{"status":"ok","message-type":"work","message-version":"1.0.0","message":{"indexed":{"date-parts":[[2026,5,12]],"date-time":"2026-05-12T18:08:02Z","timestamp":1778609282106,"version":"3.51.4"},"publisher-location":"New York, NY, USA","reference-count":34,"publisher":"ACM","license":[{"start":{"date-parts":[[2018,10,15]],"date-time":"2018-10-15T00:00:00Z","timestamp":1539561600000},"content-version":"vor","delay-in-days":0,"URL":"https:\/\/www.acm.org\/publications\/policies\/copyright_policy#Background"}],"content-domain":{"domain":["dl.acm.org"],"crossmark-restriction":true},"short-container-title":[],"published-print":{"date-parts":[[2018,10,15]]},"DOI":"10.1145\/3243734.3243847","type":"proceedings-article","created":{"date-parts":[[2018,10,16]],"date-time":"2018-10-16T17:38:33Z","timestamp":1539711513000},"page":"1914-1927","update-policy":"https:\/\/doi.org\/10.1145\/crossmark-policy","source":"Crossref","is-referenced-by-count":54,"title":["Revery"],"prefix":"10.1145","author":[{"given":"Yan","family":"Wang","sequence":"first","affiliation":[{"name":"Chinese Academy of Sciences & University of Chinese Academy of Sciences, Beijing, China"}],"role":[{"role":"author","vocabulary":"crossref"}]},{"given":"Chao","family":"Zhang","sequence":"additional","affiliation":[{"name":"Tsinghua University, Beijing, China"}],"role":[{"role":"author","vocabulary":"crossref"}]},{"given":"Xiaobo","family":"Xiang","sequence":"additional","affiliation":[{"name":"Chinese Academy of Sciences & University of Chinese Academy of Sciences, Beijing, China"}],"role":[{"role":"author","vocabulary":"crossref"}]},{"given":"Zixuan","family":"Zhao","sequence":"additional","affiliation":[{"name":"Chinese Academy of Sciences & University of Chinese Academy of Sciences, Beijing, China"}],"role":[{"role":"author","vocabulary":"crossref"}]},{"given":"Wenjie","family":"Li","sequence":"additional","affiliation":[{"name":"Chinese Academy of Sciences & University of Chinese Academy of Sciences, Beijing, China"}],"role":[{"role":"author","vocabulary":"crossref"}]},{"given":"Xiaorui","family":"Gong","sequence":"additional","affiliation":[{"name":"Chinese Academy of Sciences & University of Chinese Academy of Sciences, Beijing, China"}],"role":[{"role":"author","vocabulary":"crossref"}]},{"given":"Bingchang","family":"Liu","sequence":"additional","affiliation":[{"name":"Chinese Academy of Sciences & University of Chinese Academy of Sciences, Beijing, China"}],"role":[{"role":"author","vocabulary":"crossref"}]},{"given":"Kaixiang","family":"Chen","sequence":"additional","affiliation":[{"name":"Tsinghua University, Beijing, China"}],"role":[{"role":"author","vocabulary":"crossref"}]},{"given":"Wei","family":"Zou","sequence":"additional","affiliation":[{"name":"Chinese Academy of Sciences & University of Chinese Academy of Sciences, Beijing, China"}],"role":[{"role":"author","vocabulary":"crossref"}]}],"member":"320","published-online":{"date-parts":[[2018,10,15]]},"reference":[{"key":"e_1_3_2_2_1_1","doi-asserted-by":"publisher","DOI":"10.1145\/2976749.2978380"},{"key":"e_1_3_2_2_2_1","unstructured":"S. Andersen and V. Abella. 2004. Data Execution Prevention: Changes to Functionality in Microsoft Windows XP Service Pack 2 Part 3: Memory Protection Technologies. http:\/\/technet.microsoft.com\/en-us\/library\/bb457155.aspx. (2004).  