{"status":"ok","message-type":"work","message-version":"1.0.0","message":{"indexed":{"date-parts":[[2025,9,28]],"date-time":"2025-09-28T20:49:00Z","timestamp":1759092540413},"reference-count":56,"publisher":"Springer Science and Business Media LLC","issue":"3","license":[{"start":{"date-parts":[[2010,9,1]],"date-time":"2010-09-01T00:00:00Z","timestamp":1283299200000},"content-version":"tdm","delay-in-days":0,"URL":"http:\/\/www.springer.com\/tdm"}],"content-domain":{"domain":[],"crossmark-restriction":false},"short-container-title":["Higher-Order Symb Comput"],"published-print":{"date-parts":[[2010,9]]},"DOI":"10.1007\/s10990-011-9080-1","type":"journal-article","created":{"date-parts":[[2011,11,24]],"date-time":"2011-11-24T04:37:34Z","timestamp":1322109454000},"page":"275-313","source":"Crossref","is-referenced-by-count":4,"title":["Context-sensitive analysis without calling-context"],"prefix":"10.1007","volume":"23","author":[{"given":"Arun","family":"Lakhotia","sequence":"first","affiliation":[]},{"given":"Davidson R.","family":"Boccardo","sequence":"additional","affiliation":[]},{"given":"Anshuman","family":"Singh","sequence":"additional","affiliation":[]},{"suffix":"Jr.","given":"Aleardo","family":"Manacero","sequence":"additional","affiliation":[]}],"member":"297","published-online":{"date-parts":[[2011,11,25]]},"reference":[{"key":"9080_CR1","volume-title":"Int. J. Parallel Proc.","author":"W. Amme","year":"2000","unstructured":"Amme, W., Braun, P., Zehendner, E., Thomasset, F.: Data dependence analysis of assembly code. In: Int. J. Parallel Proc. (2000)"},{"key":"9080_CR2","unstructured":"Backes, W.: Programmanalyse des XRTL Zwischencodes (in German.). Ph.D. thesis, Universit\u00e4t des Saarlandes (2004)"},{"key":"9080_CR3","doi-asserted-by":"publisher","first-page":"23:1","DOI":"10.1145\/1749608.1749612","volume":"32","author":"G. Balakrishnan","year":"2010","unstructured":"Balakrishnan, G., Reps, T.: WYSINWYX: What you see is not what you eXecute. ACM Trans. Program. Lang. Syst. 32, 23:1\u201323:84 (2010)","journal-title":"ACM Trans. Program. Lang. Syst."},{"key":"9080_CR4","first-page":"1","volume-title":"Proceedings of the International Symposium on Requirements Engineering for Information Security SREIS\u201901","author":"J. Bergeron","year":"2001","unstructured":"Bergeron, J., Debbabi, M., Desharnais, J., Erhioui, M., Lavoie, Y., Tawbi, N.: Static detection of malicious code in executable programs. In: Proceedings of the International Symposium on Requirements Engineering for Information Security SREIS\u201901, pp. 1\u20138 (2001)"},{"key":"9080_CR5","doi-asserted-by":"publisher","first-page":"184","DOI":"10.1109\/ENABL.1999.805197","volume-title":"Proceedings of the IEEE 8th International Workshops on Enabling Technologies: Infrastructure for Collaborative Enterprises","author":"J. Bergeron","year":"1999","unstructured":"Bergeron, J., Debbabi, M., Erhioui, M., Ktari, B.: Static analysis of binary code to isolate malicious behaviors. In: Proceedings of the IEEE 8th International Workshops on Enabling Technologies: Infrastructure for Collaborative Enterprises, pp. 184\u2013189 (1999)"},{"key":"9080_CR6","volume-title":"Proc. of the 12th USENIX Security Symposium","author":"M. Christodorescu","year":"2003","unstructured":"Christodorescu, M., Jha S.: Static analysis of executables to detect malicious patterns. In: Proc. of the 12th USENIX Security Symposium (2003)"},{"key":"9080_CR7","unstructured":"Cifuentes, C., Fraboulet, A.: Interprocedural data flow recovery of high-level language code from assembly. Technical Report 421, Univ. Queensland (1997)"},{"key":"9080_CR8","doi-asserted-by":"publisher","first-page":"188","DOI":"10.1109\/ICSM.1997.624245","volume-title":"Proc. Int. Conf. on Software Maintenance (ICSM)","author":"C. Cifuentes","year":"1997","unstructured":"Cifuentes, C., Fraboulet, A.: Intraprocedural static slicing of binary executables. In: Proc. Int. Conf. on Software Maintenance (ICSM), pp. 188\u2013195 (1997)"},{"key":"9080_CR9","first-page":"228","volume-title":"Proc. Int. Conf. on Software Maintenance (ICSM)","author":"C. Cifuentes","year":"1998","unstructured":"Cifuentes, C., Simon, D., Fraboulet, A.: Assembly to high-level language translation. In: Proc. Int. Conf. on Software Maintenance (ICSM), pp. 228\u2013237 (1998)"},{"key":"9080_CR10","volume-title":"Surreptitious Software: Obfuscation, Watermarking, and Tamperproofing for Software Protection","author":"C. Collberg","year":"2010","unstructured":"Collberg, C., Nagra, J.: Surreptitious Software: Obfuscation, Watermarking, and Tamperproofing for Software Protection. Addison Wesley, Reading (2010)"},{"issue":"8","key":"9080_CR11","doi-asserted-by":"publisher","first-page":"735","DOI":"10.1109\/TSE.2002.1027797","volume":"28","author":"C.S. Collberg","year":"2002","unstructured":"Collberg, C.S., Thomborson, C.: Watermarking, tamper-proofing, and obfuscation tools for software protection. IEEE Trans. Softw. Eng. 28(8), 735\u2013746 (2002)","journal-title":"IEEE Trans. Softw. Eng."},{"key":"9080_CR12","doi-asserted-by":"publisher","first-page":"167","DOI":"10.1109\/WCRE.2009.24","volume-title":"2009, WCRE\u201909, 16th Working Conference on Reverse Engineering","author":"K. Coogan","year":"2009","unstructured":"Coogan, K., Debray, S., Kaochar, T., Townsend, G.: Automatic static unpacking of malware binaries. In: 2009, WCRE\u201909, 16th Working Conference on Reverse Engineering, pp. 167\u2013176 (2009)"},{"key":"9080_CR13","first-page":"238","volume-title":"Proc. Principles of Programming Languages (POPL)","author":"P. Cousot","year":"1977","unstructured":"Cousot, P., Cousot, R.: Abstract interpretation: A unified lattice model for static analysis of programs by construction or approximation of fixed points. In: Proc. Principles of Programming Languages (POPL), Los Angeles, CA, USA, pp. 238\u2013252 (1977)"},{"key":"9080_CR14","first-page":"269","volume-title":"Proc. Principles of Programming Languages (POPL)","author":"P. Cousot","year":"1979","unstructured":"Cousot, P., Cousot, R.: Systematic design of program analysis frameworks by abstract interpretation. In: Proc. Principles of Programming Languages (POPL), San Antonio, TX, USA, pp. 269\u2013282 (1979)"},{"key":"9080_CR15","first-page":"359","volume-title":"IFIP World Computer Congress","author":"P. Cousot","year":"2004","unstructured":"Cousot, P., Cousot, R.: Basic concepts of abstract interpretation. In: IFIP World Computer Congress, Toulouse France, pp. 359\u2013366 (2004)"},{"key":"9080_CR16","unstructured":"Dalla Preda, M.: Code obfuscation and malware detection by abstract interpretation. Ph.D. thesis, Universit\u00e0 di Verona (2007)"},{"key":"9080_CR17","first-page":"377","volume-title":"Proc. Principles of Programming Languages (POPL)","author":"M. DallaPreda","year":"2007","unstructured":"DallaPreda, M., Christodorescu, M., Jha S., Debray S.: A semantics-based approach to malware detection. In: Proc. Principles of Programming Languages (POPL), New York, NY, USA, pp. 377\u2013388 (2007)"},{"issue":"6","key":"9080_CR18","doi-asserted-by":"crossref","first-page":"855","DOI":"10.3233\/JCS-2009-0345","volume":"17","author":"M. DallaPreda","year":"2009","unstructured":"DallaPreda, M., Giacobazzi, R.: Semantics-based code obfuscation by abstract interpretation. J. Comput. Secur. 