{"status":"ok","message-type":"work","message-version":"1.0.0","message":{"indexed":{"date-parts":[[2026,1,14]],"date-time":"2026-01-14T19:10:19Z","timestamp":1768417819085,"version":"3.49.0"},"reference-count":86,"publisher":"Institute of Electrical and Electronics Engineers (IEEE)","issue":"1","license":[{"start":{"date-parts":[[2022,1,1]],"date-time":"2022-01-01T00:00:00Z","timestamp":1640995200000},"content-version":"vor","delay-in-days":0,"URL":"https:\/\/ieeexplore.ieee.org\/Xplorehelp\/downloads\/license-information\/IEEE.html"},{"start":{"date-parts":[[2022,1,1]],"date-time":"2022-01-01T00:00:00Z","timestamp":1640995200000},"content-version":"am","delay-in-days":0,"URL":"https:\/\/ieeexplore.ieee.org\/Xplorehelp\/downloads\/license-information\/IEEE.html"},{"start":{"date-parts":[[2022,1,1]],"date-time":"2022-01-01T00:00:00Z","timestamp":1640995200000},"content-version":"stm-asf","delay-in-days":0,"URL":"https:\/\/doi.org\/10.15223\/policy-029"},{"start":{"date-parts":[[2022,1,1]],"date-time":"2022-01-01T00:00:00Z","timestamp":1640995200000},"content-version":"stm-asf","delay-in-days":0,"URL":"https:\/\/doi.org\/10.15223\/policy-037"}],"funder":[{"DOI":"10.13039\/100000001","name":"National Science Foundation","doi-asserted-by":"publisher","award":["CNS-1464801"],"award-info":[{"award-number":["CNS-1464801"]}],"id":[{"id":"10.13039\/100000001","id-type":"DOI","asserted-by":"publisher"}]},{"DOI":"10.13039\/100000001","name":"National Science Foundation","doi-asserted-by":"publisher","award":["CNS-1552059"],"award-info":[{"award-number":["CNS-1552059"]}],"id":[{"id":"10.13039\/100000001","id-type":"DOI","asserted-by":"publisher"}]},{"DOI":"10.13039\/100000001","name":"National Science Foundation","doi-asserted-by":"publisher","award":["CNS-1228839"],"award-info":[{"award-number":["CNS-1228839"]}],"id":[{"id":"10.13039\/100000001","id-type":"DOI","asserted-by":"publisher"}]},{"DOI":"10.13039\/100000001","name":"National Science Foundation","doi-asserted-by":"publisher","award":["CNS-1161541"],"award-info":[{"award-number":["CNS-1161541"]}],"id":[{"id":"10.13039\/100000001","id-type":"DOI","asserted-by":"publisher"}]},{"DOI":"10.13039\/100000001","name":"National Science Foundation","doi-asserted-by":"publisher","award":["OAC-1739025"],"award-info":[{"award-number":["OAC-1739025"]}],"id":[{"id":"10.13039\/100000001","id-type":"DOI","asserted-by":"publisher"}]},{"DOI":"10.13039\/100000001","name":"National Science Foundation","doi-asserted-by":"publisher","award":["CNS-1747783"],"award-info":[{"award-number":["CNS-1747783"]}],"id":[{"id":"10.13039\/100000001","id-type":"DOI","asserted-by":"publisher"}]}],"content-domain":{"domain":[],"crossmark-restriction":false},"short-container-title":["IEEE Trans. Dependable and Secure Comput."],"published-print":{"date-parts":[[2022,1,1]]},"DOI":"10.1109\/tdsc.2020.2986112","type":"journal-article","created":{"date-parts":[[2020,4,8]],"date-time":"2020-04-08T21:20:56Z","timestamp":1586380856000},"page":"353-369","source":"Crossref","is-referenced-by-count":6,"title":["A Praise for Defensive Programming: Leveraging Uncertainty for Effective Malware Mitigation"],"prefix":"10.1109","volume":"19","author":[{"ORCID":"https:\/\/orcid.org\/0000-0003-2940-5549","authenticated-orcid":false,"given":"Ruimin","family":"Sun","sequence":"first","affiliation":[]},{"ORCID":"https:\/\/orcid.org\/0000-0001-6870-1178","authenticated-orcid":false,"given":"Marcus","family":"Botacin","sequence":"additional","affiliation":[]},{"given":"Nikolaos","family":"Sapountzis","sequence":"additional","affiliation":[]},{"ORCID":"https:\/\/orcid.org\/0000-0003-0782-4187","authenticated-orcid":false,"given":"Xiaoyong","family":"Yuan","sequence":"additional","affiliation":[]},{"given":"Matt","family":"Bishop","sequence":"additional","affiliation":[]},{"given":"Donald E.","family":"Porter","sequence":"additional","affiliation":[]},{"ORCID":"https:\/\/orcid.org\/0000-0002-3368-159X","authenticated-orcid":false,"given":"Xiaolin","family":"Li","sequence":"additional","affiliation":[]},{"ORCID":"https:\/\/orcid.org\/0000-0003-1766-5757","authenticated-orcid":false,"given":"Andre","family":"Gregio","sequence":"additional","affiliation":[]},{"ORCID":"https:\/\/orcid.org\/0000-0003-3488-0053","authenticated-orcid":false,"given":"Daniela","family":"Oliveira","sequence":"additional","affiliation":[]}],"member":"263","reference":[{"key":"ref2","article-title":"The