{"status":"ok","message-type":"work","message-version":"1.0.0","message":{"indexed":{"date-parts":[[2025,11,25]],"date-time":"2025-11-25T14:05:09Z","timestamp":1764079509432,"version":"3.41.0"},"publisher-location":"New York, NY, USA","reference-count":18,"publisher":"ACM","license":[{"start":{"date-parts":[[2019,8,12]],"date-time":"2019-08-12T00:00:00Z","timestamp":1565568000000},"content-version":"vor","delay-in-days":0,"URL":"https:\/\/www.acm.org\/publications\/policies\/copyright_policy#Background"}],"content-domain":{"domain":["dl.acm.org"],"crossmark-restriction":true},"short-container-title":[],"published-print":{"date-parts":[[2019,8,12]]},"DOI":"10.1145\/3338906.3341177","type":"proceedings-article","created":{"date-parts":[[2019,8,9]],"date-time":"2019-08-09T12:21:03Z","timestamp":1565353263000},"page":"1129-1133","update-policy":"https:\/\/doi.org\/10.1145\/crossmark-policy","source":"Crossref","is-referenced-by-count":4,"title":["DISCOVER: detecting algorithmic complexity vulnerabilities"],"prefix":"10.1145","author":[{"given":"Payas","family":"Awadhutkar","sequence":"first","affiliation":[{"name":"Iowa State University, USA"}],"role":[{"role":"author","vocabulary":"crossref"}]},{"given":"Ganesh Ram","family":"Santhanam","sequence":"additional","affiliation":[{"name":"EnSoft, USA"}],"role":[{"role":"author","vocabulary":"crossref"}]},{"given":"Benjamin","family":"Holland","sequence":"additional","affiliation":[{"name":"Iowa State University, USA"}],"role":[{"role":"author","vocabulary":"crossref"}]},{"given":"Suresh","family":"Kothari","sequence":"additional","affiliation":[{"name":"Iowa State University, USA"}],"role":[{"role":"author","vocabulary":"crossref"}]}],"member":"320","published-online":{"date-parts":[[2019,8,12]]},"reference":[{"key":"e_1_3_2_1_1_1","unstructured":"{n.d.}. XML Security: A Billion Laughs. https:\/\/cytinus.wordpress.com\/2011\/07\/ 26\/37\/.  {n.d.}. XML Security: A Billion Laughs. https:\/\/cytinus.wordpress.com\/2011\/07\/ 26\/37\/."},{"volume-title":"29th Chaos Communications Congress.","year":"2012","author":"Aumasson Jean-Philippe","key":"e_1_3_2_1_2_1"},{"volume-title":"Intelligence Amplifying Loop Characterizations for Detecting Algorithmic Complexity Vulnerabilities. In 2017 24th Asia-Pacific Software Engineering Conference (APSEC). IEEE, 249\u2013258","year":"2017","author":"Awadhutkar Payas","key":"e_1_3_2_1_3_1"},{"volume":"12","volume-title":"Proceedings of the 12th Conference on USENIX Security Symposium -","author":"Scott","key":"e_1_3_2_1_4_1"},{"volume-title":"Technical Report. Information Innovation Office","author":"Time DARPA.","key":"e_1_3_2_1_5_1"},{"key":"e_1_3_2_1_6_1","doi-asserted-by":"publisher","DOI":"10.1145\/2591062.2591065"},{"key":"e_1_3_2_1_7_1","volume-title":"Evil Pickles: DoS Attacks Based on Object-Graph Engineering. In LIPIcs-Leibniz International Proceedings in Informatics","volume":"74","author":"Dietrich Jens","year":"2017"},{"key":"e_1_3_2_1_8_1","doi-asserted-by":"publisher","DOI":"10.1145\/2786805.2786873"},{"key":"e_1_3_2_1_9_1","doi-asserted-by":"publisher","DOI":"10.1145\/2506375"},{"key":"e_1_3_2_1_10_1","doi-asserted-by":"publisher","DOI":"10.1145\/3183440.3183476"},{"volume-title":"Efficient Denial of Service Attacks on Web Application Platforms. In 28th Chaos Communication Congress.","year":"2011","author":"Klink Alexander","key":"e_1_3_2_1_11_1"},{"key":"e_1_3_2_1_12_1","doi-asserted-by":"publisher","DOI":"10.1007\/s10703-012-0176-y"},{"key":"e_1_3_2_1_13_1","unstructured":"MITRE. {n.d.}. CWE-407: Algorithmic Complexity. https:\/\/cwe.mitre.org\/data\/ definitions\/407.html.  MITRE. {n.d.}. CWE-407: Algorithmic Complexity. https:\/\/cwe.mitre.org\/data\/ definitions\/407.html."},{"key":"e_1_3_2_1_14_1","unstructured":"Apogee Research. {n.d.}. Public release items for the DARPA Space\/Time Analysis for Cybersecurity (STAC) program. https:\/\/github.com\/Apogee-Research\/STAC.  Apogee Research. {n.d.}. Public release items for the DARPA Space\/Time Analysis for Cybersecurity (STAC) program. https:\/\/github.com\/Apogee-Research\/STAC."},{"volume-title":"Projected Control Graph for Accurate and Efficient Analysis of Safety and Security Vulnerabilities. In Software Engineering Conference (APSEC)","year":"2016","author":"Tamrawi Ahmed","key":"e_1_3_2_1_15_1"},{"key":"e_1_3_2_1_16_1","doi-asserted-by":"publisher","DOI":"10.1016\/j.scico.2018.04.003"},{"key":"e_1_3_2_1_17_1","doi-asserted-by":"publisher","DOI":"10.1145\/1925805.1925818"},{"key":"e_1_3_2_1_18_1","doi-asserted-by":"publisher","DOI":"10.1007\/978-3-662-54580-5_1"}],"event":{"name":"ESEC\/FSE '19: 27th ACM Joint European Software Engineering Conference and Symposium on the Foundations of Software Engineering","sponsor":["SIGSOFT ACM Special Interest Group on Software Engineering"],"location":"Tallinn Estonia","acronym":"ESEC\/FSE '19"},"container-title":["Proceedings of the 2019 27th ACM Joint Meeting on European Software Engineering Conference and Symposium on the Foundations of Software Engineering"],"original-title":[],"link":[{"URL":"https:\/\/dl.acm.org\/doi\/10.1145\/3338906.3341177","content-type":"unspecified","content-version":"vor","intended-application":"text-mining"},{"URL":"https:\/\/dl.acm.org\/doi\/pdf\/10.1145\/3338906.3341177","content-type":"unspecified","content-version":"vor","intended-application":"similarity-checking"}],"deposited":{"date-parts":[[2025,6,18]],"date-time":"2025-06-18T00:26:21Z","timestamp":1750206381000},"score":1,"resource":{"primary":{"URL":"https:\/\/dl.acm.org\/doi\/10.1145\/3338906.3341177"}},"subtitle":[],"short-title":[],"issued":{"date-parts":[[2019,8,12]]},"references-count":18,"alternative-id":["10.1145\/3338906.3341177","10.1145\/3338906"],"URL":"https:\/\/doi.org\/10.1145\/3338906.3341177","relation":{},"subject":[],"published":{"date-parts":[[2019,8,12]]},"assertion":[{"value":"2019-08-12","order":2,"name":"published","label":"Published","group":{"name":"publication_history","label":"Publication History"}}]}}