{"status":"ok","message-type":"work","message-version":"1.0.0","message":{"indexed":{"date-parts":[[2025,9,29]],"date-time":"2025-09-29T08:19:38Z","timestamp":1759133978609,"version":"3.37.3"},"reference-count":27,"publisher":"IEEE","license":[{"start":{"date-parts":[[2022,6,22]],"date-time":"2022-06-22T00:00:00Z","timestamp":1655856000000},"content-version":"stm-asf","delay-in-days":0,"URL":"https:\/\/doi.org\/10.15223\/policy-029"},{"start":{"date-parts":[[2022,6,22]],"date-time":"2022-06-22T00:00:00Z","timestamp":1655856000000},"content-version":"stm-asf","delay-in-days":0,"URL":"https:\/\/doi.org\/10.15223\/policy-037"}],"funder":[{"DOI":"10.13039\/501100004663","name":"Ministry of Science and Technology of Taiwan","doi-asserted-by":"publisher","award":["110-2628-E-002-002,111-2628-E-002-012"],"award-info":[{"award-number":["110-2628-E-002-002,111-2628-E-002-012"]}],"id":[{"id":"10.13039\/501100004663","id-type":"DOI","asserted-by":"publisher"}]}],"content-domain":{"domain":[],"crossmark-restriction":false},"short-container-title":[],"published-print":{"date-parts":[[2022,6,22]]},"DOI":"10.1109\/dsc54232.2022.9888796","type":"proceedings-article","created":{"date-parts":[[2022,9,26]],"date-time":"2022-09-26T21:10:18Z","timestamp":1664226618000},"page":"1-8","source":"Crossref","is-referenced-by-count":7,"title":["LAEG: Leak-based AEG using Dynamic Binary Analysis to Defeat ASLR"],"prefix":"10.1109","author":[{"given":"Wei-Loon","family":"Mow","sequence":"first","affiliation":[{"name":"National Taiwan University,Taipei,Taiwan"}]},{"given":"Shih-Kun","family":"Huang","sequence":"additional","affiliation":[{"name":"National Yang Ming Chiao Tung University,Hsinchu,Taiwan"}]},{"given":"Hsu-Chun","family":"Hsiao","sequence":"additional","affiliation":[{"name":"National Taiwan University,Taipei,Taiwan"}]}],"member":"263","reference":[{"key":"ref10","doi-asserted-by":"publisher","DOI":"10.1109\/SP.2010.26"},{"journal-title":"Taint Analysis and Pattern Matching With Pin","year":"0","author":"salwan","key":"ref11"},{"key":"ref12","doi-asserted-by":"publisher","DOI":"10.1109\/SP.2012.31"},{"key":"ref13","article-title":"AFL++: Combining incremental steps of fuzzing research","author":"fioraldi","year":"2020","journal-title":"14th USENIX Workshop on Offensive Technologies (WOOT 20)"},{"journal-title":"Binary-level directed fuzzing for use-after-free vulnerabilities","year":"2020","author":"nguyen","key":"ref14"},{"key":"ref15","article-title":"The use of likely invariants as feedback for fuzzers","author":"fioraldi","year":"2021","journal-title":"30th USENIX Security Symposium (USENIX Security 21)"},{"key":"ref16","doi-asserted-by":"publisher","DOI":"10.1109\/MS.2020.3016773"},{"key":"ref17","doi-asserted-by":"publisher","DOI":"10.2307\/2690079"},{"journal-title":"I DEF CON Communications DEFCON CTF 2019 Qualifier Speedrun [Online]","year":"0","key":"ref18"},{"key":"ref19","doi-asserted-by":"publisher","DOI":"10.1145\/3243734.3243847"},{"journal-title":"Automatic Generation of Control Flow Hijacking Exploits for Software Vulnerabilities","year":"2009","author":"heelan","key":"ref4"},{"journal-title":"Automatic Exploitation of Fully Randomized Executables","year":"2019","author":"gadient","key":"ref27"},{"key":"ref3","article-title":"Q: Exploit hardening made easy","author":"schwartz","year":"2011","journal-title":"20th USENIX Security Symposium (USENIX Security 11)"},{"journal-title":"Qiling Framework A True Instrumentable Binary Emulation Framework","year":"0","author":"kaijern","key":"ref6"},{"key":"ref5","doi-asserted-by":"publisher","DOI":"10.1109\/SERE.2012.20"},{"key":"ref8","doi-asserted-by":"publisher","DOI":"10.1145\/2560217.2560219"},{"key":"ref7","first-page":"28","article-title":"Address-sanitizer: A fast address sanity checker","author":"serebryany","year":"2012","journal-title":"Proceedings of the 2012 USENIX Conference on Annual Technical Conference ser USENIX ATC'12"},{"journal-title":"Exploiting linux and pax aslr's weaknesses on 32-bit and 64-bit systems","year":"2016","author":"gisbert","key":"ref2"},{"journal-title":"Zeratool Automatic Exploit Generation (AEG) and remote flag capture for exploitable CTF problems","year":"2021","author":"roberts","key":"ref9"},{"key":"ref1","article-title":"Effective entropy: Security-centric metric for memory randomization techniques","author":"herlands","year":"2014","journal-title":"7th Workshop on Cyber Security Experimentation and Test (CSET 14)"},{"key":"ref20","article-title":"Aeg: Automatic exploit generation","author":"avgerinos","year":"2011","journal-title":"NDSS 2011"},{"journal-title":"REX Shellphish's automated exploitation engine originally created for the Cyber Grand Challenge","year":"2021","author":"shellphish","key":"ref22"},{"key":"ref21","doi-asserted-by":"publisher","DOI":"10.1145\/2110356.2110358"},{"key":"ref24","doi-asserted-by":"publisher","DOI":"10.1145\/2133375.2133377"},{"key":"ref23","doi-asserted-by":"publisher","DOI":"10.1109\/SecDev.2017.14"},{"key":"ref26","doi-asserted-by":"publisher","DOI":"10.1109\/SP.2014.22"},{"key":"ref25","doi-asserted-by":"publisher","DOI":"10.1145\/3359789.3359820"}],"event":{"name":"2022 IEEE Conference on Dependable and Secure Computing (DSC)","start":{"date-parts":[[2022,6,22]]},"location":"Edinburgh, United Kingdom","end":{"date-parts":[[2022,6,24]]}},"container-title":["2022 IEEE Conference on Dependable and Secure Computing (DSC)"],"original-title":[],"link":[{"URL":"http:\/\/xplorestaging.ieee.org\/ielx7\/9888143\/9888794\/09888796.pdf?arnumber=9888796","content-type":"unspecified","content-version":"vor","intended-application":"similarity-checking"}],"deposited":{"date-parts":[[2022,10,14]],"date-time":"2022-10-14T20:55:39Z","timestamp":1665780939000},"score":1,"resource":{"primary":{"URL":"https:\/\/ieeexplore.ieee.org\/document\/9888796\/"}},"subtitle":[],"short-title":[],"issued":{"date-parts":[[2022,6,22]]},"references-count":27,"URL":"https:\/\/doi.org\/10.1109\/dsc54232.2022.9888796","relation":{},"subject":[],"published":{"date-parts":[[2022,6,22]]}}}