black vine cyberespionage group"},{"key":"ref3","article-title":"Bromium end point protection"},{"key":"ref4","article-title":"Bugs found by trinity"},{"key":"ref5","article-title":"Bugzilla"},{"key":"ref6","article-title":"CodeFu: The art of defensive programming"},{"key":"ref7","article-title":"Coverage.py"},{"key":"ref8","article-title":""},{"key":"ref9","article-title":"Dionaea - a malware analysis honeypot"},{"key":"ref10","article-title":"EMMA: Java code coverage tool"},{"key":"ref11","article-title":"Firefox:bus error (core dumped)"},{"key":"ref12","article-title":"Firefox: fatal io error 11"},{"key":"ref13","article-title":"Gcov"},{"key":"ref14","article-title":"GNU project"},{"key":"ref15","article-title":"An in-depth look at defensive programming"},{"key":"ref17","article-title":"LCA: The trinity fuzz tester"},{"key":"ref18","article-title":"Logkeys"},{"key":"ref19","article-title":"Virtual criminology report,","author":"Kurtz","year":"2009"},{"key":"ref20","article-title":"Modern malware exposed"},{"key":"ref21","article-title":"The modern malware review"},{"key":"ref22","article-title":"One-to-one correspondence of windows and linux system calls"},{"key":"ref23","article-title":"The phoronix test suite"},{"key":"ref24","article-title":"SPEC CPU 2006"},{"key":"ref25","article-title":"Symantec internet security threat report 2013"},{"key":"ref26","article-title":"tar:fails using \u2018-c\u2019 option"},{"key":"ref27","article-title":"tar:operation not permitted"},{"key":"ref28","article-title":"THC: the hackers choice"},{"key":"ref29","article-title":"Thunderbird crashes with segmentation fault"},{"key":"ref30","article-title":"Thunderbird spool file"},{"key":"ref31","article-title":"Thunderbird:unable to locate mail spool file"},{"key":"ref32","article-title":"Vim info"},{"key":"ref33","article-title":"Vim info bug"},{"key":"ref34","article-title":"Virusshare"},{"key":"ref35","article-title":"Virustotal"},{"key":"ref36","doi-asserted-by":"publisher","DOI":"10.1109\/GLOCOMW.2015.7414047"},{"key":"ref37","article-title":""},{"key":"ref38","article-title":"An introduction to spike, the fuzzer creation kit","author":"Aitel","year":"2002"},{"key":"ref39","doi-asserted-by":"publisher","DOI":"10.1145\/2683467.2683482"},{"key":"ref40","doi-asserted-by":"publisher","DOI":"10.1109\/DSN.2018.00034"},{"key":"ref41","first-page":"1","article-title":"TTanalyze: A tool for analyzing malware","volume-title":"Proc. 15th Eur. Inst. Comput. Antivirus Res.","author":"Bayer"},{"key":"ref42","doi-asserted-by":"publisher","DOI":"10.1007\/s11416-017-0292-8"},{"key":"ref43","first-page":"209","article-title":"KLEE: Unassisted and automatic generation of high-coverage tests for complex systems programs","volume-title":"Proc. USENIX Conf. Operating Syst. Des. Implementation","author":"Cadar"},{"key":"ref44","article-title":"Ransomware developers learn from the mistakes of wannacry, notpetya","year":"2017"},{"key":"ref45","doi-asserted-by":"publisher","DOI":"10.1109\/SP.2005.20"},{"key":"ref46","doi-asserted-by":"publisher","DOI":"10.1109\/SP.2018.00054"},{"key":"ref47","doi-asserted-by":"publisher","DOI":"10.1145\/1455770.1455779"},{"key":"ref48","article-title":"Peach fuzzing platform","author":"Eddington","year":"2011","journal-title":"Peach Fuzzer"},{"key":"ref49","doi-asserted-by":"publisher","DOI":"10.1109\/SECPRI.1996.502675"},{"key":"ref50","first-page":"163","article-title":"Traps and pitfalls: Practical problems in system call interposition based security tools","volume-title":"Proc. Netw. Distrib. Syst. Secur. Symp.","volume":"3","author":"Garfinkel"},{"key":"ref51","article-title":"DL 4 MD: A deep learning framework for intelligent malware detection","volume-title":"Proc. Int. Conf. Data Mining","author":"Hardy"},{"key":"ref52","article-title":"zzuf\u2014multi-purpose fuzzer","author":"Hocevar","year":"2011"},{"key":"ref53","article-title":"Phase II report on intelligent software decoys: Counterintelligence and security countermeasures","author":"Rowe","year":"2004"},{"key":"ref54","article-title":"A flawed ransomware encryptor","year":"2015"},{"key":"ref55","doi-asserted-by":"publisher","DOI":"10.1109\/RELDIS.1997.632800"},{"key":"ref56","article-title":"An application of pattern matching in intrusion detection","author":"Kumar","year":"1994"},{"key":"ref57","article-title":"K-means clustering approach to analyze NSL-KDD intrusion detection dataset","author":"Kumar","year":"2013","journal-title":"Int. J. Soft. Comput. Eng."