17(6), 855\u2013908 (2009)","journal-title":"J. Comput. Secur."},{"key":"9080_CR19","first-page":"218","volume-title":"Proceedings of the 17th International Conference on Static Analysis","author":"M. DallaPreda","year":"2010","unstructured":"DallaPreda, M., Giacobazzi, R., Debray, S., Coogan, K., Townsend, G.M.: Modelling metamorphism by abstract interpretation. In: Proceedings of the 17th International Conference on Static Analysis, Berlin, Heidelberg, pp. 218\u2013235 (2010)"},{"key":"9080_CR20","doi-asserted-by":"crossref","unstructured":"DallaPreda, M., Madou, M., De Bosschere, K., Giacobazzi, R.: Opaque predicates detection by abstract interpretation. Algebraic Methodology and Software Technology, pp. 81\u201395 (2006)","DOI":"10.1007\/11784180_9"},{"key":"9080_CR21","first-page":"12","volume-title":"Proc. Principles of Programming Languages (POPL)","author":"S.K. Debray","year":"1998","unstructured":"Debray, S.K., Muth, R., Weippert, M.: Alias analysis of executable code. In: Proc. Principles of Programming Languages (POPL), pp. 12\u201324 (1998)"},{"issue":"6","key":"9080_CR22","doi-asserted-by":"publisher","first-page":"242","DOI":"10.1145\/773473.178264","volume":"29","author":"M. Emami","year":"1994","unstructured":"Emami, M., Ghiya, R., Hendren, L.J.: Context-sensitive interprocedural points-to analysis in the presence of function pointers. SIGPLAN Not. 29(6), 242\u2013256 (1994)","journal-title":"SIGPLAN Not."},{"key":"9080_CR23","volume-title":"Blackboard Systems","author":"R. Engelmore","year":"1988","unstructured":"Engelmore, R., Morgan, T.: Blackboard Systems, vol.\u00a0141. Addison-Wesley, Reading (1988)"},{"key":"9080_CR24","doi-asserted-by":"publisher","first-page":"7","DOI":"10.1109\/SEFM.2008.41","volume-title":"2008 Sixth IEEE International Conference on Software Engineering and Formal Methods","author":"R. Giacobazzi","year":"2008","unstructured":"Giacobazzi, R.: Hiding information in completeness holes: new perspectives in code obfuscation and watermarking. In: 2008 Sixth IEEE International Conference on Software Engineering and Formal Methods, pp. 7\u201318 (2008)"},{"key":"9080_CR25","doi-asserted-by":"publisher","first-page":"122","DOI":"10.1145\/258915.258927","volume-title":"Conf. on Prog. Lang. Design and Implementation (PLDI)","author":"D.W. Goodwin","year":"1997","unstructured":"Goodwin, D.W.: Interprocedural dataflow analysis in an executable optimizer. In: Conf. on Prog. Lang. Design and Implementation (PLDI), New York, NY, USA, pp. 122\u2013133 (1997)"},{"key":"9080_CR26","volume-title":"3nd Int. Symp. on Code Gen. and Opt.","author":"B. Guo","year":"2005","unstructured":"Guo, B., Bridges, M.J., Triantafyllis, S., Ottoni, G., Raman, E., August, D.: Practical and accurate low-level pointer analysis. In: 3nd Int. Symp. on Code Gen. and Opt. (2005)"},{"key":"9080_CR27","unstructured":"IdaPro: Ida Pro\u2014Disassembler. \n                    http:\/\/www.hex-rays.com\/idapro\/\n                    \n                   (Last accessed October 2010)"},{"key":"9080_CR28","doi-asserted-by":"publisher","DOI":"10.1201\/9780849332517","volume-title":"Data Flow Analysis: Theory and Practice","author":"U.P. Khedkar","year":"2009","unstructured":"Khedkar, U.P., Sanyal, A., Karkare, B.: Data Flow Analysis: Theory and Practice. CRC Press, Boca Raton (2009)"},{"key":"9080_CR29","doi-asserted-by":"publisher","first-page":"214","DOI":"10.1007\/978-3-540-93900-9_19","volume-title":"10th International Conference on Verification, Model