{"status":"ok","message-type":"work","message-version":"1.0.0","message":{"indexed":{"date-parts":[[2026,1,27]],"date-time":"2026-01-27T18:25:42Z","timestamp":1769538342646,"version":"3.49.0"},"reference-count":79,"publisher":"Institute of Electrical and Electronics Engineers (IEEE)","issue":"2","license":[{"start":{"date-parts":[[2022,6,1]],"date-time":"2022-06-01T00:00:00Z","timestamp":1654041600000},"content-version":"vor","delay-in-days":0,"URL":"https:\/\/ieeexplore.ieee.org\/Xplorehelp\/downloads\/license-information\/IEEE.html"},{"start":{"date-parts":[[2022,6,1]],"date-time":"2022-06-01T00:00:00Z","timestamp":1654041600000},"content-version":"stm-asf","delay-in-days":0,"URL":"https:\/\/doi.org\/10.15223\/policy-029"},{"start":{"date-parts":[[2022,6,1]],"date-time":"2022-06-01T00:00:00Z","timestamp":1654041600000},"content-version":"stm-asf","delay-in-days":0,"URL":"https:\/\/doi.org\/10.15223\/policy-037"}],"funder":[{"name":"National Key R&D Program of China","award":["2018YFB0803501"],"award-info":[{"award-number":["2018YFB0803501"]}]},{"DOI":"10.13039\/501100001809","name":"National Natural Science Foundation of China","doi-asserted-by":"publisher","award":["U1766215"],"award-info":[{"award-number":["U1766215"]}],"id":[{"id":"10.13039\/501100001809","id-type":"DOI","asserted-by":"publisher"}]},{"DOI":"10.13039\/501100001809","name":"National Natural Science Foundation of China","doi-asserted-by":"publisher","award":["61772408"],"award-info":[{"award-number":["61772408"]}],"id":[{"id":"10.13039\/501100001809","id-type":"DOI","asserted-by":"publisher"}]},{"DOI":"10.13039\/501100001809","name":"National Natural Science Foundation of China","doi-asserted-by":"publisher","award":["61632015"],"award-info":[{"award-number":["61632015"]}],"id":[{"id":"10.13039\/501100001809","id-type":"DOI","asserted-by":"publisher"}]},{"DOI":"10.13039\/501100001809","name":"National Natural Science Foundation of China","doi-asserted-by":"publisher","award":["61833015"],"award-info":[{"award-number":["61833015"]}],"id":[{"id":"10.13039\/501100001809","id-type":"DOI","asserted-by":"publisher"}]},{"DOI":"10.13039\/501100001809","name":"National Natural Science Foundation of China","doi-asserted-by":"publisher","award":["62002281"],"award-info":[{"award-number":["62002281"]}],"id":[{"id":"10.13039\/501100001809","id-type":"DOI","asserted-by":"publisher"}]},{"DOI":"10.13039\/501100001809","name":"National Natural Science Foundation of China","doi-asserted-by":"publisher","award":["61902306"],"award-info":[{"award-number":["61902306"]}],"id":[{"id":"10.13039\/501100001809","id-type":"DOI","asserted-by":"publisher"}]},{"DOI":"10.13039\/501100002858","name":"China Postdoctoral Science Foundation","doi-asserted-by":"publisher","award":["2019TQ0251"],"award-info":[{"award-number":["2019TQ0251"]}],"id":[{"id":"10.13039\/501100002858","id-type":"DOI","asserted-by":"publisher"}]},{"DOI":"10.13039\/501100002858","name":"China Postdoctoral Science Foundation","doi-asserted-by":"publisher","award":["2020M683520"],"award-info":[{"award-number":["2020M683520"]}],"id":[{"id":"10.13039\/501100002858","id-type":"DOI","asserted-by":"publisher"}]},{"DOI":"10.13039\/501100002858","name":"China