{"status":"ok","message-type":"work","message-version":"1.0.0","message":{"indexed":{"date-parts":[[2026,5,14]],"date-time":"2026-05-14T13:27:41Z","timestamp":1778765261519,"version":"3.51.4"},"publisher-location":"New York, NY, USA","reference-count":33,"publisher":"ACM","license":[{"start":{"date-parts":[[2012,12,3]],"date-time":"2012-12-03T00:00:00Z","timestamp":1354492800000},"content-version":"vor","delay-in-days":0,"URL":"https:\/\/www.acm.org\/publications\/policies\/copyright_policy#Background"}],"content-domain":{"domain":["dl.acm.org"],"crossmark-restriction":true},"short-container-title":[],"published-print":{"date-parts":[[2012,12,3]]},"DOI":"10.1145\/2420950.2421003","type":"proceedings-article","created":{"date-parts":[[2012,12,19]],"date-time":"2012-12-19T14:12:22Z","timestamp":1355926342000},"page":"359-368","update-policy":"https:\/\/doi.org\/10.1145\/crossmark-policy","source":"Crossref","is-referenced-by-count":167,"title":["Generalized vulnerability extrapolation using abstract syntax trees"],"prefix":"10.1145","author":[{"given":"Fabian","family":"Yamaguchi","sequence":"first","affiliation":[{"name":"University of G\u00f6ttingen, G\u00f6ttingen, Germany"}],"role":[{"role":"author","vocabulary":"crossref"}]},{"given":"Markus","family":"Lottmann","sequence":"additional","affiliation":[{"name":"Technische Universit\u00e4t Berlin, Berlin, Germany"}],"role":[{"role":"author","vocabulary":"crossref"}]},{"given":"Konrad","family":"Rieck","sequence":"additional","affiliation":[{"name":"University of G\u00f6ttingen, G\u00f6ttingen, Germany"}],"role":[{"role":"author","vocabulary":"crossref"}]}],"member":"320","published-online":{"date-parts":[[2012,12,3]]},"reference":[{"key":"e_1_3_2_1_1_1","volume-title":"Proc. of Network and Distributed System Security Symposium (NDSS)","author":"Avgerinos T.","year":"2011","unstructured":"T. Avgerinos , S. K. Cha , B. L. T. Hao , and D. Brumley . AEG: Automatic Exploit Generation . In Proc. of Network and Distributed System Security Symposium (NDSS) , 2011 . T. Avgerinos, S. K. Cha, B. L. T. Hao, and D. Brumley. AEG: Automatic Exploit Generation. In Proc. of Network and Distributed System Security Symposium (NDSS), 2011."},{"key":"e_1_3_2_1_2_1","doi-asserted-by":"publisher","DOI":"10.5555\/850947.853341"},{"key":"e_1_3_2_1_3_1","doi-asserted-by":"publisher","DOI":"10.1109\/TSE.2007.70725"},{"key":"e_1_3_2_1_4_1","doi-asserted-by":"publisher","DOI":"10.1109\/ACSAC.2006.50"},{"key":"e_1_3_2_1_5_1","doi-asserted-by":"publisher","DOI":"10.1002\/(SICI)1097-4571(199009)41:6<391::AID-ASI1>3.0.CO;2-9"},{"key":"e_1_3_2_1_6_1","doi-asserted-by":"publisher","DOI":"10.1145\/502034.502041"},{"key":"e_1_3_2_1_7_1","volume-title":"W32.stuxnet dossier","author":"Falliere N.","year":"2011","unstructured":"N. Falliere , L. O. Murchu , and E. Chien . W32.stuxnet dossier . Symantec Corporation , 2011 . N. Falliere, L. O. Murchu, and E. Chien. W32.stuxnet dossier. Symantec Corporation, 2011."},{"key":"e_1_3_2_1_8_1","doi-asserted-by":"publisher","DOI":"10.1145\/2093548.2093564"},{"key":"e_1_3_2_1_9_1","doi-asserted-by":"publisher","DOI":"10.1109\/MSP.2011.70"},{"key":"e_1_3_2_1_10_1","volume-title":"Ullmann. Introduction to Automata Theory, Languages, and Computation","author":"Hopcroft J.","year":"2001","unstructured":"J. Hopcroft and J. Motwani , R. Ullmann. Introduction to Automata Theory, Languages, and Computation . Addison-Wesley , 2 edition, 2001 . J. Hopcroft and J. Motwani, R. Ullmann. Introduction to Automata Theory, Languages, and Computation. Addison-Wesley, 2 edition, 2001."