{"status":"ok","message-type":"work","message-version":"1.0.0","message":{"indexed":{"date-parts":[[2025,9,28]],"date-time":"2025-09-28T04:16:16Z","timestamp":1759032976101,"version":"3.41.0"},"publisher-location":"New York, NY, USA","reference-count":37,"publisher":"ACM","license":[{"start":{"date-parts":[[2020,12,21]],"date-time":"2020-12-21T00:00:00Z","timestamp":1608508800000},"content-version":"vor","delay-in-days":0,"URL":"https:\/\/www.acm.org\/publications\/policies\/copyright_policy#Background"}],"content-domain":{"domain":["dl.acm.org"],"crossmark-restriction":true},"short-container-title":[],"published-print":{"date-parts":[[2020,12,21]]},"DOI":"10.1145\/3324884.3418914","type":"proceedings-article","created":{"date-parts":[[2021,1,27]],"date-time":"2021-01-27T23:39:02Z","timestamp":1611790742000},"page":"1397-1399","update-policy":"https:\/\/doi.org\/10.1145\/crossmark-policy","source":"Crossref","is-referenced-by-count":4,"title":["Source code and binary level vulnerability detection and hot patching"],"prefix":"10.1145","author":[{"given":"Zhengzi","family":"Xu","sequence":"first","affiliation":[{"name":"Nanyang Technological University"}]}],"member":"320","published-online":{"date-parts":[[2021,1,27]]},"reference":[{"key":"e_1_3_2_1_1_1","volume-title":"MUZZ: Thread-aware Grey-box Fuzzing for Effective Bug Hunting in Multithreaded Programs. In 29th {USENIX} Security Symposium ({USENIX} Security 20).","author":"Chen Hongxu","year":"2020","unstructured":"Hongxu Chen, Shengjian Guo, Yinxing Xue, Yulei Sui, Cen Zhang, Yuekang Li, Haijun Wang, and Yang Liu. 2020. MUZZ: Thread-aware Grey-box Fuzzing for Effective Bug Hunting in Multithreaded Programs. In 29th {USENIX} Security Symposium ({USENIX} Security 20)."},{"key":"e_1_3_2_1_2_1","doi-asserted-by":"publisher","DOI":"10.1145\/1321631.1321702"},{"key":"e_1_3_2_1_3_1","doi-asserted-by":"publisher","DOI":"10.1145\/2666356.2594343"},{"key":"e_1_3_2_1_4_1","unstructured":"Manuel Egele Maverick Woo Peter Chapman and David Brumley. 2014. Blanket execution: Dynamic similarity testing for program binaries and components. USENIX."},{"key":"e_1_3_2_1_5_1","doi-asserted-by":"crossref","unstructured":"Sebastian Eschweiler Khaled Yakdan and Elmar Gerhards-Padilla. 2016. discovRE: Efficient Cross-Architecture Identification of Bugs in Binary Code. In NDSS.","DOI":"10.14722\/ndss.2016.23185"},{"key":"e_1_3_2_1_6_1","doi-asserted-by":"publisher","DOI":"10.1145\/2976749.2978370"},{"key":"e_1_3_2_1_7_1","volume-title":"GI SIG SIDAR workshop, DIMVA","author":"Flake Halvar","year":"2004","unstructured":"Halvar Flake. 2004. Structural comparison of executable objects. In Detection of intrusions and malware & vulnerability assessment, GI SIG SIDAR workshop, DIMVA 2004. Gesellschaft f\u00fcr Informatik eV."},{"key":"e_1_3_2_1_8_1","doi-asserted-by":"publisher","DOI":"10.1007\/978-3-540-88625-9_16"},{"key":"e_1_3_2_1_9_1","doi-asserted-by":"publisher","DOI":"10.1609\/aaai.v31i1.10742"},{"key":"e_1_3_2_1_10_1","doi-asserted-by":"publisher","DOI":"10.1109\/HICSS.2004.1265654"},{"key":"e_1_3_2_1_11_1","doi-asserted-by":"publisher","DOI":"10.1109\/SP.2012.13"},{"key":"e_1_3_2_1_12_1","doi-asserted-by":"publisher","DOI":"10.1109\/ICSE.2013.6606626"},{"key":"e_1_3_2_1_13_1","doi-asserted-by":"publisher","DOI":"10.1109\/SP.2017.62"},{"key":"e_1_3_2_1_14_1","doi-asserted-by":"publisher","DOI":"10.1109\/ICSE.2007.66"},{"key":"e_1_3_2_1_15_1","doi-asserted-by":"publisher","DOI":"10.1145\/3133956.3134072"},{"key":"e_1_3_2_1_16_1","volume-title":"Vuldeepecker: A deep learning-based system for vulnerability detection. arXiv preprint arXiv:1801.01681","author":"Li Zhen","year":"2018","unstructured":"Zhen Li, Deqing Zou, Shouhuai Xu, Xinyu Ou, Hai Jin, Sujuan Wang, Zhijun Deng, and Yuyi Zhong. 