Postdoctoral Science Foundation","doi-asserted-by":"publisher","award":["2020M673439"],"award-info":[{"award-number":["2020M673439"]}],"id":[{"id":"10.13039\/501100002858","id-type":"DOI","asserted-by":"publisher"}]},{"DOI":"10.13039\/501100012226","name":"Fundamental Research Funds for the Central Universities","doi-asserted-by":"publisher","id":[{"id":"10.13039\/501100012226","id-type":"DOI","asserted-by":"publisher"}]},{"name":"Youth Talent Support Plan of Xi’an Association for Science and Technology","award":["095920201303"],"award-info":[{"award-number":["095920201303"]}]},{"name":"CCF–Tencent Open Research Fund"},{"name":"2020 Industrial Internet Innovation Development Project"},{"name":"Industrial Internet Penetration Testing and Crowdsourced Testing Platform","award":["TC200H01P"],"award-info":[{"award-number":["TC200H01P"]}]}],"content-domain":{"domain":[],"crossmark-restriction":false},"short-container-title":["IEEE Trans. Rel."],"published-print":{"date-parts":[[2022,6]]},"DOI":"10.1109\/tr.2022.3162694","type":"journal-article","created":{"date-parts":[[2022,4,22]],"date-time":"2022-04-22T15:33:33Z","timestamp":1650641613000},"page":"1174-1188","source":"Crossref","is-referenced-by-count":2,"title":["ConcSpectre: Be Aware of Forthcoming Malware Hidden in Concurrent Programs"],"prefix":"10.1109","volume":"71","author":[{"ORCID":"https:\/\/orcid.org\/0000-0002-4075-1971","authenticated-orcid":false,"given":"Yang","family":"Liu","sequence":"first","affiliation":[{"name":"Ministry of Education Key Laboratory for Intelligent Networks and Network Security, Xi’an Jiaotong University, Xi’an, China"}],"role":[{"role":"author","vocabulary":"crossref"}]},{"given":"Zisen","family":"Xu","sequence":"additional","affiliation":[{"name":"Ministry of Education Key Laboratory for Intelligent Networks and Network Security, Xi’an Jiaotong University, Xi’an, China"}],"role":[{"role":"author","vocabulary":"crossref"}]},{"ORCID":"https:\/\/orcid.org\/0000-0002-9327-0987","authenticated-orcid":false,"given":"Ming","family":"Fan","sequence":"additional","affiliation":[{"name":"Ministry of Education Key Laboratory for Intelligent Networks and Network Security, Xi’an Jiaotong University, Xi’an, China"}],"role":[{"role":"author","vocabulary":"crossref"}]},{"ORCID":"https:\/\/orcid.org\/0000-0002-3944-3162","authenticated-orcid":false,"given":"Yu","family":"Hao","sequence":"additional","affiliation":[{"name":"Department of Computer Science and Engineering, University of California, Riverside, CA, USA"}],"role":[{"role":"author","vocabulary":"crossref"}]},{"given":"Kai","family":"Chen","sequence":"additional","affiliation":[{"name":"State Key Laboratory of Information Security, Institute of Information Engineering, Chinese Academy of Sciences, Beijing, China"}],"role":[{"role":"author","vocabulary":"crossref"}]},{"given":"Hao","family":"Chen","sequence":"additional","affiliation":[{"name":"Department of Computer Science, University of California, Davis, CA, USA"}],"role":[{"role":"author","vocabulary":"crossref"}]},{"given":"Yan","family":"Cai","sequence":"additional","affiliation":[{"name":"State