{"status":"ok","message-type":"work","message-version":"1.0.0","message":{"indexed":{"date-parts":[[2025,2,21]],"date-time":"2025-02-21T21:21:31Z","timestamp":1740172891268,"version":"3.37.3"},"reference-count":39,"publisher":"Springer Science and Business Media LLC","issue":"3","license":[{"start":{"date-parts":[[2020,7,2]],"date-time":"2020-07-02T00:00:00Z","timestamp":1593648000000},"content-version":"tdm","delay-in-days":0,"URL":"https:\/\/www.springer.com\/tdm"},{"start":{"date-parts":[[2020,7,2]],"date-time":"2020-07-02T00:00:00Z","timestamp":1593648000000},"content-version":"vor","delay-in-days":0,"URL":"https:\/\/www.springer.com\/tdm"}],"funder":[{"DOI":"10.13039\/501100011698","name":"Junta de Comunidades de Castilla-La Mancha","doi-asserted-by":"publisher","award":["SB-PLY\/17\/180501\/00035"],"award-info":[{"award-number":["SB-PLY\/17\/180501\/00035"]}],"id":[{"id":"10.13039\/501100011698","id-type":"DOI","asserted-by":"publisher"}]},{"DOI":"10.13039\/501100003176","name":"Ministerio de Educaci\u00f3n, Cultura y Deporte","doi-asserted-by":"publisher","award":["FPU 17\/03105","FPU 17\/02007"],"award-info":[{"award-number":["FPU 17\/03105","FPU 17\/02007"]}],"id":[{"id":"10.13039\/501100003176","id-type":"DOI","asserted-by":"publisher"}]},{"DOI":"10.13039\/501100007480","name":"Universidad de Castilla-La Mancha","doi-asserted-by":"publisher","award":["2018-PREDUCLM-7476"],"award-info":[{"award-number":["2018-PREDUCLM-7476"]}],"id":[{"id":"10.13039\/501100007480","id-type":"DOI","asserted-by":"publisher"}]},{"DOI":"10.13039\/501100010198","name":"Ministerio de Econom\u00eda, Industria y Competitividad, Gobierno de Espa\u00f1a","doi-asserted-by":"publisher","award":["RTI2018-098156-B-C52"],"award-info":[{"award-number":["RTI2018-098156-B-C52"]}],"id":[{"id":"10.13039\/501100010198","id-type":"DOI","asserted-by":"publisher"}]}],"content-domain":{"domain":["link.springer.com"],"crossmark-restriction":false},"short-container-title":["J Comput Virol Hack Tech"],"published-print":{"date-parts":[[2020,9]]},"DOI":"10.1007\/s11416-020-00359-7","type":"journal-article","created":{"date-parts":[[2020,7,2]],"date-time":"2020-07-02T09:25:14Z","timestamp":1593681914000},"page":"245-256","update-policy":"https:\/\/doi.org\/10.1007\/springer_crossmark_policy","source":"Crossref","is-referenced-by-count":2,"title":["An instrumentation based algorithm for stack overflow detection"],"prefix":"10.1007","volume":"16","author":[{"ORCID":"https:\/\/orcid.org\/0000-0001-8371-4305","authenticated-orcid":false,"given":"J.","family":"Carrillo-Mond\u00e9jar","sequence":"first","affiliation":[],"role":[{"role":"author","vocabulary":"crossref"}]},{"given":"J. M.","family":"Castelo-G\u00f3mez","sequence":"additional","affiliation":[],"role":[{"role":"author","vocabulary":"crossref"}]},{"given":"J.","family":"Rold\u00e1n-G\u00f3mez","sequence":"additional","affiliation":[],"role":[{"role":"author","vocabulary":"crossref"}]},{"given":"J. L.","family":"Mart\u00ednez","sequence":"additional","affiliation":[],"role":[{"role":"author","vocabulary":"crossref"}]}],"member":"297","published-online":{"date-parts":[[2020,7,2]]},"reference":[{"key":"359_CR1","unstructured":"Common vulnerabilities and exposures. http:\/\/cve.mitre.org\/cgi-bin\/cvename.cgi?name=CVE-2009-1328"},{"key":"359_CR2","unstructured":"Common vulnerabilities and exposures. https:\/\/cve.mitre.org\/cgi-bin\/cvename.cgi?name=CVE-2010-2883"},{"key":"359_CR3","unstructured":"Dynamorio. http:\/\/www.dynamorio.org\/"},{"key":"359_CR4","unstructured":"Ida dissasembler. https:\/\/www.hex-rays.com\/products\/ida\/"},{"key":"359_CR5","unstructured":"Metasploit | penetration testing software, pen testing security. https:\/\/www.metasploit.com\/"},{"key":"359_CR6","unstructured":"Ravnas, O.: Frida. https:\/\/www.frida.re\/"},{"key":"359_CR7","unstructured":"Offensive security exploit database archive. https:\/\/www.exploit-db.com"},{"key":"359_CR8","unstructured":"Pin\u2014a dynamic binary instrumentation tool. https:\/\/software.intel.com\/enus\/articles\/pin-a-dynamic-binary-instrumentation-tool"},{"key":"359_CR9","unstructured":"Pin tutorial. https:\/\/software.intel.com\/sites\/default\/files\/article\/256675\/pintutorial-academiasinica-1.ppt"},{"key":"359_CR10","unstructured":"Valgrind Developers. http:\/\/valgrind.org\/"},{"key":"359_CR11","unstructured":"\u00c1lvarez, S.: Radare2. http:\/\/radare.org\/r\/index.html"},{"key":"359_CR12","unstructured":"Bruening, D., Zhao, Q.: Practical memory checking with Dr. memory. In: Proceedings of the 9th Annual IEEE\/ACM International Symposium on Code Generation and Optimization, CGO \u201911, pp. 213\u2013223. IEEE Computer Society, Washington, DC, USA (2011). http:\/\/dl.acm.org\/citation.cfm?id=2190025.2190067"},{"key":"359_CR13","unstructured":"Carballal, C.: Estudio, an\u00e1lisis y modelado de memorias cach\u00e9 compartidas bajo administraci\u00f3n din\u00e1mica. Master\u2019s thesis, Universidad de Buenos Aires (2011). URL http:\/\/materias.fi.uba.ar\/7500\/carballalabarzua-tesisingenieriainformatica.pdf"},{"key":"359_CR14","unstructured":"Cugliari, A., Graziano, M.: Smashing the stack. Master\u2019s thesis, Politecnico di Torino (2010). http:\/\/www.mgraziano.info\/docs\/stsi2010.pdf"},{"key":"359_CR15","unstructured":"D\u2019\u00a0Alessio, S., Mariani, S.: Pindemonium: a DBI-based generic unpacker for windows executables (2016). http:\/\/hdl.handle.net\/10589\/120861"},{"key":"359_CR16","doi-asserted-by":"publisher","unstructured":"Dang, T.H., Maniatis, P., Wagner, D.: The performance cost of shadow stacks and stack canaries. In: Proceedings of the 10th ACM Symposium on Information, Computer and Communications Security, ASIA CCS \u201915, pp. 555\u2013566. ACM, New York, NY, USA (2015). https:\/\/doi.org\/10.1145\/2714576.2714635","DOI":"10.1145\/2714576.2714635"},{"key":"359_CR17","doi-asserted-by":"publisher","unstructured":"Davi, L., Sadeghi, A.R., Winandy, M.: Ropdefender: A detection tool to defend against return-oriented programming attacks. In: Proceedings of the 6th ACM Symposium on Information, Computer and Communications Security, ASIACCS \u201911, pp. 40\u201351. ACM, New York, NY, USA (2011). https:\/\/doi.org\/10.1145\/1966913.1966920","DOI":"10.1145\/1966913.1966920"},{"key":"359_CR18","doi-asserted-by":"publisher","unstructured":"Fu, D., Shi, F.: Buffer overflow exploit and defensive techniques. In: 2012 Fourth International Conference on Multimedia Information Networking and Security, pp. 87\u201390 (2012). https:\/\/doi.org\/10.1109\/MINES.2012.81","DOI":"10.1109\/MINES.2012.81"},{"key":"359_CR19","doi-asserted-by":"publisher","unstructured":"Ganz, J., Peisert, S.: ASLR: how robust is the randomness? In: 2017 IEEE Cybersecurity Development (SecDev), pp. 34\u201341 (2017). https:\/\/doi.org\/10.1109\/SecDev.2017.19","DOI":"10.1109\/SecDev.2017.19"},{"key":"359_CR20","doi-asserted-by":"crossref","unstructured":"Gao, Y., Lu, Z., Luo, Y.: Survey on malware anti-analysis. In: Fifth International Conference on Intelligent Control and Information Processing, pp. 270\u2013275 (2014)","DOI":"10.1109\/ICICIP.2014.7010353"},{"key":"359_CR21","unstructured":"Gentsch, C.: Evaluation of open source static analysis security testing (SAST) tools for c. Technical report, DLR DW (2020). URL https:\/\/elib.dlr.de\/133945\/"},{"key":"359_CR22","doi-asserted-by":"publisher","unstructured":"Henderson, A., Prakash, A., Yan, L.K., Hu, X., Wang, X., Zhou, R., Yin, H.: Make it work, make it right, make it fast: building a platform-neutral whole-system dynamic binary analysis platform. In: Proceedings of the 2014 