{"status":"ok","message-type":"work","message-version":"1.0.0","message":{"indexed":{"date-parts":[[2025,11,18]],"date-time":"2025-11-18T23:15:06Z","timestamp":1763507706125,"version":"3.41.0"},"publisher-location":"New York, NY, USA","reference-count":26,"publisher":"ACM","license":[{"start":{"date-parts":[[2017,10,30]],"date-time":"2017-10-30T00:00:00Z","timestamp":1509321600000},"content-version":"vor","delay-in-days":0,"URL":"https:\/\/www.acm.org\/publications\/policies\/copyright_policy#Background"}],"funder":[{"name":"EPSRC","award":["EP\/L022710\/1","EP\/K035584\/1"],"award-info":[{"award-number":["EP\/L022710\/1","EP\/K035584\/1"]}]}],"content-domain":{"domain":["dl.acm.org"],"crossmark-restriction":true},"short-container-title":[],"published-print":{"date-parts":[[2017,10,30]]},"DOI":"10.1145\/3139337.3139346","type":"proceedings-article","created":{"date-parts":[[2017,10,31]],"date-time":"2017-10-31T13:41:56Z","timestamp":1509457316000},"page":"25-35","update-policy":"https:\/\/doi.org\/10.1145\/crossmark-policy","source":"Crossref","is-referenced-by-count":20,"title":["Modular Synthesis of Heap Exploits"],"prefix":"10.1145","author":[{"given":"Dusan","family":"Repel","sequence":"first","affiliation":[{"name":"Royal Holloway, University of London, Egham, United Kingdom"}]},{"given":"Johannes","family":"Kinder","sequence":"additional","affiliation":[{"name":"Royal Holloway, University of London, Egham, United Kingdom"}]},{"given":"Lorenzo","family":"Cavallaro","sequence":"additional","affiliation":[{"name":"Royal Holloway, University of London, Egham, United Kingdom"}]}],"member":"320","published-online":{"date-parts":[[2017,10,30]]},"reference":[{"key":"e_1_3_2_1_1_1","doi-asserted-by":"publisher","DOI":"10.1007\/978-3-540-78800-3_28"},{"key":"e_1_3_2_1_2_1","volume-title":"NDSS","author":"Avgerinos T.","year":"2011","unstructured":"Avgerinos , T. , Cha , S. K. , Hao , B. L. T. , and Brumley , D . AEG: Automatic exploit generation . In NDSS ( 2011 ). Avgerinos, T., Cha, S. K., Hao, B. L. T., and Brumley, D. AEG: Automatic exploit generation. In NDSS (2011)."},{"key":"e_1_3_2_1_3_1","volume-title":"Heapshield: Library-based heap overflow protection for free. UMass CS TR","author":"Berger E. D.","year":"2006","unstructured":"Berger , E. D. Heapshield: Library-based heap overflow protection for free. UMass CS TR ( 2006 ), 06--28. Berger, E. D. Heapshield: Library-based heap overflow protection for free. UMass CS TR (2006), 06--28."},{"key":"e_1_3_2_1_4_1","doi-asserted-by":"publisher","DOI":"10.1109\/SP.2008.17"},{"key":"e_1_3_2_1_5_1","first-page":"209","volume-title":"OSDI","author":"Cadar C.","year":"2008","unstructured":"Cadar , C. , Dunbar , D. , and Engler , D. R . KLEE: Unassisted and automatic generation of high-coverage tests for complex systems programs . In OSDI ( 2008 ), pp. 209 -- 224 . Cadar, C., Dunbar, D., and Engler, D. R. KLEE: Unassisted and automatic generation of high-coverage tests for complex systems programs. In OSDI (2008), pp. 209--224."},{"key":"e_1_3_2_1_6_1","doi-asserted-by":"publisher","DOI":"10.1109\/SP.2012.31"},{"key":"e_1_3_2_1_7_1","doi-asserted-by":"publisher","DOI":"10.1145\/1950365.1950396"},{"key":"e_1_3_2_1_8_1","first-page":"1","volume":"10","author":"Cyber","year":"2012","unstructured":"DARPA. Cyber grand challenge. Queue 10 , 1 ( 2012 ), 20. DARPA. Cyber grand challenge. Queue 10, 1 (2012), 20.","journal-title":"Queue"},{"key":"e_1_3_2_1_9_1","doi-asserted-by":"publisher","DOI":"10.1007\/978-3-642-02918-9_6"},{"key":"e_1_3_2_1_10_1","volume-title":"Black Hat USA","author":"Ferguson J.","year":"2007","unstructured":"Ferguson , J. Understanding the heap by breaking it . In Black Hat USA ( 2007 ). Ferguson, J. Understanding the heap by breaking it. In Black Hat USA (2007)."},{"key":"e_1_3_2_1_11_1","doi-asserted-by":"publisher","DOI":"10.1145\/1127345.1127349"},{"key":"e_1_3_2_1_12_1","doi-asserted-by":"publisher","DOI":"10.1145\/1190216.1190226"},{"key":"e_1_3_2_1_13_1","doi-asserted-by":"publisher","DOI":"10.1145\/1065010.1065036"},{"key":"e_1_3_2_1_14_1","volume-title":"NDSS","author":"Godefroid P.","year":"2008","unstructured":"Godefroid , P. , Levin , M. Y. , and Molnar , D. A . Automated whitebox fuzz testing . In NDSS ( 2008 ), The Internet Society . Godefroid, P., Levin, M. Y., and Molnar, D. A. Automated whitebox fuzz testing. In NDSS (2008), The Internet Society."