{"status":"ok","message-type":"work","message-version":"1.0.0","message":{"indexed":{"date-parts":[[2026,1,29]],"date-time":"2026-01-29T21:01:54Z","timestamp":1769720514501,"version":"3.49.0"},"reference-count":42,"publisher":"Springer Science and Business Media LLC","issue":"9","license":[{"start":{"date-parts":[[2015,5,23]],"date-time":"2015-05-23T00:00:00Z","timestamp":1432339200000},"content-version":"tdm","delay-in-days":0,"URL":"http:\/\/www.springer.com\/tdm"}],"content-domain":{"domain":["link.springer.com"],"crossmark-restriction":false},"short-container-title":["Soft Comput"],"published-print":{"date-parts":[[2016,9]]},"DOI":"10.1007\/s00500-015-1713-6","type":"journal-article","created":{"date-parts":[[2015,5,22]],"date-time":"2015-05-22T07:39:20Z","timestamp":1432280360000},"page":"3563-3578","update-policy":"https:\/\/doi.org\/10.1007\/springer_crossmark_policy","source":"Crossref","is-referenced-by-count":5,"title":["A taint based approach for automatic reverse engineering of gray-box file formats"],"prefix":"10.1007","volume":"20","author":[{"given":"Baojiang","family":"Cui","sequence":"first","affiliation":[],"role":[{"role":"author","vocabulary":"crossref"}]},{"given":"Fuwei","family":"Wang","sequence":"additional","affiliation":[],"role":[{"role":"author","vocabulary":"crossref"}]},{"given":"Yongle","family":"Hao","sequence":"additional","affiliation":[],"role":[{"role":"author","vocabulary":"crossref"}]},{"given":"Lingyu","family":"Wang","sequence":"additional","affiliation":[],"role":[{"role":"author","vocabulary":"crossref"}]}],"member":"297","published-online":{"date-parts":[[2015,5,23]]},"reference":[{"key":"1713_CR1","unstructured":"Aitel D (2002) An introduction to spike, the fuzzer creation kit. presentation slides, 1 Aug 2002"},{"key":"1713_CR2","unstructured":"Bienz T, Cohn R, Meehan J (1993) Portable document format reference manual. Addison-Wesley, Reading"},{"key":"1713_CR3","doi-asserted-by":"crossref","unstructured":"Bosman E, Slowinska A, Bos H (2011) Minemu: the worlds fastest taint tracker. In: Proceedings of recent advances in intrusion detection, Springer, New York, pp 1\u201320","DOI":"10.1007\/978-3-642-23644-0_1"},{"key":"1713_CR4","doi-asserted-by":"crossref","unstructured":"Boutell T (1997) Png (portable network graphics) specification version 1.0","DOI":"10.17487\/rfc2083"},{"key":"1713_CR5","doi-asserted-by":"crossref","unstructured":"Caballero J, Yin H, Liang Z, Song D (2007) Polyglot: automatic extraction of protocol message format using dynamic binary analysis. In: Proceedings of the 14th ACM conference on computer and communications security, ACM, pp 317\u2013329","DOI":"10.1145\/1315245.1315286"},{"key":"1713_CR6","doi-asserted-by":"crossref","unstructured":"Canny J (1986) A computational approach to edge detection. IEEE Trans Pattern Anal Mach Intell 6:679\u2013698","DOI":"10.1109\/TPAMI.1986.4767851"},{"key":"1713_CR7","doi-asserted-by":"crossref","unstructured":"Castiglione A, De Santis A, Soriente C (2007) Taking advantages of a disadvantage: digital forensics and steganography using document metadata. J Syst Softw 80(5):750\u2013764","DOI":"10.1016\/j.jss.2006.07.006"},{"key":"1713_CR8","doi-asserted-by":"crossref","unstructured":"Castiglione A, De Santis A, Soriente C (2010) Security and privacy issues in the portable document format. J Syst Softw 83(10):1813\u20131822","DOI":"10.1016\/j.jss.2010.04.062"},{"key":"1713_CR9","unstructured":"Chen W, Wang HJ, Irun-Briz L (2088) Tupni: automatic reverse engineering of input formats. In: Proceedings of the 15th ACM conference on computer and communications security, ACM, pp 391\u2013402"},{"key":"1713_CR10","unstructured":"Christey S, Martin RA (2007) Vulnerability type distributions in cve. In: Proceedings of Mitre report"},{"key":"1713_CR11","doi-asserted-by":"crossref","unstructured":"Comparetti