},{"key":"e_1_3_2_1_11_1","doi-asserted-by":"publisher","DOI":"10.1109\/SP.2012.13"},{"key":"e_1_3_2_1_12_1","doi-asserted-by":"publisher","DOI":"10.1109\/SP.2006.29"},{"key":"e_1_3_2_1_13_1","doi-asserted-by":"publisher","DOI":"10.1109\/TSE.2002.1019480"},{"key":"e_1_3_2_1_14_1","doi-asserted-by":"publisher","DOI":"10.1007\/BF00126960"},{"key":"e_1_3_2_1_15_1","doi-asserted-by":"publisher","DOI":"10.1145\/1081706.1081755"},{"key":"e_1_3_2_1_16_1","doi-asserted-by":"publisher","DOI":"10.1109\/TSE.2006.28"},{"key":"e_1_3_2_1_17_1","doi-asserted-by":"publisher","DOI":"10.1145\/1081706.1081754"},{"key":"e_1_3_2_1_18_1","volume-title":"Proc. of USENIX Security Symposium","author":"Livshits V. B.","year":"2005","unstructured":"V. B. Livshits and M. S. Lam . Finding security vulnerabilities in java applications with static analysis . In Proc. of USENIX Security Symposium , 2005 . V. B. Livshits and M. S. Lam. Finding security vulnerabilities in java applications with static analysis. In Proc. of USENIX Security Symposium, 2005."},{"key":"e_1_3_2_1_19_1","doi-asserted-by":"publisher","DOI":"10.5555\/872023.872542"},{"key":"e_1_3_2_1_20_1","doi-asserted-by":"publisher","DOI":"10.5555\/832308.837160"},{"key":"e_1_3_2_1_21_1","doi-asserted-by":"publisher","DOI":"10.1109\/MSECP.2003.1219056"},{"key":"e_1_3_2_1_22_1","volume-title":"Proc. of Network and Distributed System Security Symposium (NDSS)","author":"Newsome J.","year":"2005","unstructured":"J. Newsome and D. Song . Dynamic taint analysis for automatic detection, analysis, and signature generation of exploits on commodity software . In Proc. of Network and Distributed System Security Symposium (NDSS) , 2005 . J. Newsome and D. Song. Dynamic taint analysis for automatic detection, analysis, and signature generation of exploits on commodity software. In Proc. of Network and Distributed System Security Symposium (NDSS), 2005."},{"key":"e_1_3_2_1_23_1","doi-asserted-by":"publisher","DOI":"10.1002\/spe.4380250705"},{"key":"e_1_3_2_1_24_1","volume-title":"Rough auditing tool for security","year":"2012","unstructured":"rats. Rough auditing tool for security . Fortify Software Inc ., https:\/\/www.fortify.com\/ssa-elements\/threat-intelligence\/rats.html, visited April , 2012 . rats. Rough auditing tool for security. Fortify Software Inc., https:\/\/www.fortify.com\/ssa-elements\/threat-intelligence\/rats.html, visited April, 2012."},{"key":"e_1_3_2_1_25_1","volume-title":"Introduction to Modern Information Retrieval","author":"Salton G.","year":"1986","unstructured":"G. Salton and M. J. McGill . Introduction to Modern Information Retrieval . McGraw-Hill , 1986 . G. Salton and M. J. McGill. Introduction to Modern Information Retrieval. McGraw-Hill, 1986."},{"key":"e_1_3_2_1_26_1","doi-asserted-by":"publisher","DOI":"10.1109\/MSP.2004.59"},{"key":"e_1_3_2_1_27_1","volume-title":"Fuzzing: Brute Force Vulnerability Discovery","author":"Sutton M.","year":"2007","unstructured":"M. Sutton , A. Greene , and P. Amini . Fuzzing: Brute Force Vulnerability Discovery . Addison-Wesley Professional , 2007 . M. Sutton, A. Greene, and P. Amini. Fuzzing: Brute Force Vulnerability Discovery. Addison-Wesley Professional, 2007."