{"status":"ok","message-type":"work","message-version":"1.0.0","message":{"indexed":{"date-parts":[[2026,4,21]],"date-time":"2026-04-21T15:32:34Z","timestamp":1776785554167,"version":"3.51.2"},"reference-count":25,"publisher":"Springer Science and Business Media LLC","issue":"6","license":[{"start":{"date-parts":[[2021,11,30]],"date-time":"2021-11-30T00:00:00Z","timestamp":1638230400000},"content-version":"tdm","delay-in-days":0,"URL":"https:\/\/www.springer.com\/tdm"},{"start":{"date-parts":[[2021,11,30]],"date-time":"2021-11-30T00:00:00Z","timestamp":1638230400000},"content-version":"vor","delay-in-days":0,"URL":"https:\/\/www.springer.com\/tdm"}],"content-domain":{"domain":["link.springer.com"],"crossmark-restriction":false},"short-container-title":["J. Comput. Sci. Technol."],"published-print":{"date-parts":[[2021,12]]},"DOI":"10.1007\/s11390-021-1593-4","type":"journal-article","created":{"date-parts":[[2021,12,15]],"date-time":"2021-12-15T03:03:42Z","timestamp":1639537422000},"page":"1248-1268","update-policy":"https:\/\/doi.org\/10.1007\/springer_crossmark_policy","source":"Crossref","is-referenced-by-count":3,"title":["MEBS: Uncovering Memory Life-Cycle Bugs in Operating System Kernels"],"prefix":"10.1007","volume":"36","author":[{"given":"Gen","family":"Zhang","sequence":"first","affiliation":[],"role":[{"role":"author","vocabulary":"crossref"}]},{"given":"Peng-Fei","family":"Wang","sequence":"additional","affiliation":[],"role":[{"role":"author","vocabulary":"crossref"}]},{"given":"Tai","family":"Yue","sequence":"additional","affiliation":[],"role":[{"role":"author","vocabulary":"crossref"}]},{"given":"Xu","family":"Zhou","sequence":"additional","affiliation":[],"role":[{"role":"author","vocabulary":"crossref"}]},{"given":"Kai","family":"Lu","sequence":"additional","affiliation":[],"role":[{"role":"author","vocabulary":"crossref"}]}],"member":"297","published-online":{"date-parts":[[2021,11,30]]},"reference":[{"key":"1593_CR1","doi-asserted-by":"publisher","unstructured":"Akritidis P, Cadar C, Raiciu C, Costa M, Castro M. Preventing memory error exploits with WIT. In Proc. the 2008 IEEE Symposium on Security and Privacy, May 2008, pp.263-277. https:\/\/doi.org\/10.1109\/SP.2008.30.","DOI":"10.1109\/SP.2008.30"},{"key":"1593_CR2","unstructured":"Lee B, Song C, Kim T, Lee W. Type casting verification: Stopping an emerging attack vector. In Proc. the 24th USENIX Security Symposium, Aug. 2015, pp.81-96."},{"key":"1593_CR3","doi-asserted-by":"publisher","unstructured":"Szekeres L, Payer M, Wei T, Song D. SoK: Eternal war in memory. In Proc. the 2013 IEEE Symposium on Security and Privacy, May 2013, pp.48-62. https:\/\/doi.org\/10.1109\/SP.2013.13.","DOI":"10.1109\/SP.2013.13"},{"key":"1593_CR4","doi-asserted-by":"publisher","unstructured":"Xu J, Mu D, Chen P, Xing X, Wang P, Liu P. CREDAL: Towards locating a memory corruption vulnerability with your core dump. In Proc. the 2016 ACM SIGSAC Conference on Computer and Communications Security, Oct. 2016, pp.529-540. https:\/\/doi.org\/10.1145\/2976749.2978340.","DOI":"10.1145\/2976749.2978340"},{"key":"1593_CR5","doi-asserted-by":"publisher","first-page":"114968","DOI":"10.1109\/ACCESS.2020.2999351","volume":"8","author":"G Zhang","year":"2020","unstructured":"Zhang G. Detecting memory life-cycle bugs with extended define-use chain analysis. IEEE Access, 2020, 8: 114968-114980. https:\/\/doi.org\/10.1109\/ACCESS.2020.2999351.","journal-title":"IEEE Access"},{"key":"1593_CR6","doi-asserted-by":"publisher","unstructured":"He B, Rastogi V, Cao Y, Chen Y, Venkatakrishnan V N, Yang R, Zhang Z. Vetting SSL usage in applications with SSLINT. In Proc. the 2015 IEEE Symposium on Security and Privacy, May 2015, pp.519-534. https:\/\/doi.org\/10.1109\/SP.2015.38.","DOI":"10.1109\/SP.2015.38"},{"key":"1593_CR7","doi-asserted-by":"publisher","unstructured":"Yamaguchi F, Golde N, Arp D, Rieck K. Modeling and discovering vulnerabilities with code property