{"status":"ok","message-type":"work","message-version":"1.0.0","message":{"indexed":{"date-parts":[[2026,2,25]],"date-time":"2026-02-25T17:12:45Z","timestamp":1772039565555,"version":"3.50.1"},"publisher-location":"Cham","reference-count":30,"publisher":"Springer International Publishing","isbn-type":[{"value":"9783319263618","type":"print"},{"value":"9783319263625","type":"electronic"}],"content-domain":{"domain":[],"crossmark-restriction":false},"short-container-title":[],"published-print":{"date-parts":[[2015]]},"DOI":"10.1007\/978-3-319-26362-5_23","type":"book-chapter","created":{"date-parts":[[2015,10,26]],"date-time":"2015-10-26T10:10:45Z","timestamp":1445854245000},"page":"493-514","source":"Crossref","is-referenced-by-count":2,"title":["Security Analysis of PHP Bytecode Protection Mechanisms"],"prefix":"10.1007","author":[{"given":"Dario","family":"Wei\u00dfer","sequence":"first","affiliation":[]},{"given":"Johannes","family":"Dahse","sequence":"additional","affiliation":[]},{"given":"Thorsten","family":"Holz","sequence":"additional","affiliation":[]}],"member":"297","published-online":{"date-parts":[[2015,12,12]]},"reference":[{"key":"23_CR1","unstructured":"Brumley, D., Lee, J., Schwartz, E.J., Woo, M.: A native x86 decompilation using semantics-preserving structural analysis and iterative control-flow structuring. In: USENIX Security Symposium (2013)"},{"key":"23_CR2","unstructured":"Cifuentes, C.: Reverse compilation techniques. Ph.D. thesis, Queensland University of Technology (1994)"},{"key":"23_CR3","unstructured":"Collberg, C., Thomborson, C., Low, D.: A taxonomy of obfuscating transformations. Technical report, University of Auckland, New Zealand (1997)"},{"key":"23_CR4","doi-asserted-by":"crossref","unstructured":"Coogan, K., Lu, G., Debray, S.: Deobfuscation of virtualization-obfuscated software: a semantics-based approach. In: ACM Conference on Computer and Communications Security (CCS), pp. 275\u2013284 (2011)","DOI":"10.1145\/2046707.2046739"},{"key":"23_CR5","unstructured":"Dahse, J., Holz, T.: Static detection of second-order vulnerabilities in web applications. In: USENIX Security Symposium (2014)"},{"key":"23_CR6","doi-asserted-by":"crossref","unstructured":"Dahse, J., Krein, N., Holz, T.: Code reuse attacks in PHP: automated POP chain generation. In: ACM Conference on Computer and Communications Security (CCS) (2014)","DOI":"10.1145\/2660267.2660363"},{"issue":"2","key":"23_CR7","doi-asserted-by":"publisher","first-page":"1","DOI":"10.1145\/2089125.2089126","volume":"44","author":"M Egele","year":"2008","unstructured":"Egele, M., Scholte, T., Kirda, E., Kruegel, C.: A survey on automated dynamic malware analysis techniques and tools. ACM Comput. Surv. 44(2), 1\u201342 (2008)","journal-title":"ACM Comput. Surv."},{"key":"23_CR8","unstructured":"Esser, S.: Vulnerability Discovery in Closed Source\/Bytecode Encrypted PHP Applications. Power of Community (2008)"},{"key":"23_CR9","unstructured":"ionCube Ltd. ionCube PHP Encoder. \n                      https:\/\/www.ioncube.com\/php_encoder.php?page=features\n                      \n                    , May 2015"},{"key":"23_CR10","unstructured":"Ivanov, I.: API Hooking Revealed. The Code Project (2002)"},{"key":"23_CR11","doi-asserted-by":"crossref","unstructured":"Linn, C., Debray, S.: Obfuscation of executable code to improve resistance to static disassembly. In: ACM Conference on Computer and Communications Security (CCS) (2003)","DOI":"10.1145\/948148.948149"},{"key":"23_CR12","series-title":"Lecture Notes in Computer Science","doi-asserted-by":"publisher","first-page":"111","DOI":"10.1007\/3-540-45937-5_10","volume-title":"Compiler Construction","author":"J Miecznikowski","year":"2002","unstructured":"Miecznikowski, J., Hendren, L.: Decompiling Java bytecode: problems, traps and pitfalls. In: Nigel Horspool, R. (ed.) CC 2002. LNCS, vol. 2304, pp. 111\u2013127. Springer, Heidelberg (2002)"},{"key":"23_CR13","doi-asserted-by":"publisher","DOI":"10.1007\/978-3-662-03811-6","volume-title":"Principles of Program Analysis","author":"F Nielson","year":"1999","unstructured":"Nielson, F., Nielson, H.R., Hankin, C.: Principles of Program Analysis. Springer, New York (1999)"},{"key":"23_CR14","unstructured":"phpSHIELD. About phpSHIELD. PHP Encoder by SourceGuardian. \n                      https:\/\/www.phpshield.com\/about.html\n                      \n                    , May 2015"},{"key":"23_CR15","unstructured":"Popov, I.V., Debray, S.K., Andrews, G.R.: Binary obfuscation using signals. In: USENIX Security Symposium (2007)"},{"key":"23_CR16","doi-asserted-by":"crossref","unstructured":"Royal, P., Halpin, M., Dagon, D., Edmonds, R., Lee, W.: PolyUnpack: automating the hidden-code extraction of unpack-executing malware. In: Annual Computer Security Applications Conference (ACSAC) (2006)","DOI":"10.1109\/ACSAC.2006.38"},{"key":"23_CR17","unstructured":"Saher, M.: Stealing from thieves: breaking IonCube VM to RE exploit kits. BlackHat Abu Dhabi (2012)"},{"key":"23_CR18","doi-asserted-by":"crossref","unstructured":"Schryen, G., Kadura, R.: Open source vs. closed source software: towards measuring security. In: ACM Symposium on Applied Computing (SAC) (2009)","DOI":"10.1145\/1529282.1529731"},{"key":"23_CR19","doi-asserted-by":"crossref","unstructured":"Schwartz, E.J., Avgerinos, T., Brumley, D.: All you ever wanted to know about dynamic taint analysis and forward symbolic execution (but might have been afraid to ask). In: IEEE Symposium on Security and Privacy (S&P) (2010)","DOI":"10.1109\/SP.2010.26"},{"key":"23_CR20","doi-asserted-by":"crossref","unstructured":"Sharif, M., Lanzi, A., Giffin, J., Lee, W.: Automatic reverse engineering of malware emulators. In: IEEE Symposium on Security and Privacy (S&P) (2009)","DOI":"10.1109\/SP.2009.27"},{"key":"23_CR21","unstructured":"Sharif, M.I., Lanzi, A., Giffin, J.T., Lee, W.: Impeding malware analysis using conditional code obfuscation. In: Symposium on Network and Distributed System Security (NDSS) (2008)"},{"key":"23_CR22","unstructured":"SourceGuardian Ltd. PHP Encoder Features. \n                      https:\/\/www.sourceguardian.com\/protect_php_features.html\n                      \n                    , May 2015"},{"key":"23_CR23","unstructured":"The PHP Group. List of Parser Tokens. \n                      http:\/\/php.net\/tokens\n                      \n                    , May 2015"},{"key":"23_CR24","unstructured":"The PHP Group. Tokenizer. \n                      http:\/\/php.net\/tokenizer\n                      \n                    , May 2015"},{"key":"23_CR25","unstructured":"The PHP Group. Zend API: Hacking the Core of PHP. \n                      http:\/\/php.net\/manual\/en\/internals2.ze1.zendapi.php\n                      \n                    , May 2015"},{"key":"23_CR26","unstructured":"The PHP Group. Zend Engine 2 Opcodes. \n                      http:\/\/php.net\/manual\/internals2.opcodes.php\n                      \n                    , May 2015"},{"key":"23_CR27","unstructured":"Wang, R., Shoshitaishvili, Y., Kruegel, C., Vigna, G.: Steal this movie: automatically bypassing DRM protection in streaming media services. In: USENIX Security Symposium (2013)"},{"issue":"5","key":"23_CR28","doi-asserted-by":"publisher","first-page":"57","DOI":"10.1109\/52.951496","volume":"18","author":"B Witten","year":"2001","unstructured":"Witten, B., Landwehr, C., Caloyannides, M.: Does open source improve system security? IEEE Softw. 18(5), 57\u201361 (2001)","journal-title":"IEEE Softw."},{"key":"23_CR29","doi-asserted-by":"crossref","unstructured":"Yadegari, B., Johannesmeyer, B., Whitely, B., Debray, S.: A generic approach to automatic deobfuscation of executable code. In: IEEE Symposium on Security and Privacy (S&P) (2015)","DOI":"10.1109\/SP.2015.47"},{"key":"23_CR30","unstructured":"Zend Technologies Ltd. PHP Obfuscator, PHP Encoder & PHP Encryptionfrom Zend Guard. \n                      http:\/\/www.zend.com\/products\/guard\n                      \n                    , May 2015"}],"container-title":["Lecture Notes in Computer Science","Research in Attacks, Intrusions, and Defenses"],"original-title":[],"link":[{"URL":"http:\/\/link.springer.com\/content\/pdf\/10.1007\/978-3-319-26362-5_23","content-type":"unspecified","content-version":"vor","intended-application":"similarity-checking"}],"deposited":{"date-parts":[[2019,5,31]],"date-time":"2019-05-31T05:33:16Z","timestamp":1559280796000},"score":1,"resource":{"primary":{"URL":"http:\/\/link.springer.com\/10.1007\/978-3-319-26362-5_23"}},"subtitle":[],"short-title":[],"issued":{"date-parts":[[2015]]},"ISBN":["9783319263618","9783319263625"],"references-count":30,"URL":"https:\/\/doi.org\/10.1007\/978-3-319-26362-5_23","relation":{},"ISSN":["0302-9743","1611-3349"],"issn-type":[{"value":"0302-9743","type":"print"},{"value":"1611-3349","type":"electronic"}],"subject":[],"published":{"date-parts":[[2015]]}}}