{"status":"ok","message-type":"work","message-version":"1.0.0","message":{"indexed":{"date-parts":[[2025,3,27]],"date-time":"2025-03-27T02:17:26Z","timestamp":1743041846927,"version":"3.40.3"},"publisher-location":"Cham","reference-count":19,"publisher":"Springer International Publishing","isbn-type":[{"type":"print","value":"9783319234038"},{"type":"electronic","value":"9783319234045"}],"license":[{"start":{"date-parts":[[2015,1,1]],"date-time":"2015-01-01T00:00:00Z","timestamp":1420070400000},"content-version":"tdm","delay-in-days":0,"URL":"https:\/\/www.springernature.com\/gp\/researchers\/text-and-data-mining"},{"start":{"date-parts":[[2015,1,1]],"date-time":"2015-01-01T00:00:00Z","timestamp":1420070400000},"content-version":"vor","delay-in-days":0,"URL":"https:\/\/www.springernature.com\/gp\/researchers\/text-and-data-mining"}],"content-domain":{"domain":["link.springer.com"],"crossmark-restriction":false},"short-container-title":[],"published-print":{"date-parts":[[2015]]},"DOI":"10.1007\/978-3-319-23404-5_1","type":"book-chapter","created":{"date-parts":[[2015,8,26]],"date-time":"2015-08-26T00:57:19Z","timestamp":1440550639000},"page":"3-9","update-policy":"https:\/\/doi.org\/10.1007\/springer_crossmark_policy","source":"Crossref","is-referenced-by-count":0,"title":["String Analysis for Vulnerability Detection and Repair"],"prefix":"10.1007","author":[{"given":"Tevfik","family":"Bultan","sequence":"first","affiliation":[]}],"member":"297","published-online":{"date-parts":[[2015,8,27]]},"reference":[{"key":"1_CR1","doi-asserted-by":"crossref","unstructured":"Alkhalaf, M., Aydin, A., Bultan, T.: Semantic differential repair for input validation and sanitization. In: Proceedings of the International Symposium on Software Testing and Analysis (ISSTA), pp. 225\u2013236 (2014)","DOI":"10.1145\/2610384.2610401"},{"key":"1_CR2","doi-asserted-by":"crossref","unstructured":"Alkhalaf, M., Bultan, T., Gallegos, J.L.: Verifying client-side input validation functions using string analysis. In: Proceedings of the 34th International Conference on Software Engineering (ICSE), pp. 947\u2013957 (2012)","DOI":"10.1109\/ICSE.2012.6227124"},{"key":"1_CR3","doi-asserted-by":"crossref","unstructured":"Alkhalaf, M., Roy Choudhary, S., Fazzini, M., Bultan, T., Orso, A., Kruegel, C.: Viewpoints: differential string analysis for discovering client- and server-side input validation inconsistencies. In: Proceedings of the International Symposium on Software Testing and Analysis (ISSTA), pp. 56\u201366 (2012)","DOI":"10.1145\/2338965.2336760"},{"key":"1_CR4","doi-asserted-by":"crossref","unstructured":"Aydin, A., Alkhalaf, M., Bultan, T.: Automated test generation from vulnerability signatures. In: 7th IEEE International Conference on Software Testing, Verification and Validation (ICST), pp. 193\u2013202 (2014)","DOI":"10.1109\/ICST.2014.32"},{"key":"1_CR5","series-title":"Lecture Notes in Computer Science","doi-asserted-by":"publisher","first-page":"255","DOI":"10.1007\/978-3-319-21690-4_15","volume-title":"Computer Aided Verification","author":"A Aydin","year":"2015","unstructured":"Aydin, A., Bang, L., Bultan, T.: Automata-based model counting for string constraints. In: Kroening, D., P\u0103s\u0103reanu, C.S. (eds.) CAV 2015. LNCS, vol. 9206, pp. 255\u2013272. Springer, Heidelberg (2015)"},{"key":"1_CR6","series-title":"Lecture Notes in Computer Science","doi-asserted-by":"publisher","first-page":"321","DOI":"10.1007\/978-3-540-27813-9_25","volume-title":"Computer Aided Verification","author":"C Bartzis","year":"2004","unstructured":"Bartzis, C., Bultan, T.: Widening arithmetic automata. In: Alur, R., Peled, D.A. (eds.) CAV 2004. LNCS, vol. 3114, pp. 321\u2013333. Springer, Heidelberg (2004)"},{"key":"1_CR7","unstructured":"BRICS. The MONA project. http:\/\/www.brics.dk\/mona\/"},{"key":"1_CR8","unstructured":"CVE. Common Vulnerabilities and Exposures. http:\/\/www.cve.mitre.org"},{"key":"1_CR9","doi-asserted-by":"crossref","unstructured":"Kausler, S., Sherman, E.: Evaluation of string constraint solvers in the context of symbolic execution. In: Proceedings of the 29th ACM\/IEEE International Conference on Automated software engineering (ASE), pp. 259\u2013270 (2014)","DOI":"10.1145\/2642937.2643003"},{"key":"1_CR10","unstructured":"Open Web Application Security Project (OWASP). Top ten project. https:\/\/www.owasp.org\/index.php\/Category:OWASP_Top_Ten_Project"},{"key":"1_CR11","doi-asserted-by":"crossref","unstructured":"Yu, F., Alkhalaf, M., Bultan, T.: Generating vulnerability signatures for string manipulating programs using automata-based forward and backward