{"status":"ok","message-type":"work","message-version":"1.0.0","message":{"indexed":{"date-parts":[[2025,7,11]],"date-time":"2025-07-11T10:51:03Z","timestamp":1752231063256},"publisher-location":"Berlin, Heidelberg","reference-count":46,"publisher":"Springer Berlin Heidelberg","isbn-type":[{"type":"print","value":"9783642286513"},{"type":"electronic","value":"9783642286520"}],"content-domain":{"domain":[],"crossmark-restriction":false},"short-container-title":[],"published-print":{"date-parts":[[2012]]},"DOI":"10.1007\/978-3-642-28652-0_7","type":"book-chapter","created":{"date-parts":[[2012,3,22]],"date-time":"2012-03-22T21:02:02Z","timestamp":1332450122000},"page":"122-143","source":"Crossref","is-referenced-by-count":7,"title":["Static Detection of Unsafe Component Loadings"],"prefix":"10.1007","author":[{"given":"Taeho","family":"Kwon","sequence":"first","affiliation":[]},{"given":"Zhendong","family":"Su","sequence":"additional","affiliation":[]}],"member":"297","reference":[{"key":"7_CR1","doi-asserted-by":"crossref","unstructured":"Kiss, \u00c1., J\u00e1sz, J., Lehotai, G., Gyim\u00f3thy, T.: Interprocedural static slicing of binary executables. In: Proc. SCAM Workshop (2003)","DOI":"10.1109\/SCAM.2003.1238038"},{"key":"7_CR2","unstructured":"An update on the DLL-preloading remote attack vector, http:\/\/blogs.technet.com\/b\/srd\/archive\/2010\/08\/31\/an-update-on-the-dll-preloading-remote-attack-vector.aspx"},{"key":"7_CR3","series-title":"Lecture Notes in Computer Science","doi-asserted-by":"publisher","first-page":"5","DOI":"10.1007\/978-3-540-24723-4_2","volume-title":"Compiler Construction","author":"G. Balakrishnan","year":"2004","unstructured":"Balakrishnan, G., Reps, T.: Analyzing Memory Accesses in x86 Executables. In: Duesterwald, E. (ed.) CC 2004. LNCS, vol.\u00a02985, pp. 5\u201323. Springer, Heidelberg (2004)"},{"key":"7_CR4","series-title":"Lecture Notes in Computer Science","doi-asserted-by":"publisher","first-page":"124","DOI":"10.1007\/978-3-540-78800-3_10","volume-title":"Tools and Algorithms for the Construction and Analysis of Systems","author":"G. Balakrishnan","year":"2008","unstructured":"Balakrishnan, G., Reps, T.: Analyzing Stripped Device-Driver Executables. In: Ramakrishnan, C.R., Rehof, J. (eds.) TACAS 2008. LNCS, vol.\u00a04963, pp. 124\u2013140. Springer, Heidelberg (2008)"},{"issue":"1-4","key":"7_CR5","doi-asserted-by":"publisher","first-page":"31","DOI":"10.1145\/176454.176473","volume":"2","author":"D. Binkley","year":"1993","unstructured":"Binkley, D.: Precise executable interprocedural slices. ACM Lett. Program. Lang. Syst.\u00a02(1-4), 31\u201345 (1993)","journal-title":"ACM Lett. Program. Lang. Syst."},{"key":"7_CR6","unstructured":"Cifuentes, C., Fraboulet, A.: Intraprocedural static slicing of binary executables. In: Proc. ICSM (1997)"},{"key":"7_CR7","doi-asserted-by":"crossref","unstructured":"Comparetti, P.M., Salvaneschi, G., Kirda, E., Kolbitsch, C., Kruegel, C., Zanero, S.: Identifying dormant functionality in malware programs. In: Proc. SSP (2010)","DOI":"10.1109\/SP.2010.12"},{"key":"7_CR8","unstructured":"dlopen man page, http:\/\/linux.die.net\/man\/3\/dlopen"},{"key":"7_CR9","unstructured":"Dynamic-Link Library Search Order, http:\/\/msdn.microsoft.com\/en-us\/library\/ms682586VS.85.aspx"},{"key":"7_CR10","unstructured":"Dynamic-Link Library Security, http:\/\/msdn.microsoft.com\/en-us\/library\/ff919712VS.85.aspx"},{"key":"7_CR11","unstructured":"Exploiting DLL Hijacking Flaws, http:\/\/blog.metasploit.com\/2010\/08\/exploiting-dll-hijacking-flaws.html ."},{"issue":"3","key":"7_CR12","doi-asserted-by":"publisher","first-page":"319","DOI":"10.1145\/24039.24041","volume":"9","author":"J. Ferrante","year":"1987","unstructured":"Ferrante, J., Ottenstein, K.J., Warren, J.D.: The program dependence graph and its use in optimization. ACM Trans. Prog. Lang. Syst.\u00a09(3), 319\u2013349 (1987)","journal-title":"ACM Trans. Prog. Lang. Syst."