{"status":"ok","message-type":"work","message-version":"1.0.0","message":{"indexed":{"date-parts":[[2025,3,25]],"date-time":"2025-03-25T14:31:25Z","timestamp":1742913085929,"version":"3.40.3"},"publisher-location":"Singapore","reference-count":20,"publisher":"Springer Nature Singapore","isbn-type":[{"type":"print","value":"9789819973552"},{"type":"electronic","value":"9789819973569"}],"license":[{"start":{"date-parts":[[2023,1,1]],"date-time":"2023-01-01T00:00:00Z","timestamp":1672531200000},"content-version":"tdm","delay-in-days":0,"URL":"https:\/\/www.springernature.com\/gp\/researchers\/text-and-data-mining"},{"start":{"date-parts":[[2023,1,1]],"date-time":"2023-01-01T00:00:00Z","timestamp":1672531200000},"content-version":"vor","delay-in-days":0,"URL":"https:\/\/www.springernature.com\/gp\/researchers\/text-and-data-mining"}],"content-domain":{"domain":["link.springer.com"],"crossmark-restriction":false},"short-container-title":[],"published-print":{"date-parts":[[2023]]},"DOI":"10.1007\/978-981-99-7356-9_41","type":"book-chapter","created":{"date-parts":[[2023,10,19]],"date-time":"2023-10-19T09:03:24Z","timestamp":1697706204000},"page":"702-718","update-policy":"https:\/\/doi.org\/10.1007\/springer_crossmark_policy","source":"Crossref","is-referenced-by-count":0,"title":["Finding Missing Security Operation Bugs via\u00a0Program Slicing and\u00a0Differential Check"],"prefix":"10.1007","author":[{"given":"Yeqi","family":"Fu","sequence":"first","affiliation":[],"role":[{"role":"author","vocabulary":"crossref"}]},{"given":"Yongzhi","family":"Liu","sequence":"additional","affiliation":[],"role":[{"role":"author","vocabulary":"crossref"}]},{"given":"Qian","family":"Zhang","sequence":"additional","affiliation":[],"role":[{"role":"author","vocabulary":"crossref"}]},{"given":"Zhou","family":"Yang","sequence":"additional","affiliation":[],"role":[{"role":"author","vocabulary":"crossref"}]},{"given":"Xiarun","family":"Chen","sequence":"additional","affiliation":[],"role":[{"role":"author","vocabulary":"crossref"}]},{"given":"Chenglin","family":"Xie","sequence":"additional","affiliation":[],"role":[{"role":"author","vocabulary":"crossref"}]},{"given":"Weiping","family":"Wen","sequence":"additional","affiliation":[],"role":[{"role":"author","vocabulary":"crossref"}]}],"member":"297","published-online":{"date-parts":[[2023,10,20]]},"reference":[{"key":"41_CR1","unstructured":"CVE Details (2022). https:\/\/www.cvedetails.com\/"},{"key":"41_CR2","unstructured":"Ahmadi, M., Farkhani, R.M., Williams, R., Lu, L.: Finding bugs using your own code: detecting functionally-similar yet inconsistent code. In: USENIX Security Symposium, pp. 2025\u20132040. USENIX Association (2021)"},{"key":"41_CR3","doi-asserted-by":"publisher","unstructured":"Akritidis, P., Cadar, C., Raiciu, C., Costa, M., Castro, M.: Preventing memory error exploits with WIT. In: 2008 IEEE Symposium on Security and Privacy (S &P 2008), 18\u201321 May 2008, Oakland, California, USA, pp. 263\u2013277. IEEE Computer Society (2008). https:\/\/doi.org\/10.1109\/SP.2008.30","DOI":"10.1109\/SP.2008.30"},{"key":"41_CR4","doi-asserted-by":"publisher","unstructured":"Bletsch, T., Jiang, X., Freeh, V.: Mitigating code-reuse attacks with control-flow locking. In: Proceedings of the 27th Annual Computer Security Applications Conference, pp. 353\u2013362. Association for Computing Machinery (2011). https:\/\/doi.org\/10.1145\/2076732.2076783","DOI":"10.1145\/2076732.2076783"},{"key":"41_CR5","doi-asserted-by":"publisher","unstructured":"Chen, X., et al.: VulChecker: achieving more effective taint