symbolic analyses. In: Proceedings of the 24th IEEE\/ACM International Conference on Automated Software Engineering (ASE), pp. 605\u2013609 (2009)","DOI":"10.1109\/ASE.2009.20"},{"key":"1_CR12","series-title":"Lecture Notes in Computer Science","doi-asserted-by":"publisher","first-page":"154","DOI":"10.1007\/978-3-642-12002-2_13","volume-title":"Tools and Algorithms for the Construction and Analysis of Systems","author":"F Yu","year":"2010","unstructured":"Yu, F., Alkhalaf, M., Bultan, T.: Stranger: an automata-based string analysis tool for PHP. In: Esparza, J., Majumdar, R. (eds.) TACAS 2010. LNCS, vol. 6015, pp. 154\u2013157. Springer, Heidelberg (2010)"},{"key":"1_CR13","doi-asserted-by":"crossref","unstructured":"Yu, F., Alkhalaf, M., Bultan, T.: Patching vulnerabilities with sanitization synthesis. In: Proceedings of the 33rd International Conference on Software Engineering (ICSE), pp. 131\u2013134 (2011)","DOI":"10.1145\/1985793.1985828"},{"issue":"1","key":"1_CR14","doi-asserted-by":"publisher","first-page":"44","DOI":"10.1007\/s10703-013-0189-1","volume":"44","author":"Y Fang","year":"2014","unstructured":"Fang, Y., Alkhalaf, M., Bultan, T., Ibarra, O.H.: Automata-based symbolic string analysis for vulnerability detection. Formal Methods Syst. Des. 44(1), 44\u201370 (2014)","journal-title":"Formal Methods Syst. Des."},{"key":"1_CR15","series-title":"Lecture Notes in Computer Science","doi-asserted-by":"publisher","first-page":"306","DOI":"10.1007\/978-3-540-85114-1_21","volume-title":"Model Checking Software","author":"F Yu","year":"2008","unstructured":"Yu, F., Bultan, T., Cova, M., Ibarra, O.H.: Symbolic string verification: an automata-based approach. In: Havelund, K., Majumdar, R. (eds.) SPIN 2008. LNCS, vol. 5156, pp. 306\u2013324. Springer, Heidelberg (2008)"},{"key":"1_CR16","series-title":"Lecture Notes in Computer Science","doi-asserted-by":"publisher","first-page":"20","DOI":"10.1007\/978-3-642-22306-8_3","volume-title":"Model Checking Software","author":"F Yu","year":"2011","unstructured":"Yu, F., Bultan, T., Hardekopf, B.: String abstractions for string verification. In: Groce, A., Musuvathi, M. (eds.) SPIN Workshops 2011. LNCS, vol. 6823, pp. 20\u201337. Springer, Heidelberg (2011)"},{"key":"1_CR17","series-title":"Lecture Notes in Computer Science","doi-asserted-by":"publisher","first-page":"322","DOI":"10.1007\/978-3-642-00768-2_28","volume-title":"Tools and Algorithms for the Construction and Analysis of Systems","author":"F Yu","year":"2009","unstructured":"Yu, F., Bultan, T., Ibarra, O.H.: Symbolic string verification: combining string analysis and size analysis. In: Kowalewski, S., Philippou, A. (eds.) TACAS 2009. LNCS, vol. 5505, pp. 322\u2013336. Springer, Heidelberg (2009)"},{"key":"1_CR18","series-title":"Lecture Notes in Computer Science","doi-asserted-by":"publisher","first-page":"290","DOI":"10.1007\/978-3-642-18098-9_31","volume-title":"Implementation and Application of Automata","author":"F Yu","year":"2011","unstructured":"Yu, F., Bultan, T., Ibarra, O.H.: Relational string verification using multi-track automata. In: Domaratzki, M., Salomaa, K. (eds.) CIAA 2010. LNCS, vol. 6482, pp. 290\u2013299. Springer, Heidelberg (2011)"},{"issue":"8","key":"1_CR19","doi-asserted-by":"publisher","first-page":"1909","DOI":"10.1142\/S0129054111009112","volume":"22","author":"Y Fang","year":"2011","unstructured":"Fang, Y., Bultan, T., Ibarra, O.H.: Relational string verification using multi-track automata. Int. J. Found. Comput. Sci. 22(8), 1909\u20131924 (2011)","journal-title":"Int. J. Found. Comput. Sci."}],"container-title":["Lecture Notes in Computer Science","Model Checking Software"],"original-title":[],"language":"en","link":[{"URL":"https:\/\/link.springer.com\/content\/pdf\/10.1007\/978-3-319-23404-5_1","content-type":"unspecified","content-version":"vor","intended-application":"similarity-checking"}],"deposited":{"date-parts":[[2023,2,21]],"date-time":"2023-02-21T08:14:11Z","timestamp":1676967251000},"score":1,"resource":{"primary":{"URL":"https:\/\/link.springer.com\/10.1007\/978-3-319-23404-5_1"}},"subtitle":[],"short-title":[],"issued":{"date-parts":[[2015]]},"ISBN":["9783319234038","9783319234045"],"references-count":19,"URL":"https:\/\/doi.org\/10.1007\/978-3-319-23404-5_1","relation":{},"ISSN":["0302-9743","1611-3349"],"issn-type":[{"type":"print","value":"0302-9743"},{"type":"electronic","value":"1611-3349"}],"subject":[],"published":{"date-parts":[[2015]]},"assertion":[{"value":"27 August 2015","order":1,"name":"first_online","label":"First Online","group":{"name":"ChapterHistory","label":"Chapter History"}}]}}