{"status":"ok","message-type":"work","message-version":"1.0.0","message":{"indexed":{"date-parts":[[2022,3,30]],"date-time":"2022-03-30T15:51:26Z","timestamp":1648655486719},"reference-count":30,"publisher":"Springer Science and Business Media LLC","issue":"3","license":[{"start":{"date-parts":[[2009,7,7]],"date-time":"2009-07-07T00:00:00Z","timestamp":1246924800000},"content-version":"tdm","delay-in-days":0,"URL":"http:\/\/www.springer.com\/tdm"}],"content-domain":{"domain":[],"crossmark-restriction":false},"short-container-title":["J Supercomput"],"published-print":{"date-parts":[[2010,9]]},"DOI":"10.1007\/s11227-009-0301-x","type":"journal-article","created":{"date-parts":[[2009,7,6]],"date-time":"2009-07-06T05:07:43Z","timestamp":1246856863000},"page":"394-410","source":"Crossref","is-referenced-by-count":0,"title":["Using Pit to improve security in low-level programs"],"prefix":"10.1007","volume":"53","author":[{"given":"Leif","family":"Pedersen","sequence":"first","affiliation":[],"role":[{"role":"author","vocabulary":"crossref"}]},{"given":"Hassan","family":"Reza","sequence":"additional","affiliation":[],"role":[{"role":"author","vocabulary":"crossref"}]}],"member":"297","published-online":{"date-parts":[[2009,7,7]]},"reference":[{"issue":"4","key":"301_CR1","doi-asserted-by":"crossref","first-page":"77","DOI":"10.1109\/MSECP.2003.1219077","volume":"1","author":"D Ahmad","year":"2003","unstructured":"Ahmad D (2003) The rising threat of vulnerabilities due to integer errors. IEEE Secur Priv 1(4):77\u201382. doi: 10.1109\/MSECP.2003.1219077","journal-title":"IEEE Secur Priv"},{"issue":"49","key":"301_CR2","first-page":"14","volume":"7","author":"Aleph One","year":"1996","unstructured":"Aleph One (1996) Smashing the stack for fun and profit. Phrack 7(49):14. http:\/\/www.phrack.org\/issues.html?issue=49&id=14","journal-title":"Phrack"},{"key":"301_CR3","unstructured":"Anderson JP (1972) Computer security technology planning study. In: Air Force electronic systems division ESD-TR-73-51, vols I, II, 1972"},{"issue":"6","key":"301_CR4","doi-asserted-by":"crossref","first-page":"290","DOI":"10.1145\/773473.178446","volume":"29","author":"TM Austin","year":"1994","unstructured":"Austin TM, Breach SE, Sohi GS (1994) Efficient detection of all pointer and array access errors. SIGPLAN Not 29(6):290\u2013301. doi: 10.1145\/773473.178446","journal-title":"SIGPLAN Not"},{"key":"301_CR5","unstructured":"Bhatkar S, DuVarney DC, Sekar R (2003) Address obfuscation: an efficient approach to combat a broad range of memory error exploits. In: 12th USENIX security symposium, August 2003"},{"issue":"60","key":"301_CR6","first-page":"10","volume":"11","author":"Blexim","year":"2002","unstructured":"Blexim (2002) Basic integer overflows. Phrack 11(60):10. http:\/\/www.phrack.org\/issues.html?issue=60&id=10","journal-title":"Phrack"},{"key":"301_CR7","unstructured":"Chen S, Xu J, Sezer EC, Gauriar P, Iyer RK (2005) Non-control-data attacks are realistic threats. In: 14th USENIX security symposium, 2005, pp\u00a0177\u2013192"},{"key":"301_CR8","unstructured":"Common UNIX Printing System Project (2009) Home page http:\/\/cups.org\/"},{"key":"301_CR9","unstructured":"Common UNIX Printing System (2009) STR #2919: Multiple vendor CUPS texttops integer overflow vulnerability. http:\/\/www.cups.org\/str.php?L2919 ; http:\/\/cups.org\/strfiles\/2919\/str2919.patch"},{"key":"301_CR10","unstructured":"Cowan