In: 30th USENIX Security Symposium (USENIX Security 21), pp. 1037\u20131054 (2021)"},{"key":"12_CR7","unstructured":"Fioraldi, A., Maier, D., Ei\u00dffeldt, H., Heuse, M.: AFL++: combining incremental steps of fuzzing research. In: 14th USENIX Workshop on Offensive Technologies (WOOT 20). USENIX Association, August 2020"},{"key":"12_CR8","doi-asserted-by":"crossref","unstructured":"Klees, G., Ruef, A., Cooper, B., Wei, S., Hicks, M.: Evaluating fuzz testing. In: Proceedings of the 2018 ACM SIGSAC Conference on Computer and Communications Security, pp. 2123\u20132138 (2018)","DOI":"10.1145\/3243734.3243804"},{"key":"12_CR9","doi-asserted-by":"crossref","unstructured":"Lemieux, C., Padhye, R., Sen, K., Song, D.: Perffuzz: automatically generating pathological inputs. In: Proceedings of the 27th ACM SIGSOFT International Symposium on Software Testing and Analysis, pp. 254\u2013265 (2018)","DOI":"10.1145\/3213846.3213874"},{"key":"12_CR10","doi-asserted-by":"crossref","unstructured":"Liu, J., An, H., Li, J., Liang, H.: Detecting exploit primitives automatically for heap vulnerabilities on binary programs. arXiv preprint arXiv:2212.13990 (2022)","DOI":"10.1145\/3573428.3573550"},{"key":"12_CR11","doi-asserted-by":"publisher","unstructured":"Lu, F., Tang, M., Bao, Y., Wang, X.: A survey of detection methods for software use-after-free vulnerability. In: Wang, Y., Zhu, G., Han, Q., Zhang, L., Song, X., Lu, Z. (eds.) Data Science. ICPCSEE 2022. CCIS, vol. 1629, pp. 272\u2013297. Springer, Singapore (2022). https:\/\/doi.org\/10.1007\/978-981-19-5209-8_19","DOI":"10.1007\/978-981-19-5209-8_19"},{"key":"12_CR12","doi-asserted-by":"crossref","unstructured":"Meng, R., Dong, Z., Li, J., Beschastnikh, I., Roychoudhury, A.: Linear-time temporal logic guided greybox fuzzing. In: Proceedings of the 44th International Conference on Software Engineering, pp. 1343\u20131355. ICSE \u201922, Association for Computing Machinery, New York, NY, USA (2022)","DOI":"10.1145\/3510003.3510082"},{"key":"12_CR13","doi-asserted-by":"crossref","unstructured":"Mouzarani, M., Sadeghiyan, B., Zolfaghari, M.: A smart fuzzing method for detecting heap-based buffer overflow in executable codes. In: 2015 IEEE 21st Pacific Rim International Symposium on Dependable Computing (PRDC), pp. 42\u201349. IEEE (2015)","DOI":"10.1109\/PRDC.2015.10"},{"issue":"18","key":"12_CR14","doi-asserted-by":"publisher","first-page":"5098","DOI":"10.1002\/sec.1681","volume":"9","author":"M Mouzarani","year":"2016","unstructured":"Mouzarani, M., Sadeghiyan, B., Zolfaghari, M.: A smart fuzzing method for detecting heap-based vulnerabilities in executable codes. Secur. Commun. Netw. 9(18), 5098\u20135115 (2016)","journal-title":"Secur. Commun. Netw."},{"key":"12_CR15","unstructured":"Nguyen, M.D., Bardin, S., Bonichon, R., Groz, R., Lemerre, M.: Binary-level directed fuzzing for Use-After-Free vulnerabilities. In: 23rd International Symposium on Research in Attacks. Intrusions and Defenses (RAID 2020), pp. 47\u201362. USENIX Association, San Sebastian, October 2020"},{"key":"12_CR16","doi-asserted-by":"crossref","unstructured":"Novark, G., Berger, E.D.: Dieharder: securing the heap. In: Proceedings of the 17th ACM Conference on Computer and Communications Security, pp. 573\u2013584 (2010)","DOI":"10.1145\/1866307.1866371"},{"key":"12_CR17","doi-asserted-by":"crossref","unstructured":"Petsios, T., Zhao, J., Keromytis, A.D., Jana, S.: Slowfuzz: automated domain-independent detection of algorithmic complexity vulnerabilities. In: Proceedings of the 2017 ACM SIGSAC Conference on Computer and