{"status":"ok","message-type":"work","message-version":"1.0.0","message":{"indexed":{"date-parts":[[2024,9,9]],"date-time":"2024-09-09T21:08:28Z","timestamp":1725916108635},"publisher-location":"Cham","reference-count":26,"publisher":"Springer International Publishing","isbn-type":[{"type":"print","value":"9783319703886"},{"type":"electronic","value":"9783319703893"}],"license":[{"start":{"date-parts":[[2017,1,1]],"date-time":"2017-01-01T00:00:00Z","timestamp":1483228800000},"content-version":"unspecified","delay-in-days":0,"URL":"http:\/\/www.springer.com\/tdm"}],"content-domain":{"domain":[],"crossmark-restriction":false},"short-container-title":[],"published-print":{"date-parts":[[2017]]},"DOI":"10.1007\/978-3-319-70389-3_5","type":"book-chapter","created":{"date-parts":[[2017,11,11]],"date-time":"2017-11-11T09:42:30Z","timestamp":1510393350000},"page":"67-82","source":"Crossref","is-referenced-by-count":0,"title":["Trace-based Analysis of Memory Corruption Malware Attacks"],"prefix":"10.1007","author":[{"given":"Zhixing","family":"Xu","sequence":"first","affiliation":[]},{"given":"Aarti","family":"Gupta","sequence":"additional","affiliation":[]},{"given":"Sharad","family":"Malik","sequence":"additional","affiliation":[]}],"member":"297","published-online":{"date-parts":[[2017,11,12]]},"reference":[{"key":"5_CR1","doi-asserted-by":"crossref","unstructured":"Abadi, M., Budiu, M., Erlingsson, U., Ligatti, J.: Control-flow integrity. In: Proceedings of the 12th ACM Conference on Computer and Communications Security","DOI":"10.1145\/1102120.1102165"},{"key":"5_CR2","doi-asserted-by":"crossref","unstructured":"Bilar, D.: Opcodes as predictor for malware. International Journal of Electronic Security and Digital Forensics , 156\u2013168 (2007)","DOI":"10.1504\/IJESDF.2007.016865"},{"key":"5_CR3","doi-asserted-by":"crossref","unstructured":"Christodorescu, M., Jha, S.: Static analysis of executables to detect malicious patterns. Tech. rep, DTIC Document (2006)","DOI":"10.21236\/ADA449067"},{"key":"5_CR4","doi-asserted-by":"crossref","unstructured":"Christodorescu, M., Jha, S., Seshia, S.A., Song, D., Bryant, R.E.: Semantics-aware malware detection. In: 2005 IEEE Symposium on Security and Privacy (2005)","DOI":"10.1109\/SP.2005.20"},{"key":"5_CR5","doi-asserted-by":"crossref","unstructured":"Davi, L., Hanreich, M., Paul, D., Sadeghi, A.-R., Koeberl, P., Sullivan, D., Arias, O., Jin, Y.: Hafix: Hardware-assisted flow integrity extension. In: Proceedings of the 52nd Annual Design Automation Conference, p. 74. ACM (2015)","DOI":"10.1145\/2744769.2744847"},{"issue":"3","key":"5_CR6","doi-asserted-by":"crossref","first-page":"559","DOI":"10.1145\/2508148.2485970","volume":"41","author":"J Demme","year":"2013","unstructured":"Demme, J., Maycock, M., Schmitz, J., Tang, A., Waksman, A., Sethumadhavan, S., Stolfo, S.: On the feasibility of online malware detection with performance counters. SIGARCH Comput. Archit. News 41(3), 559\u2013570 (2013)","journal-title":"SIGARCH Comput. Archit. News"},{"key":"5_CR7","unstructured":"Gantz, J.F., Florean, A., Lee, R., Lim, V., Sikdar, B., Lakshmi, S.K.S., Madhavan, L., Nagappan, M.: The link between pirated software and cybersecurity breaches. \nhttps:\/\/news.microsoft.com\/download\/presskits\/dcu\/docs\/idc_031814.pdf"},{"issue":"3","key":"5_CR8","doi-asserted-by":"crossref","first-page":"151","DOI":"10.3233\/JCS-980109","volume":"6","author":"SA