{"status":"ok","message-type":"work","message-version":"1.0.0","message":{"indexed":{"date-parts":[[2026,1,30]],"date-time":"2026-01-30T03:09:05Z","timestamp":1769742545089,"version":"3.49.0"},"publisher-location":"Berlin, Heidelberg","reference-count":43,"publisher":"Springer Berlin Heidelberg","isbn-type":[{"value":"9783540898610","type":"print"},{"value":"9783540898627","type":"electronic"}],"license":[{"start":{"date-parts":[[2008,1,1]],"date-time":"2008-01-01T00:00:00Z","timestamp":1199145600000},"content-version":"unspecified","delay-in-days":0,"URL":"http:\/\/www.springer.com\/tdm"}],"content-domain":{"domain":[],"crossmark-restriction":false},"short-container-title":[],"published-print":{"date-parts":[[2008]]},"DOI":"10.1007\/978-3-540-89862-7_1","type":"book-chapter","created":{"date-parts":[[2008,12,3]],"date-time":"2008-12-03T09:01:00Z","timestamp":1228294860000},"page":"1-25","source":"Crossref","is-referenced-by-count":436,"title":["BitBlaze: A New Approach to Computer Security via Binary Analysis"],"prefix":"10.1007","author":[{"given":"Dawn","family":"Song","sequence":"first","affiliation":[]},{"given":"David","family":"Brumley","sequence":"additional","affiliation":[]},{"given":"Heng","family":"Yin","sequence":"additional","affiliation":[]},{"given":"Juan","family":"Caballero","sequence":"additional","affiliation":[]},{"given":"Ivan","family":"Jager","sequence":"additional","affiliation":[]},{"given":"Min Gyung","family":"Kang","sequence":"additional","affiliation":[]},{"given":"Zhenkai","family":"Liang","sequence":"additional","affiliation":[]},{"given":"James","family":"Newsome","sequence":"additional","affiliation":[]},{"given":"Pongsin","family":"Poosankam","sequence":"additional","affiliation":[]},{"given":"Prateek","family":"Saxena","sequence":"additional","affiliation":[]}],"member":"297","reference":[{"key":"1_CR1","unstructured":"CVC Lite documentation (Page checked 7\/26\/2008), http:\/\/www.cs.nyu.edu\/acsys\/cvcl\/doc\/"},{"key":"1_CR2","unstructured":"The DOT language (Page checked 7\/26\/2008), http:\/\/www.graphviz.org\/doc\/info\/lang.html"},{"key":"1_CR3","unstructured":"On the run - building dynamic modifiers for optimization, detection, and security. Original DynamoRIO announcement via PLDI tutorial (June 2002)"},{"key":"1_CR4","unstructured":"ARM. ARM Architecture Reference Manual (2005) Doc. No. DDI-0100I"},{"key":"1_CR5","doi-asserted-by":"crossref","unstructured":"Balakrishnan, G.: WYSINWYX: What You See Is Not What You eXecute. PhD thesis, Computer Science Department, University of Wisconsin at Madison (August 2007)","DOI":"10.1007\/978-3-540-69149-5_22"},{"key":"1_CR6","doi-asserted-by":"crossref","unstructured":"Balakrishnan, G., Gruian, R., Reps, T., Teitelbaum, T.: Codesurfer\/x86 - a platform for analyzing x86 executables. In: Proceedings of the International Conference on Compiler Construction (April 2005)","DOI":"10.1007\/978-3-540-31985-6_19"},{"key":"1_CR7","unstructured":"Brumley, D., Caballero, J., Liang, Z., Newsome, J., Song, D.: Towards automatic discovery of deviations in binary implementations with applications to error detection and fingerprint generation. In: Proceedings of the USENIX Security Symposium, Boston, MA (August 2007)"},{"key":"1_CR8","unstructured":"Brumley, D., Hartwig, C., Kang, M.G., Liang, Z., Newsome, J., Poosankam, P., Song, D.: Bitscope: Automatically dissecting malicious binaries. Technical Report CS-07-133, School of Computer Science, Carnegie Mellon University (March 2007)"},{"key":"1_CR9","series-title":"Countering the Largest Security Threat Series: Advances in Information Security","doi-asserted-by":"publisher","DOI":"10.1007\/978-0-387-68768-1_4","volume-title":"Botnet Detection","author":"D. Brumley","year":"2008","unstructured":"Brumley, D., Hartwig, C., Liang, Z., Newsome, J., Poosankam, P., Song, D., Yin, H.: Automatically identifying trigger-based behavior in malware. In: Lee, W., Wang, C., Dagon, D. (eds.) Botnet Detection. Countering the Largest Security Threat Series: Advances in Information Security, vol.\u00a036, Springer, Heidelberg (2008)"},{"key":"1_CR10","unstructured":"Brumley, D., Hartwig, C., Liang, Z., Newsome, J., Song, D., Yin, H.: Towards automatically identifying trigger-based behavior in malware using symbolic execution and binary analysis. Technical Report CMU-CS-07-105, Carnegie Mellon University School of Computer Science (January 2007)"},{"key":"1_CR11","doi-asserted-by":"crossref","unstructured":"Brumley, D., Newsome, J., Song, D., Wang, H., Jha, S.: Towards automatic generation of vulnerability-based signatures. In: Proceedings of the 2006 IEEE Symposium on Security and Privacy, pp. 2\u201316 (2006)","DOI":"10.1109\/SP.2006.41"},{"key":"1_CR12","doi-asserted-by":"crossref","unstructured":"Brumley, D., Poosankam, P., Song, D., Zheng, J.: Automatic patch-based exploit generation is possible: Techniques and implications. In: Proceedings of the 2008 IEEE Symposium on Security and Privacy (2008)","DOI":"10.1109\/SP.2008.17"},{"key":"1_CR13","doi-asserted-by":"crossref","unstructured":"Brumley, D., Wang, H., Jha, S., Song, D.: Creating vulnerability signatures using weakest pre-conditions. In: Proceedings of Computer Security Foundations Symposium (July 2007)","DOI":"10.1109\/CSF.2007.17"},{"key":"1_CR14","doi-asserted-by":"crossref","unstructured":"Caballero, J., Yin, H., Liang, Z., Song, D.: Polyglot: Automatic extraction of protocol message format using dynamic binary analysis. In: Proceedings of the 14th ACM Conferences on Computer and Communication Security (CCS 2007) (October 2007)","DOI":"10.1145\/1315245.1315286"},{"key":"1_CR15","doi-asserted-by":"crossref","unstructured":"Caballero, J., Yin, H., Liang, Z., Song, D.: Polyglot: Automatic extraction of protocol message format using dynamic binary analysis. In: Proceedings of the ACM Conference on Computer and Communications Security (October 2007)","DOI":"10.1145\/1315245.1315286"},{"key":"1_CR16","doi-asserted-by":"crossref","unstructured":"Chow, J., Pfaff, B., Garfinkel, T., Christopher, K., Rosenblum, M.: Understanding data lifetime via whole system simulation. In: Proceedings of the 13th USENIX Security Symposium (Security 2004) (August 2004)","DOI":"10.1145\/1133572.1133599"},{"key":"1_CR17","doi-asserted-by":"crossref","unstructured":"Costa, M., Crowcroft, J., Castro, M., Rowstron, A., Zhou, L., Zhang, L., Barham, P.: Vigilante: End-to-end containment of internet worms. In: In Proceedings of the Symposium on Systems and Operating Systems Principles (SOSP 2005) (2005)","DOI":"10.1145\/1095810.1095824"},{"key":"1_CR18","doi-asserted-by":"crossref","unstructured":"Crandall, J.R., Chong, F.T.: Minos: Control data attack prevention orthogonal to memory