},{"key":"ref58","doi-asserted-by":"publisher","DOI":"10.1145\/1866307.1866353"},{"key":"ref59","article-title":"Introduction to writing shellcode"},{"key":"ref60","doi-asserted-by":"publisher","DOI":"10.14257\/ijsia.2015.9.5.21"},{"key":"ref61","doi-asserted-by":"publisher","DOI":"10.1007\/978-3-540-87403-4_5"},{"key":"ref62","article-title":"Windows epblock"},{"key":"ref63","article-title":""},{"key":"ref64","doi-asserted-by":"publisher","DOI":"10.1016\/j.cose.2015.04.001"},{"key":"ref65","doi-asserted-by":"publisher","DOI":"10.1145\/1278940.1278946"},{"key":"ref66","doi-asserted-by":"publisher","DOI":"10.1109\/ICASSP.2015.7178304"},{"key":"ref67","doi-asserted-by":"publisher","DOI":"10.1007\/11506881_2"},{"key":"ref68","doi-asserted-by":"publisher","DOI":"10.1109\/SP.2018.00056"},{"key":"ref69","article-title":"Script fragmentation attack could allow hackers to dodge anti-virus detection","author":"Prince","year":"2018"},{"key":"ref70","article-title":"Insertion, evasion, and denial of service: Eluding network intrusion detection","author":"Ptacek","year":"1998"},{"key":"ref71","article-title":"The art of doing nothing lastline","year":"2014"},{"key":"ref72","article-title":"Truecrypter ransomware dev leaves flaw in code that lets victims decrypt files","year":"2016"},{"key":"ref73","article-title":"","year":"2003"},{"key":"ref74","volume-title":"Honeypots: Tracking Hackers","author":"Spitzner"},{"key":"ref75","doi-asserted-by":"publisher","DOI":"10.1109\/DESEC.2017.8073803"},{"key":"ref76","doi-asserted-by":"publisher","DOI":"10.1109\/ISSRE.2016.18"},{"key":"ref77","article-title":"The case for less preditable operating system behavior","volume-title":"Proc. USENIX Workshop Hot Topics Operating Syst.","author":"Sun"},{"key":"ref78","doi-asserted-by":"publisher","DOI":"10.1109\/TNNLS.2021.3121248"},{"key":"ref79","article-title":"Honggfuzz","author":"Swiecki","year":"2016"},{"key":"ref80","article-title":"Key flaw enables recovery of files encrypted by torrentlocker","year":"2014"},{"key":"ref81","doi-asserted-by":"publisher","DOI":"10.1145\/2901318.2901341"},{"key":"ref82","doi-asserted-by":"publisher","DOI":"10.1109\/CSAC.1998.738566"},{"key":"ref83","article-title":"Ransomware is everywhere, but even black hats make mistakes","year":"2016"},{"key":"ref84","doi-asserted-by":"publisher","DOI":"10.1007\/978-3-319-69471-9"},{"key":"ref85","doi-asserted-by":"publisher","DOI":"10.1109\/MSP.2007.45"},{"key":"ref86","doi-asserted-by":"publisher","DOI":"10.1145\/1315245.1315261"},{"key":"ref87","article-title":"American fuzzy lop","author":"Zalewski","year":"2020"},{"key":"ref88","article-title":"Symantec endpoint security - prevent breaches with modern endpoint security"}],"container-title":["IEEE Transactions on Dependable and Secure Computing"],"original-title":[],"link":[{"URL":"https:\/\/ieeexplore.ieee.org\/ielam\/8858\/9625881\/9061034-aam.pdf","content-type":"application\/pdf","content-version":"am","intended-application":"syndication"},{"URL":"http:\/\/xplorestaging.ieee.org\/ielx7\/8858\/9625881\/09061034.pdf?arnumber=9061034","content-type":"unspecified","content-version":"vor","intended-application":"similarity-checking"}],"deposited":{"date-parts":[[2024,1,9]],"date-time":"2024-01-09T22:31:37Z","timestamp":1704839497000},"score":1,"resource":{"primary":{"URL":"https:\/\/ieeexplore.ieee.org\/document\/9061034\/"}},"subtitle":[],"short-title":[],"issued":{"date-parts":[[2022,1,1]]},"references-count":86,"journal-issue":{"issue":"1"},"URL":"https:\/\/doi.org\/10.1109\/tdsc.2020.2986112","relation":{},"ISSN":["1545-5971","1941-0018","2160-9209"],"issn-type":[{"value":"1545-5971","type":"print"},{"value":"1941-0018","type":"electronic"},{"value":"2160-9209","type":"electronic"}],"subject":[],"published":{"date-parts":[[2022,1,1]]}}}