International Symposium on Software Testing and Analysis, ISSTA 2014, pp. 248\u2013258. Association for Computing Machinery, New York, NY, USA (2014). https:\/\/doi.org\/10.1145\/2610384.2610407","DOI":"10.1145\/2610384.2610407"},{"key":"359_CR23","unstructured":"Howard, M.: Security development lifecycle (SDL) banned function calls (2011). https:\/\/msdn.microsoft.com\/en-us\/library\/bb288454.aspx"},{"key":"359_CR24","unstructured":"Jia, X., Zhang, C., Su, P., Yang, Y., Huang, H., Feng, D.: Towards efficient heap overflow discovery. In: 26th USENIX Security Symposium (USENIX Security 17), pp. 989\u20131006. USENIX Association, Vancouver, BC (2017). https:\/\/www.usenix.org\/conference\/usenixsecurity17\/technical-sessions\/presentation\/jia"},{"key":"359_CR25","volume-title":"The Shellcoder\u2019s Handbook: Discovering and Exploiting Security Holes","author":"J Koziol","year":"2007","unstructured":"Koziol, J., Heasman, J., Lindner, F., Richarte, G., Aitel, D., Anley, C., Eren, S., Mehta, N., Hassell, R.: The Shellcoder\u2019s Handbook: Discovering and Exploiting Security Holes, 2 revised edn. Wiley, Indianapolis, IN (2007)","edition":"2 revised"},{"key":"359_CR26","doi-asserted-by":"publisher","unstructured":"Ma, J., Zhang, P., Dong, G., Shao, S., Zhang, J.: Twalker: an efficient taint analysis tool. In: 2014 10th International Conference on Information Assurance and Security, pp. 18\u201322 (2014). https:\/\/doi.org\/10.1109\/ISIAS.2014.7064628","DOI":"10.1109\/ISIAS.2014.7064628"},{"key":"359_CR27","unstructured":"Nethercote, N.: Dynamic binary analysis and instrumentation. Technical report UCAM-CL-TR-606, University of Cambridge, Computer Laboratory (2004). https:\/\/www.cl.cam.ac.uk\/techreports\/UCAM-CL-TR-606.pdf"},{"key":"359_CR28","doi-asserted-by":"publisher","unstructured":"Petsios, T., Kemerlis, V.P., Polychronakis, M., Keromytis, A.D.: Dynaguard: armoring canary-based protections against brute-force attacks. In: Proceedings of the 31st Annual Computer Security Applications Conference, ACSAC 2015, pp. 351\u2013360. ACM, New York, NY, USA (2015). https:\/\/doi.org\/10.1145\/2818000.2818031","DOI":"10.1145\/2818000.2818031"},{"issue":"6","key":"359_CR29","doi-asserted-by":"publisher","first-page":"84","DOI":"10.1109\/MSP.2012.152","volume":"10","author":"M Prandini","year":"2012","unstructured":"Prandini, M., Ramilli, M.: Return-oriented programming. IEEE Secur. Priv. 10(6), 84\u201387 (2012). https:\/\/doi.org\/10.1109\/MSP.2012.152","journal-title":"IEEE Secur. Priv."},{"key":"359_CR30","unstructured":"Radu, D., Dang, B.: Shellcode analysis using dynamic binary instrumentation. Technical report (2011)"},{"issue":"2","key":"359_CR31","doi-asserted-by":"publisher","first-page":"1024","DOI":"10.1109\/TLA.2016.7437254","volume":"14","author":"RJ Rodriguez","year":"2016","unstructured":"Rodriguez, R.J., Gaston, I.R., Alonso, J.: Towards the detection of isolation-aware malware. IEEE Latin Am. Trans. 14(2), 1024\u20131036 (2016). https:\/\/doi.org\/10.1109\/TLA.2016.7437254","journal-title":"IEEE Latin Am. Trans."},{"key":"359_CR32","doi-asserted-by":"crossref","unstructured":"Saito, T., Watanabe, R., Kondo, S., Sugawara, S., Yokoyama, M.: A survey of prevention\/mitigation against memory corruption attacks. In: 2016 19th International Conference on Network-Based Information Systems (NBiS), pp. 500\u2013505 (2016)","DOI":"10.1109\/NBiS.2016.11"},{"key":"359_CR33","unstructured":"Serebryany, K., Bruening, D., Potapenko, A., Vyukov, D.: Addresssanitizer: a fast address sanity checker. In: Proceedings of the 2012 USENIX Conference on Annual Technical Conference, USENIX ATC\u201912, pp. 28\u201328. USENIX Association, Berkeley, CA, USA (2012). http:\/\/dl.acm.org\/citation.cfm?id=2342821.2342849"},{"key":"359_CR34","unstructured":"Seward, J., Nethercote, N.: Using valgrind to detect undefined value errors with bit-precision. In: Proceedings of the Annual Conference on USENIX Annual Technical Conference, ATEC \u201905, p.