{"status":"ok","message-type":"work","message-version":"1.0.0","message":{"indexed":{"date-parts":[[2026,1,13]],"date-time":"2026-01-13T15:10:11Z","timestamp":1768317011511,"version":"3.49.0"},"publisher-location":"New York, NY, USA","reference-count":48,"publisher":"ACM","license":[{"start":{"date-parts":[[2015,10,12]],"date-time":"2015-10-12T00:00:00Z","timestamp":1444608000000},"content-version":"vor","delay-in-days":0,"URL":"http:\/\/www.acm.org\/publications\/policies\/copyright_policy#Background"}],"funder":[{"DOI":"10.13039\/100000006","name":"Office of Naval Research","doi-asserted-by":"publisher","award":["N00014-13-1-0016"],"award-info":[{"award-number":["N00014-13-1-0016"]}],"id":[{"id":"10.13039\/100000006","id-type":"DOI","asserted-by":"publisher"}]}],"content-domain":{"domain":["dl.acm.org"],"crossmark-restriction":true},"short-container-title":[],"published-print":{"date-parts":[[2015,10,12]]},"DOI":"10.1145\/2810103.2813654","type":"proceedings-article","created":{"date-parts":[[2015,10,6]],"date-time":"2015-10-06T11:22:12Z","timestamp":1444130532000},"page":"401-413","update-policy":"https:\/\/doi.org\/10.1145\/crossmark-policy","source":"Crossref","is-referenced-by-count":51,"title":["Unearthing Stealthy Program Attacks Buried in Extremely Long Execution Paths"],"prefix":"10.1145","author":[{"given":"Xiaokui","family":"Shu","sequence":"first","affiliation":[{"name":"Virginia Tech, Blacksburg, VA, USA"}]},{"given":"Danfeng","family":"Yao","sequence":"additional","affiliation":[{"name":"Virginia Tech, Blacksburg, VA, USA"}]},{"given":"Naren","family":"Ramakrishnan","sequence":"additional","affiliation":[{"name":"Virginia Tech, Blacksburg, VA, USA"}]}],"member":"320","published-online":{"date-parts":[[2015,10,12]]},"reference":[{"key":"e_1_3_2_1_1_1","doi-asserted-by":"publisher","DOI":"10.1145\/1102120.1102165"},{"key":"e_1_3_2_1_2_1","volume-title":"Proceedings of the Network and Distributed System Security Symposium","author":"Bayer U.","year":"2009","unstructured":"U. Bayer, P.M. Comparetti, C. Hlauschek, C. Krugel, and E. Kirda. Scalable, behavior-based malware clustering. In Proceedings of the Network and Distributed System Security Symposium, 2009."},{"key":"e_1_3_2_1_3_1","doi-asserted-by":"publisher","DOI":"10.1109\/SP.2006.12"},{"key":"e_1_3_2_1_4_1","volume-title":"Proceedings of the Network and Distributed System Security Symposium","author":"Brumley D.","year":"2007","unstructured":"D. Brumley, D. X. Song, T. cker Chiueh, R. Johnson, and H. Lin. RICH: Automatically protecting against integer-based vulnerabilities. In Proceedings of the Network and Distributed System Security Symposium, 2007."},{"key":"e_1_3_2_1_5_1","doi-asserted-by":"publisher","DOI":"10.5555\/1251398.1251410"},{"key":"e_1_3_2_1_6_1","doi-asserted-by":"publisher","DOI":"10.5555\/1776434.1776440"},{"key":"e_1_3_2_1_7_1","doi-asserted-by":"publisher","DOI":"10.1109\/TSE.1987.232894"},{"key":"e_1_3_2_1_8_1","first-page":"194","volume-title":"Proceedings of the IEEE Symposium on Security and Privacy","author":"Feng H.H.","year":"2004","unstructured":"H.H. Feng, J.T. Giffin, Y. Huang, S. Jha, W. Lee, and B. P. Miller. Formalizing sensitivity in static analysis for intrusion detection. In Proceedings of the IEEE Symposium on Security and Privacy, pages 194--208, 2004."