C, Pu C, Maier D, Walpole J, Bakke P, Beattie S, Grier A, Wagle P, Zhang Q, Hinton H (1998) StackGuard: automatic adaptive detection and prevention of buffer-overflow attacks. In: 7th USENIX security conference, January 1998, pp\u00a063\u201378"},{"key":"301_CR11","unstructured":"Cowan C, Wagle P, Pu C, Beattie S, Walpole J (2000) Buffer overflows: attacks and defenses for the vulnerability of the decade. In: DARPA information survivability conference & exposition, vol\u00a02, January 2000, pp\u00a0119\u2013129"},{"key":"301_CR12","unstructured":"Cowan C, Beattie S, Johansen J, Wagle P (2003) PointGuardTM: protecting pointers from buffer overflow vulnerabilities. In: 12th USENIX security symposium, August 2003"},{"issue":"5","key":"301_CR13","doi-asserted-by":"crossref","first-page":"59","DOI":"10.1145\/381694.378811","volume":"36","author":"R DeLine","year":"2001","unstructured":"DeLine R, F\u00e4hndrich M (2001) Enforcing high-level protocols in low-level software. SIGPLAN Not 36(5):59\u201369. doi: 10.1145\/381694.378811","journal-title":"SIGPLAN Not"},{"issue":"6","key":"301_CR14","doi-asserted-by":"crossref","first-page":"706","DOI":"10.1145\/63526.63530","volume":"32","author":"T Eisenberg","year":"1989","unstructured":"Eisenberg T, Gries D, Hartmanis J, Holcomb D, Lynn MS, Santoro T (1989) The Cornell commission: on Morris and the worm. Commun ACM 32(6):706\u2013709. doi: 10.1145\/63526.63530","journal-title":"Commun ACM"},{"key":"301_CR15","unstructured":"Etoh H, Yoda K (2001) ProPolice: improved stack-smashing attack detect on. IPSJ SIG Notes Computer Security 014(025), Oct. 2001. http:\/\/www.trl.ibm.com\/projects\/security\/ssp"},{"issue":"5","key":"301_CR16","doi-asserted-by":"crossref","first-page":"13","DOI":"10.1145\/543552.512532","volume":"37","author":"M F\u00e4hndrich","year":"2002","unstructured":"F\u00e4hndrich M, DeLine R (2002) Adoption and focus: practical linear types for imperative programming. SIGPLAN Not 37(5):13\u201324. doi: 10.1145\/543552.512532","journal-title":"SIGPLAN Not"},{"key":"301_CR17","unstructured":"iDefense Labs (2008) Public advisory: 10.09.08. http:\/\/labs.idefense.com\/intelligence\/vulnerabilities\/display.php?id=752"},{"key":"301_CR18","first-page":"275","volume-title":"ATEC \u201902: proceedings of the general track: USENIX annual technical conference","author":"T Jim","year":"2002","unstructured":"Jim T, Greg Morrisett J, Grossman D, Hicks MW, Cheney J, Wang Y (2002) Cyclone: a safe dialect of\u00a0C. In: ATEC \u201902: proceedings of the general track: USENIX annual technical conference, Berkeley, CA, USA, 2002. USENIX Association, Berkeley, pp 275\u2013288"},{"key":"301_CR19","unstructured":"Li P (2004) Safe systems programming languages, October 2004"},{"key":"301_CR20","doi-asserted-by":"crossref","first-page":"128","DOI":"10.1145\/503272.503286","volume-title":"POPL \u201902: proceedings of the 29th ACM SIGPLAN-SIGACT symposium on principles of programming languages","author":"GC Necula","year":"2002","unstructured":"Necula GC, McPeak S, Weimer W (2002) CCured: type-safe retrofitting of legacy code. In: POPL \u201902: proceedings of the 29th ACM SIGPLAN-SIGACT symposium on principles of programming languages, Portland, Oregon, 2002. ACM, New York, pp 128\u2013139"},{"key":"301_CR21","unstructured":"Nethercote N, Seward J (2003) Valgrind: a\u00a0program supervision framework. In: Proceedings of RV\u201903, Boulder, Colorado, USA, July 