graphs. In Proc. the 2014 IEEE Symposium on Security and Privacy, May 2014, pp.590-604. https:\/\/doi.org\/10.1109\/SP.2014.44.","DOI":"10.1109\/SP.2014.44"},{"key":"1593_CR8","doi-asserted-by":"publisher","unstructured":"Chen H, Wagner D. MOPS: An infrastructure for examining security properties of software. In Proc. the 9th ACM Conference on Computer and Communications Security, Nov. 2002, pp.235-244. https:\/\/doi.org\/10.1145\/586110.586142.","DOI":"10.1145\/586110.586142"},{"key":"1593_CR9","unstructured":"Yun I, Min C, Si X, Jang Y, Kim T, Naik M. APISan: Sanitizing API usages through semantic cross-checking. In Proc. the 25th USENIX Security Symposium, Aug. 2016, pp.363-378."},{"key":"1593_CR10","doi-asserted-by":"publisher","unstructured":"Son S, McKinley K S, Shmatikov V. RoleCast: Finding missing security checks when you do not know what checks are. In Proc. the 2011 ACM International Conference on Object Oriented Programming Systems Languages and Applications, Oct. 2011, pp.1069-1084. https:\/\/doi.org\/10.1145\/2048066.2048146.","DOI":"10.1145\/2048066.2048146"},{"key":"1593_CR11","doi-asserted-by":"publisher","unstructured":"Yamaguchi F, Wressnegger C, Gascon H, Rieck K. Chucky: Exposing missing checks in source code for vulnerability discovery. In Proc. the 2013 ACM SIGSAC Conference on Computer and Communications Security, Nov. 2013, pp.499-510. https:\/\/doi.org\/10.1145\/2508859.2516665.","DOI":"10.1145\/2508859.2516665"},{"key":"1593_CR12","unstructured":"Lu K, Pakki A, Wu Q. Detecting missing-check bugs via semantic- and context-aware criticalness and constraints inferences. In Proc. the 28th USENIX Security Symposium, Aug. 2019, pp.1769-1786."},{"key":"1593_CR13","doi-asserted-by":"crossref","unstructured":"Engler D, Chelf B, Chou A, Hallem S. Checking system rules using system-specific, programmer-written compiler extensions. In Proc. the 4th Symposium on Operating System Design and Implementation, Oct. 2000, pp.1-16.","DOI":"10.21236\/ADA419626"},{"issue":"5","key":"1593_CR14","doi-asserted-by":"publisher","first-page":"57","DOI":"10.1145\/502059.502041","volume":"35","author":"D Engler","year":"2001","unstructured":"Engler D, Chen D Y, Hallem S, Chou A, Chelf B. Bugs as deviant behavior: A general approach to inferring errors in systems code. ACM SIGOPS Operating Systems Review, 2001, 35(5): 57-72. https:\/\/doi.org\/10.1145\/502059.502041.","journal-title":"ACM SIGOPS Operating Systems Review"},{"key":"1593_CR15","doi-asserted-by":"publisher","unstructured":"Brown F, N\u00f6tzli A, Engler D. How to build static checking systems using orders of magnitude less code. In Proc. the 21st International Conference on Architectural Support for Programming Languages and Operating Systems, April 2016, pp.143-157. https:\/\/doi.org\/10.1145\/2872362.2872364.","DOI":"10.1145\/2872362.2872364"},{"key":"1593_CR16","doi-asserted-by":"publisher","unstructured":"Lu K, Pakki A, Wu Q. Automatically identifying security checks for detecting kernel semantic bugs. In Proc. the 2019 European Symposium on Research in Computer Security, Sept. 2019, pp.3-25. https:\/\/doi.org\/10.1007\/978-3-030-29962-0_1.","DOI":"10.1007\/978-3-030-29962-0_1"},{"key":"1593_CR17","doi-asserted-by":"publisher","unstructured":"Xu M, Qian C, Lu K, Backes M, Kim T. Precise and scalable detection of double-fetch bugs in OS kernels. In Proc. the 2018 IEEE Symposium on Security and Privacy, May 2018, pp.661-678. https:\/\/doi.org\/10.1109\/SP.2018.00017.","DOI":"10.1109\/SP.2018.00017"},{"key":"1593_CR18","doi-asserted-by":"publisher","unstructured":"Wang W, Lu K, Yew P C. Check it again: Detecting lacking-recheck bugs in OS kernels. In Proc. the 2018 ACM SIGSAC Conference on Computer and Communications Security, Oct. 2018, pp.1899-1913. https:\/\/doi.org\/10.1145\/3243734.3243844.","DOI":"10.1145\/3243734.3243844"},{"key":"1593_CR19","unstructured":"Zhang T, Shen W, Lee D, Jung C, Azab A M, Wang R. PeX: A permission check analysis framework for Linux kernel. In Proc. the 28th USENIX Security Symposium, Aug. 2019, pp.1205-1220."