{"status":"ok","message-type":"work","message-version":"1.0.0","message":{"indexed":{"date-parts":[[2026,3,17]],"date-time":"2026-03-17T20:22:36Z","timestamp":1773778956099,"version":"3.50.1"},"reference-count":97,"publisher":"Institute of Electrical and Electronics Engineers (IEEE)","issue":"3","license":[{"start":{"date-parts":[[2013,9,1]],"date-time":"2013-09-01T00:00:00Z","timestamp":1377993600000},"content-version":"vor","delay-in-days":0,"URL":"https:\/\/ieeexplore.ieee.org\/Xplorehelp\/downloads\/license-information\/IEEE.html"}],"content-domain":{"domain":[],"crossmark-restriction":false},"short-container-title":["IEEE Systems Journal"],"published-print":{"date-parts":[[2013,9]]},"DOI":"10.1109\/jsyst.2012.2222000","type":"journal-article","created":{"date-parts":[[2013,7,4]],"date-time":"2013-07-04T18:40:47Z","timestamp":1372963247000},"page":"489-500","source":"Crossref","is-referenced-by-count":43,"title":["Security Applications of Formal Language Theory"],"prefix":"10.1109","volume":"7","author":[{"given":"Len","family":"Sassaman","sequence":"first","affiliation":[],"role":[{"role":"author","vocabulary":"crossref"}]},{"given":"Meredith L.","family":"Patterson","sequence":"additional","affiliation":[],"role":[{"role":"author","vocabulary":"crossref"}]},{"given":"Sergey","family":"Bratus","sequence":"additional","affiliation":[],"role":[{"role":"author","vocabulary":"crossref"}]},{"given":"Michael E.","family":"Locasto","sequence":"additional","affiliation":[],"role":[{"role":"author","vocabulary":"crossref"}]}],"member":"263","reference":[{"key":"ref39","author":"raggett","year":"1999","journal-title":"Forms in HTML Documents HTML 4 01 Specification"},{"key":"ref38","author":"berners-lee","year":"2005","journal-title":"RFC 3986 Uniform Resource Identifier (URI) Generic Syntax"},{"key":"ref33","author":"berlo","year":"1960","journal-title":"The Process of Communication"},{"key":"ref32","author":"schramm","year":"1954","journal-title":"The Process and Effects of Communication"},{"key":"ref31","doi-asserted-by":"publisher","DOI":"10.1002\/j.1538-7305.1948.tb01338.x"},{"key":"ref30","doi-asserted-by":"publisher","DOI":"10.1145\/368959.368993"},{"key":"ref37","article-title":"CWE-77","year":"2008","journal-title":"Common Weakness Enumeration"},{"key":"ref36","doi-asserted-by":"publisher","DOI":"10.1109\/2.161279"},{"key":"ref35","author":"grice","year":"1989","journal-title":"Studies in The Way of Words"},{"key":"ref34","doi-asserted-by":"publisher","DOI":"10.1145\/363235.363259"},{"key":"ref28","doi-asserted-by":"publisher","DOI":"10.1016\/S0019-9958(65)90426-2"},{"key":"ref27","doi-asserted-by":"publisher","DOI":"10.1145\/365813.365821"},{"key":"ref29","doi-asserted-by":"publisher","DOI":"10.1016\/j.entcs.2009.09.039"},{"key":"ref20","author":"berners-lee","year":"2006","journal-title":"The Rule of Least Power Tag Finding"},{"key":"ref22","doi-asserted-by":"publisher","DOI":"10.1109\/FOCS.1965.7"},{"key":"ref21","article-title":"Guns and butter: Toward formal axioms of input validation","author":"hansen","year":"2005","journal-title":"Proc Black Hat Briefings"},{"key":"ref24","doi-asserted-by":"publisher","DOI":"10.17487\/rfc2616"},{"key":"ref23","article-title":"Discoverer: Automatic protocol reverse engineering from network traces","author":"cui","year":"2007","journal-title":"Proc USENIX Sec Symp"},{"key":"ref26","doi-asserted-by":"publisher","DOI":"10.5120\/2186-2762"},{"key":"ref25","year":"1981","journal-title":"Internet Protocol"},{"key":"ref50","year":"0","journal-title":"Once upon a free()"},{"key":"ref51","year":"2003","journal-title":"Advanced Doug Lea's malloc exploits"},{"key":"ref59","doi-asserted-by":"publisher","DOI":"10.1145\/1134285.1134416"},{"key":"ref58","doi-asserted-by":"publisher","DOI":"10.1145\/1111037.1111070"},{"key":"ref57","doi-asserted-by":"publisher","DOI":"10.1145\/1698750.1698754"},{"key":"ref56","doi-asserted-by":"publisher","DOI":"10.1145\/1108473.1108496"},{"key":"ref55","doi-asserted-by":"publisher","DOI":"10.1007\/11506881_8"},{"key":"ref54","year":"2011","journal-title":"National Vulnerability Database"},{"key":"ref53","year":"2005","journal-title":"National Vulnerability Database"},{"key":"ref52","author":"newsham","year":"2000","journal-title":"Format