{"status":"ok","message-type":"work","message-version":"1.0.0","message":{"indexed":{"date-parts":[[2026,2,25]],"date-time":"2026-02-25T17:11:22Z","timestamp":1772039482223,"version":"3.50.1"},"publisher-location":"New York, NY, USA","reference-count":34,"publisher":"ACM","license":[{"start":{"date-parts":[[2008,3,18]],"date-time":"2008-03-18T00:00:00Z","timestamp":1205798400000},"content-version":"vor","delay-in-days":0,"URL":"https:\/\/www.acm.org\/publications\/policies\/copyright_policy#Background"}],"funder":[{"DOI":"10.13039\/100000001","name":"National Science Foundation","doi-asserted-by":"publisher","award":["CCR-0208877"],"award-info":[{"award-number":["CCR-0208877"]}],"id":[{"id":"10.13039\/100000001","id-type":"DOI","asserted-by":"publisher"}]},{"DOI":"10.13039\/100000006","name":"Office of Naval Research","doi-asserted-by":"publisher","award":["N000140110967"],"award-info":[{"award-number":["N000140110967"]}],"id":[{"id":"10.13039\/100000006","id-type":"DOI","asserted-by":"publisher"}]}],"content-domain":{"domain":["dl.acm.org"],"crossmark-restriction":true},"short-container-title":[],"published-print":{"date-parts":[[2008,3,18]]},"DOI":"10.1145\/1368310.1368334","type":"proceedings-article","created":{"date-parts":[[2008,5,15]],"date-time":"2008-05-15T18:35:39Z","timestamp":1210876539000},"page":"156-167","update-policy":"https:\/\/doi.org\/10.1145\/crossmark-policy","source":"Crossref","is-referenced-by-count":51,"title":["A practical mimicry attack against powerful system-call monitors"],"prefix":"10.1145","author":[{"given":"Chetan","family":"Parampalli","sequence":"first","affiliation":[{"name":"Stony Brook University, Stony Brook, NY"}],"role":[{"role":"author","vocabulary":"crossref"}]},{"given":"R.","family":"Sekar","sequence":"additional","affiliation":[{"name":"Stony Brook University, Stony Brook, NY"}],"role":[{"role":"author","vocabulary":"crossref"}]},{"given":"Rob","family":"Johnson","sequence":"additional","affiliation":[{"name":"Stony Brook University, Stony Brook, NY"}],"role":[{"role":"author","vocabulary":"crossref"}]}],"member":"320","published-online":{"date-parts":[[2008,3,18]]},"reference":[{"key":"e_1_3_2_1_1_1","unstructured":"The PaX team. http:\/\/pax.grsecurity.net.  The PaX team. http:\/\/pax.grsecurity.net."},{"key":"e_1_3_2_1_2_1","doi-asserted-by":"publisher","DOI":"10.1145\/1102120.1102165"},{"key":"e_1_3_2_1_3_1","doi-asserted-by":"publisher","DOI":"10.1109\/SP.2006.12"},{"key":"e_1_3_2_1_4_1","first-page":"271","volume-title":"Proceedings of the 14th Usenix Security Symposium","author":"Bhatkar Sandeep","year":"2005","unstructured":"Sandeep Bhatkar , R. Sekar , and Daniel C . DuVarney. Efficient techniques for comprehensive protection from memory error exploits . In Proceedings of the 14th Usenix Security Symposium , pages 271 -- 286 , August 2005 . Sandeep Bhatkar, R. Sekar, and Daniel C. DuVarney. Efficient techniques for comprehensive protection from memory error exploits. In Proceedings of the 14th Usenix Security Symposium, pages 271--286, August 2005."},{"key":"e_1_3_2_1_5_1","volume-title":"USENIX Security Symposium","author":"Chen Shuo","year":"2005","unstructured":"Shuo Chen , Jun Xu , Emre C. Sezer , Prachi Gauriar , and Ravi Iyer . Non-control-data attacks are realistic threats . In USENIX Security Symposium , Baltimore, MD , August 2005 . Shuo Chen, Jun Xu, Emre C. Sezer, Prachi Gauriar, and Ravi Iyer. Non-control-data attacks are realistic threats. In USENIX Security Symposium, Baltimore, MD, August 2005."