},{"key":"e_1_3_2_1_15_1","volume-title":"Automatic heap exploit generation. Bachelor\u00bbs thesis","author":"Hao B. L. T.","year":"2012","unstructured":"Hao , B. L. T. Automatic heap exploit generation. Bachelor\u00bbs thesis , Carnegie Mellon University , 2012 . Hao, B. L. T. Automatic heap exploit generation. Bachelor\u00bbs thesis, Carnegie Mellon University, 2012."},{"key":"e_1_3_2_1_16_1","volume-title":"Automatic Generation of Control Flow Hijacking Exploits for Software Vulnerabilities. Tech. rep","author":"Heelan S.","year":"2009","unstructured":"Heelan , S. Automatic Generation of Control Flow Hijacking Exploits for Software Vulnerabilities. Tech. rep ., University of Oxford , 2009 . Heelan, S. Automatic Generation of Control Flow Hijacking Exploits for Software Vulnerabilities. Tech. rep., University of Oxford, 2009."},{"key":"e_1_3_2_1_17_1","unstructured":"Kath R. Managing heap memory. http:\/\/msdn.microsoft.com\/en-us\/library\/ms810603.aspx Apr. 1993.  Kath R. Managing heap memory. http:\/\/msdn.microsoft.com\/en-us\/library\/ms810603.aspx Apr. 1993."},{"key":"e_1_3_2_1_18_1","doi-asserted-by":"publisher","DOI":"10.1145\/2254064.2254088"},{"key":"e_1_3_2_1_19_1","doi-asserted-by":"publisher","DOI":"10.1109\/ACSAC.2006.10"},{"key":"e_1_3_2_1_20_1","volume-title":"Black Hat USA","author":"McDonald J.","year":"2009","unstructured":"McDonald , J. , and Valasek , C . Practical Windows XP\/2003 heap exploitation . In Black Hat USA ( 2009 ). McDonald, J., and Valasek, C. Practical Windows XP\/2003 heap exploitation. In Black Hat USA (2009)."},{"key":"e_1_3_2_1_21_1","volume-title":"NDSS","author":"Sharif M. I.","year":"2008","unstructured":"Sharif , M. I. , Lanzi , A. , Giffin , J. T. , and Lee , W . Impeding malware analysis using conditional code obfuscation . In NDSS ( 2008 ). Sharif, M. I., Lanzi, A., Giffin, J. T., and Lee, W. Impeding malware analysis using conditional code obfuscation. In NDSS (2008)."},{"key":"e_1_3_2_1_22_1","volume-title":"Heap feng shui in JavaScript. Black Hat Europe","author":"Sotirov A.","year":"2007","unstructured":"Sotirov , A. Heap feng shui in JavaScript. Black Hat Europe ( 2007 ). Sotirov, A. Heap feng shui in JavaScript. Black Hat Europe (2007)."},{"key":"e_1_3_2_1_23_1","volume-title":"Blackhat USA","author":"Sotirov A.","year":"2008","unstructured":"Sotirov , A. , and Dowd , M . Bypassing browser memory protections in Windows Vista . In Blackhat USA ( 2008 ). Sotirov, A., and Dowd, M. Bypassing browser memory protections in Windows Vista. In Blackhat USA (2008)."},{"key":"e_1_3_2_1_24_1","doi-asserted-by":"publisher","DOI":"10.1109\/SP.2013.13"},{"key":"e_1_3_2_1_25_1","volume-title":"Black Hat USA","author":"Valasek C.","year":"2010","unstructured":"Valasek , C. Understanding the low fragmentation heap . In Black Hat USA ( 2010 ). Valasek, C. Understanding the low fragmentation heap. In Black Hat USA (2010)."},{"key":"e_1_3_2_1_26_1","doi-asserted-by":"publisher","DOI":"10.1007\/978-3-642-33338-5_5"}],"event":{"name":"CCS '17: 2017 ACM SIGSAC Conference on Computer and Communications Security","sponsor":["SIGSAC ACM Special Interest Group on Security, Audit, and Control"],"location":"Dallas Texas USA","acronym":"CCS '17"},"container-title":["Proceedings of the 2017 Workshop on Programming Languages and Analysis for Security"],"original-title":[],"link":[{"URL":"https:\/\/dl.acm.org\/doi\/10.1145\/3139337.3139346","content-type":"unspecified","content-version":"vor","intended-application":"text-mining"},{"URL":"https:\/\/dl.acm.org\/doi\/pdf\/10.1145\/3139337.3139346","content-type":"unspecified","content-version":"vor","intended-application":"similarity-checking"}],"deposited":{"date-parts":[[2025,6,18]],"date-time":"2025-06-18T02:13:49Z","timestamp":1750212829000},"score":1,"resource":{"primary":{"URL":"https:\/\/dl.acm.org\/doi\/10.1145\/3139337.3139346"}},"subtitle":[],"short-title":[],"issued":{"date-parts":[[2017,10,30]]},"references-count":26,"alternative-id":["10.1145\/3139337.3139346","10.1145\/3139337"],"URL":"https:\/\/doi.org\/10.1145\/3139337.3139346","relation":{},"subject":[],"published":{"date-parts":[[2017,10,30]]},"assertion":[{"value":"2017-10-30","order":2,"name":"published","label":"Published","group":{"name":"publication_history","label":"Publication History"}}]}}