},{"key":"1593_CR20","doi-asserted-by":"publisher","unstructured":"Gens D, Schmitt S, Davi L, Sadeghi A R. K-Miner: Uncovering memory corruption in Linux. In Proc. the 2018 Network and Distributed System Security Symposium, Feb. 2018. https:\/\/doi.org\/10.14722\/NDSS.2018.23326.","DOI":"10.14722\/NDSS.2018.23326"},{"key":"1593_CR21","doi-asserted-by":"publisher","unstructured":"Yan H, Sui Y, Chen S, Xue J. Machine-learning-guided typestate analysis for static use-after-free detection. In Proc. the 33rd Annual Computer Security Applications Conference, Dec. 2017, pp.42-54. https:\/\/doi.org\/10.1145\/3134600.3134620.","DOI":"10.1145\/3134600.3134620"},{"key":"1593_CR22","doi-asserted-by":"publisher","unstructured":"Wang H, Xie X, Li Y, Wen C, Li Y, Liu Y, Sui Y. Typestate-guided fuzzer for discovering use-after-free vulnerabilities. In Proc. the 42nd IEEE\/ACM International Conference on Software Engineering, July 2020, pp.999-1010. https:\/\/doi.org\/10.1145\/3377811.3380386.","DOI":"10.1145\/3377811.3380386"},{"issue":"3","key":"1593_CR23","doi-asserted-by":"publisher","first-page":"239","DOI":"10.1145\/1961296.1950394","volume":"46","author":"Q Gao","year":"2011","unstructured":"Gao Q, Zhang W, Chen Z, Zheng M, Qin F. 2ndStrike: Toward manifesting hidden concurrency typestate bugs. ACM SIGPLAN Notices, 2011, 46(3): 239-250. https:\/\/doi.org\/10.1145\/1961296.1950394.","journal-title":"ACM SIGPLAN Notices"},{"key":"1593_CR24","doi-asserted-by":"publisher","unstructured":"Marriott K, Stuckey P J, Sulzmann M. Resource usage verification. In Proc. the 1st Asian Symposium on Programming Languages and Systems, Nov. 2003, pp.212-229. https:\/\/doi.org\/10.1007\/978-3-540-40018-9_15.","DOI":"10.1007\/978-3-540-40018-9_15"},{"key":"1593_CR25","doi-asserted-by":"publisher","first-page":"93","DOI":"10.1016\/j.scico.2017.06.010","volume":"162","author":"Z Xu","year":"2018","unstructured":"Xu Z, Wen C, Qin S. State-taint analysis for detecting resource bugs. Science of Computer Programming, 2018, 162: 93-109. https:\/\/doi.org\/10.1016\/j.scico.2017.06.010.","journal-title":"Science of Computer Programming"}],"container-title":["Journal of Computer Science and Technology"],"original-title":[],"language":"en","link":[{"URL":"https:\/\/link.springer.com\/content\/pdf\/10.1007\/s11390-021-1593-4.pdf","content-type":"application\/pdf","content-version":"vor","intended-application":"text-mining"},{"URL":"https:\/\/link.springer.com\/article\/10.1007\/s11390-021-1593-4\/fulltext.html","content-type":"text\/html","content-version":"vor","intended-application":"text-mining"},{"URL":"https:\/\/link.springer.com\/content\/pdf\/10.1007\/s11390-021-1593-4.pdf","content-type":"application\/pdf","content-version":"vor","intended-application":"similarity-checking"}],"deposited":{"date-parts":[[2021,12,15]],"date-time":"2021-12-15T03:06:36Z","timestamp":1639537596000},"score":1,"resource":{"primary":{"URL":"https:\/\/link.springer.com\/10.1007\/s11390-021-1593-4"}},"subtitle":[],"short-title":[],"issued":{"date-parts":[[2021,11,30]]},"references-count":25,"journal-issue":{"issue":"6","published-print":{"date-parts":[[2021,12]]}},"alternative-id":["1593"],"URL":"https:\/\/doi.org\/10.1007\/s11390-021-1593-4","relation":{},"ISSN":["1000-9000","1860-4749"],"issn-type":[{"value":"1000-9000","type":"print"},{"value":"1860-4749","type":"electronic"}],"subject":[],"published":{"date-parts":[[2021,11,30]]},"assertion":[{"value":"18 May 2021","order":1,"name":"received","label":"Received","group":{"name":"ArticleHistory","label":"Article History"}},{"value":"25 August 2021","order":2,"name":"accepted","label":"Accepted","group":{"name":"ArticleHistory","label":"Article History"}},{"value":"30 November 2021","order":3,"name":"first_online","label":"First Online","group":{"name":"ArticleHistory","label":"Article History"}}]}}