{"status":"ok","message-type":"work","message-version":"1.0.0","message":{"indexed":{"date-parts":[[2025,9,3]],"date-time":"2025-09-03T10:38:11Z","timestamp":1756895891283,"version":"3.40.3"},"publisher-location":"Cham","reference-count":37,"publisher":"Springer International Publishing","isbn-type":[{"type":"print","value":"9783319934105"},{"type":"electronic","value":"9783319934112"}],"license":[{"start":{"date-parts":[[2018,1,1]],"date-time":"2018-01-01T00:00:00Z","timestamp":1514764800000},"content-version":"tdm","delay-in-days":0,"URL":"http:\/\/www.springer.com\/tdm"}],"content-domain":{"domain":["link.springer.com"],"crossmark-restriction":false},"short-container-title":[],"published-print":{"date-parts":[[2018]]},"DOI":"10.1007\/978-3-319-93411-2_16","type":"book-chapter","created":{"date-parts":[[2018,6,7]],"date-time":"2018-06-07T07:49:28Z","timestamp":1528357768000},"page":"351-371","update-policy":"https:\/\/doi.org\/10.1007\/springer_crossmark_policy","source":"Crossref","is-referenced-by-count":8,"title":["ELISA: ELiciting ISA of Raw Binaries for Fine-Grained Code and Data Separation"],"prefix":"10.1007","author":[{"given":"Pietro","family":"De Nicolao","sequence":"first","affiliation":[]},{"given":"Marcello","family":"Pogliani","sequence":"additional","affiliation":[]},{"given":"Mario","family":"Polino","sequence":"additional","affiliation":[]},{"given":"Michele","family":"Carminati","sequence":"additional","affiliation":[]},{"given":"Davide","family":"Quarta","sequence":"additional","affiliation":[]},{"given":"Stefano","family":"Zanero","sequence":"additional","affiliation":[]}],"member":"297","published-online":{"date-parts":[[2018,6,8]]},"reference":[{"key":"16_CR1","series-title":"Lecture Notes in Computer Science","doi-asserted-by":"publisher","first-page":"1","DOI":"10.1007\/978-3-540-89862-7_1","volume-title":"Information Systems Security","author":"D Song","year":"2008","unstructured":"Song, D., et al.: BitBlaze: a new approach to computer security via binary analysis. In: Sekar, R., Pujari, A.K. (eds.) ICISS 2008. LNCS, vol. 5352, pp. 1\u201325. Springer, Heidelberg (2008). \n                      https:\/\/doi.org\/10.1007\/978-3-540-89862-7_1"},{"key":"16_CR2","series-title":"Lecture Notes in Computer Science","doi-asserted-by":"publisher","first-page":"463","DOI":"10.1007\/978-3-642-22110-1_37","volume-title":"Computer Aided Verification","author":"D Brumley","year":"2011","unstructured":"Brumley, D., Jager, I., Avgerinos, T., Schwartz, E.J.: BAP: a binary analysis platform. In: Gopalakrishnan, G., Qadeer, S. (eds.) CAV 2011. LNCS, vol. 6806, pp. 463\u2013469. Springer, Heidelberg (2011). \n                      https:\/\/doi.org\/10.1007\/978-3-642-22110-1_37"},{"key":"16_CR3","doi-asserted-by":"crossref","unstructured":"Shoshitaishvili, Y., Wang, R., Salls, C., Stephens, N., Polino, M., Dutcher, A., Grosen, J., Feng, S., Hauser, C., Kruegel, C., Vigna, G.: Sok: (state of) the art of war: offensive techniques in binary analysis. In: Proceedings of 2016 IEEE Symposium on Security and Privacy, SP, pp. 138\u2013157 (2016)","DOI":"10.1109\/SP.2016.17"},{"key":"16_CR4","doi-asserted-by":"crossref","unstructured":"Shoshitaishvili, Y., Wang, R., Hauser, C., Kruegel, C., Vigna, G.: Firmalice-automatic detection of authentication bypass vulnerabilities in binary firmware. In: Proceedings of 2015 Network and Distributed System Security Symposium, NDSS (2015)","DOI":"10.14722\/ndss.2015.23294"},{"key":"16_CR5","unstructured":"Haller, I., Slowinska, A., Neugschwandtner, M., Bos, H.: Dowsing for overflows: a guided fuzzer to find buffer boundary violations. In: Proceedings of 22nd USENIX Security Symposium, USENIX Security 2013, pp. 49\u201364 (2013)"},{"key":"16_CR6","doi-asserted-by":"crossref","unstructured":"Corina, J., Machiry, A., Salls, C., Shoshitaishvili, Y., Hao, S., Kruegel, C., Vigna, G.: Difuze: interface aware fuzzing for kernel drivers. In: Proceedings of the 2017 ACM SIGSAC Conference on Computer and Communications Security, CCS 2017, pp. 2123\u20132138 (2017)","DOI":"10.1145\/3133956.3134069"},{"key":"16_CR7","doi-asserted-by":"crossref","unstructured":"Stephens, N., Grosen, J., Salls, C., Dutcher, A., Wang, R., Corbetta, J., Shoshitaishvili, Y., Kruegel, C., Vigna, G.: Driller: augmenting fuzzing through selective symbolic execution. In: Proceedings of 2016 Network and Distributed System Security Symposium, NDSS, vol. 16, pp. 1\u201316 (2016)","DOI":"10.14722\/ndss.2016.23368"},{"key":"16_CR8","doi-asserted-by":"crossref","unstructured":"Cova, M., Felmetsger, V., Banks, G., Vigna, G.: Static detection of vulnerabilities in x86 executables. In: Proceedings of 22nd Annual Computer Security Applications Conference, ACSAC, pp. 269\u2013278. IEEE (2006)","DOI":"10.1109\/ACSAC.2006.50"},{"key":"16_CR9","unstructured":"Kolsek, M.: Did microsoft just manually patch their equation editor executable? Why yes, yes they did. (cve-2017-11882) (2017). \n                      https:\/\/0patch.blogspot.com\/2017\/11\/did-microsoft-just-manually-patch-their.html"},{"key":"16_CR10","series-title":"Lecture Notes in Computer Science (Lecture Notes in Artificial Intelligence)","doi-asserted-by":"publisher","first-page":"522","DOI":"10.1007\/978-3-642-23808-6_34","volume-title":"Machine Learning and Knowledge Discovery in Databases","author":"R Wartell","year":"2011","unstructured":"Wartell, R., Zhou, Y., Hamlen, K.W., Kantarcioglu, M., Thuraisingham, B.: Differentiating code from data in x86 binaries. In: Gunopulos, D., Hofmann, T., Malerba, D., Vazirgiannis, M. (eds.) ECML PKDD 2011. LNCS (LNAI), vol. 6913, pp. 522\u2013536. Springer, Heidelberg (2011). \n                      https:\/\/doi.org\/10.1007\/978-3-642-23808-6_34"},{"key":"16_CR11","unstructured":"Andriesse, D., Chen, X., van der Veen, V., Slowinska, A., Bos, H.: An in-depth analysis of disassembly on full-scale x86\/x64 binaries. In: Proceedings of 25th USENIX Security Symposium, USENIX Security 2016, pp. 583\u2013600 (2016)"},{"key":"16_CR12","doi-asserted-by":"crossref","unstructured":"Andriesse, D., Slowinska, A., Bos, H.: Compiler-agnostic function detection in binaries. In: Proceedings of 2017 IEEE European Symposium on Security and Privacy, Euro S&P, pp. 177\u2013189. IEEE (2017)","DOI":"10.1109\/EuroSP.2017.11"},{"key":"16_CR13","doi-asserted-by":"crossref","unstructured":"Chen, J.Y., Shen, B.Y., Ou, Q.H., Yang, W., Hsu, W.C.: Effective code discovery for ARM\/Thumb mixed ISA binaries in a static binary translator. In: Proceedings of 2013 International Conference on Compilers, Architectures and Synthesis for Embedded Systems, CASES 2013, pp. 1\u201310 (2013)","DOI":"10.1109\/CASES.2013.6662525"},{"key":"16_CR14","doi-asserted-by":"publisher","first-page":"S156","DOI":"10.1016\/j.diin.2015.05.007","volume":"14","author":"J Clemens","year":"2015","unstructured":"Clemens, J.: Automatic classification of object code using machine learning. Digit. Investig. 14, S156\u2013S162 (2015)","journal-title":"Digit. Investig."},{"key":"16_CR15","unstructured":"Lafferty, J.D., McCallum, A., Pereira, F.C.N.: Conditional random fields: probabilistic models for segmenting and labeling sequence data. In: Proceedings of 18th International Conference on Machine Learning, ICML 2001, pp. 282\u2013289. Morgan Kaufmann Publishers Inc. (2001)"},{"key":"16_CR16","unstructured":"Taskar, B., Guestrin, C., Koller, D.: Max-margin Markov networks. In: Advances in Neural Information Processing Systems, pp. 25\u201332 (2004)"},{"key":"16_CR17","unstructured":"Lacoste-Julien, S., Jaggi, M., Schmidt, M., Pletscher, P.: Block-coordinate Frank-Wolfe optimization for structural SVMs. In: Proceedings of 30th International Conference on Machine Learning, ICML 2013, pp. 53\u201361 (2013)"},{"key":"16_CR18","first-page":"2055","volume":"15","author":"AC M\u00fcller","year":"2014","unstructured":"M\u00fcller, A.C., Behnke, S.: PyStruct - learning structured prediction in python. J. Mach. Learn. Res. 15, 2055\u20132060 (2014)","journal-title":"J. Mach. Learn. Res."