PM, Wondracek G, Kruegel C, Kirda E (2009) Prospex: protocol specification extraction. In: Proceedings of security and privacy, 2009 30th IEEE Symposium, IEEE, pp 110\u2013125","DOI":"10.1109\/SP.2009.14"},{"key":"1713_CR12","unstructured":"Cui W, Kannan J, Wang HJ (2007) Discoverer: automatic protocol reverse engineering from network traces. In: Proceedings of 16th USENIX security symposium on USENIX security symposium, pp 1\u201314"},{"key":"1713_CR13","doi-asserted-by":"crossref","unstructured":"Cui B, Wang F, Guo T, Dong G, Zhao B (2013) Flowwalker: a fast and precise off-line taint analysis framework. In: Proceedings of emerging intelligent data and web technologies (EIDWT), 2013 fourth international conference, IEEE, pp 583\u2013588","DOI":"10.1109\/EIDWT.2013.105"},{"key":"1713_CR14","doi-asserted-by":"crossref","unstructured":"Deutsch LP (1996) Gzip file format specification version 4.3","DOI":"10.17487\/rfc1952"},{"key":"1713_CR15","unstructured":"Eddington M (2011) Peach fuzzing platform. Peach Fuzzer"},{"key":"1713_CR16","doi-asserted-by":"crossref","unstructured":"Hirschberg DS (1977) Algorithms for the longest common subsequence problem. J ACM (JACM) 24(4):664\u2013675","DOI":"10.1145\/322033.322044"},{"key":"1713_CR17","unstructured":"ISO\/IEC 11172-3:1993, Information technology\u2014Coding of moving pictures and associated audio for digital storage media at up to about 1,5 Mbit\/s\u2014Part 3: Audio. Accessed 14 July 2010"},{"key":"1713_CR18","doi-asserted-by":"crossref","unstructured":"Jee K, Kemerlis VP, Keromytis AD, Portokalidis G (2013) Shadowreplica: efficient parallelization of dynamic data flow tracking. In: Proceedings of the 2013 ACM SIGSAC conference on computer and communications security, ACM, pp 235\u2013246","DOI":"10.1145\/2508859.2516704"},{"key":"1713_CR19","unstructured":"Jee K, Portokalidis G, Kemerlis VP, Ghosh S, August DI, Keromytis AD (2012) A general approach for efficiently accelerating software-based dynamic data flow tracking on commodity hardware. In: Proceedings of NDSS"},{"key":"1713_CR20","doi-asserted-by":"crossref","unstructured":"Kemerlis VP, Portokalidis G, Jee K, Keromytis AD (2012) libdft: practical dynamic data flow tracking for commodity systems. In: Proceedings of ACM SIGPLAN Notices, vol 47. ACM, New York, pp 121\u2013132","DOI":"10.1145\/2151024.2151042"},{"key":"1713_CR21","unstructured":"Lee JH, Thanassis A, Brumley D (2011) Principled reverse engineering of types in binary programs. In: Proceedings of NDSS, Tie"},{"key":"1713_CR22","unstructured":"Li J, Chen X, Jia C, Lou W (2013) Identity-based encryption with outsourced revocation in cloud computing"},{"key":"1713_CR23","doi-asserted-by":"crossref","unstructured":"Li J, Kim K (2010) Hidden attribute-based signatures without anonymity revocation. Inf Sci 180(9):1681\u20131689","DOI":"10.1016\/j.ins.2010.01.008"},{"key":"1713_CR24","unstructured":"Lin Z, Jiang X, Xu D, Zhang X (2008) Automatic protocol format reverse engineering through context-aware monitored execution. NDSS 8:1\u201315"},{"key":"1713_CR25","unstructured":"Lin Z, Zhang X, Xu D (2010) Automatic reverse engineering of data structures from binary execution"},{"key":"1713_CR26","doi-asserted-by":"crossref","unstructured":"Luk C-K, Cohn R, Muth R, Patil H, Klauser A, Lowney G, Wallace S, Reddi VJ, Hazelwood K (2005) Pin: building customized program analysis tools with dynamic instrumentation. ACM Sigplan Notices 40(6):190\u2013200","DOI":"10.1145\/1064978.1065034"},{"key":"1713_CR27","unstructured":"Microsoft (1992) Tiff revision 6.0: Specification for revision 6.0"},{"key":"1713_CR28","unstructured":"Microsoft (1998) Wave and avi codec registries-rfc 2361"},{"key":"1713_CR29","unstructured":"Microsoft (2013) Bitmap structures. http:\/\/msdn.microsoft.com\/en-us\/library\/dd183392"},{"key":"1713_CR30","unstructured":"Microsoft (2014) Wic api overview. http:\/\/msdn.microsoft.com\/en-us\/library\/windows\/desktop\/ee719655%28v=vs.85%29.aspx"},{"key":"1713_CR31","unstructured":"Newsome J, Song D (2005) Dynamic taint analysis for automatic detection, analysis, and signature generation of exploits on commodity software"},{"key":"1713_CR32","unstructured":"Rarlab (2013) Rar 5.0 archive format. http:\/\/www.rarlab.com\/technote.htm"},{"key":"1713_CR33","doi-asserted-by":"crossref","unstructured":"Schwartz EJ, Avgerinos T, Brumley D (2010) All you ever wanted to know about dynamic taint analysis and forward symbolic execution (but might have been afraid to ask). In: Proceedings of security and privacy (SP), 2010 IEEE Symposium, IEEE, pp 317\u2013331","DOI":"10.1109\/SP.2010.26"},{"key":"1713_CR34","doi-asserted-by":"crossref","unstructured":"Slowinska A, Bos H (2009) Pointless tainting?: evaluating the practicality of pointer tainting. In: Proceedings of the 4th ACM European conference on Computer systems, ACM, pp 61\u201374","DOI":"10.1145\/1519065.1519073"},{"key":"1713_CR35","unstructured":"Slowinska A, Stancescu T, Herbert B (2011) A dynamic excavator for reverse engineering data structures. In: Proceedings of NDSS, Howard"},{"key":"1713_CR36","unstructured":"Sutton M, Greene A, Amini P (2007) Fuzzing: brute force vulnerability discovery. Addison-Wesley Professional"},{"key":"1713_CR37","doi-asserted-by":"crossref","unstructured":"Wallace GK (1991) The jpeg still picture compression standard. Commun ACM 34(4):30\u201344","DOI":"10.1145\/103085.103089"},{"key":"1713_CR38","doi-asserted-by":"crossref","unstructured":"Wang Z, Jiang X, Cui W, Wang X, Grace M (2009) Reformat: automatic reverse engineering of encrypted messages. In: Proceedings of computer security-ESORICS 2009, Springer, New York, pp 200\u2013215","DOI":"10.1007\/978-3-642-04444-1_13"},{"key":"1713_CR39","doi-asserted-by":"crossref","unstructured":"Wang T, Wei T, Gu G, Zou W (2010) Taintscope: a checksum-aware directed fuzzing tool for automatic software vulnerability detection. In: Proceedings of security and privacy (SP), 2010 IEEE Symposium, IEEE, pp 497\u2013512","DOI":"10.1109\/SP.2010.37"},{"key":"1713_CR40","unstructured":"WikiPedia (2013) Zip (file format). http:\/\/en.wikipedia.org\/wiki\/Zip_%28file_format%29"},{"key":"1713_CR41","unstructured":"Wondracek G, Comparetti PM, Kruegel C, Kirda E, Anna S (2008) Automatic network protocol analysis. NDSS 8:1\u201314"},{"key":"1713_CR42","unstructured":"Yin H, Song D (2010) Temu: binary code analysis via whole-system layered annotative execution. Submitted to VEE"}],"container-title":["Soft Computing"],"original-title":[],"language":"en","link":[{"URL":"http:\/\/link.springer.com\/content\/pdf\/10.1007\/s00500-015-1713-6.pdf","content-type":"application\/pdf","content-version":"vor","intended-application":"text-mining"},{"URL":"http:\/\/link.springer.com\/article\/10.1007\/s00500-015-1713-6\/fulltext.html","content-type":"text\/html","content-version":"vor","intended-application":"text-mining"},{"URL":"http:\/\/link.springer.com\/content\/pdf\/10.1007\/s00500-015-1713-6","content-type":"unspecified","content-version":"vor","intended-application":"similarity-checking"}],"deposited":{"date-parts":[[2019,8,25]],"date-time":"2019-08-25T08:03:11Z","timestamp":1566720191000},"score":1,"resource":{"primary":{"URL":"http:\/\/link.springer.com\/10.1007\/s00500-015-1713-6"}},"subtitle":[],"short-title":[],"issued":{"date-parts":[[2015,5,23]]},"references-count":42,"journal-issue":{"issue":"9","published-print":{"date-parts":[[2016,9]]}},"alternative-id":["1713"],"URL":"https:\/\/doi.org\/10.1007\/s00500-015-1713-6","relation":{},"ISSN":["1432-7643","1433-7479"],"issn-type":[{"value":"1432-7643","type":"print"},{"value":"1433-7479","type":"electronic"}],"subject":[],"published":{"date-parts":[[2015,5,23]]}}}