S. Andersen and V. Abella. 2004. Data Execution Prevention: Changes to Functionality in Microsoft Windows XP Service Pack 2 Part 3: Memory Protection Technologies. http:\/\/technet.microsoft.com\/en-us\/library\/bb457155.aspx. (2004)."},{"key":"e_1_3_2_2_3_1","volume-title":"Network and Distributed System Security Symposium.","author":"Avgerinos Thanassis","year":"2011"},{"key":"e_1_3_2_2_4_1","doi-asserted-by":"publisher","DOI":"10.1145\/2560217.2560219"},{"key":"e_1_3_2_2_5_1","doi-asserted-by":"publisher","DOI":"10.1145\/3133956.3134020"},{"key":"e_1_3_2_2_6_1","doi-asserted-by":"publisher","DOI":"10.1145\/2976749.2978428"},{"key":"e_1_3_2_2_7_1","doi-asserted-by":"publisher","DOI":"10.1109\/SP.2008.17"},{"key":"e_1_3_2_2_8_1","doi-asserted-by":"publisher","DOI":"10.1109\/SP.2012.31"},{"key":"e_1_3_2_2_9_1","volume-title":"Retrieved June","volume":"6","author":"DA","year":"2014"},{"key":"e_1_3_2_2_10_1","volume-title":"Proceedings of Infiltrate","author":"Dullien Thomas","year":"2011"},{"key":"e_1_3_2_2_11_1","volume-title":"CollAFL: Path Sensitive Fuzzing. In 2018 IEEE Symposium on Security and Privacy (SP)","volume":"00","author":"Gan S."},{"key":"e_1_3_2_2_12_1","doi-asserted-by":"publisher","DOI":"10.5555\/3155562.3155599"},{"key":"e_1_3_2_2_14_1","volume-title":"Automatic Generation of Data-Oriented Exploits. USENIX Security Symposium. 177--192","author":"Hu Hong","year":"2015"},{"key":"e_1_3_2_2_15_1","doi-asserted-by":"publisher","DOI":"10.1109\/SERE.2012.20"},{"key":"e_1_3_2_2_16_1","doi-asserted-by":"publisher","DOI":"10.1109\/ICSE.2009.5070521"},{"key":"e_1_3_2_2_17_1","doi-asserted-by":"publisher","DOI":"10.1145\/1542476.1542504"},{"key":"e_1_3_2_2_18_1","doi-asserted-by":"publisher","DOI":"10.1145\/1837855.1806657"},{"key":"e_1_3_2_2_19_1","unstructured":"PaX-Team. 2003. PaX ASLR (Address Space Layout Randomization). http:\/\/pax.grsecurity.net\/docs\/aslr.txt. (2003).  PaX-Team. 2003. PaX ASLR (Address Space Layout Randomization). http:\/\/pax.grsecurity.net\/docs\/aslr.txt. (2003)."},{"key":"e_1_3_2_2_20_1","volume-title":"VUzzer: Application-aware Evolutionary Fuzzing. Network and Distributed System Security Symposium.","author":"Rawat Sanjay","year":"2017"},{"key":"e_1_3_2_2_21_1","unstructured":"Alexey Samsonov and Kostya Serebryany. 2013. New features in AddressSanitizer. (2013).  Alexey Samsonov and Kostya Serebryany. 2013. New features in AddressSanitizer. (2013)."},{"key":"e_1_3_2_2_22_1","volume-title":"USENIX Security Symposium. 25--41","author":"Schwartz Edward J","year":"2011"},{"key":"e_1_3_2_2_23_1","volume-title":"Cybersecurity Development (SecDev)","author":"Serebryany Kosta"},{"key":"e_1_3_2_2_24_1","unstructured":"Kostya Serebryany. 2017. OSS-Fuzz - Google's continuous fuzzing service for open source software. (2017).  Kostya Serebryany. 2017. OSS-Fuzz - Google's continuous fuzzing service for open source software. (2017)."},{"key":"e_1_3_2_2_25_1","unstructured":"Konstantin Serebryany Derek Bruening Alexander Potapenko and Dmitriy Vyukov. 2012. AddressSanitizer: A fast address sanity checker. the 2012 USENIX Annual Technical Conference. 309--318.   Konstantin Serebryany Derek Bruening Alexander Potapenko and Dmitriy Vyukov. 