{"status":"ok","message-type":"work","message-version":"1.0.0","message":{"indexed":{"date-parts":[[2025,9,28]],"date-time":"2025-09-28T20:28:18Z","timestamp":1759091298173,"version":"3.37.3"},"reference-count":26,"publisher":"Wiley","license":[{"start":{"date-parts":[[2021,5,21]],"date-time":"2021-05-21T00:00:00Z","timestamp":1621555200000},"content-version":"unspecified","delay-in-days":0,"URL":"https:\/\/creativecommons.org\/licenses\/by\/4.0\/"}],"funder":[{"DOI":"10.13039\/501100001809","name":"National Natural Science Foundation of China","doi-asserted-by":"publisher","award":["U1836116","2020YFB1005500","BK20202001"],"award-info":[{"award-number":["U1836116","2020YFB1005500","BK20202001"]}],"id":[{"id":"10.13039\/501100001809","id-type":"DOI","asserted-by":"publisher"}]},{"name":"National Key R&D Program of China","award":["U1836116","2020YFB1005500","BK20202001"],"award-info":[{"award-number":["U1836116","2020YFB1005500","BK20202001"]}]},{"DOI":"10.13039\/501100004608","name":"Natural Science Foundation of Jiangsu Province","doi-asserted-by":"publisher","award":["U1836116","2020YFB1005500","BK20202001"],"award-info":[{"award-number":["U1836116","2020YFB1005500","BK20202001"]}],"id":[{"id":"10.13039\/501100004608","id-type":"DOI","asserted-by":"publisher"}]}],"content-domain":{"domain":[],"crossmark-restriction":false},"short-container-title":["Security and Communication Networks"],"published-print":{"date-parts":[[2021,5,21]]},"abstract":"<jats:p>With the wide application of software system, software vulnerability has become a major risk in computer security. The on-time detection and proper repair for possible software vulnerabilities are of great importance in maintaining system security and decreasing system crashes. The Control Flow Integrity (CFI) can be used to detect the exploit by some researchers. In this paper, we propose an improved Control Flow Graph with Jump (JCFG) based on CFI and develop a novel Vulnerability Exploit Detection Method based on JCFG (JCFG-VEDM). The detection method of the exploit program is realized based on the analysis results of the exploit program. Then the JCFG is addressed through combining the features of the exploit program and the jump instruction. Finally, we implement JCFG-VEDM and conduct the experiments to verify the effectiveness of the proposed method. The experimental results show that the proposed detection method (JCFG-VEDM) is feasible and effective.<\/jats:p>","DOI":"10.1155\/2021\/5581274","type":"journal-article","created":{"date-parts":[[2021,5,22]],"date-time":"2021-05-22T20:20:09Z","timestamp":1621714809000},"page":"1-14","source":"Crossref","is-referenced-by-count":2,"title":["A Detection Approach for Vulnerability Exploiter Based on the Features of the Exploiter"],"prefix":"10.1155","volume":"2021","author":[{"ORCID":"https:\/\/orcid.org\/0000-0002-1483-8854","authenticated-orcid":true,"given":"Jinchang","family":"Hu","sequence":"first","affiliation":[{"name":"School of Computer Science and Communication Engineering, Jiangsu University, Zhenjiang, China"},{"name":"Command and Control Engineering College, Army Engineering University of PLA, Nanjing, China"}]},{"ORCID":"https:\/\/orcid.org\/0000-0002-3124-5452","authenticated-orcid":true,"given":"Jinfu","family":"Chen","sequence":"additional","affiliation":[{"name":"School of Computer Science and Communication Engineering, Jiangsu University, Zhenjiang, China"}]},{"ORCID":"https:\/\/orcid.org\/0000-0003-1128-1875","authenticated-orcid":true,"given":"Sher","family":"Ali","sequence":"additional","affiliation":[{"name":"School of Computer Science and Communication Engineering, Jiangsu University, Zhenjiang, China"}]},{"ORCID":"https:\/\/orcid.org\/0000-0003-2644-9183","authenticated-orcid":true,"given":"Bo","family":"Liu","sequence":"additional","affiliation":[{"name":"School of Computer Science and Communication Engineering, Jiangsu University, Zhenjiang, China"}]},{"ORCID":"https:\/\/orcid.org\/0000-0003-2668-6592","authenticated-orcid":true,"given":"Jingyi","family":"Chen","sequence":"additional","affiliation":[{"name":"School of Computer Science and Communication Engineering, Jiangsu University, Zhenjiang, China"}]},{"ORCID":"https:\/\/orcid.org\/0000-0002-3162-6271","authenticated-orcid":true,"given":"Chi","family":"Zhang","sequence":"additional","affiliation":[{"name":"School of Computer Science and Communication Engineering, Jiangsu University, Zhenjiang, China"}]},{"ORCID":"https:\/\/orcid.org\/0000-0002-1722-9317","authenticated-orcid":true,"given":"Jian","family":"Yang","sequence":"additional","affiliation":[{"name":"School of Computer Science and Communication Engineering, Jiangsu University, Zhenjiang, China"}]}],"member":"311","reference":[{"key":"1","doi-asserted-by":"publisher","DOI":"10.1016\/j.suscom.2018.10.002"},{"issue":"1","key":"2","first-page":"183","article-title":"Research development of abnormal traffic detection in software defined networking","volume":"31","author":"Y. H. Xu","year":"2020","journal-title":"Journal of Software"},{"issue":"1","key":"3","first-page":"83","article-title":"Research