{"status":"ok","message-type":"work","message-version":"1.0.0","message":{"indexed":{"date-parts":[[2026,2,4]],"date-time":"2026-02-04T15:25:21Z","timestamp":1770218721453,"version":"3.49.0"},"publisher-location":"New York, NY, USA","reference-count":46,"publisher":"ACM","license":[{"start":{"date-parts":[[2010,10,4]],"date-time":"2010-10-04T00:00:00Z","timestamp":1286150400000},"content-version":"vor","delay-in-days":0,"URL":"https:\/\/www.acm.org\/publications\/policies\/copyright_policy#Background"}],"content-domain":{"domain":["dl.acm.org"],"crossmark-restriction":true},"short-container-title":[],"published-print":{"date-parts":[[2010,10,4]]},"DOI":"10.1145\/1866307.1866354","type":"proceedings-article","created":{"date-parts":[[2010,10,5]],"date-time":"2010-10-05T14:38:23Z","timestamp":1286289503000},"page":"413-425","update-policy":"https:\/\/doi.org\/10.1145\/crossmark-policy","source":"Crossref","is-referenced-by-count":43,"title":["Input generation via decomposition and re-stitching"],"prefix":"10.1145","author":[{"given":"Juan","family":"Caballero","sequence":"first","affiliation":[{"name":"Carnegie Mellon University \/ University of California, Berkeley, Pittsburgh, PA, USA"}],"role":[{"role":"author","vocabulary":"crossref"}]},{"given":"Pongsin","family":"Poosankam","sequence":"additional","affiliation":[{"name":"Carnegie Mellon University \/ University of California, Berkeley, Pittsburgh, PA, USA"}],"role":[{"role":"author","vocabulary":"crossref"}]},{"given":"Stephen","family":"McCamant","sequence":"additional","affiliation":[{"name":"University of California, Berkeley, Berkeley, CA, USA"}],"role":[{"role":"author","vocabulary":"crossref"}]},{"given":"Domagoj","family":"Babi \u0107","sequence":"additional","affiliation":[{"name":"University of California, Berkeley, Berkeley, CA, USA"}],"role":[{"role":"author","vocabulary":"crossref"}]},{"given":"Dawn","family":"Song","sequence":"additional","affiliation":[{"name":"University of California, Berkeley, Berkeley, CA, USA"}],"role":[{"role":"author","vocabulary":"crossref"}]}],"member":"320","published-online":{"date-parts":[[2010,10,4]]},"reference":[{"key":"e_1_3_2_1_1_1","unstructured":"}}BitBlaze: Binary analysis for computer security. http:\/\/bitblaze.cs.berkeley.edu\/.  }}BitBlaze: Binary analysis for computer security. http:\/\/bitblaze.cs.berkeley.edu\/."},{"key":"e_1_3_2_1_2_1","first-page":"213","volume-title":"Proceedings of the 16th USENIX Security Symposium","author":"Brumley D.","year":"2007"},{"key":"e_1_3_2_1_3_1","doi-asserted-by":"publisher","DOI":"10.1109\/SP.2008.17"},{"key":"e_1_3_2_1_4_1","first-page":"391","volume-title":"NDSS'10: Proceedings of the 17th Annual Network and Distributed System Security Symposium","author":"Caballero J.","year":"2010"},{"key":"e_1_3_2_1_5_1","doi-asserted-by":"publisher","DOI":"10.1007\/978-3-642-04342-0_9"},{"key":"e_1_3_2_1_6_1","doi-asserted-by":"publisher","DOI":"10.1145\/1653662.1653737"},{"key":"e_1_3_2_1_7_1","doi-asserted-by":"publisher","DOI":"10.1007\/11537328_2"},{"key":"e_1_3_2_1_8_1","doi-asserted-by":"publisher","DOI":"10.1007\/978-3-540-70542-0_8"},{"key":"e_1_3_2_1_9_1","unstructured":"}}CVE: Common vulnerabilities and exposures. http:\/\/cve.mitre.org\/.  }}CVE: Common vulnerabilities and exposures. http:\/\/cve.mitre.org\/."},{"key":"e_1_3_2_1_10_1","volume-title":"Springer","author":"Daemen J.","year":"2002"},{"key":"e_1_3_2_1_11_1","unstructured":"}}D. Danchev. Help! someone hijacked my 100k+ Zeus botnet! Feb. 2009. http:\/\/ddanchev.blogspot.com\/2009\/02\/ help-someone-hijacked-my-100k-zeus.html.  }}D. Danchev. Help! someone hijacked my 100k+ Zeus botnet! Feb. 2009. http:\/\/ddanchev.blogspot.com\/2009\/02\/ help-someone-hijacked-my-100k-zeus.html."},{"key":"e_1_3_2_1_12_1","doi-asserted-by":"publisher","DOI":"10.5555\/1768142.1768178"},{"key":"e_1_3_2_1_13_1","series-title":"Lecture Notes in Computer Science, Tenerife","volume-title":"WECSR'10: Workshop on Ethics in Computer Security Research","author":"Dittrich D.","year":"2010"},{"key":"e_1_3_2_1_14_1","doi-asserted-by":"publisher","DOI":"10.1109\/TSE.1984.5010257"},{"key":"e_1_3_2_1_15_1","unstructured":"}}Security guru gives hackers a taste of their own medicine Apr. 2008. http:\/\/www.wired.com\/threatlevel\/ 2008\/04\/researcher-demo.  }}Security guru gives hackers a taste of their own medicine Apr. 2008. http:\/\/www.wired.com\/threatlevel\/ 2008\/04\/researcher-demo."},{"key":"e_1_3_2_1_16_1","doi-asserted-by":"publisher","DOI":"10.5555\/1770351.1770421"},{"key":"e_1_3_2_1_17_1","doi-asserted-by":"publisher","DOI":"10.1109\/ICSE.2009.5070546"},{"key":"e_1_3_2_1_18_1","doi-asserted-by":"publisher","DOI":"10.1145\/1190216.1190226"},{"key":"e_1_3_2_1_19_1","doi-asserted-by":"publisher","DOI":"10.1145\/1375581.1375607"},{"key":"e_1_3_2_1_20_1","doi-asserted-by":"publisher","DOI":"10.1145\/1065010.1065036"},{"key":"e_1_3_2_1_21_1","volume-title":"NDSS'08: Proceedings of the Network and Distributed System Security Symposium","author":"Godefroid P.","year":"2008"},{"key":"e_1_3_2_1_22_1","unstructured":"}}M. Kassner. The top 10 spam botnets: New and improved Feb. 2010. http:\/\/blogs.techrepublic.com. com\/10things\/?p=1373.  }}M. Kassner. The top 10 spam botnets: New and improved Feb. 2010. http:\/\/blogs.techrepublic.com. com\/10things\/?p=1373."},{"key":"e_1_3_2_1_23_1","doi-asserted-by":"publisher","DOI":"10.1109\/ICSE.2009.5070521"},{"key":"e_1_3_2_1_24_1","doi-asserted-by":"publisher","DOI":"10.1145\/360248.360252"},{"key":"e_1_3_2_1_25_1","doi-asserted-by":"publisher","DOI":"10.1109\/SP.2010.10"},{"key":"e_1_3_2_1_26_1","volume-title":"The Register","author":"Leyden J.","year":"2010"},{"key":"e_1_3_2_1_27_1","unstructured":"}}M86 Security Labs. Botnet statistics for week ending April 11 2010 Apr. 2010. http:\/\/www.m86security. com\/labs\/bot_statistics.asp.  }}M86 Security Labs. Botnet statistics for week ending April 11 2010 Apr. 2010. http:\/\/www.m86security. com\/labs\/bot_statistics.asp."},{"key":"e_1_3_2_1_28_1","doi-asserted-by":"publisher","DOI":"10.1145\/1375581.1375606"},{"key":"e_1_3_2_1_29_1","unstructured":"}}Smashing the Mega-d\/Ozdok botnet in 24 hours. http:\/\/blog.fireeye.com\/research\/2009\/ 11\/smashing-the-ozdok.html.  }}Smashing the Mega-d\/Ozdok botnet in 24 hours. http:\/\/blog.fireeye.com\/research\/2009\/ 11\/smashing-the-ozdok.html."},{"key":"e_1_3_2_1_30_1","doi-asserted-by":"publisher","DOI":"10.1145\/96267.96279"},{"key":"e_1_3_2_1_31_1","doi-asserted-by":"publisher","DOI":"10.5555\/1855768.1855773"},{"key":"e_1_3_2_1_32_1","unstructured":"}}National Institute of Standards and Technology Gaithersburg MD USA. Federal Information Processing Standard 180--2: Secure Hash Standard Aug. 2002.  }}National Institute of Standards and Technology Gaithersburg MD USA. Federal Information Processing Standard 180--2: Secure Hash Standard Aug. 2002."},{"key":"e_1_3_2_1_33_1","unstructured":"}}OpenSSL: The open source toolkit for SSL\/TLS. http:\/\/www.openssl.org\/.  }}OpenSSL: The open source toolkit for SSL\/TLS. http:\/\/www.openssl.org\/."