Communications Security, pp. 2155\u20132168 (2017)","DOI":"10.1145\/3133956.3134073"},{"key":"12_CR18","unstructured":"Sarda, S., Pandey, M.: LLVM Essentials. Packt Publishing Ltd., Birmingham (2015)"},{"key":"12_CR19","unstructured":"Serebryany, K., Bruening, D., Potapenko, A., Vyukov, D.: Addresssanitizer: a fast address sanity checker. In: 2012 USENIX Annual Technical Conference (USENIX ATC 12), pp. 309\u2013318 (2012)"},{"key":"12_CR20","doi-asserted-by":"crossref","unstructured":"Simpson, M.S., Barua, R.K.: Memsafe: ensuring the spatial and temporal memory safety of c at runtime. Softw. Pract. Exp. 43(1), 93\u2013128 (2013)","DOI":"10.1002\/spe.2105"},{"key":"12_CR21","doi-asserted-by":"crossref","unstructured":"Tu, H.: Boosting symbolic execution for heap-based vulnerability detection and exploit generation. In: 2023 IEEE\/ACM 45th International Conference on Software Engineering: Companion Proceedings (ICSE-Companion), pp. 218\u2013220. IEEE (2023)","DOI":"10.1109\/ICSE-Companion58688.2023.00059"},{"key":"12_CR22","doi-asserted-by":"crossref","unstructured":"Van Der\u00a0Kouwe, E., Nigade, V., Giuffrida, C.: Dangsan: scalable use-after-free detection. In: Proceedings of the Twelfth European Conference on Computer Systems, pp. 405\u2013419 (2017)","DOI":"10.1145\/3064176.3064211"},{"key":"12_CR23","doi-asserted-by":"crossref","unstructured":"Wang, H., et al.: Typestate-guided fuzzer for discovering use-after-free vulnerabilities. In: Proceedings of the ACM\/IEEE 42nd International Conference on Software Engineering, pp. 999\u20131010. ICSE \u201920, Association for Computing Machinery, New York, NY, USA (2020)","DOI":"10.1145\/3377811.3380386"},{"key":"12_CR24","doi-asserted-by":"crossref","unstructured":"Wang, W., Fan, M., Yu, A., Meng, D.: Towards heap-based memory corruption discovery. In: 2021 17th International Conference on Mobility, Sensing and Networking (MSN), pp. 502\u2013511. IEEE (2021)","DOI":"10.1109\/MSN53354.2021.00080"},{"key":"12_CR25","doi-asserted-by":"crossref","unstructured":"Wang, Y., et al.: Not all coverage measurements are equal: fuzzing by coverage accounting for input prioritization. In: NDSS (2020)","DOI":"10.14722\/ndss.2020.24422"},{"key":"12_CR26","doi-asserted-by":"crossref","unstructured":"Wen, C., et al.: Memlock: memory usage guided fuzzing. In: Proceedings of the ACM\/IEEE 42nd International Conference on Software Engineering, pp. 765\u2013777. ICSE \u201920, Association for Computing Machinery, New York, NY, USA (2020)","DOI":"10.1145\/3377811.3380396"},{"key":"12_CR27","series-title":"Lecture Notes in Computer Science","doi-asserted-by":"publisher","first-page":"379","DOI":"10.1007\/11935308_27","volume-title":"Information and Communications Security","author":"Y Younan","year":"2006","unstructured":"Younan, Y., Joosen, W., Piessens, F.: Efficient protection against heap-based buffer overflows without resorting to magic. In: Ning, P., Qing, S., Li, N. (eds.) ICICS 2006. LNCS, vol. 4307, pp. 379\u2013398. Springer, Heidelberg (2006). https:\/\/doi.org\/10.1007\/11935308_27"},{"key":"12_CR28","doi-asserted-by":"crossref","unstructured":"Yu, Y., et al.: HTFuzz: heap operation sequence sensitive fuzzing. In: Proceedings of the 37th IEEE\/ACM International Conference on Automated Software Engineering. ASE \u201922, Association for Computing Machinery, New York, NY, USA (2023)","DOI":"10.1145\/3551349.3560415"},{"key":"12_CR29","unstructured":"Zalewski, M.: American fuzzy lop (afl) fuzzer (2013). http:\/\/lcamtuf.coredump.cx\/afl\/"},{"issue":"2","key":"12_CR30","doi-asserted-by":"publisher","first-page":"405","DOI":"10.1007\/s11390-021-1600-9","volume":"37","author":"G Zhang","year":"2022","unstructured":"Zhang, G., Wang, P.F., Yue, T., Kong, X.D., Zhou, X., Lu, K.: Ovaflow: detecting memory corruption bugs with fuzzing-based taint inference. J. Comput. Sci. Technol. 