},{"key":"e_1_3_2_1_6_1","unstructured":"\"Solar Eclipse\". openssl-too-open. http:\/\/www.phreedom.org\/solar\/exploits\/apache-openssl\/.  \"Solar Eclipse\". openssl-too-open. http:\/\/www.phreedom.org\/solar\/exploits\/apache-openssl\/."},{"key":"e_1_3_2_1_7_1","volume-title":"IEEE Symposium on Security and Privacy","author":"Feng H.","year":"2004","unstructured":"H. Feng , J. T. Giffin , Y. Huang , S. Jha , W. Lee , and B. P. Miller . Formalizing sensitivity in static analysis for intrusion detection . In IEEE Symposium on Security and Privacy , 2004 . H. Feng, J. T. Giffin, Y. Huang, S. Jha, W. Lee, and B. P. Miller. Formalizing sensitivity in static analysis for intrusion detection. In IEEE Symposium on Security and Privacy, 2004."},{"key":"e_1_3_2_1_8_1","doi-asserted-by":"publisher","DOI":"10.5555\/829515.830554"},{"key":"e_1_3_2_1_9_1","volume-title":"USENIX Security Symposium","author":"Fogla Prahlad","year":"2006","unstructured":"Prahlad Fogla , Monirul Sharif , Roberto Perdisci , Oleg Kolesnikov , and Wenke Lee . Polymorphic blending attacks . In USENIX Security Symposium , August 2006 . Prahlad Fogla, Monirul Sharif, Roberto Perdisci, Oleg Kolesnikov, and Wenke Lee. Polymorphic blending attacks. In USENIX Security Symposium, August 2006."},{"key":"e_1_3_2_1_10_1","doi-asserted-by":"publisher","DOI":"10.1145\/1030083.1030126"},{"key":"e_1_3_2_1_11_1","first-page":"103","volume-title":"USENIX Security Symposium","author":"Gao Debin","year":"2004","unstructured":"Debin Gao , Michael K. Reiter , and Dawn Song . On gray-box program tracking for anomaly detection . In USENIX Security Symposium , pages 103 -- 118 , San Diego, CA, USA , August 2004 . Debin Gao, Michael K. Reiter, and Dawn Song. On gray-box program tracking for anomaly detection. In USENIX Security Symposium, pages 103--118, San Diego, CA, USA, August 2004."},{"key":"e_1_3_2_1_12_1","volume-title":"USENIX Security Symposium","author":"Garfinkel T.","year":"2003","unstructured":"T. Garfinkel , B. Pfaff , and M. Rosenblum . Ostia: A delegating architecture for secure system call interposition . In USENIX Security Symposium , Washington, DC, USA , August 2003 . T. Garfinkel, B. Pfaff, and M. Rosenblum. Ostia: A delegating architecture for secure system call interposition. In USENIX Security Symposium, Washington, DC, USA, August 2003."},{"key":"e_1_3_2_1_13_1","doi-asserted-by":"publisher","DOI":"10.1007\/11663812_10"},{"key":"e_1_3_2_1_14_1","volume-title":"Network and Distributed System Security Symposium","author":"Giffin Jonathon T","year":"2004","unstructured":"Jonathon T Giffin , Somesh Jha , and Barton P. Miller . Efficient context-sensitive intrusion detection . In Network and Distributed System Security Symposium , San Diego, CA , February 2004 . Jonathon T Giffin, Somesh Jha, and Barton P. Miller. Efficient context-sensitive intrusion detection. In Network and Distributed System Security Symposium, San Diego, CA, February 2004."