Checking, and Abstract Interpretation (VMCAI 2009)","author":"J. Kinder","year":"2009","unstructured":"Kinder, J., Veith, H., Zuleger, F.: An abstract interpretation-based framework for control flow reconstruction from binaries. In: 10th International Conference on Verification, Model Checking, and Abstract Interpretation (VMCAI 2009), pp. 214\u2013228 (2009)"},{"key":"9080_CR30","volume-title":"4th IEEE Int. Workshop on Source Code Analysis and Manipulation (SCAM)","author":"A. Lakhotia","year":"2004","unstructured":"Lakhotia, A., Kumar, E.U.: Abstracting stack to detect obfuscated calls in binaries. In: 4th IEEE Int. Workshop on Source Code Analysis and Manipulation (SCAM), Chicago, Illinois (2004)"},{"issue":"11","key":"9080_CR31","doi-asserted-by":"publisher","first-page":"955","DOI":"10.1109\/TSE.2005.120","volume":"31","author":"A. Lakhotia","year":"2005","unstructured":"Lakhotia, A., Kumar, E.U., Venable, M.: A method for detecting obfuscated calls in malicious binaries. IEEE Trans. Softw. Eng. 31(11), 955\u2013968 (2005)","journal-title":"IEEE Trans. Softw. Eng."},{"key":"9080_CR32","unstructured":"Lakhotia, A., Singh, P.K.: Challenges in getting \u2018formal\u2019 with viruses. Virus Bull., pp. 15\u201319 (2003)"},{"key":"9080_CR33","volume-title":"Proc. Computer-Aided Verification","author":"A. Lal","year":"2006","unstructured":"Lal, A., Reps, T.: Improving pushdown system model checking. In: Proc. Computer-Aided Verification (2006)"},{"key":"9080_CR34","first-page":"291","volume-title":"Conf. on Prog. Lang. Design and Implementation (PLDI)","author":"J.R. Larus","year":"1995","unstructured":"Larus, J.R., Schnarr, E.: EEL: Machine-independent executable editing. In: Conf. on Prog. Lang. Design and Implementation (PLDI), pp. 291\u2013300 (1995)"},{"key":"9080_CR35","series-title":"LNCS","doi-asserted-by":"publisher","first-page":"47","DOI":"10.1007\/11688839_5","volume-title":"Compiler Construction, 15th International Conference","author":"O. Lhot\u00e1k","year":"2006","unstructured":"Lhot\u00e1k, O., Hendren, L.: Context-sensitive points-to analysis: Is it worth it. In: Compiler Construction, 15th International Conference. LNCS, vol. 3923, pp. 47\u201364 (2006)"},{"key":"9080_CR36","volume-title":"10th ACM Conf. on Computer and Communications Security (CCS)","author":"C. Linn","year":"2003","unstructured":"Linn, C., Debray, S.: Obfuscation of executable code to improve resistance to static disassembly. In: 10th ACM Conf. on Computer and Communications Security (CCS) (2003)"},{"key":"9080_CR37","unstructured":"McDonald, J.: Delphi falls prey. \n                    http:\/\/www.symantec.com\/connect\/blogs\/delphi-falls-prey\n                    \n                   (Last accessed October 2010)"},{"issue":"1","key":"9080_CR38","doi-asserted-by":"publisher","first-page":"127","DOI":"10.1145\/1111320.1111049","volume":"41","author":"M. Might","year":"2006","unstructured":"Might, M., Shivers, O.: Environment analysis via \u0394CFA. SIGPLAN Not. 41(1), 127\u2013140 (2006)","journal-title":"SIGPLAN Not."},{"key":"9080_CR39","volume-title":"European Symp. on Programming (ESOP)","author":"A. Mycroft","year":"1999","unstructured":"Mycroft, A.: Type-based decompilation. In: European Symp. on Programming (ESOP) (1999)"},{"key":"9080_CR40","volume-title":"Proc. Int. Conf. on Compiler Construction","author":"T. Reps","year":"2008","unstructured":"Reps, T., Balakrishnan, G.: Improved memory-access analysis for x86 executables. In: Proc. Int. Conf. on Compiler Construction (2008)"},{"key":"9080_CR41","volume-title":"Proc. Workshop on Partial Evaluation and Program