},{"key":"16_CR19","doi-asserted-by":"crossref","unstructured":"Bulu\u00e7, A., Fineman, J.T., Frigo, M., Gilbert, J.R., Leiserson, C.E.: Parallel sparse matrix-vector and matrix-transpose-vector multiplication using compressed sparse blocks. In: Proceedings of 21st Annual Symposium on Parallelism in algorithms and architectures, SPAA 2009, pp. 233\u2013244. ACM (2009)","DOI":"10.1145\/1583991.1584053"},{"key":"16_CR20","unstructured":"Arduino: Built-In Examples. \n                      https:\/\/www.arduino.cc\/en\/Tutorial\/BuiltInExamples"},{"key":"16_CR21","unstructured":"NVIDIA: CUDA Samples. \n                      http:\/\/docs.nvidia.com\/cuda\/cuda-samples\/index.html"},{"key":"16_CR22","unstructured":"Legitimate Business Syndicate: The cLEMENCy Architecture (2017). \n                      https:\/\/blog.legitbs.net\/2017\/07\/the-clemency-architecture.html"},{"key":"16_CR23","unstructured":"Bao, T., Burket, J., Woo, M., Turner, R., Brumley, D.: ByteWeight: learning to recognize functions in binary code. In: Proceedings of 23rd USENIX Security Symposium, pp. 845\u2013860 (2014)"},{"key":"16_CR24","unstructured":"Karampatziakis, N.: Static analysis of binary executables using structural SVMs. In: Lafferty, J.D., Williams, C.K.I., Shawe-Taylor, J., Zemel, R.S., Culotta, A. (eds.) Advances in Neural Information Processing Systems 23, pp. 1063\u20131071. Curran Associates, Inc. (2010)"},{"key":"16_CR25","unstructured":"Microsoft: Universal Windows Platform (UWP) app samples. \n                      https:\/\/github.com\/Microsoft\/Windows-universal-samples"},{"key":"16_CR26","unstructured":"Microsoft: Dia2dump sample. \n                      https:\/\/docs.microsoft.com\/en-us\/visualstudio\/debugger\/debug-interface-access\/dia2dump-sample"},{"key":"16_CR27","unstructured":"Eager, M.J.: Introduction to the DWARF debugging format (2012). \n                      http:\/\/www.dwarfstd.org\/doc\/Debugging"},{"key":"16_CR28","doi-asserted-by":"crossref","unstructured":"Linn, C., Debray, S.: Obfuscation of executable code to improve resistance to static disassembly. In: Proceedings of 10th ACM Conference on Computer and Communications Security, CCS 2003, pp. 290\u2013299. ACM (2003)","DOI":"10.1145\/948109.948149"},{"key":"16_CR29","unstructured":"Kruegel, C., Robertson, W., Valeur, F., Vigna, G.: Static disassembly of obfuscated binaries. In: Proceedings of 13th USENIX Security Symposium (2004)"},{"key":"16_CR30","unstructured":"Rosenblum, N., Zhu, X., Miller, B., Hunt, K.: Learning to analyze binary computer code. In: Proceedings of 23th AAAI Conference on Artificial Intelligence, AAAI 2008, pp. 798\u2013804. AAAI Press (2008)"},{"key":"16_CR31","unstructured":"Shin, E.C.R., Song, D., Moazzezi, R.: Recognizing functions in binaries with neural networks. In: Proceedings of 24th USENIX Security Symposium, pp. 611\u2013626 (2015)"},{"key":"16_CR32","doi-asserted-by":"crossref","unstructured":"McDaniel, M., Heydari, M.H.: Content based file type detection algorithms. In: Proceedings of 36th Annual Hawaii International Conference on System Sciences (2003)","DOI":"10.1109\/HICSS.2003.1174905"},{"key":"16_CR33","unstructured":"Li, W.J., Wang, K., Stolfo, S.J., Herzog, B.: Fileprints: identifying file types by n-gram analysis. In: Proceedings of the 6th Annual IEEE SMC Information Assurance Workshop, IAW 2005, pp. 64\u201371. IEEE (2005)"},{"key":"16_CR34","series-title":"IFIP Advances in Information and Communication