String Attacks"},{"key":"ref40","author":"carettoni","year":"2009","journal-title":"OWASP EU Poland"},{"key":"ref4","doi-asserted-by":"publisher","DOI":"10.1109\/TSE.1977.229904"},{"key":"ref3","doi-asserted-by":"publisher","DOI":"10.1145\/1314466.1314467"},{"key":"ref6","author":"finney","year":"2006","journal-title":"Bleichenbacher's RSA signature forgery based on implementation error"},{"key":"ref5","doi-asserted-by":"publisher","DOI":"10.1145\/1592434.1592438"},{"key":"ref8","first-page":"289","author":"kaminsky","year":"2010","journal-title":"Financial Cryptography"},{"key":"ref7","doi-asserted-by":"publisher","DOI":"10.2197\/ipsjjip.16.122"},{"key":"ref49","year":"0","journal-title":"Vudo malloc Tricks"},{"key":"ref9","doi-asserted-by":"publisher","DOI":"10.1016\/S0304-3975(00)00285-1"},{"key":"ref46","article-title":"The geometry of innocent flesh on the bone: Return-into-libc without function calls (on the x86)","author":"shacham","year":"2007","journal-title":"Proc CCS"},{"key":"ref45","author":"roemer","year":"0","journal-title":"Return-oriented Programming Systems Languages and Applications"},{"key":"ref48","author":"one","year":"1996","journal-title":"Smashing the Stack for Fun and Profit"},{"key":"ref47","author":"durden","year":"2002","journal-title":"Bypassing PaX ASLR protection"},{"key":"ref42","article-title":"A classification of SQL-injection attacks and countermeasures","author":"halfond","year":"2006","journal-title":"Proc IEEE Int Symp Secure Softw Eng"},{"key":"ref41","first-page":"124","article-title":"Defending against injection attacks through context-sensitive string evaluation","author":"pietraszek","year":"2005","journal-title":"Proc RAID"},{"key":"ref44","year":"2001","journal-title":"The advanced return-into-lib(c) exploits PaX case study"},{"key":"ref43","year":"2001","journal-title":"Writing ia32 alphanumeric shellcodes Phrack"},{"key":"ref73","doi-asserted-by":"publisher","DOI":"10.1007\/BF01692511"},{"key":"ref72","year":"2006","journal-title":"National Vulnerability Database"},{"key":"ref71","year":"2006","journal-title":"National Vulnerability Database"},{"key":"ref70","doi-asserted-by":"publisher","DOI":"10.1145\/1529282.1529737"},{"key":"ref76","doi-asserted-by":"publisher","DOI":"10.1007\/0-387-24006-3_8"},{"key":"ref77","doi-asserted-by":"publisher","DOI":"10.17487\/rfc5280"},{"key":"ref74","doi-asserted-by":"publisher","DOI":"10.17487\/rfc2313"},{"key":"ref75","doi-asserted-by":"publisher","DOI":"10.1145\/964001.964011"},{"key":"ref78","author":"eckersley","year":"2009","journal-title":"How Unique Is Your Web Browser?"},{"key":"ref79","first-page":"17","article-title":"Practical traffic analysis: Extending and resisting statistical disclosure","volume":"lncs 3424","author":"mathewson","year":"2004","journal-title":"Proc PET Workshop"},{"key":"ref60","doi-asserted-by":"publisher","DOI":"10.1145\/1276933.1276935"},{"key":"ref62","doi-asserted-by":"publisher","DOI":"10.1109\/WSE.2006.9"},{"key":"ref61","doi-asserted-by":"publisher","DOI":"10.1109\/ASWEC.2006.40"},{"key":"ref63","doi-asserted-by":"publisher","DOI":"10.1109\/ICSE.2004.1317494"},{"key":"ref64","first-page":"1","article-title":"Precise analysis of string expressions","author":"christensen","year":"2003","journal-title":"Proc 10th Int Static Anal Symp"},{"key":"ref65","doi-asserted-by":"publisher","DOI":"10.4018\/jsse.2010102002"},{"key":"ref66","doi-asserted-by":"publisher","DOI":"10.1145\/1101908.1101935"},{"key":"ref67","doi-asserted-by":"publisher","DOI":"10.1145\/1181775.1181797"},{"key":"ref68","author":"gibello","year":"2002","journal-title":"Zql A java sql parser"},{"key":"ref2","article-title":"The compromised observer effect","volume":"6","author":"lindner","year":"2010","journal-title":"McAfee Security J"},{"key":"ref69","doi-asserted-by":"publisher","DOI":"10.1145\/1363686.1364201"},{"key":"ref1","article-title":"Vulnerable compliance","volume":"35","author":"geer","year":"2010","journal-title":"LOGIN The USENIX Magazine"},{"key":"ref95","doi-asserted-by":"publisher","DOI":"10.1145\/353323.353382"},{"key":"ref94","article-title":"Automated response using system-call delays","author":"somayaji","year":"2000","journal-title":"Proc 9th Usenix Security Symp"},{"key":"ref93","first-page":"75","article-title":"Principles