{"status":"ok","message-type":"work","message-version":"1.0.0","message":{"indexed":{"date-parts":[[2025,6,19]],"date-time":"2025-06-19T04:08:01Z","timestamp":1750306081502,"version":"3.41.0"},"publisher-location":"New York, NY, USA","reference-count":41,"publisher":"ACM","license":[{"start":{"date-parts":[[2017,12,4]],"date-time":"2017-12-04T00:00:00Z","timestamp":1512345600000},"content-version":"vor","delay-in-days":0,"URL":"https:\/\/www.acm.org\/publications\/policies\/copyright_policy#Background"}],"content-domain":{"domain":["dl.acm.org"],"crossmark-restriction":true},"short-container-title":[],"published-print":{"date-parts":[[2017,12,4]]},"DOI":"10.1145\/3134600.3134633","type":"proceedings-article","created":{"date-parts":[[2017,12,4]],"date-time":"2017-12-04T19:18:32Z","timestamp":1512415112000},"page":"68-78","update-policy":"https:\/\/doi.org\/10.1145\/crossmark-policy","source":"Crossref","is-referenced-by-count":2,"title":["QUASAR"],"prefix":"10.1145","author":[{"given":"Richard","family":"Skowyra","sequence":"first","affiliation":[{"name":"MIT Lincoln Laboratory"}]},{"given":"Steven R.","family":"Gomez","sequence":"additional","affiliation":[{"name":"MIT Lincoln Laboratory"}]},{"given":"David","family":"Bigelow","sequence":"additional","affiliation":[{"name":"MIT Lincoln Laboratory"}]},{"given":"James","family":"Landry","sequence":"additional","affiliation":[{"name":"MIT Lincoln Laboratory"}]},{"given":"Hamed","family":"Okhravi","sequence":"additional","affiliation":[{"name":"MIT Lincoln Laboratory"}]}],"member":"320","published-online":{"date-parts":[[2017,12,4]]},"reference":[{"volume-title":"CVE-ID CVE-2015-7545. (feb","year":"2016","key":"e_1_3_2_1_1_1","unstructured":"CVE-2015-7545. Available from MITRE , CVE-ID CVE-2015-7545. (feb 2016 ), https:\/\/cve.mitre.org\/cgi-bin\/cvename.cgi?name=cve-2015-7547 CVE-2015-7545. Available from MITRE, CVE-ID CVE-2015-7545. (feb 2016), https:\/\/cve.mitre.org\/cgi-bin\/cvename.cgi?name=cve-2015-7547"},{"key":"e_1_3_2_1_2_1","doi-asserted-by":"publisher","DOI":"10.1145\/1102120.1102165"},{"key":"e_1_3_2_1_3_1","doi-asserted-by":"publisher","DOI":"10.21236\/AD0772806"},{"key":"e_1_3_2_1_4_1","first-page":"251","volume-title":"USENIX Annual Technical Conf.","author":"Baratloo A.","year":"2000","unstructured":"Baratloo , A. , Singh , N. , Tsai , T.K. , : Transparent run-time defense against stack-smashing attacks . In: USENIX Annual Technical Conf. pp. 251 -- 262 ( 2000 ) Baratloo, A., Singh, N., Tsai, T.K., et al.: Transparent run-time defense against stack-smashing attacks. In: USENIX Annual Technical Conf. pp. 251--262 (2000)"},{"key":"e_1_3_2_1_5_1","volume-title":"Klein","author":"Becher M.","year":"2005","unstructured":"Becher , M. , Dornseif , M. , Klein , C.N. : Firewire: all your memory are belong to us. Proceedings of CanSecWest ( 2005 ) Becher, M., Dornseif, M., Klein, C.N.: Firewire: all your memory are belong to us. Proceedings of CanSecWest (2005)"},{"key":"e_1_3_2_1_6_1","volume-title":"van Maaren","author":"Biere A.","year":"2009","unstructured":"Biere , A. , Heule , M. , van Maaren , H. : Handbook of satisfiability, vol. 185 . IOS press ( 2009 ) Biere, A., Heule, M., van Maaren, H.: Handbook of satisfiability, vol. 185. IOS press (2009)"},{"key":"e_1_3_2_1_7_1","doi-asserted-by":"publisher","DOI":"10.1145\/2810103.2813691"},{"key":"e_1_3_2_1_8_1","volume-title":"Gross","author":"Carlini N.","year":"2015","unstructured":"Carlini , N. , Barresi , A. , Payer , M. , Wagner , D. , Gross , T.R. : Control-flow bending: On the effectiveness of control-flow integrity. In : Proc. USENIX Security ( 2015 ) Carlini, N., Barresi, A., Payer, M., Wagner, D., Gross, T.R.: Control-flow bending: On the effectiveness of control-flow integrity. In: Proc. USENIX Security (2015)"},{"key":"e_1_3_2_1_9_1","doi-asserted-by":"publisher","DOI":"10.1016\/j.diin.2003.12.001"},{"volume-title":"Linux Expo (1999)","author":"Cowan C.","key":"e_1_3_2_1_10_1","unstructured":"Cowan , C. , Beattie , S. , Day , R.F. , Pu , C. , Wagle , P. , Walthinsen , E. : Protecting systems from stack smashing attacks with stackguard . In: Linux Expo (1999) Cowan, C., Beattie, S., Day, R.F., Pu, C., Wagle, P., Walthinsen, E.: Protecting systems from stack smashing attacks with stackguard. In: Linux Expo (1999)"},{"key":"e_1_3_2_1_11_1","doi-asserted-by":"publisher","DOI":"10.1109\/SP.2015.52"},{"key":"e_1_3_2_1_12_1","doi-asserted-by":"publisher","DOI":"10.1145\/502090.502091"},{"key":"e_1_3_2_1_13_1","doi-asserted-by":"publisher","DOI":"10.3166\/jancl.11.11-34"},{"key":"e_1_3_2_1_14_1","first-page":"627","volume-title":"A compiler for deterministic, decomposable negation normal form","author":"Darwiche A.","year":"2002","unstructured":"Darwiche , A. : A compiler for deterministic, decomposable negation normal form . In : AAAI\/IAAI. pp. 627 -- 634 ( 2002 ) Darwiche, A.: A compiler for deterministic, decomposable negation normal form. In: AAAI\/IAAI. pp. 627--634 (2002)"},{"key":"e_1_3_2_1_15_1","volume-title":"Advancing exploitation: a scriptless 0day exploit against linux desktops","author":"Evans C.","year":"2016","unstructured":"Evans , C. : Advancing exploitation: a scriptless 0day exploit against linux desktops ( 2016 ), http:\/\/scarybeastsecurity.blogspot.com\/2016\/11\/0day-exploit-advancing-exploitation.html Evans, C.: Advancing exploitation: a scriptless 0day exploit against linux desktops (2016), http:\/\/scarybeastsecurity.blogspot.com\/2016\/11\/0day-exploit-advancing-exploitation.html"},{"key":"e_1_3_2_1_16_1","doi-asserted-by":"publisher","DOI":"10.1145\/2810103.2813646"},{"key":"e_1_3_2_1_17_1","doi-asserted-by":"publisher","DOI":"10.1109\/SP.2012.39"},{"key":"e_1_3_2_1_18_1","volume-title":"Liang","author":"Hu H.","year":"2016","unstructured":"Hu , H. , Shinde , S. , Adrian , S. , Chua , Z.L. , Saxena , P. , Liang , Z. : Data-oriented programming: On the expressiveness of non-control data attacks. In : Proc. of IEEE S &P ( 2016 ) Hu, H., Shinde, S., Adrian, S., Chua, Z.L., Saxena, P., Liang, Z.: Data-oriented programming: On the expressiveness of non-control data attacks. In: Proc. of IEEE S&P (2016)"},{"key":"e_1_3_2_1_19_1","doi-asserted-by":"publisher","DOI":"10.1109\/ACSAC.2006.9"},{"key":"e_1_3_2_1_20_1","doi-asserted-by":"publisher","DOI":"10.1145\/2678373.2665726"},{"volume-title":"International Workshop on Formal Aspects in Security and Trust (2010)","author":"Kordy B.","key":"e_1_3_2_1_21_1","unstructured":"Kordy , B. , Mauw , S. , Radomirovi\u0107 , S. , Schweitzer , P. : Foundations of attack--defense trees . In: International Workshop on Formal Aspects in Security and Trust (2010) Kordy, B., Mauw, S., Radomirovi\u0107, S., Schweitzer, P.: Foundations of attack--defense trees. In: International Workshop on Formal Aspects in Security and Trust (2010)"},{"key":"e_1_3_2_1_22_1","volume-title":"Song","author":"Kuznetsov V.","year":"2014","unstructured":"Kuznetsov , V. , Szekeres , L. , Payer , M. , Candea , G. , Sekar , R. , Song , D. : Code-pointer integrity. In : OSDI ( 2014 ) Kuznetsov, V., Szekeres, L., Payer, M., Candea, G., Sekar, R., Song, D.: Code-pointer integrity. In: OSDI (2014)"},{"key":"e_1_3_2_1_23_1","doi-asserted-by":"publisher","DOI":"10.1109\/SP.2014.25"},{"key":"e_1_3_2_1_24_1","doi-asserted-by":"publisher","DOI":"10.1016\/j.peva.2003.07.008"},{"key":"e_1_3_2_1_25_1","doi-asserted-by":"publisher","DOI":"10.1145\/1920261.1920269"},{"key":"e_1_3_2_1_26_1","volume-title":"Openbsd 3.3","author":"Open BSD","year":"2003","unstructured":"Open BSD : Openbsd 3.3 ( 2003 ), http:\/\/www.openbsd.org\/33.html OpenBSD: Openbsd 