},{"issue":"1","key":"7_CR13","doi-asserted-by":"publisher","first-page":"26","DOI":"10.1145\/77606.77608","volume":"12","author":"S. Horwitz","year":"1990","unstructured":"Horwitz, S., Reps, T., Binkley, D.: Interprocedural slicing using dependence graphs. ACM Trans. Prog. Lang. Syst.\u00a012(1), 26\u201360 (1990)","journal-title":"ACM Trans. Prog. Lang. Syst."},{"key":"7_CR14","doi-asserted-by":"crossref","unstructured":"Horwitz, S., Reps, T., Sagiv, M.: Demand interprocedural dataflow analysis. In: Proc. FSE (1995)","DOI":"10.1145\/222124.222146"},{"key":"7_CR15","unstructured":"IDA Pro Disassmelber, http:\/\/www.hex-rays.com\/idapro\/"},{"key":"7_CR16","unstructured":"IDAPython, http:\/\/code.google.com\/p\/idapython\/"},{"key":"7_CR17","unstructured":"Insecure Library Loading Could Allow Remote Code Execution, http:\/\/www.microsoft.com\/technet\/security\/advisory\/2269637.mspx"},{"issue":"7","key":"7_CR18","doi-asserted-by":"publisher","first-page":"385","DOI":"10.1145\/360248.360252","volume":"19","author":"J.C. King","year":"1976","unstructured":"King, J.C.: Symbolic execution and program testing. Commun. ACM\u00a019(7), 385\u2013394 (1976)","journal-title":"Commun. ACM"},{"key":"7_CR19","unstructured":"Kruegel, C., Robertson, W., Valeur, F., Vigna, G.: Static disassembly of obfuscated binaries. In: Proc. USENIX Security (2004)"},{"key":"7_CR20","unstructured":"Kruegel, C., Robertson, W., Vigna, G.: Detecting Kernel-Level Rootkits Through Binary Analysis. In: Proc. ACSAC (2004)"},{"key":"7_CR21","doi-asserted-by":"crossref","unstructured":"Kwon, T., Su, Z.: Automatic detection of unsafe component loadings. In: Proc. ISSTA (2010)","DOI":"10.1145\/1831708.1831722"},{"key":"7_CR22","doi-asserted-by":"crossref","unstructured":"Kwon, T., Su, Z.: Static detection of unsafe component loadings. UC Davis techical report CSE-2010-17 (2010)","DOI":"10.1145\/1831708.1831722"},{"key":"7_CR23","unstructured":"Microsoft Cooking Up Baker\u2019s Dozen of Fixes for Patch Tuesday, http:\/\/www.esecurityplanet.com\/patches\/article.php\/3902856\/Microsoft-Cooking-Up-Bakers-Dozen-of-Fixes-for-Patch-Tuesday.htm"},{"key":"7_CR24","unstructured":"Microsoft Portable Executable and Common Object File Format Specification, http:\/\/www.microsoft.com\/whdc\/system\/platform\/firmware\/PECOFF.mspx"},{"key":"7_CR25","unstructured":"Microsoft releases tool to block DLL load hijacking attacks, http:\/\/www.computerworld.com\/s\/article\/print\/9181518\/Microsoft_releases_tool_to_block_DLL_load_hijacking_attacks"},{"key":"7_CR26","unstructured":"Microsoft releases tool to block DLL load hijacking attacks, http:\/\/www.computerworld.com\/s\/article\/9181518\/Microsoft_releases_tool_to_block_DLL_load_hijacking_attacks"},{"key":"7_CR27","unstructured":"Microsoft Was Warned of DLL Vulnerability a Year Ago, http:\/\/www.esecurityplanet.com\/features\/article.php\/3900186\/Microsoft-Was-Warned-of-DLL-Vulnerability-a-Year-Ago.htm"},{"key":"7_CR28","unstructured":"MS09-014: Addressing the Safari Carpet Bomb vulnerability, http:\/\/blogs.technet.com\/srd\/archive\/2009\/04\/14\/ms09-014-addressing-the-safari-carpet-bomb-vulnerability.aspx"},{"key":"7_CR29","unstructured":"NetworkX, http:\/\/networkx.lanl.gov\/"},{"key":"7_CR30","unstructured":"Orso, A., Sinha, S., Harrold, M.J.: Incremental slicing based on data-dependence types. In: Proc. ICSM (2001)"},{"key":"7_CR31","unstructured":"pefile, http:\/\/code.google.com\/p\/pefile\/"},{"key":"7_CR32","unstructured":"PyEmu, http:\/\/code.google.com\/p\/pyemu\/"},{"key":"7_CR33","series-title":"Lecture Notes in Computer Science","doi-asserted-by":"publisher","first-page":"389","DOI":"10.1007\/3-540-57877-3_26","volume-title":"Compiler Construction","author":"T. Reps","year":"1994","unstructured":"Reps, T.: Solving Demand Versions of Interprocedural Analysis Problems. In: Adsul, B. (ed.) CC 1994. LNCS, vol.