},{"key":"e_1_3_2_1_9_1","doi-asserted-by":"publisher","DOI":"10.5555\/829515.830554"},{"key":"e_1_3_2_1_10_1","doi-asserted-by":"publisher","DOI":"10.1109\/ACSAC.2008.54"},{"key":"e_1_3_2_1_11_1","doi-asserted-by":"publisher","DOI":"10.5555\/1947337.1947356"},{"key":"e_1_3_2_1_12_1","doi-asserted-by":"publisher","DOI":"10.1109\/SP.2010.11"},{"key":"e_1_3_2_1_13_1","doi-asserted-by":"publisher","DOI":"10.1007\/978-3-642-02918-9_13"},{"key":"e_1_3_2_1_14_1","doi-asserted-by":"publisher","DOI":"10.1007\/11856214_2"},{"key":"e_1_3_2_1_15_1","doi-asserted-by":"publisher","DOI":"10.1007\/11663812_10"},{"key":"e_1_3_2_1_16_1","volume-title":"Proceedings of the Network and Distributed System Security Symposium","author":"Giffin J. T.","year":"2004","unstructured":"J. T. Giffin, S. Jha, and B. P. Miller. Efficient context-sensitive intrusion detection. In Proceedings of the Network and Distributed System Security Symposium, 2004."},{"key":"e_1_3_2_1_17_1","doi-asserted-by":"publisher","DOI":"10.5555\/1362903.1362915"},{"key":"e_1_3_2_1_18_1","first-page":"491","volume-title":"Proceedings of the Annual IEEE\/IFIP International Conference on Dependable Systems and Networks","author":"Gu Z.","year":"2014","unstructured":"Z. Gu, K. Pei, Q. Wang, L. Si, X. Zhang, and D. Xu. LEAPS: Detecting camouflaged attacks with statistical learning guided by program analysis. In Proceedings of the Annual IEEE\/IFIP International Conference on Dependable Systems and Networks, pages 491--502, 2014."},{"key":"e_1_3_2_1_19_1","unstructured":"The heartbleed bug http:\/\/heartbleed.com\/."},{"key":"e_1_3_2_1_20_1","doi-asserted-by":"publisher","DOI":"10.1109\/COMSNETS.2011.5716416"},{"key":"e_1_3_2_1_21_1","first-page":"9","volume-title":"Proceedings of the Annual Symposium on Information Assurance","author":"Inoue H.","year":"2007","unstructured":"H. Inoue and A. Somayaji. Lookahead pairs and full sequences: a tale of two anomaly detection methods. In Proceedings of the Annual Symposium on Information Assurance, pages 9--19, 2007."},{"key":"e_1_3_2_1_22_1","doi-asserted-by":"publisher","DOI":"10.1007\/978-3-642-25483-3_31"},{"key":"e_1_3_2_1_23_1","doi-asserted-by":"publisher","DOI":"10.1145\/2030376.2030377"},{"key":"e_1_3_2_1_24_1","doi-asserted-by":"publisher","DOI":"10.1007\/s10766-012-0193-x"},{"key":"e_1_3_2_1_25_1","unstructured":"S. Karanth S. Laxman P. Naldurg R. Venkatesan J. Lambert and J. Shin. Pattern mining for future attacks. Technical Report MSR-TR-2010-100 Microsoft Research 2010."},{"key":"e_1_3_2_1_26_1","doi-asserted-by":"publisher","DOI":"10.1109\/52.605929"},{"key":"e_1_3_2_1_27_1","doi-asserted-by":"publisher","DOI":"10.5555\/1251398.1251409"},{"key":"e_1_3_2_1_28_1","volume-title":"Vulnerability Notes Database","author":"Lanza J. P.","year":"2001","unstructured":"J. P. Lanza. SSH CRC32 attack detection code contains remote integer overflow. Vulnerability Notes Database, 2001."},{"key":"e_1_3_2_1_29_1","doi-asserted-by":"publisher","DOI":"10.5555\/1267549.1267555"},{"key":"e_1_3_2_1_30_1","doi-asserted-by":"publisher","DOI":"10.1109\/IWIA.2005.6"},{"key":"e_1_3_2_1_31_1","doi-asserted-by":"publisher","DOI":"10.1109\/TDSC.2008.69"},{"key":"e_1_3_2_1_32_1","doi-asserted-by":"publisher","DOI":"10.1142\/S0218213014600239"},{"key":"e_1_3_2_1_33_1","doi-asserted-by":"publisher","DOI":"10.1145\/1132026.1132027"},{"key":"e_1_3_2_1_34_1","unstructured":"The paradyn project http:\/\/www.paradyn.org\/."