analysis by identifying sanitizers automatically. In: 2021 IEEE 20th International Conference on Trust, Security and Privacy in Computing and Communications (TrustCom), pp. 774\u2013782. IEEE (2021). https:\/\/doi.org\/10.1109\/TrustCom53373.2021.00112","DOI":"10.1109\/TrustCom53373.2021.00112"},{"issue":"5","key":"41_CR6","doi-asserted-by":"publisher","first-page":"57","DOI":"10.1145\/502059.502041","volume":"35","author":"D Engler","year":"2001","unstructured":"Engler, D., Chen, D.Y., Hallem, S., Chou, A., Chelf, B.: Bugs as deviant behavior: a general approach to inferring errors in systems code. SIGOPS Oper. Syst. Rev. 35(5), 57\u201372 (2001). https:\/\/doi.org\/10.1145\/502059.502041","journal-title":"SIGOPS Oper. Syst. Rev."},{"key":"41_CR7","doi-asserted-by":"publisher","unstructured":"Liu, D., et al.: Detecting missed security operations through differential checking of object-based similar paths. In: Proceedings of the 2021 ACM SIGSAC Conference on Computer and Communications Security, pp. 1627\u20131644. ACM (2021). https:\/\/doi.org\/10.1145\/3460120.3485373","DOI":"10.1145\/3460120.3485373"},{"key":"41_CR8","doi-asserted-by":"publisher","unstructured":"Liu, Y., Chen, X., Yang, Z., Wen, W.: Automatically constructing peer slices via semantic and context-aware security checks in the Linux kernel. In: 51st Annual IEEE\/IFIP International Conference on Dependable Systems and Networks Workshops, DSN Workshops, Taipei, Taiwan, 21\u201324 June 2021, pp. 108\u2013113. IEEE (2021). https:\/\/doi.org\/10.1109\/DSN-W52860.2021.00028","DOI":"10.1109\/DSN-W52860.2021.00028"},{"key":"41_CR9","doi-asserted-by":"publisher","unstructured":"Lu, K., Hu, H.: Where does it go?: refining indirect-call targets with multi-layer type analysis. In: Proceedings of the 2019 ACM SIGSAC Conference on Computer and Communications Security, CCS 2019, London, UK, 11\u201315 November 2019, pp. 1867\u20131881. ACM (2019). https:\/\/doi.org\/10.1145\/3319535.3354244","DOI":"10.1145\/3319535.3354244"},{"key":"41_CR10","series-title":"Lecture Notes in Computer Science","doi-asserted-by":"publisher","first-page":"3","DOI":"10.1007\/978-3-030-29962-0_1","volume-title":"Computer Security \u2013 ESORICS 2019","author":"K Lu","year":"2019","unstructured":"Lu, K., Pakki, A., Wu, Q.: Automatically identifying security checks for detecting kernel semantic bugs. In: Sako, K., Schneider, S., Ryan, P.Y.A. (eds.) ESORICS 2019, Part II. LNCS, vol. 11736, pp. 3\u201325. Springer, Cham (2019). https:\/\/doi.org\/10.1007\/978-3-030-29962-0_1"},{"key":"41_CR11","unstructured":"Lu, K., Pakki, A., Wu, Q.: Detecting missing-check bugs via semantic- and context-aware criticalness and constraints inferences. In: 28th USENIX Security Symposium, USENIX Security 2019, Santa Clara, CA, USA, 14\u201316 August 2019, pp. 1769\u20131786. USENIX Association (2019)"},{"key":"41_CR12","doi-asserted-by":"crossref","unstructured":"Mao, J., Chen, Y., Xiao, Q., Shi, Y.: RID: finding reference count bugs with inconsistent path pair checking. In: Proceedings of the Twenty-First International Conference on Architectural Support for Programming Languages and Operating Systems, pp. 531\u2013544 (2016)","DOI":"10.1145\/2954680.2872389"},{"key":"41_CR13","doi-asserted-by":"publisher","unstructured":"Min, C., Kashyap, S., Lee, B., Song, C., Kim, T.: Cross-checking semantic correctness: the case of finding file system bugs. In: Proceedings of the 25th Symposium on Operating Systems Principles, SOSP 2015, pp. 361\u2013377. Association for Computing Machinery (2015). https:\/\/doi.org\/10.1145\/2815400.2815422","DOI":"10.1145\/2815400.2815422"},{"key":"41_CR14","doi-asserted-by":"publisher","unstructured":"Pakki, A., Lu, K.: Exaggerated error handling hurts! An in-depth study and context-aware detection. In: CCS 2020: 2020 ACM SIGSAC Conference on Computer and Communications Security, Virtual Event, USA, 9\u201313 November 2020, pp. 1203\u20131218. ACM (2020). https:\/\/doi.org\/10.1145\/3372297.3417256","DOI":"10.1145\/3372297.3417256"},{"key":"41_CR15","doi-asserted-by":"crossref","unstructured":"Saha, S., Lozi, J.P., Thomas, G., Lawall, J.L., Muller, G.: Hector: detecting resource-release omission faults in error-handling code for systems software. In: 2013 43rd Annual IEEE\/IFIP International Conference on Dependable Systems and Networks (DSN), pp. 1\u201312. IEEE (2013)","DOI":"10.1109\/DSN.2013.6575307"},{"key":"41_CR16","doi-asserted-by":"publisher","unstructured":"Wang, W., Lu, K., Yew, P.C.: Check it again: detecting Lacking-Recheck bugs in OS kernels. In: Proceedings of the 2018 ACM SIGSAC Conference on Computer and Communications Security, pp. 1899\u20131913. Association for Computing Machinery (2018). https:\/\/doi.org\/10.1145\/3243734.3243844","DOI":"10.1145\/3243734.3243844"},{"key":"41_CR17","unstructured":"Weiser, M.D.: Program slices: formal, psychological, and practical investigations of an automatic program abstraction method. University of Michigan (1979)"},{"key":"41_CR18","doi-asserted-by":"crossref","unstructured":"Wu, Q., He, Y., McCamant, S., Lu, K.: Precisely characterizing security impact in a flood of patches via symbolic rule comparison. In: 27th Annual Network and Distributed System Security Symposium, NDSS 2020, San Diego, California, USA, 23\u201326 February 2020. The Internet Society (2020)","DOI":"10.14722\/ndss.2020.24419"},{"key":"41_CR19","unstructured":"Yun, I., Min, C., Si, X., Jang, Y., Kim, T., Naik, M.: APISan: sanitizing API usages through semantic cross-checking. In: 25th USENIX Security Symposium, USENIX Security 2016, Austin, TX, USA, 10\u201312 August 2016, pp. 363\u2013378. USENIX Association (2016)"},{"key":"41_CR20","unstructured":"Zhang, T., Shen, W., Lee, D., Jung, C., Azab, A.M., Wang, R.: PeX: a permission check analysis framework for Linux kernel. In: 28th USENIX Security Symposium (2019)"}],"container-title":["Lecture Notes in Computer Science","Information and Communications Security"],"original-title":[],"language":"en","link":[{"URL":"https:\/\/link.springer.com\/content\/pdf\/10.1007\/978-981-99-7356-9_41","content-type":"unspecified","content-version":"vor","intended-application":"similarity-checking"}],"deposited":{"date-parts":[[2023,10,19]],"date-time":"2023-10-19T09:12:54Z","timestamp":1697706774000},"score":1,"resource":{"primary":{"URL":"https:\/\/link.springer.com\/10.1007\/978-981-99-7356-9_41"}},"subtitle":[],"short-title":[],"issued":{"date-parts":[[2023]]},"ISBN":["9789819973552","9789819973569"],"references-count":20,"URL":"https:\/\/doi.org\/10.1007\/978-981-99-7356-9_41","relation":{},"ISSN":["0302-9743","1611-3349"],"issn-type":[{"type":"print","value":"0302-9743"},{"type":"electronic","value":"1611-3349"}],"subject":[],"published":{"date-parts":[[2023]]},"assertion":[{"value":"20 October 2023","order":1,"name":"first_online","label":"First Online","group":{"name":"ChapterHistory","label":"Chapter History"}},{"value":"ICICS","order":1,"name":"conference_acronym","label":"Conference Acronym","group":{"name":"ConferenceInfo","label":"Conference Information"}},{"value":"International Conference on Information and Communications