{"status":"ok","message-type":"work","message-version":"1.0.0","message":{"indexed":{"date-parts":[[2026,2,25]],"date-time":"2026-02-25T17:53:54Z","timestamp":1772042034761,"version":"3.50.1"},"publisher-location":"New York, NY, USA","reference-count":60,"publisher":"ACM","license":[{"start":{"date-parts":[[2017,10,30]],"date-time":"2017-10-30T00:00:00Z","timestamp":1509321600000},"content-version":"vor","delay-in-days":0,"URL":"https:\/\/www.acm.org\/publications\/policies\/copyright_policy#Background"}],"funder":[{"DOI":"10.13039\/501100001809","name":"National Natural Science Foundation of China","doi-asserted-by":"publisher","award":["U1536106, 61728209, 91418206, 61170240, 61472429"],"award-info":[{"award-number":["U1536106, 61728209, 91418206, 61170240, 61472429"]}],"id":[{"id":"10.13039\/501100001809","id-type":"DOI","asserted-by":"publisher"}]},{"name":"National Key Research and Development Program of China","award":["2016QY04W0805"],"award-info":[{"award-number":["2016QY04W0805"]}]},{"name":"National Science Foundation CNS","award":["1223477, 1223495, 1527141, 1618493"],"award-info":[{"award-number":["1223477, 1223495, 1527141, 1618493"]}]},{"name":"Youth Innovation Promotion Association CAS, strategic priority research program of CAS","award":["XDA06010701"],"award-info":[{"award-number":["XDA06010701"]}]},{"DOI":"10.13039\/100000183","name":"Army Research Office","doi-asserted-by":"publisher","award":["W911NF1610127"],"award-info":[{"award-number":["W911NF1610127"]}],"id":[{"id":"10.13039\/100000183","id-type":"DOI","asserted-by":"publisher"}]}],"content-domain":{"domain":["dl.acm.org"],"crossmark-restriction":true},"short-container-title":[],"published-print":{"date-parts":[[2017,10,30]]},"DOI":"10.1145\/3133956.3134085","type":"proceedings-article","created":{"date-parts":[[2017,10,27]],"date-time":"2017-10-27T12:48:18Z","timestamp":1509108498000},"page":"2139-2154","update-policy":"https:\/\/doi.org\/10.1145\/crossmark-policy","source":"Crossref","is-referenced-by-count":89,"title":["SemFuzz"],"prefix":"10.1145","author":[{"given":"Wei","family":"You","sequence":"first","affiliation":[{"name":"Indiana University, Bloomington, Bloomington, IN, USA"}]},{"given":"Peiyuan","family":"Zong","sequence":"additional","affiliation":[{"name":"Institute of Information Engineering, Chinese Academy of Sciences &amp; University of Chinese Academy of Sciences, Beijing, China"}]},{"given":"Kai","family":"Chen","sequence":"additional","affiliation":[{"name":"Institute of Information Engineering, Chinese Academy of Sciences &amp; University of Chinese Academy of Sciences, Beijing, China"}]},{"given":"XiaoFeng","family":"Wang","sequence":"additional","affiliation":[{"name":"Indiana University, Bloomington, Bloomington, IN, USA"}]},{"given":"Xiaojing","family":"Liao","sequence":"additional","affiliation":[{"name":"William and Mary, Williamsburg, VA, USA"}]},{"given":"Pan","family":"Bian","sequence":"additional","affiliation":[{"name":"Renmin University of China, Beijing, China"}]},{"given":"Bin","family":"Liang","sequence":"additional","affiliation":[{"name":"Renmin University of China, Beijing, China"}]}],"member":"320","published-online":{"date-parts":[[2017,10,30]]},"reference":[{"key":"e_1_3_2_2_1_1","unstructured":"2016. 