2018. Vuldeepecker: A deep learning-based system for vulnerability detection. arXiv preprint arXiv:1801.01681 (2018)."},{"key":"e_1_3_2_1_17_1","doi-asserted-by":"publisher","DOI":"10.1145\/3238147.3238199"},{"key":"e_1_3_2_1_18_1","doi-asserted-by":"crossref","unstructured":"Danjun Liu Yao Li Yong Tang Baosheng Wang and Wei Xie. 2018. VMPBL: Identifying Vulnerable Functions Based on Machine Learning Combining Patched Information and Binary Comparison Technique by LCS. In 2018 17th IEEE International Conference On Trust Security And Privacy In Computing And Communications\/12th IEEE International Conference On Big Data Science And Engineering (TrustCom\/BigDataSE). IEEE 800--807.","DOI":"10.1109\/TrustCom\/BigDataSE.2018.00114"},{"key":"e_1_3_2_1_19_1","doi-asserted-by":"publisher","DOI":"10.1007\/s10664-013-9282-8"},{"key":"e_1_3_2_1_20_1","volume-title":"International Conference on Information Security and Cryptology. Springer, 92--109","author":"Ming Jiang","year":"2012","unstructured":"Jiang Ming, Meng Pan, and Debin Gao. 2012. iBinHunt: Binary hunting with inter-procedural control flow. In International Conference on Information Security and Cryptology. Springer, 92--109."},{"key":"e_1_3_2_1_21_1","doi-asserted-by":"crossref","unstructured":"Audris Mockus and Lawrence G Votta. 2000. Identifying Reasons for Software Changes using Historic Databases. In icsm. 120--130.","DOI":"10.1109\/ICSM.2000.883028"},{"key":"e_1_3_2_1_22_1","doi-asserted-by":"publisher","DOI":"10.1109\/ASE.2013.6693078"},{"key":"e_1_3_2_1_23_1","doi-asserted-by":"publisher","DOI":"10.1145\/2884781.2884877"},{"key":"e_1_3_2_1_24_1","volume-title":"When do changes induce fixes? ACM sigsoft software engineering notes 30, 4","author":"\u015aliwerski Jacek","year":"2005","unstructured":"Jacek \u015aliwerski, Thomas Zimmermann, and Andreas Zeller. 2005. When do changes induce fixes? ACM sigsoft software engineering notes 30, 4 (2005), 1--5."},{"key":"e_1_3_2_1_25_1","unstructured":"Michael Sutton Adam Greene and Pedram Amini. 2007. Fuzzing: brute force vulnerability discovery. Pearson Education."},{"key":"e_1_3_2_1_26_1","doi-asserted-by":"publisher","DOI":"10.5555\/2337223.2337269"},{"key":"e_1_3_2_1_27_1","volume-title":"Typestate-Guided Fuzzer for Discovering Use-after-Free Vulnerabilities. In 42nd International Conference on Software Engineering. ACM.","author":"Wang Haijun","year":"2020","unstructured":"Haijun Wang, Xiaofei Xie, Yi Li, Cheng Wen, Yuekang Li, Yang Liu, Shengchao Qin, Hongxu Chen, and Yulei Sui. 2020. Typestate-Guided Fuzzer for Discovering Use-after-Free Vulnerabilities. In 42nd International Conference on Software Engineering. ACM."},{"key":"e_1_3_2_1_28_1","doi-asserted-by":"publisher","DOI":"10.1145\/3180155.3180179"},{"key":"e_1_3_2_1_29_1","doi-asserted-by":"publisher","DOI":"10.1145\/3377811.3380396"},{"key":"e_1_3_2_1_30_1","volume-title":"MVP: Detecting Vulnerabilities using Patch-Enhanced Vulnerability Signatures. In 29th {USENIX} Security Symposium ({USENIX} Security 20). 