Security","order":2,"name":"conference_name","label":"Conference Name","group":{"name":"ConferenceInfo","label":"Conference Information"}},{"value":"Tianjin","order":3,"name":"conference_city","label":"Conference City","group":{"name":"ConferenceInfo","label":"Conference Information"}},{"value":"China","order":4,"name":"conference_country","label":"Conference Country","group":{"name":"ConferenceInfo","label":"Conference Information"}},{"value":"2023","order":5,"name":"conference_year","label":"Conference Year","group":{"name":"ConferenceInfo","label":"Conference Information"}},{"value":"18 November 2023","order":7,"name":"conference_start_date","label":"Conference Start Date","group":{"name":"ConferenceInfo","label":"Conference Information"}},{"value":"20 November 2023","order":8,"name":"conference_end_date","label":"Conference End Date","group":{"name":"ConferenceInfo","label":"Conference Information"}},{"value":"25","order":9,"name":"conference_number","label":"Conference Number","group":{"name":"ConferenceInfo","label":"Conference Information"}},{"value":"icics2023","order":10,"name":"conference_id","label":"Conference ID","group":{"name":"ConferenceInfo","label":"Conference Information"}},{"value":"https:\/\/icics23.nankai.edu.cn\/index.php","order":11,"name":"conference_url","label":"Conference URL","group":{"name":"ConferenceInfo","label":"Conference Information"}},{"value":"Double-blind","order":1,"name":"type","label":"Type","group":{"name":"ConfEventPeerReviewInformation","label":"Peer Review Information (provided by the conference organizers)"}},{"value":"EasyChair","order":2,"name":"conference_management_system","label":"Conference Management System","group":{"name":"ConfEventPeerReviewInformation","label":"Peer Review Information (provided by the conference organizers)"}},{"value":"181","order":3,"name":"number_of_submissions_sent_for_review","label":"Number of Submissions Sent for Review","group":{"name":"ConfEventPeerReviewInformation","label":"Peer Review Information (provided by the conference organizers)"}},{"value":"38","order":4,"name":"number_of_full_papers_accepted","label":"Number of Full Papers Accepted","group":{"name":"ConfEventPeerReviewInformation","label":"Peer Review Information (provided by the conference organizers)"}},{"value":"6","order":5,"name":"number_of_short_papers_accepted","label":"Number of Short Papers Accepted","group":{"name":"ConfEventPeerReviewInformation","label":"Peer Review Information (provided by the conference organizers)"}},{"value":"21% - The value is computed by the equation \"Number of Full Papers Accepted \/ Number of Submissions Sent for Review * 100\" and then rounded to a whole number.","order":6,"name":"acceptance_rate_of_full_papers","label":"Acceptance Rate of Full Papers","group":{"name":"ConfEventPeerReviewInformation","label":"Peer Review Information (provided by the conference organizers)"}},{"value":"3.33","order":7,"name":"average_number_of_reviews_per_paper","label":"Average Number of Reviews per Paper","group":{"name":"ConfEventPeerReviewInformation","label":"Peer Review Information (provided by the conference organizers)"}},{"value":"4.93","order":8,"name":"average_number_of_papers_per_reviewer","label":"Average Number of Papers per Reviewer","group":{"name":"ConfEventPeerReviewInformation","label":"Peer Review Information (provided by the conference organizers)"}},{"value":"Yes","order":9,"name":"external_reviewers_involved","label":"External Reviewers Involved","group":{"name":"ConfEventPeerReviewInformation","label":"Peer Review Information (provided by the conference organizers)"}}]}}