},{"key":"e_1_3_2_1_15_1","doi-asserted-by":"publisher","DOI":"10.1007\/11856214_3"},{"key":"e_1_3_2_1_16_1","volume-title":"Intrusion detection using sequences of system calls. Journal of Computer Security (JCS), 6(3):151--180","author":"Hofmeyr Steven A.","year":"1998","unstructured":"Steven A. Hofmeyr , Stephanie Forrest , and Anil Somayaji . Intrusion detection using sequences of system calls. Journal of Computer Security (JCS), 6(3):151--180 , 1998 . Steven A. Hofmeyr, Stephanie Forrest, and Anil Somayaji. Intrusion detection using sequences of system calls. Journal of Computer Security (JCS), 6(3):151--180, 1998."},{"key":"e_1_3_2_1_17_1","volume-title":"Third International Workshop on Automated Debugging","author":"Robert W.","year":"1997","unstructured":"Robert W. M. Jones and Paul H. J. Kelly. Backwards-compatible bounds checking for arrays and pointers in C programs. In M. Kamkar and D. Byers, editors , Third International Workshop on Automated Debugging . Linkoping University Electronic Press , 1997 . Robert W. M. Jones and Paul H. J. Kelly. Backwards-compatible bounds checking for arrays and pointers in C programs. In M. Kamkar and D. Byers, editors, Third International Workshop on Automated Debugging. Linkoping University Electronic Press, 1997."},{"key":"e_1_3_2_1_18_1","doi-asserted-by":"publisher","DOI":"10.1109\/CSAC.1994.367313"},{"key":"e_1_3_2_1_19_1","doi-asserted-by":"publisher","DOI":"10.1007\/978-3-540-39650-5_19"},{"key":"e_1_3_2_1_20_1","volume-title":"USENIX Security Symposium","author":"Kruegel Christopher","year":"2005","unstructured":"Christopher Kruegel , Engin Kirda , Darren Mutz , William Robertson , and Giovanni Vigna . Automating mimicry attacks using static binary analysis . In USENIX Security Symposium , Baltimore, MD , August 2005 . Christopher Kruegel, Engin Kirda, Darren Mutz, William Robertson, and Giovanni Vigna. Automating mimicry attacks using static binary analysis. In USENIX Security Symposium, Baltimore, MD, August 2005."},{"key":"e_1_3_2_1_21_1","doi-asserted-by":"publisher","DOI":"10.1145\/948109.948144"},{"key":"e_1_3_2_1_22_1","volume-title":"French Riviera","author":"Lam Lap Chung","year":"2004","unstructured":"Lap Chung Lam and T. Chiueh . Automatic extraction of accurate application-specific sandboxing policy. In Recent Advances in Intrusion Detection (RAID), Sophia Antipolis , French Riviera , France , September 2004 . Lap Chung Lam and T. Chiueh. Automatic extraction of accurate application-specific sandboxing policy. In Recent Advances in Intrusion Detection (RAID), Sophia Antipolis, French Riviera, France, September 2004."},{"key":"e_1_3_2_1_23_1","doi-asserted-by":"publisher","DOI":"10.5555\/647054.715771"},{"key":"e_1_3_2_1_24_1","doi-asserted-by":"publisher","DOI":"10.1145\/503272.503286"},{"key":"e_1_3_2_1_25_1","volume-title":"USENIX Security Symposium","author":"Provos Niels","year":"2003","unstructured":"Niels Provos . Improving host security with system call policies . In USENIX Security Symposium , Washington, DC, USA , August 2003 . Niels Provos. Improving host security with system call policies. In USENIX Security Symposium, Washington, DC, USA, August 2003."},{"key":"e_1_3_2_1_26_1","volume-title":"Network and Distributed System Security Symposium (NDSS)","author":"Ruwase Olatunji","year":"2004","unstructured":"Olatunji Ruwase and Monica S. Lam . A practical dynamic buffer overflow detector . In Network and Distributed System Security Symposium (NDSS) , February 2004 . Olatunji Ruwase and Monica S. Lam. A practical dynamic buffer overflow detector. In Network and Distributed System Security Symposium (NDSS), February 2004."