Key Laboratory of Computer Science, Institute of Software, Chinese Academy of Sciences, Beijing, China"}],"role":[{"role":"author","vocabulary":"crossref"}]},{"given":"Zijiang","family":"Yang","sequence":"additional","affiliation":[{"name":"Ministry of Education Key Laboratory for Intelligent Networks and Network Security, Xi’an Jiaotong University, Xi’an, China"}],"role":[{"role":"author","vocabulary":"crossref"}]},{"ORCID":"https:\/\/orcid.org\/0000-0002-7600-0934","authenticated-orcid":false,"given":"Ting","family":"Liu","sequence":"additional","affiliation":[{"name":"Ministry of Education Key Laboratory for Intelligent Networks and Network Security, Xi’an Jiaotong University, Xi’an, China"}],"role":[{"role":"author","vocabulary":"crossref"}]}],"member":"263","reference":[{"key":"ref1","first-page":"973","article-title":"Meltdown: Reading kernel memory from user space","author":"Lipp","year":"2018","journal-title":"27th USENIX Secur. Symp. (USENIX Security 18)"},{"key":"ref2","doi-asserted-by":"publisher","DOI":"10.1109\/SP.2019.00002"},{"key":"ref3","doi-asserted-by":"publisher","DOI":"10.1145\/1273442.1250785"},{"key":"ref4","doi-asserted-by":"publisher","DOI":"10.1109\/SURV.2013.101613.00077"},{"key":"ref5","article-title":"Virus total","year":"2021"},{"key":"ref6","first-page":"139","article-title":"BotMiner: Clustering analysis of network traffic for protocol- and structure-independent botnet detection","volume-title":"Proc. 17th Conf. Secur. Symp.","author":"Gu","year":"2008"},{"key":"ref7","first-page":"321","article-title":"BotGraph: Large scale spamming botnet detection","volume-title":"Proc. 6th USENIX Symp. Netw. Syst. Des. Implementation","volume":"9","author":"Zhao","year":"2009"},{"key":"ref8","doi-asserted-by":"publisher","DOI":"10.1007\/978-3-642-40203-6_40"},{"key":"ref9","doi-asserted-by":"publisher","DOI":"10.1145\/3236024.3236028"},{"key":"ref10","doi-asserted-by":"publisher","DOI":"10.1145\/3213846.3213851"},{"key":"ref11","doi-asserted-by":"publisher","DOI":"10.1145\/3238147.3240481"},{"key":"ref12","doi-asserted-by":"publisher","DOI":"10.1145\/2393596.2393650"},{"key":"ref13","doi-asserted-by":"publisher","DOI":"10.1109\/ACCESS.2018.2835672"},{"key":"ref14","first-page":"531","article-title":"Conc-iSE: Incremental symbolic execution of concurrent software","volume-title":"Proc. 31st IEEE\/ACM Int. Conf. Autom. Softw. Eng.","author":"Guo","year":"2016"},{"key":"ref15","doi-asserted-by":"publisher","DOI":"10.1109\/ASE51524.2021.9678912"},{"key":"ref17","article-title":"VX heaven","year":"2021"},{"key":"ref18","doi-asserted-by":"publisher","DOI":"10.1007\/978-3-319-28166-7_24"},{"key":"ref19","doi-asserted-by":"publisher","DOI":"10.1109\/ISCA.1995.524546"},{"key":"ref20","article-title":"Microsoft open source code","year":"2021"},{"key":"ref21","article-title":"A memo on exploration of SPLASH-2 input sets","volume-title":"Princeton Univ.","author":"Group","year":"2011"},{"key":"ref23","article-title":"Goldeneye","year":"2021"},{"key":"ref24","article-title":"Jevereg","year":"2021"},{"key":"ref25","article-title":"Falcon","year":"2021"},{"key":"ref26","article-title":"Anlyz","year":"2021"},{"key":"ref27","article-title":"Anyrun","year":"2021"},{"key":"ref28","first-page":"757","article-title":"Unveil: A large-scale, automated approach to detecting ransomware","volume-title":"Proc. USENIX Secur. Symp.","author":"Kharraz","year":"2016"},{"key":"ref29","first-page":"287","article-title":"BareCloud: Bare-metal analysis-based evasive malware detection","volume-title":"Proc. USENIX Secur. Symp.","author":"Kirat","year":"2014"},{"key":"ref30","doi-asserted-by":"publisher","DOI":"10.1145\/3372297.3420013"},{"key":"ref31","doi-asserted-by":"publisher","DOI":"10.1109\/MSP.2011.98"},{"key":"ref32","doi-asserted-by":"publisher","DOI":"10.21236\/ADA360973"},{"key":"ref33","first-page":"11","article-title":"Code-level model checking in the software development workflow","volume-title":"Proc. IEEE\/ACM 42nd Int. Conf. Softw. Eng.: Softw. Eng. Pract.","author":"Chong","year":"2020"},{"key":"ref34","first-page":"181","article-title":"NetSMC: A custom symbolic model checker for stateful network verification","volume-title":"Proc. 17th USENIX Symp. Netw. Syst. Des. Implementation","author":"Yuan","year":"2020"},{"key":"ref35","doi-asserted-by":"publisher","DOI":"10.1007\/978-3-642-54862-8_26"},{"key":"ref36","doi-asserted-by":"publisher","DOI":"10.1007\/s10009-007-0044-z"},{"key":"ref37","doi-asserted-by":"publisher","DOI":"10.1007\/978-3-642-20398-5_23"},{"key":"ref38","doi-asserted-by":"publisher","DOI":"10.1109\/ASE.2011.6100134"},{"key":"ref39","doi-asserted-by":"publisher","DOI":"10.1109\/TSE.2018.2871666"},{"key":"ref40","doi-asserted-by":"publisher","DOI":"10.1007\/978-3-540-78800-3_24"},{"key":"ref41","doi-asserted-by":"publisher","DOI":"10.1109\/ICST.2017.23"},{"key":"ref42","doi-asserted-by":"publisher","DOI":"10.1145\/2338965.2336779"},{"key":"ref43","doi-asserted-by":"publisher","DOI":"10.1145\/1985793.1985824"},{"key":"ref44","doi-asserted-by":"publisher","DOI":"10.1145\/2398857.2384651"},{"key":"ref45","doi-asserted-by":"publisher","DOI":"10.1109\/COMST.2016.2636078"},{"key":"ref46","doi-asserted-by":"publisher","DOI":"10.1109\/MALWARE.2010.5665788"},{"key":"ref47","doi-asserted-by":"publisher","DOI":"10.1109\/DSN.2018.00033"},{"key":"ref48","first-page":"1","article-title":"Concurrency attacks","volume-title":"Proc. 4th USENIX Workshop Hot Topics Parallelism","author":"Yang","year":"2012"},{"key":"ref49","doi-asserted-by":"publisher","DOI":"10.1109\/MALWARE.2011.6112320"},{"key":"ref50","doi-asserted-by":"publisher","DOI":"10.1007\/s11416-011-0157-5"},{"key":"ref51","first-page":"559","article-title":"Jekyll on iOS: When benign apps become evil","volume-title":"Proc. 22nd Usenix Conf. Secur.","volume":"13","author":"Wang","year":"2013"},{"key":"ref52","doi-asserted-by":"publisher","DOI":"10.1109\/SECPRI.1989.36307"},{"key":"ref53","first-page":"8","article-title":"RMNS-the perfect couple","volume":"7","author":"Kaspersky","year":"1995","journal-title":"Virus Bull."