37(2), 405\u2013422 (2022)","journal-title":"J. Comput. Sci. Technol."},{"key":"12_CR31","doi-asserted-by":"crossref","unstructured":"Zhang, T., Lee, D., Jung, C.: Bogo: buy spatial memory safety, get temporal memory safety (almost) free. In: Proceedings of the Twenty-Fourth International Conference on Architectural Support for Programming Languages and Operating Systems, pp. 631\u2013644 (2019)","DOI":"10.1145\/3297858.3304017"},{"key":"12_CR32","unstructured":"Zhang, Y., Pang, C., Portokalidis, G., Triandopoulos, N., Xu, J.: Debloating address sanitizer. In: 31st USENIX Security Symposium (USENIX Security 22), pp. 4345\u20134363 (2022)"}],"container-title":["Lecture Notes in Computer Science","Theoretical Aspects of Software Engineering"],"original-title":[],"language":"en","link":[{"URL":"https:\/\/link.springer.com\/content\/pdf\/10.1007\/978-3-031-64626-3_12","content-type":"unspecified","content-version":"vor","intended-application":"similarity-checking"}],"deposited":{"date-parts":[[2025,3,12]],"date-time":"2025-03-12T16:17:26Z","timestamp":1741796246000},"score":1,"resource":{"primary":{"URL":"https:\/\/link.springer.com\/10.1007\/978-3-031-64626-3_12"}},"subtitle":[],"short-title":[],"issued":{"date-parts":[[2024]]},"ISBN":["9783031646256","9783031646263"],"references-count":32,"URL":"https:\/\/doi.org\/10.1007\/978-3-031-64626-3_12","relation":{},"ISSN":["0302-9743","1611-3349"],"issn-type":[{"value":"0302-9743","type":"print"},{"value":"1611-3349","type":"electronic"}],"subject":[],"published":{"date-parts":[[2024]]},"assertion":[{"value":"14 July 2024","order":1,"name":"first_online","label":"First Online","group":{"name":"ChapterHistory","label":"Chapter History"}},{"value":"TASE","order":1,"name":"conference_acronym","label":"Conference Acronym","group":{"name":"ConferenceInfo","label":"Conference Information"}},{"value":"International Symposium on Theoretical Aspects of Software Engineering","order":2,"name":"conference_name","label":"Conference Name","group":{"name":"ConferenceInfo","label":"Conference Information"}},{"value":"Guiyang","order":3,"name":"conference_city","label":"Conference City","group":{"name":"ConferenceInfo","label":"Conference Information"}},{"value":"China","order":4,"name":"conference_country","label":"Conference Country","group":{"name":"ConferenceInfo","label":"Conference Information"}},{"value":"2024","order":5,"name":"conference_year","label":"Conference Year","group":{"name":"ConferenceInfo","label":"Conference Information"}},{"value":"29 July 2024","order":7,"name":"conference_start_date","label":"Conference Start Date","group":{"name":"ConferenceInfo","label":"Conference Information"}},{"value":"1 August 2024","order":8,"name":"conference_end_date","label":"Conference End Date","group":{"name":"ConferenceInfo","label":"Conference Information"}},{"value":"18","order":9,"name":"conference_number","label":"Conference Number","group":{"name":"ConferenceInfo","label":"Conference Information"}},{"value":"tase2024","order":10,"name":"conference_id","label":"Conference ID","group":{"name":"ConferenceInfo","label":"Conference Information"}},{"value":"https:\/\/tase2024.github.io\/","order":11,"name":"conference_url","label":"Conference URL","group":{"name":"ConferenceInfo","label":"Conference Information"}}]}}