2016 Financial Industry Cybersecurity Report. https:\/\/cdn2.hubspot.net\/hubfs\/533449\/SecurityScorecard 2016 Financial Report.pdf. (2016)."},{"key":"e_1_3_2_2_2_1","unstructured":"2016. FullDisclosure: CVE-2016--8655 Linux af packet.c race condition (local root). http:\/\/seclists.org\/oss-sec\/2016\/q4\/607. (2016)."},{"key":"e_1_3_2_2_3_1","unstructured":"2016. Kernel: Add KCOV Code Coverage. https:\/\/lwn.net\/Articles\/671640\/. (2016)."},{"key":"e_1_3_2_2_4_1","unstructured":"2016. Syzkaller. https:\/\/github.com\/google\/syzkaller. (2016)."},{"key":"e_1_3_2_2_5_1","unstructured":"2016. Yahoo: Hackers Stole Data On Another Billion Accounts. https:\/\/www.forbes.com\/sites\/thomasbrewster\/2016\/12\/14\/yahoo-admitsanother-billion-user-accounts-were-leaked-in-2013. (2016)."},{"key":"e_1_3_2_2_6_1","unstructured":"2017. Application Vulnerability: Trend Analysis and Correlation of Coding Patterns across Industries. https:\/\/www.cognizant.com\/whitepapers\/ApplicationVulnerability-Trend-Analysis-and-Correlation-of-Coding-Patterns-AcrossIndustries.pdf. (2017)."},{"key":"e_1_3_2_2_7_1","unstructured":"2017. Bug 195709. https:\/\/bugzilla.kernel.org\/show bug.cgi?id=195709. (2017)."},{"key":"e_1_3_2_2_8_1","unstructured":"2017. Bug 195807. https:\/\/bugzilla.kernel.org\/show bug.cgi?id=195807. (2017)."},{"key":"e_1_3_2_2_9_1","unstructured":"2017. Common Vulnerabilities and Exposures. https:\/\/cve.mitre.org. (2017)."},{"key":"e_1_3_2_2_10_1","unstructured":"2017. Common Weakness Enumeration. https:\/\/cwe.mitre.org. (2017)."},{"key":"e_1_3_2_2_11_1","unstructured":"2017. CWE: Improper Input Validation. https:\/\/cwe.mitre.org\/data\/definitions\/20.html. (2017)."},{"key":"e_1_3_2_2_12_1","unstructured":"2017. FullDisclosure Mailing List. http:\/\/seclists.org\/fulldisclosure. (2017)."},{"key":"e_1_3_2_2_13_1","unstructured":"2017. Information Security Resources. https:\/\/www.sans.org\/security-resources\/blogs. (2017)."},{"key":"e_1_3_2_2_14_1","unstructured":"2017. Krebs on Security. https:\/\/krebsonsecurity.com. (2017)."},{"key":"e_1_3_2_2_15_1","unstructured":"2017. Linux Kernel Git Repositories. https:\/\/git.kernel.org. (2017)."},{"key":"e_1_3_2_2_16_1","volume-title":"Linux man","year":"2017","unstructured":"2017. Linux man pages online. http:\/\/man7.org\/linux\/man-pages\/index.html. (2017)."},{"key":"e_1_3_2_2_17_1","unstructured":"2017. National Vulnerability Database. https:\/\/nvd.nist.gov. (2017)."},{"key":"e_1_3_2_2_18_1","unstructured":"2017. pyStatParser. https:\/\/github.com\/emilmont\/pyStatParser. (2017)."},{"key":"e_1_3_2_2_19_1","unstructured":"2017. STP Constraint Solver. http:\/\/stp.github.io. (2017)."},{"key":"e_1_3_2_2_20_1","unstructured":"2017. Vulnerability. https:\/\/en.wikipedia.org\/wiki\/Vulnerability (computing). (2017)."