\u00a02. USENIX Association, USA (2005)"},{"key":"359_CR35","doi-asserted-by":"publisher","unstructured":"Shudrak, M.: WinHeap explorer: efficient and transparent heap-based bug detection in machine code. In: 2017 IEEE International Conference on Software Quality, Reliability and Security (QRS), pp. 94\u2013101 (2017). https:\/\/doi.org\/10.1109\/QRS.2017.20","DOI":"10.1109\/QRS.2017.20"},{"key":"359_CR36","doi-asserted-by":"publisher","first-page":"86","DOI":"10.1007\/978-3-642-33338-5_5","volume-title":"Research in Attacks, Intrusions, and Defenses","author":"V van der Veen","year":"2012","unstructured":"van der Veen, V., dutt Sharma, N., Cavallaro, L., Bos, H.: Memory errors: the past, the present, and the future. In: Balzarotti, D., Stolfo, S.J., Cova, M. (eds.) Research in Attacks, Intrusions, and Defenses, pp. 86\u2013106. Springer, Berlin (2012)"},{"key":"359_CR37","doi-asserted-by":"publisher","unstructured":"Wu, B., Li, M., Zhang, B., Zhang, Q., Tang, C.: Directed symbolic execution for binary vulnerability mining. In: 2014 IEEE Workshop on Electronics, Computer and Applications, pp. 614\u2013617 (2014). https:\/\/doi.org\/10.1109\/IWECA.2014.6845694","DOI":"10.1109\/IWECA.2014.6845694"},{"key":"359_CR38","doi-asserted-by":"crossref","unstructured":"Ye, T., Zhang, L., Wang, L., Li, X.: An empirical study on detecting and fixing buffer overflow bugs. In: 2016 IEEE International Conference on Software Testing, Verification and Validation (ICST), pp. 91\u2013101 (2016)","DOI":"10.1109\/ICST.2016.21"},{"key":"359_CR39","doi-asserted-by":"publisher","unstructured":"Zou, Q., Huang, W., An, J., Fan, W.: Identify stack overflow exploits with dynamic binary instrumentation. In: 2015 International Conference on Industrial Informatics\u2014Computing Technology, Intelligent Technology, Industrial Information Integration, pp. 263\u2013267 (2015). https:\/\/doi.org\/10.1109\/ICIICII.2015.147","DOI":"10.1109\/ICIICII.2015.147"}],"container-title":["Journal of Computer Virology and Hacking Techniques"],"original-title":[],"language":"en","link":[{"URL":"https:\/\/link.springer.com\/content\/pdf\/10.1007\/s11416-020-00359-7.pdf","content-type":"application\/pdf","content-version":"vor","intended-application":"text-mining"},{"URL":"https:\/\/link.springer.com\/article\/10.1007\/s11416-020-00359-7\/fulltext.html","content-type":"text\/html","content-version":"vor","intended-application":"text-mining"},{"URL":"https:\/\/link.springer.com\/content\/pdf\/10.1007\/s11416-020-00359-7.pdf","content-type":"application\/pdf","content-version":"vor","intended-application":"similarity-checking"}],"deposited":{"date-parts":[[2021,7,2]],"date-time":"2021-07-02T00:14:53Z","timestamp":1625184893000},"score":1,"resource":{"primary":{"URL":"https:\/\/link.springer.com\/10.1007\/s11416-020-00359-7"}},"subtitle":[],"short-title":[],"issued":{"date-parts":[[2020,7,2]]},"references-count":39,"journal-issue":{"issue":"3","published-print":{"date-parts":[[2020,9]]}},"alternative-id":["359"],"URL":"https:\/\/doi.org\/10.1007\/s11416-020-00359-7","relation":{},"ISSN":["2263-8733"],"issn-type":[{"type":"electronic","value":"2263-8733"}],"subject":[],"published":{"date-parts":[[2020,7,2]]},"assertion":[{"value":"31 March 2020","order":1,"name":"received","label":"Received","group":{"name":"ArticleHistory","label":"Article History"}},{"value":"20 June 2020","order":2,"name":"accepted","label":"Accepted","group":{"name":"ArticleHistory","label":"Article History"}},{"value":"2 July 2020","order":3,"name":"first_online","label":"First Online","group":{"name":"ArticleHistory","label":"Article History"}}]}}