{"status":"ok","message-type":"work","message-version":"1.0.0","message":{"indexed":{"date-parts":[[2026,2,27]],"date-time":"2026-02-27T03:47:54Z","timestamp":1772164074391,"version":"3.50.1"},"publisher-location":"New York, NY, USA","reference-count":41,"publisher":"ACM","license":[{"start":{"date-parts":[[2015,3,14]],"date-time":"2015-03-14T00:00:00Z","timestamp":1426291200000},"content-version":"vor","delay-in-days":0,"URL":"https:\/\/www.acm.org\/publications\/policies\/copyright_policy#Background"}],"funder":[{"DOI":"10.13039\/100000185","name":"Defense Advanced Research Projects Agency","doi-asserted-by":"publisher","award":["FA8650-11-C-7192"],"award-info":[{"award-number":["FA8650-11-C-7192"]}],"id":[{"id":"10.13039\/100000185","id-type":"DOI","asserted-by":"publisher"}]}],"content-domain":{"domain":["dl.acm.org"],"crossmark-restriction":true},"short-container-title":[],"published-print":{"date-parts":[[2015,3,14]]},"DOI":"10.1145\/2694344.2694389","type":"proceedings-article","created":{"date-parts":[[2015,3,3]],"date-time":"2015-03-03T09:15:23Z","timestamp":1425374123000},"page":"473-486","update-policy":"https:\/\/doi.org\/10.1145\/crossmark-policy","source":"Crossref","is-referenced-by-count":21,"title":["Targeted Automatic Integer Overflow Discovery Using Goal-Directed Conditional Branch Enforcement"],"prefix":"10.1145","author":[{"given":"Stelios","family":"Sidiroglou-Douskos","sequence":"first","affiliation":[{"name":"MIT CSAIL, Cambridge, MA, USA"}]},{"given":"Eric","family":"Lahtinen","sequence":"additional","affiliation":[{"name":"MIT CSAIL, Cambridge, MA, USA"}]},{"given":"Nathan","family":"Rittenhouse","sequence":"additional","affiliation":[{"name":"MIT CSAIL, Cambridge, MA, USA"}]},{"given":"Paolo","family":"Piselli","sequence":"additional","affiliation":[{"name":"MIT CSAIL, Cambridge, MA, USA"}]},{"given":"Fan","family":"Long","sequence":"additional","affiliation":[{"name":"MIT CSAIL, Cambridge, MA, USA"}]},{"given":"Deokhwan","family":"Kim","sequence":"additional","affiliation":[{"name":"MIT CSAIL, Cambridge, MA, USA"}]},{"given":"Martin","family":"Rinard","sequence":"additional","affiliation":[{"name":"MIT CSAIL, Cambridge, MA, USA"}]}],"member":"320","published-online":{"date-parts":[[2015,3,14]]},"reference":[{"key":"e_1_3_2_1_1_1","unstructured":"Common vulnerabilities and exposures. http:\/\/cve.mitre.org\/.  Common vulnerabilities and exposures. http:\/\/cve.mitre.org\/."},{"key":"e_1_3_2_1_2_1","unstructured":"Dillo. http:\/\/www.dillo.org\/.  Dillo. http:\/\/www.dillo.org\/."},{"key":"e_1_3_2_1_3_1","unstructured":"Hachoir. http:\/\/bitbucket.org\/haypo\/hachoir\/wiki\/Home.  Hachoir. http:\/\/bitbucket.org\/haypo\/hachoir\/wiki\/Home."},{"key":"e_1_3_2_1_4_1","unstructured":"Peach fuzzing platform. http:\/\/peachfuzzer.com\/.  Peach fuzzing platform. http:\/\/peachfuzzer.com\/."},{"key":"e_1_3_2_1_5_1","unstructured":"SafeInt. http:\/\/safeint.codeplex.com\/.  SafeInt. http:\/\/safeint.codeplex.com\/."},{"key":"e_1_3_2_1_6_1","unstructured":"SPIKE fuzzing platform. http:\/\/www.immunitysec.com\/resources-freesoftware.shtml.  SPIKE fuzzing platform. http:\/\/www.immunitysec.com\/resources-freesoftware.shtml."