3.3 (2003), http:\/\/www.openbsd.org\/33.html"},{"key":"e_1_3_2_1_27_1","volume-title":"Pax address space layout randomization","author":"Pa X","year":"2003","unstructured":"Pa X : Pax address space layout randomization ( 2003 ), http:\/\/pax.grsecurity.net\/docs\/aslr.txt PaX: Pax address space layout randomization (2003), http:\/\/pax.grsecurity.net\/docs\/aslr.txt"},{"key":"e_1_3_2_1_28_1","doi-asserted-by":"publisher","DOI":"10.1145\/1852666.1852698"},{"key":"e_1_3_2_1_29_1","volume-title":"Okhravi","author":"Rudd R.","year":"2017","unstructured":"Rudd , R. , Skowyra , R. , Bigelow , D. , Dedhia , V. , Hobson , T. , Crane , S. , Liebchen , C. , Larsen , P. , Davi , L. , Franz , M. , Sadeghi , A.R. , Okhravi , H. : Address-Oblivious Code Reuse: On the Effectiveness of Leakage-Resilient Diversity . In : NDSS ( 2017 ) Rudd, R., Skowyra, R., Bigelow, D., Dedhia, V., Hobson, T., Crane, S., Liebchen, C., Larsen, P., Davi, L., Franz, M., Sadeghi, A.R., Okhravi, H.: Address-Oblivious Code Reuse: On the Effectiveness of Leakage-Resilient Diversity. In: NDSS (2017)"},{"key":"e_1_3_2_1_30_1","doi-asserted-by":"publisher","DOI":"10.1109\/SysSec.2011.10"},{"key":"e_1_3_2_1_31_1","doi-asserted-by":"publisher","DOI":"10.1109\/SP.2015.51"},{"key":"e_1_3_2_1_32_1","doi-asserted-by":"publisher","DOI":"10.1145\/2660267.2660309"},{"key":"e_1_3_2_1_33_1","unstructured":"Sevinsky R.: Funderbolt: Adventures in thunderbolt dma attacks. Black Hat USA (2013)  Sevinsky R.: Funderbolt: Adventures in thunderbolt dma attacks. Black Hat USA (2013)"},{"key":"e_1_3_2_1_34_1","doi-asserted-by":"publisher","DOI":"10.1145\/1315245.1315313"},{"key":"e_1_3_2_1_35_1","volume-title":"Wing","author":"Sheyner O.","year":"2002","unstructured":"Sheyner , O. , Haines , J. , Jha , S. , Lippmann , R. , Wing , J.M. : Automated generation and analysis of attack graphs. In : Proc. of IEEE S &P ( 2002 ) Sheyner, O., Haines, J., Jha, S., Lippmann, R., Wing, J.M.: Automated generation and analysis of attack graphs. In: Proc. of IEEE S&P (2002)"},{"key":"e_1_3_2_1_36_1","doi-asserted-by":"publisher","DOI":"10.1007\/978-3-642-41284-4_5"},{"key":"e_1_3_2_1_37_1","doi-asserted-by":"publisher","DOI":"10.1109\/SP.2013.45"},{"key":"e_1_3_2_1_38_1","doi-asserted-by":"publisher","DOI":"10.1145\/1519144.1519145"},{"key":"e_1_3_2_1_39_1","doi-asserted-by":"publisher","DOI":"10.1109\/SP.2013.13"},{"key":"e_1_3_2_1_40_1","doi-asserted-by":"publisher","DOI":"10.1145\/2382196.2382216"},{"key":"e_1_3_2_1_41_1","doi-asserted-by":"publisher","DOI":"10.1109\/TDSC.2007.1001"}],"event":{"name":"ACSAC 2017: 2017 Annual Computer Security Applications Conference","acronym":"ACSAC 2017","location":"Orlando FL USA"},"container-title":["Proceedings of the 33rd Annual Computer Security Applications Conference"],"original-title":[],"link":[{"URL":"https:\/\/dl.acm.org\/doi\/10.1145\/3134600.3134633","content-type":"unspecified","content-version":"vor","intended-application":"text-mining"},{"URL":"https:\/\/dl.acm.org\/doi\/pdf\/10.1145\/3134600.3134633","content-type":"unspecified","content-version":"vor","intended-application":"similarity-checking"}],"deposited":{"date-parts":[[2025,6,18]],"date-time":"2025-06-18T03:30:11Z","timestamp":1750217411000},"score":1,"resource":{"primary":{"URL":"https:\/\/dl.acm.org\/doi\/10.1145\/3134600.3134633"}},"subtitle":["Quantitative Attack Space Analysis and Reasoning"],"short-title":[],"issued":{"date-parts":[[2017,12,4]]},"references-count":41,"alternative-id":["10.1145\/3134600.3134633","10.1145\/3134600"],"URL":"https:\/\/doi.org\/10.1145\/3134600.3134633","relation":{},"subject":[],"published":{"date-parts":[[2017,12,4]]},"assertion":[{"value":"2017-12-04","order":2,"name":"published","label":"Published","group":{"name":"publication_history","label":"Publication History"}}]}}