{"status":"ok","message-type":"work","message-version":"1.0.0","message":{"indexed":{"date-parts":[[2026,1,15]],"date-time":"2026-01-15T23:16:02Z","timestamp":1768518962453,"version":"3.49.0"},"reference-count":61,"publisher":"Institute of Electrical and Electronics Engineers (IEEE)","license":[{"start":{"date-parts":[[2021,1,1]],"date-time":"2021-01-01T00:00:00Z","timestamp":1609459200000},"content-version":"vor","delay-in-days":0,"URL":"https:\/\/ieeexplore.ieee.org\/Xplorehelp\/downloads\/license-information\/IEEE.html"},{"start":{"date-parts":[[2021,1,1]],"date-time":"2021-01-01T00:00:00Z","timestamp":1609459200000},"content-version":"stm-asf","delay-in-days":0,"URL":"https:\/\/doi.org\/10.15223\/policy-029"},{"start":{"date-parts":[[2021,1,1]],"date-time":"2021-01-01T00:00:00Z","timestamp":1609459200000},"content-version":"stm-asf","delay-in-days":0,"URL":"https:\/\/doi.org\/10.15223\/policy-037"}],"funder":[{"DOI":"10.13039\/501100005921","name":"Italian Ministry of Foreign Affairs and International Cooperation","doi-asserted-by":"publisher","award":["PGR00814"],"award-info":[{"award-number":["PGR00814"]}],"id":[{"id":"10.13039\/501100005921","id-type":"DOI","asserted-by":"publisher"}]}],"content-domain":{"domain":[],"crossmark-restriction":false},"short-container-title":["IEEE Trans.Inform.Forensic Secur."],"published-print":{"date-parts":[[2021]]},"DOI":"10.1109\/tifs.2020.3017925","type":"journal-article","created":{"date-parts":[[2020,8,19]],"date-time":"2020-08-19T20:00:50Z","timestamp":1597867250000},"page":"740-755","source":"Crossref","is-referenced-by-count":6,"title":["Glyph: Efficient ML-Based Detection of Heap Spraying Attacks"],"prefix":"10.1109","volume":"16","author":[{"ORCID":"https:\/\/orcid.org\/0000-0002-1254-1758","authenticated-orcid":false,"given":"Fabio","family":"Pierazzi","sequence":"first","affiliation":[]},{"given":"Stefano","family":"Cristalli","sequence":"additional","affiliation":[]},{"given":"Danilo","family":"Bruschi","sequence":"additional","affiliation":[]},{"ORCID":"https:\/\/orcid.org\/0000-0002-9499-1559","authenticated-orcid":false,"given":"Michele","family":"Colajanni","sequence":"additional","affiliation":[]},{"ORCID":"https:\/\/orcid.org\/0000-0002-7408-6906","authenticated-orcid":false,"given":"Mirco","family":"Marchetti","sequence":"additional","affiliation":[]},{"given":"Andrea","family":"Lanzi","sequence":"additional","affiliation":[]}],"member":"263","reference":[{"key":"ref39","year":"2020","journal-title":"Wow64 and So Can You Bypassing Emet With a Single Instruction"},{"key":"ref38","year":"2014","journal-title":"Bypassing EMET 4 1"},{"key":"ref33","year":"2020","journal-title":"Isolated heap and friends - object allocation harden-in web browsers"},{"key":"ref32","author":"kennedy","year":"2011","journal-title":"Metasploit the Penetration Tester's Guide"},{"key":"ref31","doi-asserted-by":"publisher","DOI":"10.1109\/ARES.2014.14"},{"key":"ref30","author":"irvine","year":"2003","journal-title":"Assembly language for Intel-based computers"},{"key":"ref37","doi-asserted-by":"publisher","DOI":"10.14722\/ndss.2017.23353"},{"key":"ref36","doi-asserted-by":"publisher","DOI":"10.1109\/MSP.2007.48"},{"key":"ref35","author":"ligh","year":"2014","journal-title":"The Art of Memory Forensics Detecting