},{"key":"e_1_3_2_1_7_1","volume-title":"RICH: Automatically protecting against integer-based vulnerabilities. Department of Electrical and Computing Engineering, page 28","author":"Brumley D.","year":"2007","unstructured":"D. Brumley , T. Chiueh , R. Johnson , H. Lin , and D. Song . RICH: Automatically protecting against integer-based vulnerabilities. Department of Electrical and Computing Engineering, page 28 , 2007 . D. Brumley, T. Chiueh, R. Johnson, H. Lin, and D. Song. RICH: Automatically protecting against integer-based vulnerabilities. Department of Electrical and Computing Engineering, page 28, 2007."},{"key":"e_1_3_2_1_8_1","doi-asserted-by":"publisher","DOI":"10.1109\/SP.2008.17"},{"key":"e_1_3_2_1_9_1","first-page":"209","volume-title":"Proceedings of the 8th USENIX conference on Operating systems design and implementation, OSDI'08","author":"Cadar C.","year":"2008","unstructured":"C. Cadar , D. Dunbar , and D. Engler . KLEE: Unassisted and automatic generation of high-coverage tests for complex systems programs . In Proceedings of the 8th USENIX conference on Operating systems design and implementation, OSDI'08 , pages 209 -- 224 , Berkeley, CA, USA , 2008 . USENIX Association. C. Cadar, D. Dunbar, and D. Engler. KLEE: Unassisted and automatic generation of high-coverage tests for complex systems programs. In Proceedings of the 8th USENIX conference on Operating systems design and implementation, OSDI'08, pages 209--224, Berkeley, CA, USA, 2008. USENIX Association."},{"key":"e_1_3_2_1_10_1","doi-asserted-by":"publisher","DOI":"10.1145\/1455518.1455522"},{"key":"e_1_3_2_1_11_1","doi-asserted-by":"publisher","DOI":"10.1007\/11790754_1"},{"key":"e_1_3_2_1_12_1","volume-title":"The cracker patch choice: An analysis of post hoc security techniques","author":"Cowan C.","year":"2000","unstructured":"C. Cowan , H. Hinton , C. Pu , and J. Walpole . The cracker patch choice: An analysis of post hoc security techniques . 2000 . C. Cowan, H. Hinton, C. Pu, and J. Walpole. The cracker patch choice: An analysis of post hoc security techniques. 2000."},{"key":"e_1_3_2_1_13_1","doi-asserted-by":"publisher","DOI":"10.5555\/1792734.1792766"},{"key":"e_1_3_2_1_14_1","first-page":"760","volume-title":"Proceedings of the 2012 International Conference on Software Engineering","author":"Dietz W.","year":"2012","unstructured":"W. Dietz , P. Li , J. Regehr , and V. Adve . Understanding integer overflow in C\/C++ . In Proceedings of the 2012 International Conference on Software Engineering , pages 760 -- 770 . IEEE Press , 2012 . W. Dietz, P. Li, J. Regehr, and V. Adve. Understanding integer overflow in C\/C++. In Proceedings of the 2012 International Conference on Software Engineering, pages 760--770. IEEE Press, 2012."},{"key":"e_1_3_2_1_15_1","first-page":"1","volume-title":"Proceedings of the first USENIX workshop on Offensive Technologies","author":"Drewry W.","year":"2007","unstructured":"W. Drewry and T. Ormandy . Flayer: Exposing application internals . In Proceedings of the first USENIX workshop on Offensive Technologies , pages 1 -- 9 . USENIX Association , 2007 . W. Drewry and T. Ormandy. Flayer: Exposing application internals. In Proceedings of the first USENIX workshop on Offensive Technologies, pages 1--9. USENIX Association, 2007."