of a computer immune system","author":"somayaji","year":"1998","journal-title":"Proc NPSW"},{"key":"ref92","doi-asserted-by":"publisher","DOI":"10.1109\/SP.2010.25"},{"key":"ref91","first-page":"21","article-title":"Challenging the anomaly detection paradigm: A provocative discussion","author":"taylor","year":"2006","journal-title":"Proc 15th NSPW"},{"key":"ref90","doi-asserted-by":"publisher","DOI":"10.1145\/586110.586145"},{"key":"ref96","doi-asserted-by":"publisher","DOI":"10.1145\/1707801.1706350"},{"key":"ref97","doi-asserted-by":"publisher","DOI":"10.1109\/CSF.2009.20"},{"key":"ref10","author":"sipser","year":"2006","journal-title":"Introduction to the Theory of Computation"},{"key":"ref11","article-title":"A simple proof for the turing-completeness of XSLT and xQuery","author":"kepser","year":"2004","journal-title":"Proc Extreme Markup Lang"},{"key":"ref12","doi-asserted-by":"publisher","DOI":"10.1007\/11812128_26"},{"key":"ref13","author":"fox-epstein","year":"2011","journal-title":"Experimentations With Abstract Machines"},{"key":"ref14","first-page":"1","article-title":"Universality in elementary cellular automata","volume":"15","author":"cook","year":"2004","journal-title":"Complex Syst"},{"key":"ref15","article-title":"OMG-WTF-PDF","author":"wolf","year":"2010","journal-title":"Proc 27th Chaos Comput Congr"},{"key":"ref16","doi-asserted-by":"publisher","DOI":"10.1145\/1863543.1863585"},{"key":"ref82","author":"ptacek","year":"1998","journal-title":"Insertion evasion and denial of service Eluding network intrusion detection"},{"key":"ref17","doi-asserted-by":"publisher","DOI":"10.1007\/978-3-642-11957-6_19"},{"key":"ref81","article-title":"The compromised observer effect","volume":"6","author":"lindner","year":"2010","journal-title":"McAfee Security J"},{"key":"ref18","author":"ridge","year":"0","journal-title":"Simple functional sound and complete parsing for all context-free grammars"},{"key":"ref84","first-page":"9","article-title":"Network intrusion detection: Evasion, traffic normalization, and end-to-end protocol semantics","author":"handley","year":"2001","journal-title":"Proc 10th Usenix Security Symp"},{"key":"ref19","doi-asserted-by":"publisher","DOI":"10.1016\/S0019-9958(59)90362-6"},{"key":"ref83","author":"arkin","year":"2001","journal-title":"ICMP Usage in Scanning The Complete Know-How"},{"key":"ref80","first-page":"1","article-title":"Failures in a hybrid content blocking system","author":"clayton","year":"2005","journal-title":"Proc Fifth PET Workshop"},{"key":"ref89","first-page":"62","article-title":"Anomaly detection using call stack information","author":"feng","year":"2003","journal-title":"Proc IEEE Symp Security Privacy"},{"key":"ref85","doi-asserted-by":"publisher","DOI":"10.1109\/SECPRI.2003.1199327"},{"key":"ref86","author":"siddharth","year":"2005","journal-title":"Evading Nids Revisited"},{"key":"ref87","first-page":"163","article-title":"Traps and pitfalls: Practical problems in system call interposition based security tools","author":"garfinkel","year":"2003","journal-title":"Proc Symp Network and Distributed System Security"},{"key":"ref88","doi-asserted-by":"crossref","first-page":"151","DOI":"10.3233\/JCS-980109","article-title":"Intrusion detection system using sequences of system calls","volume":"6","author":"hofmeyr","year":"1998","journal-title":"J Comput Security"}],"container-title":["IEEE Systems Journal"],"original-title":[],"link":[{"URL":"http:\/\/xplorestaging.ieee.org\/ielx7\/4267003\/6553371\/06553401.pdf?arnumber=6553401","content-type":"unspecified","content-version":"vor","intended-application":"similarity-checking"}],"deposited":{"date-parts":[[2021,11,29]],"date-time":"2021-11-29T20:28:13Z","timestamp":1638217693000},"score":1,"resource":{"primary":{"URL":"http:\/\/ieeexplore.ieee.org\/document\/6553401\/"}},"subtitle":[],"short-title":[],"issued":{"date-parts":[[2013,9]]},"references-count":97,"journal-issue":{"issue":"3"},"URL":"https:\/\/doi.org\/10.1109\/jsyst.2012.2222000","relation":{},"ISSN":["1932-8184","1937-9234","2373-7816"],"issn-type":[{"value":"1932-8184","type":"print"},{"value":"1937-9234","type":"electronic"},{"value":"2373-7816","type":"electronic"}],"subject":[],"published":{"date-parts":[[2013,9]]}}}