},{"key":"e_1_3_2_2_21_1","unstructured":"2017. vUSBf. https:\/\/github.com\/schumilo\/vUSBf. (2017)."},{"key":"e_1_3_2_2_22_1","unstructured":"2017. WannaCry Ransomware Attack. https:\/\/en.wikipedia.org\/wiki\/WannaCry ransomware attack. (2017)."},{"key":"e_1_3_2_2_23_1","unstructured":"2017. What is CVE and How Does It Work? http:\/\/www.csoonline.com\/article\/3204884\/application-security\/what-isthe-cve-and-how-does-it-work.html. (2017)."},{"key":"e_1_3_2_2_24_1","doi-asserted-by":"publisher","DOI":"10.1145\/2976749.2978380"},{"key":"e_1_3_2_2_25_1","doi-asserted-by":"publisher","DOI":"10.1145\/800028.808479"},{"key":"e_1_3_2_2_26_1","doi-asserted-by":"publisher","DOI":"10.1145\/2560217.2560219"},{"key":"e_1_3_2_2_27_1","doi-asserted-by":"publisher","DOI":"10.1145\/2976749.2978428"},{"key":"e_1_3_2_2_28_1","doi-asserted-by":"publisher","DOI":"10.1109\/SP.2008.17"},{"key":"e_1_3_2_2_29_1","doi-asserted-by":"publisher","DOI":"10.1145\/2786805.2786839"},{"key":"e_1_3_2_2_30_1","volume-title":"Tree-Bank Grammars. In Proceedings of the 10th National Conference on Artificial Intelligence (AAAI","author":"Charniak Eugene","year":"1996","unstructured":"Eugene Charniak. 1996. Tree-Bank Grammars. In Proceedings of the 10th National Conference on Artificial Intelligence (AAAI 1996). 1031--1036."},{"key":"e_1_3_2_2_31_1","doi-asserted-by":"publisher","DOI":"10.1109\/SP.2016.29"},{"key":"e_1_3_2_2_32_1","doi-asserted-by":"publisher","DOI":"10.1109\/TR.2015.2512220"},{"key":"e_1_3_2_2_33_1","doi-asserted-by":"publisher","DOI":"10.1145\/2568225.2568276"},{"key":"e_1_3_2_2_34_1","doi-asserted-by":"publisher","DOI":"10.5555\/2831143.2831155"},{"key":"e_1_3_2_2_35_1","doi-asserted-by":"publisher","DOI":"10.1109\/SERE.2013.26"},{"key":"e_1_3_2_2_36_1","doi-asserted-by":"publisher","DOI":"10.1145\/360248.360252"},{"key":"e_1_3_2_2_37_1","doi-asserted-by":"publisher","DOI":"10.1145\/1081706.1081755"},{"key":"e_1_3_2_2_38_1","doi-asserted-by":"publisher","DOI":"10.1145\/2884781.2884870"},{"key":"e_1_3_2_2_39_1","doi-asserted-by":"publisher","DOI":"10.1145\/3081333.3081361"},{"key":"e_1_3_2_2_40_1","doi-asserted-by":"publisher","DOI":"10.5555\/972470.972475"},{"key":"e_1_3_2_2_41_1","doi-asserted-by":"publisher","DOI":"10.1109\/ESEM.2013.19"},{"key":"e_1_3_2_2_42_1","doi-asserted-by":"publisher","DOI":"10.1145\/2661685.2661687"},{"key":"e_1_3_2_2_43_1","doi-asserted-by":"publisher","DOI":"10.1145\/2382756.2382785"},{"key":"e_1_3_2_2_44_1","doi-asserted-by":"publisher","DOI":"10.1145\/96267.96279"},{"key":"e_1_3_2_2_45_1","doi-asserted-by":"publisher","DOI":"10.1109\/SP.2015.48"},{"key":"e_1_3_2_2_46_1","doi-asserted-by":"publisher","DOI":"10.1145\/1315245.1315311"},{"key":"e_1_3_2_2_47_1","volume-title":"Proceedings of the 22nd USENIX Security Symposium (Security","author":"Pandita Rahul","year":"2013","unstructured":"Rahul Pandita, Xusheng Xiao, Wei Yang, William Enck, and Tao Xie. 2013. WHYPER: Towards Automating Risk Assessment of Mobile Applications. In Proceedings of the 22nd USENIX Security Symposium (Security 2013). 527--542."