2012. AddressSanitizer: A fast address sanity checker. the 2012 USENIX Annual Technical Conference. 309--318."},{"key":"e_1_3_2_2_26_1","unstructured":"Kostya Serebryany Evgenii Stepanov Aleksey Shlyapnikov Vlad Tsyrklevich and Dmitry Vyukov. 2018. Memory Tagging and how it improves C\/C  Kostya Serebryany Evgenii Stepanov Aleksey Shlyapnikov Vlad Tsyrklevich and Dmitry Vyukov. 2018. Memory Tagging and how it improves C\/C"},{"key":"e_1_3_2_2_27_1","volume-title":"abs\/1802.09517","author":"Vol RR","year":"2018"},{"key":"e_1_3_2_2_28_1","doi-asserted-by":"publisher","DOI":"10.1109\/SP.2016.17"},{"key":"e_1_3_2_2_29_1","volume-title":"Heap feng shui in javascript. Black Hat Europe","author":"Sotirov Alexander","year":"2007"},{"key":"e_1_3_2_2_30_1","doi-asserted-by":"publisher","DOI":"10.1109\/CGO.2015.7054186"},{"key":"e_1_3_2_2_31_1","first-page":"1","article-title":"Driller: Augmenting Fuzzing Through Selective Symbolic Execution","volume":"16","author":"Stephens Nick","year":"2016","journal-title":"NDSS"},{"key":"e_1_3_2_2_32_1","volume-title":"Available online a t: http:\/\/code.google.com\/p\/honggfuzz","author":"Swiecki Robert","year":"2016"},{"key":"e_1_3_2_2_33_1","unstructured":"Julien Vanegue. 2013. The automated exploitation grand challenge. In presented at H2HC Conference.  Julien Vanegue. 2013. The automated exploitation grand challenge. In presented at H2HC Conference."},{"key":"e_1_3_2_2_34_1","volume-title":"FUZE: Towards Facilitating Exploit Generation for Kernel Use-After-Free Vulnerabilities. In 27th USENIX Security Symposium (USENIX Security 18)","author":"Wu Wei","year":"2018"},{"key":"e_1_3_2_2_35_1","unstructured":"Michal Zalewski. 2018. American Fuzzy Lop. http:\/\/lcamtuf.coredump.cx\/afl\/. (2018). Online: accessed 01-May-2018.  Michal Zalewski. 2018. American Fuzzy Lop. http:\/\/lcamtuf.coredump.cx\/afl\/. (2018). Online: accessed 01-May-2018."}],"event":{"name":"CCS '18: 2018 ACM SIGSAC Conference on Computer and Communications Security","location":"Toronto Canada","acronym":"CCS '18","sponsor":["SIGSAC ACM Special Interest Group on Security, Audit, and Control"]},"container-title":["Proceedings of the 2018 ACM SIGSAC Conference on Computer and Communications Security"],"original-title":[],"link":[{"URL":"https:\/\/dl.acm.org\/doi\/10.1145\/3243734.3243847","content-type":"unspecified","content-version":"vor","intended-application":"text-mining"},{"URL":"https:\/\/dl.acm.org\/doi\/pdf\/10.1145\/3243734.3243847","content-type":"unspecified","content-version":"vor","intended-application":"similarity-checking"}],"deposited":{"date-parts":[[2025,6,18]],"date-time":"2025-06-18T02:13:08Z","timestamp":1750212788000},"score":1,"resource":{"primary":{"URL":"https:\/\/dl.acm.org\/doi\/10.1145\/3243734.3243847"}},"subtitle":["From Proof-of-Concept to Exploitable"],"short-title":[],"issued":{"date-parts":[[2018,10,15]]},"references-count":34,"alternative-id":["10.1145\/3243734.3243847","10.1145\/3243734"],"URL":"https:\/\/doi.org\/10.1145\/3243734.3243847","relation":{},"subject":[],"published":{"date-parts":[[2018,10,15]]},"assertion":[{"value":"2018-10-15","order":2,"name":"published","label":"Published","group":{"name":"publication_history","label":"Publication History"}}]}}