on establishment of network security service ability system for A new era","volume":"19","author":"J. Qu","year":"2019","journal-title":"Netinfo Security"},{"issue":"6","key":"4","first-page":"10","article-title":"Overview of control-flow hijacking attack and defense techniques for process","volume":"5","author":"F. F. Wang","year":"2019","journal-title":"Chinese Journal of Network and Information Security"},{"issue":"2","key":"5","first-page":"61","article-title":"Binary code continent: finer-grained control flow integrity for stripped binaries","volume":"1","author":"M. H. Wang","year":"2016","journal-title":"Journal of Cyber Security"},{"key":"6","doi-asserted-by":"publisher","DOI":"10.1155\/2021\/5518909"},{"key":"7","doi-asserted-by":"publisher","DOI":"10.1145\/1609956.1609960"},{"first-page":"868","article-title":"Protection in programming-language translations","author":"M. Abadi","key":"8"},{"first-page":"575","article-title":"Out of control overcoming control-flow integrity","author":"E. G\u00f6ktas","key":"9"},{"issue":"9","key":"10","first-page":"20","article-title":"Exploit detection based on illegal control flow transfers identification","volume":"35","author":"M. H. Wang","year":"2014","journal-title":"Journal on Communications"},{"first-page":"75","article-title":"XFI: software guards for system Address spaces","author":"\u00da. Erlingsson","key":"11"},{"key":"12","doi-asserted-by":"crossref","first-page":"16","DOI":"10.1016\/j.cose.2017.03.013","article-title":"SOFIA: software and control flow integrity architecture","volume":"68","author":"R. D. Clercq","year":"2017","journal-title":"Computers & Security"},{"key":"13","doi-asserted-by":"publisher","DOI":"10.1016\/j.cose.2019.05.004"},{"first-page":"337","article-title":"Control flow and code integrity for COTS binaries","author":"M. W. Zhang","key":"14"},{"first-page":"292","article-title":"KCoFI: complete control-flow integrity for commodity operating system kernels","author":"N. Dautenhahn","key":"15"},{"first-page":"161","article-title":"Control-flow bending: on the effectiveness of control-flow integrity","author":"N. Carlin","key":"16"},{"first-page":"559","article-title":"Practical control flow integrity and randomization for binary executables","author":"C. Zhang","key":"17"},{"first-page":"1","article-title":"CFIMon: detecting violation of control flow integrity using performance counters","author":"Y. B. Xia","key":"18"},{"first-page":"317","article-title":"All you ever wanted to know about dynamic taint analysis and forward symbolic execution (but might have been afraid to ask)","author":"E. J. Schwartz","key":"19"},{"issue":"8","key":"20","first-page":"1","article-title":"A survey of the key technology of binary program vulnerability discovery","volume":"17","author":"X. J. Wang","year":"2017","journal-title":"Netinfo Security"},{"first-page":"125","article-title":"Learning to predict severity of software vulnerability using only vulnerability description","author":"Z. B. Han","key":"21"},{"issue":"9","key":"22","first-page":"2388","article-title":"Taint analysis method based on offline indices of instruction trace","volume":"28","author":"J. X. Ma","year":"2017","journal-title":"Journal of Software"},{"issue":"4","key":"23","first-page":"860","article-title":"Principle and practice of taint analysis","volume":"28","author":"L. Wang","year":"2017","journal-title":"Journal of Software"},{"key":"24","doi-asserted-by":"publisher","DOI":"10.1134\/s036176881806004x"},{"key":"25","doi-asserted-by":"publisher","DOI":"10.3390\/app9204229"},{"issue":"2","key":"26","first-page":"247","article-title":"Attacking web browser: ROP gadget injection by using JavaScript code blocks","volume":"31","author":"P. H. Yuan","year":"2020","journal-title":"Journal of Software"}],"container-title":["Security and Communication Networks"],"original-title":[],"language":"en","link":[{"URL":"http:\/\/downloads.hindawi.com\/journals\/scn\/2021\/5581274.pdf","content-type":"application\/pdf","content-version":"vor","intended-application":"text-mining"},{"URL":"http:\/\/downloads.hindawi.com\/journals\/scn\/2021\/5581274.xml","content-type":"application\/xml","content-version":"vor","intended-application":"text-mining"},{"URL":"http:\/\/downloads.hindawi.com\/journals\/scn\/2021\/5581274.pdf","content-type":"unspecified","content-version":"vor","intended-application":"similarity-checking"}],"deposited":{"date-parts":[[2021,5,22]],"date-time":"2021-05-22T20:20:20Z","timestamp":1621714820000},"score":1,"resource":{"primary":{"URL":"https:\/\/www.hindawi.com\/journals\/scn\/2021\/5581274\/"}},"subtitle":[],"editor":[{"given":"Ke","family":"Gu","sequence":"additional","affiliation":[]}],"short-title":[],"issued":{"date-parts":[[2021,5,21]]},"references-count":26,"alternative-id":["5581274","5581274"],"URL":"https:\/\/doi.org\/10.1155\/2021\/5581274","relation":{},"ISSN":["1939-0122","1939-0114"],"issn-type":[{"type":"electronic","value":"1939-0122"},{"type":"print","value":"1939-0114"}],"subject":[],"published":{"date-parts":[[2021,5,21]]}}}