Hofmeyr","year":"1998","unstructured":"Hofmeyr, S.A., Forrest, S., Somayaji, A.: Intrusion detection using sequences of system calls. Journal of Computer Security 6(3), 151\u2013180 (1998)","journal-title":"Journal of Computer Security"},{"issue":"3","key":"5_CR9","doi-asserted-by":"crossref","first-page":"251","DOI":"10.1007\/s11416-008-0086-0","volume":"4","author":"G Jacob","year":"2008","unstructured":"Jacob, G., Debar, H., Filiol, E.: Behavioral detection of malware: from a survey towards an established taxonomy. Journal in Computer Virology 4(3), 251\u2013266 (2008)","journal-title":"Journal in Computer Virology"},{"key":"5_CR10","unstructured":"Li, H.: Understanding and exploiting flash actionscript vulnerabilities (2011)"},{"key":"5_CR11","doi-asserted-by":"crossref","unstructured":"Liang, Z., Sekar, R.: Fast and automated generation of attack signatures: A basis for building self-protecting servers. In: Proceedings of the 12th ACM Conference on Computer and Communications Security, pp. 213\u2013222. ACM (2005)","DOI":"10.1145\/1102120.1102150"},{"key":"5_CR12","doi-asserted-by":"crossref","unstructured":"Luk, C.-K., Cohn, R., Muth, R., Patil, H., Klauser, A., Lowney, G., Wallace, S., Reddi, V.J., Hazelwood, K.: Pin: building customized program analysis tools with dynamic instrumentation. In: ACM Conference on Programming Language Design and Implementation (2005)","DOI":"10.1145\/1065010.1065034"},{"key":"5_CR13","doi-asserted-by":"crossref","unstructured":"Moser, A., Kruegel, C., Kirda, E.: Limits of static analysis for malware detection. In: Twenty-third AnnualComputer Security Applications Conference, ACSAC 2007 (2007)","DOI":"10.1109\/ACSAC.2007.21"},{"key":"5_CR14","doi-asserted-by":"crossref","unstructured":"Ozsoy, M., Donovick, C., Gorelik, I., Abu-Ghazaleh, N., Ponomarev, D.: Malware-aware processors: A framework for efficient online malware detection. In: 2015 IEEE 21st International Symposium on High Performance Computer Architecture (HPCA) (2015)","DOI":"10.1109\/HPCA.2015.7056070"},{"key":"5_CR15","unstructured":"Pappas, V., Polychronakis, M., Keromytis, A.D.: Transparent ROP exploit mitigation using indirect branch tracing. In: USENIX Security, vol. 30, p. 38 (2013)"},{"key":"5_CR16","doi-asserted-by":"crossref","unstructured":"Ringenburg, M. F., Grossman, D.: Preventing format-string attacks via automatic and efficient dynamic checking. In: Proceedings of the 12th ACM Conference on Computer and Communications Security, pp. 354\u2013363. ACM (2005)","DOI":"10.1145\/1102120.1102166"},{"key":"5_CR17","doi-asserted-by":"crossref","first-page":"37","DOI":"10.1007\/s11416-012-0160-5","volume":"8","author":"N Runwal","year":"2012","unstructured":"Runwal, N., Low, R.M., Stamp, M.: Opcode graph similarity and metamorphic detection. Journal in Computer Virology 8, 37\u201352 (2012)","journal-title":"Journal in Computer Virology"},{"key":"5_CR18","doi-asserted-by":"crossref","unstructured":"Sen, K., Marinov, D., Agha, G.: Cute: A concolic unit testing engine for c. In: ACM SIGSOFT Software Engineering Notes, vol. 30, pp. 263\u2013272. ACM (2005)","DOI":"10.1145\/1081706.1081750"},{"key":"5_CR19","doi-asserted-by":"crossref","unstructured":"Sezer, E.C., Ning, P., Kil, C., Xu, J.: Memsherlock: an automated debugger for unknown memory corruption vulnerabilities. In: Proceedings of the 14th ACM Conference on Computer and Communications Security, pp. 562\u2013572. ACM(2007)","DOI":"10.1145\/1315245.1315314"},{"key":"5_CR20","doi-asserted-by":"crossref","unstructured":"Shacham, H., Page, M., Pfaff, B., Goh, E.