Malware and Threats in Windows Linux and Mac Memory"},{"key":"ref34","doi-asserted-by":"publisher","DOI":"10.1109\/ACSAC.2006.10"},{"key":"ref60","first-page":"1","article-title":"Evaluating explanation methods for deep learning in security","author":"warnecke","year":"2020","journal-title":"Proc IEEE Eur Symp Secur Privacy (EuroS P)"},{"key":"ref61","doi-asserted-by":"publisher","DOI":"10.1145\/2517312.2517316"},{"key":"ref28","doi-asserted-by":"publisher","DOI":"10.1023\/A:1021251113462"},{"key":"ref27","doi-asserted-by":"publisher","DOI":"10.1007\/978-0-387-84858-7"},{"key":"ref29","doi-asserted-by":"publisher","DOI":"10.1145\/1134760.1134764"},{"key":"ref2","year":"2020","journal-title":"NOP Generators in MetaSploit"},{"key":"ref1","year":"2020","journal-title":"AutoIt"},{"key":"ref20","first-page":"1","article-title":"Engineering heap overflow exploits with javascript","author":"daniel","year":"2008","journal-title":"Proc Usenix Secur Symp"},{"key":"ref22","doi-asserted-by":"publisher","DOI":"10.1007\/978-3-642-02918-9_6"},{"key":"ref21","doi-asserted-by":"publisher","DOI":"10.1109\/TDSC.2017.2700270"},{"key":"ref24","doi-asserted-by":"publisher","DOI":"10.1007\/978-3-642-11747-3_1"},{"key":"ref23","author":"fratric","year":"2013","journal-title":"Exploiting Internet Explorer 11 64-Bit on Windows 8 1"},{"key":"ref26","first-page":"1","article-title":"Sok: Make jit-spray great again","author":"gawlik","year":"2018","journal-title":"Proceedings of USENIX Workshop on Offensive Technologies (WOOT)"},{"key":"ref25","doi-asserted-by":"publisher","DOI":"10.1007\/978-3-030-00470-5_4"},{"key":"ref50","first-page":"1332","article-title":"Intriguing properties of adversarial ML attacks in the problem space","author":"pierazzi","year":"2020","journal-title":"Proc IEEE Symp Secur Privacy (SP)"},{"key":"ref51","doi-asserted-by":"publisher","DOI":"10.1145\/2818000.2818023"},{"key":"ref59","author":"valasek","year":"2013","journal-title":"Heaplib 2 0"},{"key":"ref58","first-page":"1","article-title":"Heap Feng Shui in Javascript","author":"sotirov","year":"2007","journal-title":"Proc Black Hat Europe"},{"key":"ref57","doi-asserted-by":"publisher","DOI":"10.1109\/SP.2013.45"},{"key":"ref56","year":"2020","journal-title":"Heap Spraying High Addresses in 32-Bit Chrome\/Firefox on 64-Bit Windows"},{"key":"ref55","author":"sikorski","year":"2012","journal-title":"Practical Malware Analysis The Hands-On Guide to Dissecting Malicious Software"},{"key":"ref54","doi-asserted-by":"publisher","DOI":"10.1002\/j.1538-7305.1951.tb01366.x"},{"key":"ref53","first-page":"169","article-title":"NOZZLE: A defense against heap-spraying code injection attacks","author":"ratanaworabhan","year":"2009","journal-title":"Proc Usenix Secur Symp"},{"key":"ref52","doi-asserted-by":"publisher","DOI":"10.1145\/2818000.2818021"},{"key":"ref10","doi-asserted-by":"publisher","DOI":"10.1145\/1972551.1972556"},{"key":"ref11","author":"bishop","year":"2006","journal-title":"Pattern Recognition and Machine Learning"},{"key":"ref40","year":"2006","journal-title":"Microsoft Internet Information Services Remote Buffer Overflow (System Level