},{"key":"e_1_3_2_2_48_1","doi-asserted-by":"publisher","DOI":"10.1145\/2810103.2813604"},{"key":"e_1_3_2_2_49_1","doi-asserted-by":"publisher","DOI":"10.14722\/ndss.2017.23404"},{"key":"e_1_3_2_2_50_1","doi-asserted-by":"publisher","DOI":"10.1109\/SP.2010.26"},{"key":"e_1_3_2_2_51_1","doi-asserted-by":"publisher","DOI":"10.1145\/1083142.1083147"},{"key":"e_1_3_2_2_52_1","doi-asserted-by":"publisher","DOI":"10.14722\/ndss.2016.23368"},{"key":"e_1_3_2_2_53_1","volume-title":"Fuzzing: Brute Force Vulnerability Discovery. Pearson Education.","author":"Sutton Michael","year":"2007","unstructured":"Michael Sutton, Adam Greene, and Pedram Amini. 2007. Fuzzing: Brute Force Vulnerability Discovery. Pearson Education."},{"key":"e_1_3_2_2_54_1","doi-asserted-by":"publisher","DOI":"10.1145\/1294261.1294276"},{"key":"e_1_3_2_2_55_1","doi-asserted-by":"publisher","DOI":"10.1145\/1985793.1985796"},{"key":"e_1_3_2_2_56_1","doi-asserted-by":"publisher","DOI":"10.1109\/SP.2017.23"},{"key":"e_1_3_2_2_57_1","doi-asserted-by":"publisher","DOI":"10.1145\/2393596.2393608"},{"key":"e_1_3_2_2_58_1","first-page":"15","article-title":"Concurrency Attacks","volume":"12","author":"Yang Junfeng","year":"2012","unstructured":"Junfeng Yang, Ang Cui, Salvatore J Stolfo, and Simha Sethumadhavan. 2012. Concurrency Attacks. HotPar 12 (2012), 15.","journal-title":"HotPar"},{"key":"e_1_3_2_2_59_1","doi-asserted-by":"publisher","DOI":"10.1145\/2884781.2884881"},{"key":"e_1_3_2_2_60_1","doi-asserted-by":"publisher","DOI":"10.1109\/ASE.2009.94"}],"event":{"name":"CCS '17: 2017 ACM SIGSAC Conference on Computer and Communications Security","location":"Dallas Texas USA","acronym":"CCS '17","sponsor":["SIGSAC ACM Special Interest Group on Security, Audit, and Control"]},"container-title":["Proceedings of the 2017 ACM SIGSAC Conference on Computer and Communications Security"],"original-title":[],"link":[{"URL":"https:\/\/dl.acm.org\/doi\/10.1145\/3133956.3134085","content-type":"unspecified","content-version":"vor","intended-application":"text-mining"},{"URL":"https:\/\/dl.acm.org\/doi\/pdf\/10.1145\/3133956.3134085","content-type":"application\/pdf","content-version":"vor","intended-application":"syndication"},{"URL":"https:\/\/dl.acm.org\/doi\/pdf\/10.1145\/3133956.3134085","content-type":"unspecified","content-version":"vor","intended-application":"similarity-checking"}],"deposited":{"date-parts":[[2025,6,18]],"date-time":"2025-06-18T02:11:03Z","timestamp":1750212663000},"score":1,"resource":{"primary":{"URL":"https:\/\/dl.acm.org\/doi\/10.1145\/3133956.3134085"}},"subtitle":["Semantics-based Automatic Generation of Proof-of-Concept Exploits"],"short-title":[],"issued":{"date-parts":[[2017,10,30]]},"references-count":60,"alternative-id":["10.1145\/3133956.3134085","10.1145\/3133956"],"URL":"https:\/\/doi.org\/10.1145\/3133956.3134085","relation":{},"subject":[],"published":{"date-parts":[[2017,10,30]]},"assertion":[{"value":"2017-10-30","order":2,"name":"published","label":"Published","group":{"name":"publication_history","label":"Publication History"}}]}}