{"status":"ok","message-type":"work","message-version":"1.0.0","message":{"indexed":{"date-parts":[[2026,4,1]],"date-time":"2026-04-01T14:23:35Z","timestamp":1775053415904,"version":"3.50.1"},"publisher-location":"Berlin, Heidelberg","reference-count":29,"publisher":"Springer Berlin Heidelberg","isbn-type":[{"value":"9783642402029","type":"print"},{"value":"9783642402036","type":"electronic"}],"license":[{"start":{"date-parts":[[2013,1,1]],"date-time":"2013-01-01T00:00:00Z","timestamp":1356998400000},"content-version":"tdm","delay-in-days":0,"URL":"http:\/\/www.springer.com\/tdm"}],"content-domain":{"domain":[],"crossmark-restriction":false},"short-container-title":[],"published-print":{"date-parts":[[2013]]},"DOI":"10.1007\/978-3-642-40203-6_10","type":"book-chapter","created":{"date-parts":[[2013,8,14]],"date-time":"2013-08-14T02:48:53Z","timestamp":1376448533000},"page":"164-181","source":"Crossref","is-referenced-by-count":23,"title":["HI-CFG: Construction by Binary Analysis and Application to Attack Polymorphism"],"prefix":"10.1007","author":[{"given":"Dan","family":"Caselden","sequence":"first","affiliation":[]},{"given":"Alex","family":"Bazhanyuk","sequence":"additional","affiliation":[]},{"given":"Mathias","family":"Payer","sequence":"additional","affiliation":[]},{"given":"Stephen","family":"McCamant","sequence":"additional","affiliation":[]},{"given":"Dawn","family":"Song","sequence":"additional","affiliation":[]}],"member":"297","reference":[{"key":"10_CR1","unstructured":"Avgerinos, T., Cha, S.K., Hao, B.L.T., Brumley, D.: AEG: Automatic exploit generation. In: NDSS 2011 (2011)"},{"key":"10_CR2","doi-asserted-by":"crossref","unstructured":"Babi\u0107, D., Martignoni, L., McCamant, S., Song, D.: Statically-directed dynamic automated test generation. In: ISSTA 2011 (2011)","DOI":"10.1145\/2001420.2001423"},{"key":"10_CR3","doi-asserted-by":"crossref","unstructured":"Bond, M.D., McKinley, K.S.: Probabilistic calling context. In: OOPLSA 2007 (2007)","DOI":"10.1145\/1297027.1297035"},{"key":"10_CR4","unstructured":"Brumley, D., Song, D.: Privtrans: automatically partitioning programs for privilege separation. In: USENIX Security 2004 (2004)"},{"key":"10_CR5","doi-asserted-by":"crossref","unstructured":"Caballero, J., Johnson, N.M., McCamant, S., Song, D.: Binary code extraction and interface identification for security applications. In: NDSS 2010 (2010)","DOI":"10.21236\/ADA538737"},{"key":"10_CR6","doi-asserted-by":"crossref","unstructured":"Caballero, J., Poosankam, P., McCamant, S., Babic, D., Song, D.: Input generation via decomposition and re-stitching: Finding bugs in malware. In: CCS 2010 (2010)","DOI":"10.1145\/1866307.1866354"},{"key":"10_CR7","doi-asserted-by":"crossref","unstructured":"Caballero, J., Yin, H., Liang, Z., Song, D.: Polyglot: Automatic extraction of protocol message format using dynamic binary analysis. In: CCS 2007 (2007)","DOI":"10.1145\/1315245.1315286"},{"key":"10_CR8","doi-asserted-by":"crossref","unstructured":"Caselden, D., Bazhanyuk, A., Payer, M., Szekeres, L., McCamant, S., Song, D.: Transformation-aware exploit generation using a HI-CFG. Tech. Rep. UCB\/EECS-2013-85, University of California, Berkeley (May 2013)","DOI":"10.21236\/ADA587051"},{"key":"10_CR9","doi-asserted-by":"crossref","unstructured":"Cha, S.K., Avgerinos, T., Rebert, A., Brumley, D.: Unleashing mayhem on binary code. In: IEEE S&P 2012 (2012)","DOI":"10.1109\/SP.2012.31"},{"key":"10_CR10","doi-asserted-by":"crossref","unstructured":"Deutsch, P.: DEFLATE compressed data format specification. IETF RFC 1951 (May 1996)","DOI":"10.17487\/rfc1951"},{"key":"10_CR11","doi-asserted-by":"crossref","unstructured":"Ferrante, J., Ottenstein, K.J., Warren, J.D.: The program dependence graph and its use in optimization. TOPLAS 9(3) (1987)","DOI":"10.1145\/24039.24041"},{"key":"10_CR12","unstructured":"HI-CFG project information page, \n                    \n                      http:\/\/bitblaze.cs.berkeley.edu\/hicfg\/"},{"key":"10_CR13","doi-asserted-by":"crossref","unstructured":"Hopcroft, J.E., Ullman, J.D.: Set merging algorithms. SIAM J. Comput. 