-J., Modadugu, N., Boneh, D.: On the effectiveness of address-space randomization. In: Proceedings of the 11th ACM Conference on Computer and Communications Security, pp. 298\u2013307. ACM (2004)","DOI":"10.1145\/1030083.1030124"},{"key":"5_CR21","unstructured":"Viega, J., Bloch, J.-T., Kohno, Y., McGraw, G.: Its4: A static vulnerability scanner for c and c++ code. In: Computer Security Applications (2000)"},{"key":"5_CR22","series-title":"Lecture Notes in Computer Science","doi-asserted-by":"publisher","first-page":"203","DOI":"10.1007\/978-3-540-30143-1_11","volume-title":"Recent Advances in Intrusion Detection","author":"K Wang","year":"2004","unstructured":"Wang, K., Stolfo, S.J.: Anomalous payload-based network intrusion detection. In: Jonsson, E., Valdes, A., Almgren, M. (eds.) RAID 2004. LNCS, vol. 3224, pp. 203\u2013222. Springer, Heidelberg (2004). \nhttps:\/\/doi.org\/10.1007\/978-3-540-30143-1_11"},{"key":"5_CR23","doi-asserted-by":"crossref","unstructured":"Wang, Z., Jiang, X.: Hypersafe: A lightweight approach to provide lifetime hypervisor control-flow integrity. In: 2010 IEEE Symposium on Security and Privacy (SP) (2010)","DOI":"10.1109\/SP.2010.30"},{"key":"5_CR24","doi-asserted-by":"crossref","unstructured":"Wilander, J., Nikiforakis, N., Younan, Y., Kamkar, M., Joosen, W.: Ripe: runtime intrusion prevention evaluator. In: 27th Computer Security Applications Conference (2011)","DOI":"10.1145\/2076732.2076739"},{"key":"5_CR25","doi-asserted-by":"crossref","unstructured":"Xu, R.-G., Godefroid, P., Majumdar, R.: Testing for buffer overflows with length abstraction. In: Proceedings of the 2008 International Symposium on Software Testing and Analysis, pp. 27\u201338. ACM (2008)","DOI":"10.1145\/1390630.1390636"},{"key":"5_CR26","doi-asserted-by":"crossref","unstructured":"Xu, Z., Ray, S., Subramanyan, P., Malik, S.: Malware detection using machine learning based analysis of virtual memory access patterns. In: Proceedings of the 2017 Design, Automation & Test in Europe Conference & Exhibition (2017)","DOI":"10.23919\/DATE.2017.7926977"}],"container-title":["Lecture Notes in Computer Science","Hardware and Software: Verification and Testing"],"original-title":[],"link":[{"URL":"http:\/\/link.springer.com\/content\/pdf\/10.1007\/978-3-319-70389-3_5","content-type":"unspecified","content-version":"vor","intended-application":"similarity-checking"}],"deposited":{"date-parts":[[2017,11,11]],"date-time":"2017-11-11T09:44:31Z","timestamp":1510393471000},"score":1,"resource":{"primary":{"URL":"http:\/\/link.springer.com\/10.1007\/978-3-319-70389-3_5"}},"subtitle":[],"short-title":[],"issued":{"date-parts":[[2017]]},"ISBN":["9783319703886","9783319703893"],"references-count":26,"URL":"https:\/\/doi.org\/10.1007\/978-3-319-70389-3_5","relation":{},"ISSN":["0302-9743","1611-3349"],"issn-type":[{"type":"print","value":"0302-9743"},{"type":"electronic","value":"1611-3349"}],"subject":[],"published":{"date-parts":[[2017]]}}}