{"status":"ok","message-type":"work","message-version":"1.0.0","message":{"indexed":{"date-parts":[[2024,10,30]],"date-time":"2024-10-30T08:21:36Z","timestamp":1730276496332,"version":"3.28.0"},"reference-count":35,"publisher":"IEEE","content-domain":{"domain":[],"crossmark-restriction":false},"short-container-title":[],"published-print":{"date-parts":[[2015,8]]},"DOI":"10.1109\/issa.2015.7335070","type":"proceedings-article","created":{"date-parts":[[2015,11,23]],"date-time":"2015-11-23T17:50:11Z","timestamp":1448301011000},"page":"1-8","source":"Crossref","is-referenced-by-count":1,"title":["SMT-constrained symbolic execution engine for integer overflow detection in C code"],"prefix":"10.1109","author":[{"given":"Paul","family":"Muntean","sequence":"first","affiliation":[]},{"given":"Mustafizur","family":"Rahman","sequence":"additional","affiliation":[]},{"given":"Andreas","family":"Ibing","sequence":"additional","affiliation":[]},{"given":"Claudia","family":"Eckert","sequence":"additional","affiliation":[]}],"member":"263","reference":[{"journal-title":"NIST Juliet Test Suite v1 2 for C\/C++","year":"0","key":"ref33"},{"key":"ref32","article-title":"A survey of program slicing techniques","author":"tip","year":"1995","journal-title":"Journal of Programming Languages"},{"key":"ref31","article-title":"approaches to interprocedural data flow analysis","author":"sharir","year":"1981","journal-title":"Program Flow Analysis Theory and Applications"},{"key":"ref30","article-title":"Flow-insensitive static analysis for detecting integer anomalies in programs","author":"sarkar","year":"2007","journal-title":"SE'07 Proceedings of the 25th conference on IASTED International Multi-Conference ACTA Press"},{"key":"ref35","article-title":"UQBTng: A tool capable of automatically finding integer overflows in Win32 binaries","author":"wojtczuk","year":"2005","journal-title":"Chaos Communication Congress"},{"key":"ref34","article-title":"Intscope: Automatically detecting integer overflow vulnerability in x86 binary using symbolic execution","author":"wang","year":"2009","journal-title":"Proc of the NDSS'09"},{"key":"ref10","doi-asserted-by":"publisher","DOI":"10.1109\/ICSE.2013.6606625"},{"key":"ref11","article-title":"Understanding integer overflow in C\/C++","author":"dietz","year":"2012","journal-title":"Proc ICSE '12"},{"key":"ref12","article-title":"Z3: an efficient SMT solver","author":"de","year":"2008","journal-title":"Proc of the TACAS‘08\/ETAPS'08"},{"key":"ref13","article-title":"Design Patterns. Elements of Reusable Object-Oriented Software","author":"gamma","year":"1994","journal-title":"Addison-Wesley"},{"key":"ref14","article-title":"Automated whitebox fuzz testing","author":"godefroid","year":"2008","journal-title":"Proc of the NDSS"},{"key":"ref15","article-title":"Path-Sensiti ve Race Detection with Partial Order Reduced Symbolic Execution","author":"ibing","year":"2014","journal-title":"Proc of the WSFMDS'14"},{"key":"ref16","doi-asserted-by":"publisher","DOI":"10.1109\/HASE.2015.16"},{"key":"ref17","article-title":"Symbolic Execution Based Automated Static Bug Detection for Eclipse CDT","author":"ibing","year":"2015","journal-title":"International Journal on Advances in Security"},{"key":"ref18","doi-asserted-by":"publisher","DOI":"10.1007\/978-3-642-41707-8_13"},{"key":"ref19","doi-asserted-by":"publisher","DOI":"10.1201\/9780849332517"},{"key":"ref28","doi-asserted-by":"publisher","DOI":"10.1145\/1250734.1250746"},{"key":"ref4","article-title":"Codan- C\/C++ static analysis framework for CDT","author":"barrett","year":"2011","journal-title":"EclipseCon"},{"key":"ref27","article-title":"Modular Bug-finding for Integer Overflows in the Large: Sound, Efficient, Bit-precise Static Analysis","author":"moy","year":"2009","journal-title":"MSR - TR 2009–179"},{"key":"ref3","article-title":"Version 2.0","author":"barrett","year":"2010","journal-title":"in Dec"},{"key":"ref6","doi-asserted-by":"publisher","DOI":"10.1007\/11790754_1"},{"key":"ref29","article-title":"Language Implementation Patterns","author":"parr","year":"2010","journal-title":"Pragmatic Bookshelf"},{"key":"ref5","article-title":"RICH: Automatically protecting against integer-based vulnerabilities","author":"brumley","year":"2007","journal-title":"Proc of the NDSS'07"},{"key":"ref8","doi-asserted-by":"publisher","DOI":"10.1007\/978-3-540-30108-0_24"},{"key":"ref7","doi-asserted-by":"publisher","DOI":"10.1109\/ARES.2009.77"},{"key":"ref2","doi-asserted-by":"publisher","DOI":"10.1109\/SECPRI.2002.1004368"},{"key":"ref9","article-title":"A tool for checking ANSI -C programs","author":"clarke","year":"2004","journal-title":"Proc of the TACAS'04"},{"key":"ref1","doi-asserted-by":"publisher","DOI":"10.1137\/0201022"},{"key":"ref20","article-title":"The SAT4J library, release 2.2, system description","volume":"7","author":"le","year":"2010","journal-title":"JSAT"},{"year":"2011","key":"ref22","article-title":"Mitre Corporation 2011 CWE\/SANS Top 25 Most Dangerous Software Errors"},{"journal-title":"Microsoft Corporation","article-title":"Microsoft PREfast analysis tool","year":"0","key":"ref21"},{"journal-title":"hupi\/\/cve mitre org\/cgi-binicvename cgi?name=Cve-2010-2753","article-title":"Mitre Corporation CVE-2010-2753: Integer overflow in Mozilla Firefox, Thunderbird and SeaMonkey","year":"2010","key":"ref24"},{"journal-title":"Mitre Corporation CVE-2002–0639 Integer overflow in sshd in OpenSSH","year":"2002","key":"ref23"},{"key":"ref26","article-title":"Dynamic test generation to find integer bugs in x86 binary Linux programs","author":"molnar","year":"2009","journal-title":"Proc of the 18th USENIX Security Symposium"},{"year":"2002","key":"ref25","article-title":"Mitre Corporation CVE-2002–1490: Integer overflow in NetBSD 1.4"}],"event":{"name":"2015 Information Security for South Africa (ISSA)","start":{"date-parts":[[2015,8,12]]},"location":"Johannesburg, South Africa","end":{"date-parts":[[2015,8,13]]}},"container-title":["2015 Information Security for South Africa (ISSA)"],"original-title":[],"link":[{"URL":"http:\/\/xplorestaging.ieee.org\/ielx7\/7328027\/7335039\/07335070.pdf?arnumber=7335070","content-type":"unspecified","content-version":"vor","intended-application":"similarity-checking"}],"deposited":{"date-parts":[[2017,3,24]],"date-time":"2017-03-24T20:10:35Z","timestamp":1490386235000},"score":1,"resource":{"primary":{"URL":"http:\/\/ieeexplore.ieee.org\/document\/7335070\/"}},"subtitle":[],"short-title":[],"issued":{"date-parts":[[2015,8]]},"references-count":35,"URL":"https:\/\/doi.org\/10.1109\/issa.2015.7335070","relation":{},"subject":[],"published":{"date-parts":[[2015,8]]}}}