\u00a0786, pp. 389\u2013403. Springer, Heidelberg (1994)"},{"key":"7_CR34","series-title":"Lecture Notes in Computer Science","doi-asserted-by":"publisher","first-page":"16","DOI":"10.1007\/978-3-540-78791-4_2","volume-title":"Compiler Construction","author":"T. Reps","year":"2008","unstructured":"Reps, T., Balakrishnan, G.: Improved Memory-Access Analysis for x86 Executables. In: Hendren, L. (ed.) CC 2008. LNCS, vol.\u00a04959, pp. 16\u201335. Springer, Heidelberg (2008)"},{"key":"7_CR35","doi-asserted-by":"crossref","unstructured":"Reps, T., Horwitz, S., Sagiv, M., Rosay, G.: Speeding up slicing. In: Proc. FSE (1994)","DOI":"10.1145\/193173.195287"},{"key":"7_CR36","unstructured":"Researcher told Microsoft of Windows apps zero-day bugs 6 months ago, http:\/\/www.computerworld.com\/s\/article\/print\/9181358\/Researcher_told_Microsoft_of_Windows_apps_zero_day_bugs_6_months_ago"},{"key":"7_CR37","doi-asserted-by":"crossref","unstructured":"Schwartz, E.J., Avgerinos, T., Brumley, D.: All you ever wanted to know about dynamic taint analysis and forward symbolic execution (but might have been afraid to ask). In: Proc. SSP (2010)","DOI":"10.1109\/SP.2010.26"},{"key":"7_CR38","doi-asserted-by":"crossref","unstructured":"Sinha, S., Harrold, M.J., Rothermel, G.: System-dependence-graph-based slicing of programs with arbitrary interprocedural control flow. In: Proc. ICSE (1999)","DOI":"10.1145\/302405.302675"},{"key":"7_CR39","series-title":"Lecture Notes in Computer Science","doi-asserted-by":"publisher","first-page":"1","DOI":"10.1007\/978-3-540-89862-7_1","volume-title":"Information Systems Security","author":"D. Song","year":"2008","unstructured":"Song, D., Brumley, D., Yin, H., Caballero, J., Jager, I., Kang, M.G., Liang, Z., Newsome, J., Poosankam, P., Saxena, P.: BitBlaze: A New Approach to Computer Security via Binary Analysis. In: Sekar, R., Pujari, A.K. (eds.) ICISS 2008. LNCS, vol.\u00a05352, pp. 1\u201325. Springer, Heidelberg (2008)"},{"key":"7_CR40","unstructured":"Tip, F.: A survey of program slicing techniques. Technical report, CWI, Amsterdam, The Netherlands (1994)"},{"key":"7_CR41","unstructured":"Types of Dependencies, http:\/\/dependencywalker.com\/help\/html\/dependency_types.htm"},{"key":"7_CR42","unstructured":"Vulnerabilities in Microsoft Office Could Allow Remote Code Execution, http:\/\/www.microsoft.com\/technet\/security\/bulletin\/ms10-087.mspx"},{"key":"7_CR43","unstructured":"Weiser, M.: Program slicing. In: Proc. ICSE (1981)"},{"key":"7_CR44","unstructured":"Windows DLL Exploits Boom; Hackers Post Attacks for 40-plus Apps, http:\/\/www.computerworld.com\/s\/article\/9181918\/Windows_DLL_exploits_boom_hackers_post_attacks_for_40_plus_apps"},{"key":"7_CR45","unstructured":"X86 Calling Conventions, http:\/\/en.wikipedia.org\/wiki\/X86_calling_conventions"},{"issue":"2","key":"7_CR46","doi-asserted-by":"publisher","first-page":"1","DOI":"10.1145\/1050849.1050865","volume":"30","author":"B. Xu","year":"2005","unstructured":"Xu, B., Qian, J., Zhang, X., Wu, Z., Chen, L.: A brief survey of program slicing. SIGSOFT Softw. Eng. Notes\u00a030(2), 1\u201336 (2005)","journal-title":"SIGSOFT Softw. Eng. Notes"}],"container-title":["Lecture Notes in Computer Science","Compiler Construction"],"original-title":[],"link":[{"URL":"http:\/\/link.springer.com\/content\/pdf\/10.1007\/978-3-642-28652-0_7.pdf","content-type":"unspecified","content-version":"vor","intended-application":"similarity-checking"}],"deposited":{"date-parts":[[2021,5,4]],"date-time":"2021-05-04T11:04:10Z","timestamp":1620126250000},"score":1,"resource":{"primary":{"URL":"http:\/\/link.springer.com\/10.1007\/978-3-642-28652-0_7"}},"subtitle":[],"short-title":[],"issued":{"date-parts":[[2012]]},"ISBN":["9783642286513","9783642286520"],"references-count":46,"URL":"https:\/\/doi.org\/10.1007\/978-3-642-28652-0_7","relation":{},"ISSN":["0302-9743","1611-3349"],"issn-type":[{"type":"print","value":"0302-9743"},{"type":"electronic","value":"1611-3349"}],"subject":[],"published":{"date-parts":[[2012]]}}}