},{"key":"e_1_3_2_1_16_1","doi-asserted-by":"publisher","DOI":"10.1109\/ICSE.2009.5070546"},{"key":"e_1_3_2_1_17_1","doi-asserted-by":"publisher","DOI":"10.1145\/1065010.1065036"},{"key":"e_1_3_2_1_18_1","doi-asserted-by":"publisher","DOI":"10.1145\/2090147.2094081"},{"key":"e_1_3_2_1_19_1","first-page":"49","volume-title":"Proceedings of the 22nd USENIX conference on Security","author":"Haller I.","year":"2013","unstructured":"I. Haller , A. Slowinska , M. Neugschwandtner , and H. Bos . Dowsing for overflows: a guided fuzzer to find buffer boundary violations . In Proceedings of the 22nd USENIX conference on Security , pages 49 -- 64 . USENIX Association , 2013 . I. Haller, A. Slowinska, M. Neugschwandtner, and H. Bos. Dowsing for overflows: a guided fuzzer to find buffer boundary violations. In Proceedings of the 22nd USENIX conference on Security, pages 49--64. USENIX Association, 2013."},{"key":"e_1_3_2_1_20_1","doi-asserted-by":"publisher","DOI":"10.5555\/2337223.2337233"},{"key":"e_1_3_2_1_21_1","doi-asserted-by":"crossref","unstructured":"F. Long V. Ganesh M. Carbin S. Sidiroglou and M. Rinard. Automatic input rectification. MIT-CSAIL-TR-2011-044.  F. Long V. Ganesh M. Carbin S. Sidiroglou and M. Rinard. Automatic input rectification. MIT-CSAIL-TR-2011-044.","DOI":"10.1109\/ICSE.2012.6227204"},{"key":"e_1_3_2_1_22_1","doi-asserted-by":"publisher","DOI":"10.1145\/2535838.2535888"},{"key":"e_1_3_2_1_23_1","doi-asserted-by":"publisher","DOI":"10.1145\/2594291.2594337"},{"key":"e_1_3_2_1_24_1","doi-asserted-by":"publisher","DOI":"10.1145\/96267.96279"},{"key":"e_1_3_2_1_25_1","doi-asserted-by":"publisher","DOI":"10.5555\/1855768.1855773"},{"key":"e_1_3_2_1_26_1","doi-asserted-by":"publisher","DOI":"10.1145\/1250734.1250746"},{"key":"e_1_3_2_1_27_1","doi-asserted-by":"publisher","DOI":"10.1145\/1629575.1629585"},{"key":"e_1_3_2_1_28_1","doi-asserted-by":"publisher","DOI":"10.1145\/949344.949402"},{"key":"e_1_3_2_1_29_1","first-page":"21","volume-title":"OSDI","volume":"4","author":"Rinard M. C.","year":"2004","unstructured":"M. C. Rinard , C. Cadar , D. Dumitran , D. M. Roy , T. Leu , and W. S. Beebee . Enhancing server availability and security through failure-oblivious computing . In OSDI , volume 4 , pages 21 -- 21 , 2004 . M. C. Rinard, C. Cadar, D. Dumitran, D. M. Roy, T. Leu, and W. S. Beebee. Enhancing server availability and security through failure-oblivious computing. In OSDI, volume 4, pages 21--21, 2004."},{"key":"e_1_3_2_1_30_1","volume-title":"PROTOS -- systematic approach to eliminate software vulnerabilities. Invited presentation at Microsoft Research","author":"R\u00f6ning J.","year":"2002","unstructured":"J. R\u00f6ning , M. Lasko , A. Takanen , and R. Kaksonen . PROTOS -- systematic approach to eliminate software vulnerabilities. Invited presentation at Microsoft Research , 2002 . J. R\u00f6ning, M. Lasko, A. Takanen, and R. Kaksonen. PROTOS -- systematic approach to eliminate software vulnerabilities. Invited presentation at Microsoft Research, 2002."},{"key":"e_1_3_2_1_31_1","doi-asserted-by":"publisher","DOI":"10.5555\/1332044.1332098"},{"key":"e_1_3_2_1_32_1","doi-asserted-by":"publisher","DOI":"10.5555\/1502209"},{"key":"e_1_3_2_1_33_1","doi-asserted-by":"publisher","DOI":"10.1145\/1095430.1081750"},{"key":"e_1_3_2_1_34_1","volume-title":"NDSS","author":"Sharif M. I.","year":"2008","unstructured":"M. I. Sharif , A. Lanzi , J. T. Giffin , and W. Lee . Impeding malware analysis using conditional code obfuscation . In NDSS , 2008 . M. I. Sharif, A. Lanzi, J. T. Giffin, and W. Lee. Impeding malware analysis using conditional code obfuscation. In NDSS, 2008."