{"status":"ok","message-type":"work","message-version":"1.0.0","message":{"indexed":{"date-parts":[[2026,1,30]],"date-time":"2026-01-30T04:55:06Z","timestamp":1769748906939,"version":"3.49.0"},"publisher-location":"New York, NY, USA","reference-count":34,"publisher":"ACM","license":[{"start":{"date-parts":[[2016,10,12]],"date-time":"2016-10-12T00:00:00Z","timestamp":1476230400000},"content-version":"vor","delay-in-days":366,"URL":"http:\/\/www.acm.org\/publications\/policies\/copyright_policy#Background"}],"funder":[{"DOI":"10.13039\/100006602","name":"Air Force Research Laboratory","doi-asserted-by":"publisher","award":["FA8750-15-2-0096"],"award-info":[{"award-number":["FA8750-15-2-0096"]}],"id":[{"id":"10.13039\/100006602","id-type":"DOI","asserted-by":"publisher"}]}],"content-domain":{"domain":["dl.acm.org"],"crossmark-restriction":true},"short-container-title":[],"published-print":{"date-parts":[[2015,10,12]]},"DOI":"10.1145\/2810103.2813680","type":"proceedings-article","created":{"date-parts":[[2015,10,6]],"date-time":"2015-10-06T11:22:12Z","timestamp":1444130532000},"page":"616-628","update-policy":"https:\/\/doi.org\/10.1145\/crossmark-policy","source":"Crossref","is-referenced-by-count":33,"title":["Detecting and Exploiting Second Order Denial-of-Service Vulnerabilities in Web Applications"],"prefix":"10.1145","author":[{"given":"Oswaldo","family":"Olivo","sequence":"first","affiliation":[{"name":"The University of Texas at Austin, Austin, TX, USA"}]},{"given":"Isil","family":"Dillig","sequence":"additional","affiliation":[{"name":"The University of Texas at Austin, Austin, TX, USA"}]},{"given":"Calvin","family":"Lin","sequence":"additional","affiliation":[{"name":"The University of Texas at Austin, Austin, TX, USA"}]}],"member":"320","published-online":{"date-parts":[[2015,10,12]]},"reference":[{"key":"e_1_3_2_1_1_1","doi-asserted-by":"publisher","DOI":"10.1109\/GLOCOM.2003.1258459"},{"key":"e_1_3_2_1_2_1","unstructured":"M. Abliz. Internet denial of service attacks and defense mechanisms. In Technical Report No. TR-11--178 pages 1--50. University of Pittsburgh 2011."},{"key":"e_1_3_2_1_3_1","doi-asserted-by":"publisher","DOI":"10.1109\/ASE.2009.87"},{"key":"e_1_3_2_1_4_1","doi-asserted-by":"publisher","DOI":"10.1109\/ICSE.2009.5070545"},{"key":"e_1_3_2_1_5_1","doi-asserted-by":"publisher","DOI":"10.1145\/1180405.1180445"},{"key":"e_1_3_2_1_6_1","doi-asserted-by":"publisher","DOI":"10.1109\/CSF.2009.13"},{"key":"e_1_3_2_1_7_1","doi-asserted-by":"publisher","DOI":"10.1145\/1866307.1866373"},{"key":"e_1_3_2_1_8_1","unstructured":"S. cookies. http:\/\/cr.yp.to\/syncookies.html."},{"key":"e_1_3_2_1_9_1","doi-asserted-by":"publisher","DOI":"10.5555\/1251353.1251356"},{"key":"e_1_3_2_1_10_1","doi-asserted-by":"publisher","DOI":"10.5555\/2671225.2671288"},{"key":"e_1_3_2_1_11_1","doi-asserted-by":"publisher","DOI":"10.5555\/1267612.1267615"},{"key":"e_1_3_2_1_12_1","doi-asserted-by":"publisher","DOI":"10.1145\/1328438.1328459"},{"key":"e_1_3_2_1_13_1","first-page":"4732","author":"Handley M.","year":"2006","unstructured":"M. Handley, E. Rescorla, and IAB. Internet denial-of-service considerations. In RFC 4732, 2006.","journal-title":"RFC"},{"key":"e_1_3_2_1_14_1","unstructured":"http:\/\/insecure.org\/sploits\/ping-o death.html. Ping of death."},{"key":"e_1_3_2_1_15_1","doi-asserted-by":"publisher","DOI":"10.5555\/1251203.1251224"},{"key":"e_1_3_2_1_16_1","doi-asserted-by":"publisher","DOI":"10.1109\/ICSE.2009.5070521"},{"key":"e_1_3_2_1_17_1","doi-asserted-by":"publisher","DOI":"10.1145\/1028788.1028812"},{"key":"e_1_3_2_1_18_1","doi-asserted-by":"publisher","DOI":"10.5555\/1251398.1251416"},{"key":"e_1_3_2_1_19_1","volume-title":"Internet of Service: Attack and Defense Mechanisms","author":"Mirkovic J.","year":"2005","unstructured":"J. Mirkovic, S. Dietrich, D. Dittrich, and P. Reiher. Internet of Service: Attack and Defense Mechanisms. Prentice Hall, 2005."