{"status":"ok","message-type":"work","message-version":"1.0.0","message":{"indexed":{"date-parts":[[2025,6,19]],"date-time":"2025-06-19T04:34:55Z","timestamp":1750307695624,"version":"3.41.0"},"publisher-location":"New York, NY, USA","reference-count":23,"publisher":"ACM","license":[{"start":{"date-parts":[[2009,4,13]],"date-time":"2009-04-13T00:00:00Z","timestamp":1239580800000},"content-version":"vor","delay-in-days":0,"URL":"https:\/\/www.acm.org\/publications\/policies\/copyright_policy#Background"}],"content-domain":{"domain":["dl.acm.org"],"crossmark-restriction":true},"short-container-title":[],"published-print":{"date-parts":[[2009,4,13]]},"DOI":"10.1145\/1558607.1558622","type":"proceedings-article","created":{"date-parts":[[2009,6,30]],"date-time":"2009-06-30T13:10:54Z","timestamp":1246367454000},"page":"1-4","update-policy":"https:\/\/doi.org\/10.1145\/crossmark-policy","source":"Crossref","is-referenced-by-count":4,"title":["Security-oriented program transformations"],"prefix":"10.1145","author":[{"given":"Munawar","family":"Hafiz","sequence":"first","affiliation":[{"name":"University of Illinois at Urbana-Champaign"}],"role":[{"role":"author","vocabulary":"crossref"}]},{"given":"Ralph E.","family":"Johnson","sequence":"additional","affiliation":[{"name":"University of Illinois at Urbana-Champaign"}],"role":[{"role":"author","vocabulary":"crossref"}]}],"member":"320","published-online":{"date-parts":[[2009,4,13]]},"reference":[{"key":"e_1_3_2_1_1_1","volume-title":"ESD-TR-73-51","author":"Anderson James P.","year":"1972","unstructured":"]] James P. Anderson . Computer security technology planning study. Technical report , ESD-TR-73-51 , Oct 1972 . ]]James P. Anderson. Computer security technology planning study. Technical report, ESD-TR-73-51, Oct 1972."},{"key":"e_1_3_2_1_2_1","volume-title":"2000 USENIX Annual Technical Conference: San Diego, CA, USA","author":"Baratloo Arash","year":"2000","unstructured":"]] Arash Baratloo , Navjot Singh , and Timothy Tsai . Transparent run-time defense against stack-smashing attacks . In 2000 USENIX Annual Technical Conference: San Diego, CA, USA , 2000 . ]]Arash Baratloo, Navjot Singh, and Timothy Tsai. Transparent run-time defense against stack-smashing attacks. In 2000 USENIX Annual Technical Conference: San Diego, CA, USA, 2000."},{"key":"e_1_3_2_1_3_1","doi-asserted-by":"publisher","DOI":"10.1145\/1065907.1066034"},{"key":"e_1_3_2_1_4_1","unstructured":"]]Bugtraq list. Bugtraq Vulnerabilities List.  ]]Bugtraq list. Bugtraq Vulnerabilities List."},{"key":"e_1_3_2_1_5_1","volume-title":"May","author":"Christey Steve","year":"2007","unstructured":"]] Steve Christey and Robert Martin . Vulnerability type distributions in CVE, version 1.1 , May 2007 . ]]Steve Christey and Robert Martin. Vulnerability type distributions in CVE, version 1.1, May 2007."},{"key":"e_1_3_2_1_6_1","doi-asserted-by":"publisher","DOI":"10.1109\/ICCL.1988.13075"},{"key":"e_1_3_2_1_7_1","unstructured":"]]F. Cavalier III. Libmib allocated string functions.  ]]F. Cavalier III. Libmib allocated string functions."},{"key":"e_1_3_2_1_8_1","volume-title":"Refactoring: Improving The Design of Existing Code","author":"Fowler Martin","year":"1999","unstructured":"]] Martin Fowler . Refactoring: Improving The Design of Existing Code . Addison-Wesley , Jun 1999 . ]]Martin Fowler. Refactoring: Improving The Design of Existing Code. Addison-Wesley, Jun 1999."},{"key":"e_1_3_2_1_9_1","volume-title":"Design Patterns","author":"Gamma Erich","year":"1995","unstructured":"]] Erich Gamma , Richard Helm , Ralph Johnson , and John Vlissides . Design Patterns . Addison-Wesley , 1995 . ]]Erich Gamma, Richard Helm, Ralph Johnson, and John Vlissides. Design Patterns. Addison-Wesley, 1995."},{"key":"e_1_3_2_1_10_1","doi-asserted-by":"publisher","DOI":"10.1145\/1449814.1449912"},{"key":"e_1_3_2_1_11_1","doi-asserted-by":"publisher","DOI":"10.1002\/spe.v38:15"},{"key":"e_1_3_2_1_12_1","doi-asserted-by":"publisher","DOI":"10.1109\/IWSESS.2009.5068460"},{"key":"e_1_3_2_1_13_1","doi-asserted-by":"publisher","DOI":"10.1109\/MS.2007.114"},{"key":"e_1_3_2_1_15_1","doi-asserted-by":"publisher","DOI":"10.1007\/978-3-642-00199-4_7"},{"key":"e_1_3_2_1_16_1","first-page":"220","volume-title":"John Irwin. Aspect-Oriented Programming. In Proceedings of the European Conference on Object-Oriented Programmin (ECOOP) 1997","author":"Kiczales Gregor","year":"1997","unstructured":"]] Gregor Kiczales , John Lamping , Anurag Mendhekar , Cristina Lopes Chris Maeda , Jean-Marc Loingtier , and John Irwin. Aspect-Oriented Programming. In Proceedings of the European Conference on Object-Oriented Programmin (ECOOP) 1997 , pages 220 -- 242 , 1997 . ]]Gregor Kiczales, John Lamping, Anurag Mendhekar, Cristina Lopes Chris Maeda, Jean-Marc Loingtier, and John Irwin. Aspect-Oriented Programming. In Proceedings of the European Conference on Object-Oriented Programmin (ECOOP) 1997, pages 220--242, 1997."