Manipulation (PEPM)","author":"T. Reps","year":"2006","unstructured":"Reps, T., Balakrishnan, G., Lim, J.: Intermediate-representation recovery from low-level code. In: Proc. Workshop on Partial Evaluation and Program Manipulation (PEPM), Charleston, SC (2006)"},{"key":"9080_CR42","doi-asserted-by":"publisher","first-page":"41","DOI":"10.1007\/978-3-642-14295-6_6","volume-title":"Computer Aided Verification","author":"T. Reps","year":"2010","unstructured":"Reps, T., Lim, J., Thakur, A., Balakrishnan, G., Lal, A.: There\u2019s plenty of room at the bottom: analyzing and verifying machine code. In: Computer Aided Verification, pp. 41\u201356 (2010)"},{"issue":"1\u20132","key":"9080_CR43","doi-asserted-by":"publisher","first-page":"206","DOI":"10.1016\/j.scico.2005.02.009","volume":"58","author":"T. Reps","year":"2005","unstructured":"Reps, T., Schwoon, S., Jha, S., Melski, D.: Weighted pushdown systems and their application to interprocedural dataflow analysis. Sci. Comput. Program. 58(1\u20132), 206\u2013263 (2005)","journal-title":"Sci. Comput. Program."},{"issue":"1\u20132","key":"9080_CR44","doi-asserted-by":"publisher","first-page":"131","DOI":"10.1016\/0304-3975(96)00072-2","volume":"167","author":"M. Sagiv","year":"1996","unstructured":"Sagiv, M., Reps, T., Horwitz, S.: Precise interprocedural dataflow analysis with applications to constant propagation. Theor. Comput. Sci. 167(1\u20132), 131\u2013170 (1996)","journal-title":"Theor. Comput. Sci."},{"key":"9080_CR45","volume-title":"Proc. Workshop on Binary Translation (WBT)","author":"B. Schwarz","year":"2001","unstructured":"Schwarz, B., Debray, S.K., Andrews, G.R.: PLTO: A link-time optimizer for the Intel IA-32 architecture. In: Proc. Workshop on Binary Translation (WBT) (2001)"},{"key":"9080_CR46","first-page":"189","volume-title":"Program Flow Analysis: Theory and Applications, Chap.\u00a07","author":"M. Sharir","year":"1981","unstructured":"Sharir, M., Pnueli, A.: Two approaches to interprocedural data flow analysis. In: Muchnick, S.S., Jones, N.D. (eds.) Program Flow Analysis: Theory and Applications, Chap.\u00a07, pp. 189\u2013234. Prentice-Hall, Englewood Cliffs (1981)"},{"issue":"I","key":"9080_CR47","first-page":"1","volume":"1","author":"A. Srivastava","year":"1993","unstructured":"Srivastava, A., Wall, D.: A practical system for intermodule code optimization at linktime. J. Program. Lang. 1(I), 1\u201318 (1993)","journal-title":"J. Program. Lang."},{"key":"9080_CR48","unstructured":"Symantec, Inc., Understanding heuristics. \n                    http:\/\/www.symantec.com\/avcenter\/reference\/heuristc.pdf\n                    \n                   (1997)"},{"key":"9080_CR49","doi-asserted-by":"publisher","first-page":"288","DOI":"10.1007\/978-3-642-14295-6_27","volume-title":"Computer Aided Verification","author":"A. Thakur","year":"2010","unstructured":"Thakur, A., Lim, J., Lal, A., Burton, A., Driscoll, E., Elder, M., Andersen, T., Reps, T.: Directed proof generation for machine code. In: Computer Aided Verification, pp. 288\u2013305 (2010)"},{"issue":"8","key":"9080_CR50","doi-asserted-by":"publisher","first-page":"761","DOI":"10.1145\/358198.358210","volume":"27","author":"K. Thompson","year":"1984","unstructured":"Thompson, K.: Reflections on trusting trust. Commun. ACM 27(8), 761\u2013763 (1984)","journal-title":"Commun. ACM"},{"key":"9080_CR51","first-page":"1","volume-title":"DIMVA\u201905","author":"M. Venable","year":"2005","unstructured":"Venable, M., Chouchane, M.R., Karim, M.E., Lakhotia, A.: Analyzing memory accesses in obfuscated x86 executables. In: DIMVA\u201905, pp. 1\u201318 (2005)"},{"key":"9080_CR52","volume-title":"6th IEEE Int. Workshop on Source Code Analysis and Manipulation (SCAM)","author":"A. Walenstein","year":"2006","unstructured":"Walenstein, A., Mathur, R., Chouchane, M.R., Lakhotia, A.: Normalizing metamorphic malware using term-rewriting. In: 6th IEEE Int. Workshop on Source Code Analysis and Manipulation (SCAM) (2006)"},{"key":"9080_CR53","volume-title":"2nd International Conference on i-Warfare and Security (ICIW)","author":"A. Walenstein","year":"2007","unstructured":"Walenstein, A., Mathur, R., Chouchane, M.R., Lakhotia, A.: The design space of metamorphic malware. In: 2nd International Conference on i-Warfare and Security (ICIW) (2007)"},{"key":"9080_CR54","doi-asserted-by":"publisher","first-page":"131","DOI":"10.1145\/996841.996859","volume-title":"PLDI\u201904: Proceedings of the ACM SIGPLAN 2004 conference on Programming language design and implementation","author":"J. Whaley","year":"2004","unstructured":"Whaley, J., Lam, M.S.: Cloning-based context-sensitive pointer alias analysis using binary decision diagrams. In: PLDI\u201904: Proceedings of the ACM SIGPLAN 2004 conference on Programming language design and implementation, New York, NY, USA, pp. 131\u2013144 (2004)"},{"key":"9080_CR55","doi-asserted-by":"publisher","first-page":"831","DOI":"10.1145\/1065579.1065798","volume-title":"DAC\u201905: Proceedings of the 42nd Annual Design Automation Conference","author":"J. Zhu","year":"2005","unstructured":"Zhu, J.: Towards scalable flow and context sensitive pointer analysis. In: DAC\u201905: Proceedings of the 42nd Annual Design Automation Conference, New York, NY, USA, pp. 831\u2013836 (2005)"},{"key":"9080_CR56","doi-asserted-by":"publisher","first-page":"145","DOI":"10.1145\/996841.996860","volume-title":"PLDI\u201904: Proceedings of the ACM SIGPLAN 2004 Conference on Programming Language Design and Implementation","author":"J. Zhu","year":"2004","unstructured":"Zhu, J., Calman, S.: Symbolic pointer analysis revisited. In: PLDI\u201904: Proceedings of the ACM SIGPLAN 2004 Conference on Programming Language Design and Implementation, New York, NY, USA, pp. 145\u2013157 (2004)"}],"container-title":["Higher-Order and Symbolic Computation"],"original-title":[],"language":"en","link":[{"URL":"http:\/\/link.springer.com\/content\/pdf\/10.1007\/s10990-011-9080-1.pdf","content-type":"application\/pdf","content-version":"vor","intended-application":"text-mining"},{"URL":"http:\/\/link.springer.com\/article\/10.1007\/s10990-011-9080-1\/fulltext.html","content-type":"text\/html","content-version":"vor","intended-application":"text-mining"},{"URL":"http:\/\/link.springer.com\/content\/pdf\/10.1007\/s10990-011-9080-1","content-type":"unspecified","content-version":"vor","intended-application":"similarity-checking"},{"URL":"http:\/\/link.springer.com\/content\/pdf\/10.1007\/s10990-011-9080-1.pdf","content-type":"application\/pdf","content-version":"vor","intended-application":"similarity-checking"}],"deposited":{"date-parts":[[2020,2,17]],"date-time":"2020-02-17T21:09:38Z","timestamp":1581973778000},"score":1,"resource":{"primary":{"URL":"http:\/\/link.springer.com\/10.1007\/s10990-011-9080-1"}},"subtitle":[],"short-title":[],"issued":{"date-parts":[[2010,9]]},"references-count":56,"journal-issue":{"issue":"3","published-print":{"date-parts":[[2010,9]]}},"alternative-id":["9080"],"URL":"https:\/\/doi.org\/10.1007\/s10990-011-9080-1","relation":{},"ISSN":["1388-3690","1573-0557"],"issn-type":[{"value":"1388-3690","type":"print"},{"value":"1573-0557","type":"electronic"}],"subject":[],"published":{"date-parts":[[2010,9]]}}}