2003"},{"key":"301_CR22","unstructured":"OpenBSD (2009) OpenBSD security. http:\/\/openbsd.org\/security.html"},{"issue":"10","key":"301_CR23","doi-asserted-by":"crossref","first-page":"1271","DOI":"10.1109\/TC.2006.166","volume":"55","author":"H Ozdoganoglu","year":"2006","unstructured":"Ozdoganoglu H, Vijaykumar TN, Brodley CE, Kuperman BA, Jalote A (2006) Smashguard: a\u00a0hardware solution to prevent security attacks on the function return address. IEEE Trans Comput 55(10):1271\u20131285. doi: 10.1109\/TC.2006.166","journal-title":"IEEE Trans Comput"},{"key":"301_CR24","unstructured":"Pedersen L (2008) Pit programming language. http:\/\/pit.devpit.org\/"},{"key":"301_CR25","first-page":"111","volume-title":"ISOLA \u201906: proceedings of the second international symposium on leveraging applications of formal methods, verification and validation (ISOLA 2006)","author":"L Pedersen","year":"2006","unstructured":"Pedersen L, Reza H (2006) A formal specification of a programming language: design of Pit. In: ISOLA \u201906: proceedings of the second international symposium on leveraging applications of formal methods, verification and validation (ISOLA 2006), Washington, DC, USA, 2006. IEEE Computer Society, Los Alamitos, pp 111\u2013118"},{"key":"301_CR26","unstructured":"Ruwase O, Lam MS (2004) A practical dynamic buffer overflow detector. In: Proceedings of the 11th annual network and distributed system security symposium, 2004. http:\/\/citeseer.ist.psu.edu\/ruwase04practical.html , pp\u00a0159\u2013169"},{"key":"301_CR27","unstructured":"Tiny CC http:\/\/tinycc.org\/"},{"key":"301_CR28","unstructured":"Xu J, Kalbarczyk Z, Patel S, Iyer RK (2002) Architecture support for defending against buffer overflow attacks. In: Workshop on evaluating and architecting system dependability (EASY), October 2002"},{"key":"301_CR29","unstructured":"Xu J, Kalbarczyk Z, Iyer RK (2003) Transparent runtime randomization for security. srds, 00:260, 2003"},{"key":"301_CR30","unstructured":"Zhivich M, Leek T, Lippmann R (2005) Dynamic buffer overflow detection. In: Workshop on the evaluation of software defect detection tools 2005, 2005"}],"container-title":["The Journal of Supercomputing"],"original-title":[],"language":"en","link":[{"URL":"http:\/\/link.springer.com\/content\/pdf\/10.1007\/s11227-009-0301-x.pdf","content-type":"application\/pdf","content-version":"vor","intended-application":"text-mining"},{"URL":"http:\/\/link.springer.com\/article\/10.1007\/s11227-009-0301-x\/fulltext.html","content-type":"text\/html","content-version":"vor","intended-application":"text-mining"},{"URL":"http:\/\/link.springer.com\/content\/pdf\/10.1007\/s11227-009-0301-x","content-type":"unspecified","content-version":"vor","intended-application":"similarity-checking"}],"deposited":{"date-parts":[[2019,6,1]],"date-time":"2019-06-01T06:23:58Z","timestamp":1559370238000},"score":1,"resource":{"primary":{"URL":"http:\/\/link.springer.com\/10.1007\/s11227-009-0301-x"}},"subtitle":[],"short-title":[],"issued":{"date-parts":[[2009,7,7]]},"references-count":30,"journal-issue":{"issue":"3","published-print":{"date-parts":[[2010,9]]}},"alternative-id":["301"],"URL":"https:\/\/doi.org\/10.1007\/s11227-009-0301-x","relation":{},"ISSN":["0920-8542","1573-0484"],"issn-type":[{"value":"0920-8542","type":"print"},{"value":"1573-0484","type":"electronic"}],"subject":[],"published":{"date-parts":[[2009,7,7]]}}}