},{"key":"ref54","doi-asserted-by":"publisher","DOI":"10.1109\/TIFS.2016.2523912"},{"key":"ref55","doi-asserted-by":"publisher","DOI":"10.1007\/978-3-319-06320-1_7"},{"key":"ref56","doi-asserted-by":"publisher","DOI":"10.1016\/j.cosrev.2019.01.002"},{"key":"ref57","doi-asserted-by":"publisher","DOI":"10.1109\/SP.2005.20"},{"key":"ref58","doi-asserted-by":"publisher","DOI":"10.1109\/CSAC.2004.37"},{"key":"ref59","doi-asserted-by":"publisher","DOI":"10.1109\/IAW.2005.1495935"},{"key":"ref60","doi-asserted-by":"publisher","DOI":"10.1007\/978-3-540-73614-1_6"},{"key":"ref61","doi-asserted-by":"publisher","DOI":"10.1109\/TSE.2018.2827379"},{"key":"ref62","doi-asserted-by":"publisher","DOI":"10.1109\/TIFS.2018.2806891"},{"key":"ref63","doi-asserted-by":"publisher","DOI":"10.1109\/TR.2019.2924677"},{"key":"ref64","doi-asserted-by":"publisher","DOI":"10.1109\/TR.2019.2927285"},{"key":"ref65","doi-asserted-by":"publisher","DOI":"10.1145\/1866307.1866368"},{"key":"ref66","doi-asserted-by":"publisher","DOI":"10.1109\/ACSAC.2007.21"},{"key":"ref67","doi-asserted-by":"publisher","DOI":"10.1145\/2810103.2813617"},{"key":"ref68","doi-asserted-by":"publisher","DOI":"10.1109\/SP.2010.11"},{"key":"ref69","first-page":"1","article-title":"JACKSTRAWS: Picking command and control connections from bot traffic","volume-title":"Proc. 20th USENIX Conf. Secur.","author":"Jacob","year":"2011"},{"key":"ref70","doi-asserted-by":"publisher","DOI":"10.1016\/j.mcm.2013.03.008"},{"key":"ref71","doi-asserted-by":"publisher","DOI":"10.1109\/TSE.2017.2688383"},{"key":"ref72","doi-asserted-by":"publisher","DOI":"10.1007\/978-3-540-39650-5_15"},{"key":"ref73","doi-asserted-by":"publisher","DOI":"10.1109\/TSE.2016.2584063"},{"key":"ref74","doi-asserted-by":"publisher","DOI":"10.1145\/1273463.1273490"},{"key":"ref75","doi-asserted-by":"publisher","DOI":"10.1016\/j.entcs.2007.10.010"},{"key":"ref76","doi-asserted-by":"publisher","DOI":"10.1145\/1315245.1315261"},{"key":"ref77","first-page":"829","article-title":"X-force: Force-executing binary programs for security applications","volume-title":"Proc. USENIX Secur. Symp.","author":"Peng","year":"2014"},{"key":"ref78","doi-asserted-by":"publisher","DOI":"10.1007\/978-3-319-08509-8_13"},{"key":"ref79","doi-asserted-by":"publisher","DOI":"10.1145\/948109.948146"},{"key":"ref80","doi-asserted-by":"publisher","DOI":"10.1109\/TIFS.2017.2661723"},{"key":"ref81","doi-asserted-by":"publisher","DOI":"10.1109\/TR.2019.2895052"}],"container-title":["IEEE Transactions on Reliability"],"original-title":[],"link":[{"URL":"http:\/\/xplorestaging.ieee.org\/ielx7\/24\/9787285\/09761977.pdf?arnumber=9761977","content-type":"unspecified","content-version":"vor","intended-application":"similarity-checking"}],"deposited":{"date-parts":[[2026,1,27]],"date-time":"2026-01-27T05:46:03Z","timestamp":1769492763000},"score":1,"resource":{"primary":{"URL":"https:\/\/ieeexplore.ieee.org\/document\/9761977\/"}},"subtitle":[],"short-title":[],"issued":{"date-parts":[[2022,6]]},"references-count":79,"journal-issue":{"issue":"2"},"URL":"https:\/\/doi.org\/10.1109\/tr.2022.3162694","relation":{},"ISSN":["0018-9529","1558-1721"],"issn-type":[{"value":"0018-9529","type":"print"},{"value":"1558-1721","type":"electronic"}],"subject":[],"published":{"date-parts":[[2022,6]]}}}