},{"key":"e_1_3_2_1_28_1","doi-asserted-by":"publisher","DOI":"10.5555\/784591.784731"},{"key":"e_1_3_2_1_29_1","volume-title":"Proc. of Network and Distributed System Security Symposium (NDSS)","author":"Wang T.","year":"2009","unstructured":"T. Wang , T. Wei , Z. Lin , and W. Zou . IntScope: Automatically detecting integer overflow vulnerability in x86 binary using symbolic execution . In Proc. of Network and Distributed System Security Symposium (NDSS) , 2009 . T. Wang, T. Wei, Z. Lin, and W. Zou. IntScope: Automatically detecting integer overflow vulnerability in x86 binary using symbolic execution. In Proc. of Network and Distributed System Security Symposium (NDSS), 2009."},{"key":"e_1_3_2_1_30_1","volume-title":"http:\/\/www.dwheeler.com\/flawfinder\/, visited","author":"Wheeler D. A.","year":"2012","unstructured":"D. A. Wheeler . Flawfinder. http:\/\/www.dwheeler.com\/flawfinder\/, visited April , 2012 . D. A. Wheeler. Flawfinder. http:\/\/www.dwheeler.com\/flawfinder\/, visited April, 2012."},{"key":"e_1_3_2_1_31_1","doi-asserted-by":"publisher","DOI":"10.1109\/TSE.2005.63"},{"key":"e_1_3_2_1_32_1","volume-title":"Proc. of USENIX Security Symposium","author":"Xie Y.","year":"2006","unstructured":"Y. Xie and A. Aiken . Static detection of security vulnerabilities in scripting languages . In Proc. of USENIX Security Symposium , 2006 . Y. Xie and A. Aiken. Static detection of security vulnerabilities in scripting languages. In Proc. of USENIX Security Symposium, 2006."},{"key":"e_1_3_2_1_33_1","volume-title":"USENIX Workshop on Offensive Technologies (WOOT)","author":"Yamaguchi F.","year":"2011","unstructured":"F. Yamaguchi , F. Lindner , and K. Rieck . Vulnerability extrapolation: Assisted discovery of vulnerabilities using machine learning . In USENIX Workshop on Offensive Technologies (WOOT) , Aug. 2011 . F. Yamaguchi, F. Lindner, and K. Rieck. Vulnerability extrapolation: Assisted discovery of vulnerabilities using machine learning. In USENIX Workshop on Offensive Technologies (WOOT), Aug. 2011."}],"event":{"name":"ACSAC '12: Annual Computer Security Applications Conference","location":"Orlando Florida USA","acronym":"ACSAC '12","sponsor":["ACSA Applied Computing Security Assoc"]},"container-title":["Proceedings of the 28th Annual Computer Security Applications Conference"],"original-title":[],"link":[{"URL":"https:\/\/dl.acm.org\/doi\/10.1145\/2420950.2421003","content-type":"unspecified","content-version":"vor","intended-application":"text-mining"},{"URL":"https:\/\/dl.acm.org\/doi\/pdf\/10.1145\/2420950.2421003","content-type":"unspecified","content-version":"vor","intended-application":"similarity-checking"}],"deposited":{"date-parts":[[2025,6,18]],"date-time":"2025-06-18T08:18:33Z","timestamp":1750234713000},"score":1,"resource":{"primary":{"URL":"https:\/\/dl.acm.org\/doi\/10.1145\/2420950.2421003"}},"subtitle":[],"short-title":[],"issued":{"date-parts":[[2012,12,3]]},"references-count":33,"alternative-id":["10.1145\/2420950.2421003","10.1145\/2420950"],"URL":"https:\/\/doi.org\/10.1145\/2420950.2421003","relation":{},"subject":[],"published":{"date-parts":[[2012,12,3]]},"assertion":[{"value":"2012-12-03","order":2,"name":"published","label":"Published","group":{"name":"publication_history","label":"Publication History"}}]}}