2(4) (1973)","DOI":"10.1137\/0202024"},{"key":"10_CR14","doi-asserted-by":"crossref","unstructured":"Horwitz, S., Reps, T.W., Binkley, D.: Interprocedural slicing using dependence graphs. TOPLAS 12(1) (1990)","DOI":"10.1145\/77606.77608"},{"key":"10_CR15","unstructured":"Intel: Pin website (November 2012), \n                    \n                      http:\/\/www.pintool.org\/"},{"key":"10_CR16","doi-asserted-by":"crossref","unstructured":"Kolbitsch, C., Holz, T., Kruegel, C., Kirda, E.: Inspector Gadget: Automated extraction of proprietary gadgets from malware binaries. In: IEEE S&P 2010 (2010)","DOI":"10.1109\/SP.2010.10"},{"key":"10_CR17","unstructured":"Lee, J., Avgerinos, T., Brumley, D.: TIE: Principled reverse engineering of types in binary programs. In: NDSS 2011 (2011)"},{"key":"10_CR18","unstructured":"Lin, Z., Zhang, X., Xu, D.: Automatic reverse engineering of data structures from binary execution. In: NDSS 2010 (2010)"},{"key":"10_CR19","series-title":"Lecture Notes in Computer Science","doi-asserted-by":"publisher","first-page":"95","DOI":"10.1007\/978-3-642-23702-7_11","volume-title":"Static Analysis","author":"K.-K. Ma","year":"2011","unstructured":"Ma, K.-K., Yit Phang, K., Foster, J.S., Hicks, M.: Directed symbolic execution. In: Yahav, E. (ed.) SAS 2011. LNCS, vol.\u00a06887, pp. 95\u2013111. Springer, Heidelberg (2011)"},{"key":"10_CR20","doi-asserted-by":"crossref","unstructured":"Martignoni, L., McCamant, S., Poosankam, P., Song, D., Maniatis, P.: Path-exploration lifting: Hi-fi tests for lo-fi emulators. In: ASPLOS 2012 (2012)","DOI":"10.1145\/2150976.2151012"},{"key":"10_CR21","unstructured":"McCamant, S., Payer, M., Caselden, D., Bazhanyuk, A., Song, D.: Transformation-aware symbolic execution for system test generation. Tech. Rep. UCB\/EECS-2013-125, University of California, Berkeley (June 2013)"},{"key":"10_CR22","unstructured":"MITRE: CVE-2010-3704: Memory corruption in FoFiType1::parse (October 2010) \n                    \n                      http:\/\/cve.mitre.org\/cgi-bin\/cvename.cgi?name=CVE-2010-3704"},{"key":"10_CR23","unstructured":"Newsome, J., Song, D.: Dynamic taint analysis: Automatic detection, analysis, and signature generation of exploit attacks on commodity software. In: NDSS 2005 (2005)"},{"key":"10_CR24","doi-asserted-by":"crossref","unstructured":"Schwartz, E.J., Avgerinos, T., Brumley, D.: All you ever wanted to know about dynamic taint analysis and forward symbolic execution (but might have been afraid to ask). In: IEEE S&P 2010 (2010)","DOI":"10.1109\/SP.2010.26"},{"key":"10_CR25","unstructured":"Slowinska, A., Stancescu, T., Bos, H.: Body armor for binaries: preventing buffer overflows without recompilation. In: USENIX ATC 2012 (2012)"},{"key":"10_CR26","unstructured":"Slowinska, A., Stancescu, T., Bos, H.: Howard: a dynamic excavator for reverse engineering data structures. In: NDSS 2011 (2011)"},{"key":"10_CR27","doi-asserted-by":"crossref","unstructured":"Song, D., Brumley, D., Yin, H., Caballero, J., Jager, I., Kang, M.G., Liang, Z., Newsome, J., Poosankam, P., Saxena, P.: BitBlaze: A new approach to computer security via binary analysis. In: ICISS 2008 (2008) (keynote invited paper)","DOI":"10.1007\/978-3-540-89862-7_1"},{"key":"10_CR28","doi-asserted-by":"crossref","unstructured":"Wang, T., Wei, T., Gu, G., Zou, W.: TaintScope: A checksum-aware directed fuzzing tool for automatic software vulnerability detection. In: IEEE S&P 2010 (2010)","DOI":"10.1109\/SP.2010.37"},{"key":"10_CR29","doi-asserted-by":"crossref","unstructured":"Xie, Y., Chou, A., Engler, D.R.: ARCHER: using symbolic, path-sensitive analysis to detect memory access errors. In: ESEC\/FSE 2003 (2003)","DOI":"10.1145\/949952.940115"}],"container-title":["Lecture Notes in Computer Science","Computer Security \u2013 ESORICS 2013"],"original-title":[],"language":"en","link":[{"URL":"http:\/\/link.springer.com\/content\/pdf\/10.1007\/978-3-642-40203-6_10","content-type":"unspecified","content-version":"vor","intended-application":"similarity-checking"}],"deposited":{"date-parts":[[2019,6,2]],"date-time":"2019-06-02T20:45:55Z","timestamp":1559508355000},"score":1,"resource":{"primary":{"URL":"http:\/\/link.springer.com\/10.1007\/978-3-642-40203-6_10"}},"subtitle":[],"short-title":[],"issued":{"date-parts":[[2013]]},"ISBN":["9783642402029","9783642402036"],"references-count":29,"URL":"https:\/\/doi.org\/10.1007\/978-3-642-40203-6_10","relation":{},"ISSN":["0302-9743","1611-3349"],"issn-type":[{"value":"0302-9743","type":"print"},{"value":"1611-3349","type":"electronic"}],"subject":[],"published":{"date-parts":[[2013]]}}}