},{"key":"e_1_3_2_1_34_1","unstructured":"}}OSVDB. Cutwail Bot svchost.exe CC Message Handling Remote Overflow July 2010. http:\/\/osvdb.org\/66497.  }}OSVDB. Cutwail Bot svchost.exe CC Message Handling Remote Overflow July 2010. http:\/\/osvdb.org\/66497."},{"key":"e_1_3_2_1_35_1","unstructured":"}}OSVDB. Gheg Bot RtlAllocateHeap Function Null Dereference Remote DoS July 2010. http:\/\/osvdb.org\/66498.  }}OSVDB. Gheg Bot RtlAllocateHeap Function Null Dereference Remote DoS July 2010. http:\/\/osvdb.org\/66498."},{"key":"e_1_3_2_1_36_1","unstructured":"}}OSVDB. Zbot Trojan svchost.exe Compressed Input Handling Remote Overflow July 2010. http:\/\/osvdb.org\/66501.  }}OSVDB. Zbot Trojan svchost.exe Compressed Input Handling Remote Overflow July 2010. http:\/\/osvdb.org\/66501."},{"key":"e_1_3_2_1_37_1","unstructured":"}}OSVDB. Zbot Trojan svchost.exe Network Message Crafted Payload Size Handling Infinite Loop Remote DoS July 2010. http:\/\/osvdb.org\/66500.  }}OSVDB. Zbot Trojan svchost.exe Network Message Crafted Payload Size Handling Infinite Loop Remote DoS July 2010. http:\/\/osvdb.org\/66500."},{"key":"e_1_3_2_1_38_1","unstructured":"}}OSVDB. Zbot Trojan svchost.exe RtlAllocateHeap Function Null Dereference Remote DoS July 2010. http:\/\/osvdb.org\/66499.  }}OSVDB. Zbot Trojan svchost.exe RtlAllocateHeap Function Null Dereference Remote DoS July 2010. http:\/\/osvdb.org\/66499."},{"key":"e_1_3_2_1_39_1","volume-title":"Acquisition and Use of Cyberattack Capabilities. The National Academies Press","author":"Owens W. A.","year":"2009"},{"key":"e_1_3_2_1_40_1","volume-title":"Las Vegas","author":"Potter B.","year":"2005"},{"key":"e_1_3_2_1_41_1","unstructured":"}}Shadowserver foundation. http:\/\/www.shadowserver.org\/.  }}Shadowserver foundation. http:\/\/www.shadowserver.org\/."},{"key":"e_1_3_2_1_42_1","doi-asserted-by":"publisher","DOI":"10.1007\/978-3-540-89862-7_1"},{"key":"e_1_3_2_1_43_1","doi-asserted-by":"publisher","DOI":"10.1109\/SP.2010.37"},{"key":"e_1_3_2_1_44_1","doi-asserted-by":"publisher","DOI":"10.5555\/1813084.1813102"},{"key":"e_1_3_2_1_45_1","doi-asserted-by":"publisher","DOI":"10.1145\/1040305.1040334"},{"key":"e_1_3_2_1_46_1","unstructured":"}}The zlib library. http:\/\/www.zlib.net\/.  }}The zlib library. http:\/\/www.zlib.net\/."}],"event":{"name":"CCS '10: 17th ACM Conference on Computer and Communications Security 2010","location":"Chicago Illinois USA","acronym":"CCS '10","sponsor":["SIGSAC ACM Special Interest Group on Security, Audit, and Control"]},"container-title":["Proceedings of the 17th ACM conference on Computer and communications security"],"original-title":[],"link":[{"URL":"https:\/\/dl.acm.org\/doi\/10.1145\/1866307.1866354","content-type":"unspecified","content-version":"vor","intended-application":"text-mining"},{"URL":"https:\/\/dl.acm.org\/doi\/pdf\/10.1145\/1866307.1866354","content-type":"unspecified","content-version":"vor","intended-application":"similarity-checking"}],"deposited":{"date-parts":[[2025,6,18]],"date-time":"2025-06-18T12:08:59Z","timestamp":1750248539000},"score":1,"resource":{"primary":{"URL":"https:\/\/dl.acm.org\/doi\/10.1145\/1866307.1866354"}},"subtitle":["finding bugs in Malware"],"short-title":[],"issued":{"date-parts":[[2010,10,4]]},"references-count":46,"alternative-id":["10.1145\/1866307.1866354","10.1145\/1866307"],"URL":"https:\/\/doi.org\/10.1145\/1866307.1866354","relation":{},"subject":[],"published":{"date-parts":[[2010,10,4]]},"assertion":[{"value":"2010-10-04","order":2,"name":"published","label":"Published","group":{"name":"publication_history","label":"Publication History"}}]}}