},{"key":"e_1_3_2_1_27_1","doi-asserted-by":"publisher","DOI":"10.5555\/882495.884433"},{"key":"e_1_3_2_1_28_1","volume-title":"Usenix Security Symposium","author":"Sekar R.","year":"1999","unstructured":"R. Sekar and P. Uppuluri . Synthesizing fast intrusion prevention\/detection systems from high-level specifications . In Usenix Security Symposium , August 1999 . R. Sekar and P. Uppuluri. Synthesizing fast intrusion prevention\/detection systems from high-level specifications. In Usenix Security Symposium, August 1999."},{"key":"e_1_3_2_1_29_1","first-page":"54","volume-title":"Recent Advances in Intrusion Detection (RAID), LNCS 2516","author":"Tan Kymie","year":"2002","unstructured":"Kymie Tan , Kevin Killourhy , and Roy Maxion . Undermining an anomaly-based intrusion detection system using common exploits . In Recent Advances in Intrusion Detection (RAID), LNCS 2516 , pages 54 -- 73 , Zurich, Switzerland, October 2002 . Springer-Verlag . Kymie Tan, Kevin Killourhy, and Roy Maxion. Undermining an anomaly-based intrusion detection system using common exploits. In Recent Advances in Intrusion Detection (RAID), LNCS 2516, pages 54--73, Zurich, Switzerland, October 2002. Springer-Verlag."},{"key":"e_1_3_2_1_30_1","first-page":"20","volume-title":"ICDM Workshop on Data Mining for Computer Security (DMSEC)","author":"Tandon G.","year":"2003","unstructured":"G. Tandon and P. Chan . Learning rules from system call arguments and sequences for anomaly detection . In ICDM Workshop on Data Mining for Computer Security (DMSEC) , pages 20 -- 29 , 2003 . G. Tandon and P. Chan. Learning rules from system call arguments and sequences for anomaly detection. In ICDM Workshop on Data Mining for Computer Security (DMSEC), pages 20--29, 2003."},{"key":"e_1_3_2_1_31_1","doi-asserted-by":"publisher","DOI":"10.1145\/586110.586145"},{"key":"e_1_3_2_1_32_1","doi-asserted-by":"publisher","DOI":"10.5555\/882495.884434"},{"key":"e_1_3_2_1_33_1","doi-asserted-by":"publisher","DOI":"10.1007\/978-3-540-30143-1_11"},{"key":"e_1_3_2_1_34_1","doi-asserted-by":"publisher","DOI":"10.5555\/645838.670723"}],"event":{"name":"Asia CCS '08: Asia CCS'08 ACM Symposium on Information, Computer and Communications Security","location":"Tokyo Japan","acronym":"Asia CCS '08","sponsor":["SIGSAC ACM Special Interest Group on Security, Audit, and Control"]},"container-title":["Proceedings of the 2008 ACM symposium on Information, computer and communications security"],"original-title":[],"link":[{"URL":"https:\/\/dl.acm.org\/doi\/10.1145\/1368310.1368334","content-type":"unspecified","content-version":"vor","intended-application":"text-mining"},{"URL":"https:\/\/dl.acm.org\/doi\/pdf\/10.1145\/1368310.1368334","content-type":"unspecified","content-version":"vor","intended-application":"similarity-checking"}],"deposited":{"date-parts":[[2025,6,18]],"date-time":"2025-06-18T13:57:46Z","timestamp":1750255066000},"score":1,"resource":{"primary":{"URL":"https:\/\/dl.acm.org\/doi\/10.1145\/1368310.1368334"}},"subtitle":[],"short-title":[],"issued":{"date-parts":[[2008,3,18]]},"references-count":34,"alternative-id":["10.1145\/1368310.1368334","10.1145\/1368310"],"URL":"https:\/\/doi.org\/10.1145\/1368310.1368334","relation":{},"subject":[],"published":{"date-parts":[[2008,3,18]]},"assertion":[{"value":"2008-03-18","order":2,"name":"published","label":"Published","group":{"name":"publication_history","label":"Publication History"}}]}}