model. In: Proceedings of the 37th International Symposium on Microarchitecture (MICRO 2004) (December 2004)","DOI":"10.1109\/MICRO.2004.26"},{"key":"1_CR19","unstructured":"DataRescue. IDA Pro. (Page checked 7\/31\/2008), http:\/\/www.datarescue.com"},{"key":"1_CR20","volume-title":"A Discipline of Programming","author":"E.W. Dijkstra","year":"1976","unstructured":"Dijkstra, E.W.: A Discipline of Programming. Prentice Hall, Englewood Cliffs (1976)"},{"key":"1_CR21","unstructured":"Ganesh, V., Dill, D.: STP: A decision procedure for bitvectors and arrays, http:\/\/theory.stanford.edu\/~vganesh\/stp"},{"key":"1_CR22","series-title":"Lecture Notes in Computer Science","doi-asserted-by":"publisher","first-page":"524","DOI":"10.1007\/978-3-540-73368-3_52","volume-title":"Computer Aided Verification","author":"V. Ganesh","year":"2007","unstructured":"Ganesh, V., Dill, D.L.: A decision procedure for bit-vectors and arrays. In: Damm, W., Hermanns, H. (eds.) CAV 2007. LNCS, vol.\u00a04590, pp. 524\u2013536. Springer, Heidelberg (2007)"},{"key":"1_CR23","unstructured":"Intel Corporation. Intel 64 and IA-32 Architectures Software Developer\u2019s Manual, Volumes 1-5 (April 2008)"},{"key":"1_CR24","unstructured":"Jackson, D., Rollins, E.J.: Chopping: A generalization of slicing. Technical Report CS-94-169, Carnegie Mellon University School of Computer Science (1994)"},{"key":"1_CR25","doi-asserted-by":"crossref","unstructured":"Kang, M.G., Poosankam, P., Yin, H.: Renovo: A hidden code extractor for packed executables. In: Proceedings of the 5th ACM Workshop on Recurring Malcode (WORM 2007) (October 2007)","DOI":"10.1145\/1314389.1314399"},{"key":"1_CR26","unstructured":"Kruegel, C., Robertson, W., Valeur, F., Vigna, G.: Static disassembly of obfuscated binaries. In: Proceedings of the USENIX Security Symposium (2004)"},{"key":"1_CR27","doi-asserted-by":"crossref","unstructured":"Luk, C.-K., Cohn, R., Muth, R., Patil, H., Klauser, A., Lowney, G., Wallace, S., Reddi, V.J., Hazelwood, K.: Pin: Building customized program analysis tools with dynamic instrumentation. In: Proceedings of the ACM Conference on Programming Language Design and Implementation (June 2005)","DOI":"10.1145\/1065010.1065034"},{"key":"1_CR28","unstructured":"Microsoft. Phoenix framework (Paged checked 7\/31\/2008), http:\/\/research.microsoft.com\/phoenix\/"},{"key":"1_CR29","unstructured":"Microsoft. Phoenix project architect posting (Page checked 7\/31\/2008) (July 2008), http:\/\/forums.msdn.microsoft.com\/en-US\/phoenix\/thread\/90f5212c-05a-4aea-9a8f-a5840a6d101d"},{"key":"1_CR30","volume-title":"Advanced Compiler Design and Implementation","author":"S.S. Muchnick","year":"1997","unstructured":"Muchnick, S.S.: Advanced Compiler Design and Implementation. Academic Press, London (1997)"},{"key":"1_CR31","unstructured":"Nethercote, N.: Dynamic Binary Analysis and Instrumentation or Building Tools is Easy. PhD thesis, Trinity College, University of Cambridge (2004)"},{"key":"1_CR32","doi-asserted-by":"crossref","unstructured":"Newsome, J., Brumley, D., Franklin, J., Song, D.: Replayer: Automatic protocol replay by binary analysis. In: Write, R., De Capitani di Vimercati, S., Shmatikov, V. (eds.) Proceedings of the ACM Conference on Computer and Communications Security, pp. 311\u2013321 (2006)","DOI":"10.1145\/1180405.1180444"},{"key":"1_CR33","unstructured":"Newsome, J., Brumley, D., Song, D.: Sting: An end-to-end self-healing system for defending against zero-day worm attacks. Technical Report CMU-CS-05-191, Carnegie Mellon University School of Computer Science (2006)"},{"key":"1_CR34","unstructured":"Newsome, J., Brumley, D., Song, D.: Vulnerability-specific execution filtering for exploit prevention on commodity software. In: Proceedings of the 13th Annual Network and Distributed Systems Security Symposium, NDSS (2006)"},{"key":"1_CR35","unstructured":"Newsome, J., Song, D.: Dynamic taint analysis for automatic detection, analysis, and signature generation of exploits on commodity software. In: Proceedings of the 12th Annual Network and Distributed System Security Symposium (NDSS 2005) (February 2005)"},{"key":"1_CR36","unstructured":"Qemu, http:\/\/fabrice.bellard.free.fr\/qemu\/"},{"key":"1_CR37","unstructured":"Simpson, L.T.: Value-Driven Redundancy Elimination. PhD thesis, Rice University Department of Computer Science (1996)"},{"key":"1_CR38","doi-asserted-by":"crossref","unstructured":"Suh, G.E., Lee, J.W., Zhang, D., Devadas, S.: Secure program execution via dynamic information flow tracking. In: Proceedings of the 11th International Conference on Architectural Support for Programming Languages and Operating Systems (ASPLOS 2004) (October 2004)","DOI":"10.1145\/1024393.1024404"},{"key":"1_CR39","unstructured":"Tridgell, A.: How samba was written (Checked on 8\/21\/2008) (August 2003), http:\/\/www.samba.org\/ftp\/tridge\/misc\/french_cafe.txt"},{"key":"1_CR40","doi-asserted-by":"crossref","unstructured":"Tucek, J., Newsome, J., Lu, S., Huang, C., Xanthos, S., Brumley, D., Zhou, Y., Song, D.: Sweeper: A lightweight end-to-end system for defending against fast worms. In: Proceedings of the EuroSys Conference (2007)","DOI":"10.1145\/1272996.1273010"},{"key":"1_CR41","unstructured":"Valgrind, http:\/\/valgrind.org"},{"key":"1_CR42","unstructured":"Yin, H., Liang, Z., Song, D.: HookFinder: Identifying and understanding malware hooking behaviors. In: Proceedings of the 15th Annual Network and Distributed System Security Symposium (NDSS 2008) (February 2008)"},{"key":"1_CR43","doi-asserted-by":"crossref","unstructured":"Yin, H., Song, D., Manuel, E., Kruegel, C., Kirda, E.: Panorama: Capturing system-wide information flow for malware detection and analysis. In: Proceedings of the 14th ACM Conferences on Computer and Communication Security (CCS 2007) (October 2007)","DOI":"10.1145\/1315245.1315261"}],"container-title":["Lecture Notes in Computer Science","Information Systems Security"],"original-title":[],"link":[{"URL":"http:\/\/link.springer.com\/content\/pdf\/10.1007\/978-3-540-89862-7_1","content-type":"unspecified","content-version":"vor","intended-application":"similarity-checking"}],"deposited":{"date-parts":[[2023,5,21]],"date-time":"2023-05-21T21:49:21Z","timestamp":1684705761000},"score":1,"resource":{"primary":{"URL":"http:\/\/link.springer.com\/10.1007\/978-3-540-89862-7_1"}},"subtitle":[],"short-title":[],"issued":{"date-parts":[[2008]]},"ISBN":["9783540898610","9783540898627"],"references-count":43,"URL":"https:\/\/doi.org\/10.1007\/978-3-540-89862-7_1","relation":{},"ISSN":["0302-9743","1611-3349"],"issn-type":[{"value":"0302-9743","type":"print"},{"value":"1611-3349","type":"electronic"}],"subject":[],"published":{"date-parts":[[2008]]}}}