Technology","doi-asserted-by":"publisher","first-page":"67","DOI":"10.1007\/978-3-642-33962-2_5","volume-title":"Advances in Digital Forensics VIII","author":"L Sportiello","year":"2012","unstructured":"Sportiello, L., Zanero, S.: Context-based file block classification. In: Peterson, G., Shenoi, S. (eds.) DigitalForensics 2012. IAICT, vol. 383, pp. 67\u201382. Springer, Heidelberg (2012). \n                      https:\/\/doi.org\/10.1007\/978-3-642-33962-2_5"},{"issue":"4","key":"16_CR35","doi-asserted-by":"publisher","first-page":"372","DOI":"10.1016\/j.diin.2013.08.004","volume":"10","author":"P Penrose","year":"2013","unstructured":"Penrose, P., Macfarlane, R., Buchanan, W.J.: Approaches to the classification of high entropy file fragments. Digit. Investig. 10(4), 372\u2013384 (2013)","journal-title":"Digit. Investig."},{"key":"16_CR36","unstructured":"Granboulan, L.: cpu_rec: Recognize cpu instructions in an arbitrary binary file (2017). \n                      https:\/\/github.com\/airbus-seclab\/cpu_rec"},{"key":"16_CR37","unstructured":"Oberhumer, M.F., Moln\u00e1r, L., Reiser, J.F.: UPX: the Ultimate Packer for eXecutables. \n                      https:\/\/upx.github.io\/"}],"container-title":["Lecture Notes in Computer Science","Detection of Intrusions and Malware, and Vulnerability Assessment"],"original-title":[],"language":"en","link":[{"URL":"http:\/\/link.springer.com\/content\/pdf\/10.1007\/978-3-319-93411-2_16","content-type":"unspecified","content-version":"vor","intended-application":"similarity-checking"}],"deposited":{"date-parts":[[2020,3,3]],"date-time":"2020-03-03T03:19:47Z","timestamp":1583205587000},"score":1,"resource":{"primary":{"URL":"http:\/\/link.springer.com\/10.1007\/978-3-319-93411-2_16"}},"subtitle":[],"short-title":[],"issued":{"date-parts":[[2018]]},"ISBN":["9783319934105","9783319934112"],"references-count":37,"URL":"https:\/\/doi.org\/10.1007\/978-3-319-93411-2_16","relation":{},"ISSN":["0302-9743","1611-3349"],"issn-type":[{"type":"print","value":"0302-9743"},{"type":"electronic","value":"1611-3349"}],"subject":[],"published":{"date-parts":[[2018]]},"assertion":[{"value":"8 June 2018","order":1,"name":"first_online","label":"First Online","group":{"name":"ChapterHistory","label":"Chapter History"}},{"value":"DIMVA","order":1,"name":"conference_acronym","label":"Conference Acronym","group":{"name":"ConferenceInfo","label":"Conference Information"}},{"value":"International Conference on Detection of Intrusions and Malware, and Vulnerability Assessment","order":2,"name":"conference_name","label":"Conference Name","group":{"name":"ConferenceInfo","label":"Conference Information"}},{"value":"Saclay","order":3,"name":"conference_city","label":"Conference City","group":{"name":"ConferenceInfo","label":"Conference Information"}},{"value":"France","order":4,"name":"conference_country","label":"Conference Country","group":{"name":"ConferenceInfo","label":"Conference Information"}},{"value":"2018","order":5,"name":"conference_year","label":"Conference Year","group":{"name":"ConferenceInfo","label":"Conference Information"}},{"value":"28 June 2018","order":7,"name":"conference_start_date","label":"Conference Start Date","group":{"name":"ConferenceInfo","label":"Conference Information"}},{"value":"29 June 2018","order":8,"name":"conference_end_date","label":"Conference End Date","group":{"name":"ConferenceInfo","label":"Conference Information"}},{"value":"15","order":9,"name":"conference_number","label":"Conference Number","group":{"name":"ConferenceInfo","label":"Conference Information"}},{"value":"dimva2018","order":10,"name":"conference_id","label":"Conference ID","group":{"name":"ConferenceInfo","label":"Conference Information"}},{"value":"http:\/\/www.dimva2018.org\/","order":11,"name":"conference_url","label":"Conference URL","group":{"name":"ConferenceInfo","label":"Conference Information"}}]}}