1165--1182.","author":"Xiao Yang","year":"2020","unstructured":"Yang Xiao, Bihuan Chen, Chendong Yu, Zhengzi Xu, Zimu Yuan, Feng Li, Binghong Liu, Yang Liu, Wei Huo, Wei Zou, et al. 2020. MVP: Detecting Vulnerabilities using Patch-Enhanced Vulnerability Signatures. In 29th {USENIX} Security Symposium ({USENIX} Security 20). 1165--1182."},{"key":"e_1_3_2_1_31_1","doi-asserted-by":"publisher","DOI":"10.1145\/3133956.3134018"},{"key":"e_1_3_2_1_32_1","doi-asserted-by":"publisher","DOI":"10.1145\/3395363.3397361"},{"key":"e_1_3_2_1_33_1","doi-asserted-by":"publisher","DOI":"10.1109\/ICSE.2017.49"},{"volume-title":"29th {USENIX} Security Symposium ({USENIX} Security 20). 2397--2414.","author":"Xu Zhengzi","key":"e_1_3_2_1_34_1","unstructured":"Zhengzi Xu, Yulong Zhang, Longri Zheng, Liangzhao Xia, Chenfu Bao, Zhi Wang, and Yang Liu. 2020. Automatic Hot Patch Generation for Android Kernels. In 29th {USENIX} Security Symposium ({USENIX} Security 20). 2397--2414."},{"key":"e_1_3_2_1_35_1","volume-title":"Accurate and Scalable Cross-Architecture Cross-OS Binary Code Search with Emulation","author":"Xue Yinxing","year":"2018","unstructured":"Yinxing Xue, Zhengzi Xu, Mahinthan Chandramohan, and Yang Liu. 2018. Accurate and Scalable Cross-Architecture Cross-OS Binary Code Search with Emulation. IEEE Transactions on Software Engineering (2018)."},{"volume-title":"27th {USENIX} Security Symposium ({USENIX} Security 18). 887--902.","author":"Zhang Hang","key":"e_1_3_2_1_36_1","unstructured":"Hang Zhang and Zhiyun Qian. 2018. Precise and accurate patch presence test for binaries. In 27th {USENIX} Security Symposium ({USENIX} Security 18). 887--902."},{"key":"e_1_3_2_1_37_1","doi-asserted-by":"publisher","DOI":"10.5555\/2818754.2818864"}],"event":{"name":"ASE '20: 35th IEEE\/ACM International Conference on Automated Software Engineering","sponsor":["SIGAI ACM Special Interest Group on Artificial Intelligence","SIGSOFT ACM Special Interest Group on Software Engineering","IEEE CS"],"location":"Virtual Event Australia","acronym":"ASE '20"},"container-title":["Proceedings of the 35th IEEE\/ACM International Conference on Automated Software Engineering"],"original-title":[],"link":[{"URL":"https:\/\/dl.acm.org\/doi\/10.1145\/3324884.3418914","content-type":"unspecified","content-version":"vor","intended-application":"text-mining"},{"URL":"https:\/\/dl.acm.org\/doi\/pdf\/10.1145\/3324884.3418914","content-type":"unspecified","content-version":"vor","intended-application":"similarity-checking"}],"deposited":{"date-parts":[[2025,6,17]],"date-time":"2025-06-17T20:47:23Z","timestamp":1750193243000},"score":1,"resource":{"primary":{"URL":"https:\/\/dl.acm.org\/doi\/10.1145\/3324884.3418914"}},"subtitle":[],"short-title":[],"issued":{"date-parts":[[2020,12,21]]},"references-count":37,"alternative-id":["10.1145\/3324884.3418914","10.1145\/3324884"],"URL":"https:\/\/doi.org\/10.1145\/3324884.3418914","relation":{},"subject":[],"published":{"date-parts":[[2020,12,21]]},"assertion":[{"value":"2021-01-27","order":3,"name":"published","label":"Published","group":{"name":"publication_history","label":"Publication History"}}]}}