},{"key":"e_1_3_2_1_20_1","doi-asserted-by":"publisher","DOI":"10.5555\/645532.656169"},{"key":"e_1_3_2_1_21_1","first-page":"771","volume-title":"Networking","author":"Peng T.","year":"2004","unstructured":"T. Peng, C. Lecking, and K. Ramamohanarao. Proactively detecting distributed denial of service attacks using source ip address monitoring. In Networking, pages 771--782. Springer-Verlag, 2004."},{"key":"e_1_3_2_1_22_1","unstructured":"PHP-Parser. https:\/\/github.com\/nikic\/PHP-Parser."},{"key":"e_1_3_2_1_23_1","doi-asserted-by":"publisher","DOI":"10.5555\/1267359.1267375"},{"key":"e_1_3_2_1_24_1","doi-asserted-by":"publisher","DOI":"10.1145\/2491411.2491447"},{"key":"e_1_3_2_1_25_1","unstructured":"M. share of PHP-based websites. http:\/\/w3techs.com\/technologies\/details\/pl-php\/all\/all."},{"key":"e_1_3_2_1_26_1","doi-asserted-by":"publisher","DOI":"10.1145\/2166956.2166964"},{"key":"e_1_3_2_1_27_1","doi-asserted-by":"publisher","DOI":"10.5555\/876890.880465"},{"key":"e_1_3_2_1_28_1","doi-asserted-by":"publisher","DOI":"10.1145\/1159913.1159948"},{"key":"e_1_3_2_1_29_1","first-page":"1530","volume-title":"21st Annual Joint Conference of the IEEE Computer and Communications Societies (INFOCOM)","author":"Wang H.","year":"2002","unstructured":"H. Wang, D. Zhang, and K. Shin. Detecting syn flooding attacks. In 21st Annual Joint Conference of the IEEE Computer and Communications Societies (INFOCOM), pages 1530--1539. IEEE, 2002."},{"key":"e_1_3_2_1_30_1","doi-asserted-by":"publisher","DOI":"10.1145\/1368088.1368112"},{"key":"e_1_3_2_1_31_1","doi-asserted-by":"publisher","DOI":"10.5555\/1267336.1267349"},{"key":"e_1_3_2_1_32_1","doi-asserted-by":"publisher","DOI":"10.1145\/1080091.1080120"},{"key":"e_1_3_2_1_33_1","unstructured":"Z3. https:\/\/github.com\/Z3Prover\/z3."},{"key":"e_1_3_2_1_34_1","unstructured":"Z3-str2. https:\/\/sites.google.com\/site\/z3strsolver\/."}],"event":{"name":"CCS'15: The 22nd ACM Conference on Computer and Communications Security","location":"Denver Colorado USA","acronym":"CCS'15","sponsor":["SIGSAC ACM Special Interest Group on Security, Audit, and Control"]},"container-title":["Proceedings of the 22nd ACM SIGSAC Conference on Computer and Communications Security"],"original-title":[],"link":[{"URL":"https:\/\/dl.acm.org\/doi\/10.1145\/2810103.2813680","content-type":"unspecified","content-version":"vor","intended-application":"text-mining"},{"URL":"https:\/\/dl.acm.org\/doi\/pdf\/10.1145\/2810103.2813680","content-type":"application\/pdf","content-version":"vor","intended-application":"syndication"},{"URL":"https:\/\/dl.acm.org\/doi\/pdf\/10.1145\/2810103.2813680","content-type":"unspecified","content-version":"vor","intended-application":"similarity-checking"}],"deposited":{"date-parts":[[2025,11,18]],"date-time":"2025-11-18T09:32:49Z","timestamp":1763458369000},"score":1,"resource":{"primary":{"URL":"https:\/\/dl.acm.org\/doi\/10.1145\/2810103.2813680"}},"subtitle":[],"short-title":[],"issued":{"date-parts":[[2015,10,12]]},"references-count":34,"alternative-id":["10.1145\/2810103.2813680","10.1145\/2810103"],"URL":"https:\/\/doi.org\/10.1145\/2810103.2813680","relation":{},"subject":[],"published":{"date-parts":[[2015,10,12]]},"assertion":[{"value":"2015-10-12","order":3,"name":"published","label":"Published","group":{"name":"publication_history","label":"Publication History"}}]}}