},{"key":"e_1_3_2_1_17_1","doi-asserted-by":"publisher","DOI":"10.1109\/MSECP.2004.1281254"},{"key":"e_1_3_2_1_18_1","volume-title":"1999 Usenix Annual Technical Conference","author":"Miller Todd","year":"1999","unstructured":"]] Todd Miller and Theo de Raadt . strlcpy and strlcat --- Consistent, safe, string copy and concatenation . In 1999 Usenix Annual Technical Conference , Monterey, California, USA , 1999 . ]]Todd Miller and Theo de Raadt. strlcpy and strlcat --- Consistent, safe, string copy and concatenation. In 1999 Usenix Annual Technical Conference, Monterey, California, USA, 1999."},{"key":"e_1_3_2_1_19_1","doi-asserted-by":"publisher","DOI":"10.1002\/spe.4380240604"},{"key":"e_1_3_2_1_20_1","volume-title":"OWASP Top Ten Project","author":"OWASP.","year":"2008","unstructured":"]] OWASP. OWASP Top Ten Project , 2008 . ]]OWASP. OWASP Top Ten Project, 2008."},{"key":"e_1_3_2_1_21_1","volume-title":"Security Patterns: Integrating Security and Systems Engineering","author":"Schumacher Markus","year":"2005","unstructured":"]] Markus Schumacher , Eduardo Fernandez-Buglioni , Duane Hybertson , Frank Buschmann , and Peter Sommerlad . Security Patterns: Integrating Security and Systems Engineering . John Wiley and Sons , December 2005 . ]]Markus Schumacher, Eduardo Fernandez-Buglioni, Duane Hybertson, Frank Buschmann, and Peter Sommerlad. Security Patterns: Integrating Security and Systems Engineering. John Wiley and Sons, December 2005."},{"key":"e_1_3_2_1_22_1","volume-title":"Apr","author":"CERT.","year":"2008","unstructured":"]]US- CERT. Vulnerability notes by severity metric , Apr 2008 . ]]US-CERT. Vulnerability notes by severity metric, Apr 2008."},{"key":"e_1_3_2_1_23_1","volume-title":"Building Secure Software: How to Avoid Security Problems The Right Way","author":"Viega John","year":"2002","unstructured":"]] John Viega and Gary McGraw . Building Secure Software: How to Avoid Security Problems The Right Way . Addison-Wesley , 2002 . ]]John Viega and Gary McGraw. Building Secure Software: How to Avoid Security Problems The Right Way. Addison-Wesley, 2002."},{"key":"e_1_3_2_1_24_1","series-title":"LNCS","doi-asserted-by":"crossref","first-page":"357","DOI":"10.1007\/3-540-45127-7_27","volume-title":"Rewriting Techniques and Applications (RTA'01)","author":"Visser Eelco","year":"2001","unstructured":"]] Eelco Visser . Stratego: A language for program transformation based on rewriting strategies . In A. Middeldorp, editor, Rewriting Techniques and Applications (RTA'01) , volume 2051 of LNCS , pages 357 -- 361 . Springer-Verlag , May 2001 . ]]Eelco Visser. Stratego: A language for program transformation based on rewriting strategies. In A. Middeldorp, editor, Rewriting Techniques and Applications (RTA'01), volume 2051 of LNCS, pages 357--361. Springer-Verlag, May 2001."}],"event":{"name":"CSIIRW '09: Fifth Cyber Security and Information Intelligence Research Workshop","acronym":"CSIIRW '09","location":"Oak Ridge Tennessee USA"},"container-title":["Proceedings of the 5th Annual Workshop on Cyber Security and Information Intelligence Research: Cyber Security and Information Intelligence Challenges and Strategies"],"original-title":[],"link":[{"URL":"https:\/\/dl.acm.org\/doi\/10.1145\/1558607.1558622","content-type":"unspecified","content-version":"vor","intended-application":"text-mining"},{"URL":"https:\/\/dl.acm.org\/doi\/pdf\/10.1145\/1558607.1558622","content-type":"unspecified","content-version":"vor","intended-application":"similarity-checking"}],"deposited":{"date-parts":[[2025,6,18]],"date-time":"2025-06-18T13:29:57Z","timestamp":1750253397000},"score":1,"resource":{"primary":{"URL":"https:\/\/dl.acm.org\/doi\/10.1145\/1558607.1558622"}},"subtitle":[],"short-title":[],"issued":{"date-parts":[[2009,4,13]]},"references-count":23,"alternative-id":["10.1145\/1558607.1558622","10.1145\/1558607"],"URL":"https:\/\/doi.org\/10.1145\/1558607.1558622","relation":{},"subject":[],"published":{"date-parts":[[2009,4,13]]},"assertion":[{"value":"2009-04-13","order":2,"name":"published","label":"Published","group":{"name":"publication_history","label":"Publication History"}}]}}