},{"key":"e_1_3_2_1_35_1","doi-asserted-by":"publisher","DOI":"10.1145\/1508284.1508250"},{"key":"e_1_3_2_1_36_1","volume-title":"Proceedings of the general track, 2005 USENIX annual technical conference","author":"Sidiroglou S.","year":"2005","unstructured":"S. Sidiroglou , M. E. Locasto , S. W. Boyd , and A. D. Keromytis . Building a reactive immune system for software services . Proceedings of the general track, 2005 USENIX annual technical conference : April 10-15, 2005 , Anaheim, CA, USA, pages 149--161 , 2005. S. Sidiroglou, M. E. Locasto, S. W. Boyd, and A. D. Keromytis. Building a reactive immune system for software services. Proceedings of the general track, 2005 USENIX annual technical conference: April 10-15, 2005, Anaheim, CA, USA, pages 149--161, 2005."},{"key":"e_1_3_2_1_38_1","volume-title":"Pearson Education","author":"Sutton M.","year":"2007","unstructured":"M. Sutton , A. Greene , and P. Amini . Fuzzing: Brute Force Vulnerability Discovery . Pearson Education , 2007 . M. Sutton, A. Greene, and P. Amini. Fuzzing: Brute Force Vulnerability Discovery. Pearson Education, 2007."},{"key":"e_1_3_2_1_39_1","volume-title":"16th Annual Network & Distributed System Security Symposium","author":"Tielei W.","year":"2009","unstructured":"W. Tielei , W. Tao , L. Zhiqiang , and Z. Wei . IntScope: Automatically detecting integer overflow vulnerability in X86 binary using symbolic execution . In 16th Annual Network & Distributed System Security Symposium , 2009 . W. Tielei, W. Tao, L. Zhiqiang, and Z. Wei. IntScope: Automatically detecting integer overflow vulnerability in X86 binary using symbolic execution. In 16th Annual Network & Distributed System Security Symposium, 2009."},{"key":"e_1_3_2_1_40_1","doi-asserted-by":"publisher","DOI":"10.1109\/SP.2010.37"},{"key":"e_1_3_2_1_41_1","doi-asserted-by":"publisher","DOI":"10.5555\/2387880.2387897"},{"key":"e_1_3_2_1_42_1","doi-asserted-by":"publisher","DOI":"10.5555\/1888881.1888888"}],"event":{"name":"ASPLOS '15: Architectural Support for Programming Languages and Operating Systems","location":"Istanbul Turkey","acronym":"ASPLOS '15","sponsor":["SIGPLAN ACM Special Interest Group on Programming Languages","SIGOPS ACM Special Interest Group on Operating Systems","SIGARCH ACM Special Interest Group on Computer Architecture","SIGBED ACM Special Interest Group on Embedded Systems"]},"container-title":["Proceedings of the Twentieth International Conference on Architectural Support for Programming Languages and Operating Systems"],"original-title":[],"link":[{"URL":"https:\/\/dl.acm.org\/doi\/10.1145\/2694344.2694389","content-type":"unspecified","content-version":"vor","intended-application":"text-mining"},{"URL":"https:\/\/dl.acm.org\/doi\/pdf\/10.1145\/2694344.2694389","content-type":"unspecified","content-version":"vor","intended-application":"similarity-checking"}],"deposited":{"date-parts":[[2025,6,18]],"date-time":"2025-06-18T02:12:20Z","timestamp":1750212740000},"score":1,"resource":{"primary":{"URL":"https:\/\/dl.acm.org\/doi\/10.1145\/2694344.2694389"}},"subtitle":[],"short-title":[],"issued":{"date-parts":[[2015,3,14]]},"references-count":41,"alternative-id":["10.1145\/2694344.2694389","10.1145\/2694344"],"URL":"https:\/\/doi.org\/10.1145\/2694344.2694389","relation":{"is-identical-to":[{"id-type":"doi","id":"10.1145\/2775054.2694389","asserted-by":"object"},{"id-type":"doi","id":"10.1145\/2786763.2694389","asserted-by":"object"}]},"subject":[],"published":{"date-parts":[[2015,3,14]]},"assertion":[{"value":"2015-03-14","order":2,"name":"published","label":"Published","group":{"name":"publication_history","label":"Publication History"}}]}}