},{"key":"e_1_3_2_1_35_1","doi-asserted-by":"publisher","DOI":"10.1109\/ICDM.2006.165"},{"key":"e_1_3_2_1_36_1","doi-asserted-by":"publisher","DOI":"10.5555\/1855711.1855737"},{"key":"e_1_3_2_1_37_1","doi-asserted-by":"publisher","DOI":"10.3115\/981311.981313"},{"key":"e_1_3_2_1_38_1","first-page":"582","volume-title":"Proceedings of the annual conference on Neural Information Processing Systems","volume":"12","author":"Scholkopf B.","year":"1999","unstructured":"B. Scholkopf, R. C. Williamson, A. J. Smola, J. Shawe-Taylor, and J. C. Platt. Support vector method for novelty detection. In Proceedings of the annual conference on Neural Information Processing Systems, volume 12, pages 582--588, 1999."},{"key":"e_1_3_2_1_39_1","doi-asserted-by":"publisher","DOI":"10.5555\/882495.884433"},{"key":"e_1_3_2_1_40_1","doi-asserted-by":"publisher","DOI":"10.1145\/1030083.1030124"},{"key":"e_1_3_2_1_41_1","volume-title":"Heap Feng Shui in JavaScript. Black Hat Europe","author":"Sotirov A.","year":"2007","unstructured":"A. Sotirov. Heap Feng Shui in JavaScript. Black Hat Europe, 2007."},{"key":"e_1_3_2_1_42_1","doi-asserted-by":"publisher","DOI":"10.1109\/MSP.2014.84"},{"key":"e_1_3_2_1_43_1","unstructured":"Systemtap overhead test https:\/\/sourceware.org\/ml\/systemtap\/2006-q3\/msg00146.html."},{"key":"e_1_3_2_1_44_1","doi-asserted-by":"publisher","DOI":"10.1109\/TDSC.2004.21"},{"key":"e_1_3_2_1_45_1","doi-asserted-by":"publisher","DOI":"10.5555\/882495.884434"},{"key":"e_1_3_2_1_46_1","doi-asserted-by":"publisher","DOI":"10.1145\/586110.586145"},{"key":"e_1_3_2_1_47_1","doi-asserted-by":"publisher","DOI":"10.1109\/SECPRI.1999.766910"},{"key":"e_1_3_2_1_48_1","doi-asserted-by":"publisher","DOI":"10.5555\/2354410.2355130"}],"event":{"name":"CCS'15: The 22nd ACM Conference on Computer and Communications Security","location":"Denver Colorado USA","acronym":"CCS'15","sponsor":["SIGSAC ACM Special Interest Group on Security, Audit, and Control"]},"container-title":["Proceedings of the 22nd ACM SIGSAC Conference on Computer and Communications Security"],"original-title":[],"link":[{"URL":"https:\/\/dl.acm.org\/doi\/10.1145\/2810103.2813654","content-type":"unspecified","content-version":"vor","intended-application":"text-mining"},{"URL":"https:\/\/dl.acm.org\/doi\/pdf\/10.1145\/2810103.2813654","content-type":"application\/pdf","content-version":"vor","intended-application":"syndication"},{"URL":"https:\/\/dl.acm.org\/doi\/pdf\/10.1145\/2810103.2813654","content-type":"unspecified","content-version":"vor","intended-application":"similarity-checking"}],"deposited":{"date-parts":[[2025,11,18]],"date-time":"2025-11-18T09:30:56Z","timestamp":1763458256000},"score":1,"resource":{"primary":{"URL":"https:\/\/dl.acm.org\/doi\/10.1145\/2810103.2813654"}},"subtitle":[],"short-title":[],"issued":{"date-parts":[[2015,10,12]]},"references-count":48,"alternative-id":["10.1145\/2810103.2813654","10.1145\/2810103"],"URL":"https:\/\/doi.org\/10.1145\/2810103.2813654","relation":{},"subject":[],"published":{"date-parts":[[2015,10,12]]},"assertion":[{"value":"2015-10-12","order":3,"name":"published","label":"Published","group":{"name":"publication_history","label":"Publication History"}}]}}