Access)"},{"key":"ref12","doi-asserted-by":"publisher","DOI":"10.1016\/j.cose.2016.04.009"},{"key":"ref13","doi-asserted-by":"publisher","DOI":"10.1109\/SP.2012.31"},{"key":"ref14","doi-asserted-by":"publisher","DOI":"10.1109\/TDSC.2017.2739145"},{"key":"ref15","doi-asserted-by":"publisher","DOI":"10.1145\/1541880.1541882"},{"key":"ref16","author":"chen","year":"2020","journal-title":"Shooting the OSX el Capitan Kernel Like a Sniper"},{"key":"ref17","doi-asserted-by":"publisher","DOI":"10.1007\/978-3-642-21424-0_12"},{"key":"ref18","first-page":"63","article-title":"StackGuard: Automatic adaptive detection and prevention of buffer-overflow attacks","author":"cowan","year":"1998","journal-title":"Proc Usenix Secur Symp"},{"key":"ref19","first-page":"431","article-title":"Micro-virtualization memory tracing to detect and prevent spraying attacks","author":"cristalli","year":"2016","journal-title":"Proc Usenix Secur Symp"},{"key":"ref4","doi-asserted-by":"publisher","DOI":"10.1109\/MALWARE.2017.8323959"},{"key":"ref3","doi-asserted-by":"publisher","DOI":"10.1145\/1609956.1609960"},{"key":"ref6","first-page":"1","article-title":"JIT spraying and mitigations","volume":"arxiv 1009 1038","author":"bania","year":"2010","journal-title":"CoRR"},{"key":"ref5","doi-asserted-by":"publisher","DOI":"10.14722\/ndss.2014.23247"},{"key":"ref8","doi-asserted-by":"publisher","DOI":"10.1145\/1133981.1134000"},{"key":"ref7","doi-asserted-by":"publisher","DOI":"10.1007\/978-3-319-49151-6_25"},{"key":"ref49","doi-asserted-by":"publisher","DOI":"10.1109\/ACSAC.2008.22"},{"key":"ref9","first-page":"291","article-title":"Address obfuscation: An efficient approach to combat a broad range of memory error exploits","author":"bhatkar","year":"2003","journal-title":"Proc Usenix Secur Symp"},{"key":"ref46","doi-asserted-by":"publisher","DOI":"10.1145\/1273442.1250736"},{"key":"ref45","year":"2014","journal-title":"Mitigating uaf exploits with delay free for internet explorer"},{"key":"ref48","first-page":"729","article-title":"TESSERACT: Eliminating experimental bias in malware classification across space and time","author":"pendlebury","year":"2019","journal-title":"Proc Usenix Secur Symp"},{"key":"ref47","doi-asserted-by":"publisher","DOI":"10.1145\/1920261.1920269"},{"key":"ref42","year":"2020","journal-title":"Is Use-After-Free Exploitation Dead? The New IE Memory Protector Will Tell You"},{"key":"ref41","year":"2016","journal-title":"Using EMET to disable EMET"},{"key":"ref44","year":"2001","journal-title":"Exploit 7350854 c"},{"key":"ref43","year":"2017","journal-title":"Enhanced Mitigation Experience Toolkit"}],"container-title":["IEEE Transactions on Information Forensics and Security"],"original-title":[],"link":[{"URL":"http:\/\/xplorestaging.ieee.org\/ielx7\/10206\/9151439\/09171343.pdf?arnumber=9171343","content-type":"unspecified","content-version":"vor","intended-application":"similarity-checking"}],"deposited":{"date-parts":[[2022,5,10]],"date-time":"2022-05-10T14:52:34Z","timestamp":1652194354000},"score":1,"resource":{"primary":{"URL":"https:\/\/ieeexplore.ieee.org\/document\/9171343\/"}},"subtitle":[],"short-title":[],"issued":{"date-parts":[[2021]]},"references-count":61,"URL":"https:\/\/doi.org\/10.1109\/tifs.2020.3017925","relation":{},"ISSN":["1556-6013","1556-6021"],"issn-type":[{"value":"1556-6013","type":"print"},{"value":"1556-6021","type":"electronic"}],"subject":[],"published":{"date-parts":[[2021]]}}}