{"id":"https://openalex.org/W4377861489","doi":"https://doi.org/10.1109/access.2023.3279280","title":"Use of Ensemble Learning to Detect Buffer Overflow Exploitation","display_name":"Use of Ensemble Learning to Detect Buffer Overflow Exploitation","publication_year":2023,"publication_date":"2023-01-01","ids":{"openalex":"https://openalex.org/W4377861489","doi":"https://doi.org/10.1109/access.2023.3279280"},"language":"en","primary_location":{"id":"doi:10.1109/access.2023.3279280","is_oa":true,"landing_page_url":"https://doi.org/10.1109/access.2023.3279280","pdf_url":"https://ieeexplore.ieee.org/ielx7/6287639/10005208/10131927.pdf","source":{"id":"https://openalex.org/S2485537415","display_name":"IEEE Access","issn_l":"2169-3536","issn":["2169-3536"],"is_oa":true,"is_in_doaj":true,"is_core":true,"host_organization":"https://openalex.org/P4310319808","host_organization_name":"Institute of Electrical and Electronics Engineers","host_organization_lineage":["https://openalex.org/P4310319808"],"host_organization_lineage_names":["Institute of Electrical and Electronics Engineers"],"type":"journal"},"license":null,"license_id":null,"version":"publishedVersion","is_accepted":true,"is_published":true,"raw_source_name":"IEEE Access","raw_type":"journal-article"},"type":"article","indexed_in":["crossref","doaj"],"open_access":{"is_oa":true,"oa_status":"gold","oa_url":"https://ieeexplore.ieee.org/ielx7/6287639/10005208/10131927.pdf","any_repository_has_fulltext":true},"authorships":[{"author_position":"first","author":{"id":"https://openalex.org/A5101764064","display_name":"Ayman Youssef","orcid":"https://orcid.org/0000-0002-0136-9534"},"institutions":[{"id":"https://openalex.org/I149704539","display_name":"Deakin University","ror":"https://ror.org/02czsnj07","country_code":"AU","type":"education","lineage":["https://openalex.org/I149704539"]}],"countries":["AU"],"is_corresponding":false,"raw_author_name":"Ayman Youssef","raw_affiliation_strings":["Faculty of Science, Engineering, and Built Environment, School of Information Technology, Deakin University, Melbourne, VIC, Australia"],"raw_orcid":"https://orcid.org/0000-0002-0136-9534","affiliations":[{"raw_affiliation_string":"Faculty of Science, Engineering, and Built Environment, School of Information Technology, Deakin University, Melbourne, VIC, Australia","institution_ids":["https://openalex.org/I149704539"]}]},{"author_position":"middle","author":{"id":"https://openalex.org/A5068173669","display_name":"Mohamed Abdelrazek","orcid":"https://orcid.org/0000-0003-3812-9785"},"institutions":[{"id":"https://openalex.org/I149704539","display_name":"Deakin University","ror":"https://ror.org/02czsnj07","country_code":"AU","type":"education","lineage":["https://openalex.org/I149704539"]}],"countries":["AU"],"is_corresponding":false,"raw_author_name":"Mohamed Abdelrazek","raw_affiliation_strings":["A2I2D, Applied Aritificial Intelligence Institute, Deakin University, Melbourne, VIC, Australia"],"raw_orcid":null,"affiliations":[{"raw_affiliation_string":"A2I2D, Applied Aritificial Intelligence Institute, Deakin University, Melbourne, VIC, Australia","institution_ids":["https://openalex.org/I149704539"]}]},{"author_position":"last","author":{"id":"https://openalex.org/A5001203013","display_name":"Chandan Karmakar","orcid":"https://orcid.org/0000-0003-1814-0856"},"institutions":[{"id":"https://openalex.org/I149704539","display_name":"Deakin University","ror":"https://ror.org/02czsnj07","country_code":"AU","type":"education","lineage":["https://openalex.org/I149704539"]}],"countries":["AU"],"is_corresponding":false,"raw_author_name":"Chandan Karmakar","raw_affiliation_strings":["Faculty of Science, Engineering, and Built Environment, School of Information Technology, Deakin University, Melbourne, VIC, Australia"],"raw_orcid":"https://orcid.org/0000-0003-1814-0856","affiliations":[{"raw_affiliation_string":"Faculty of Science, Engineering, and Built Environment, School of Information Technology, Deakin University, Melbourne, VIC, Australia","institution_ids":["https://openalex.org/I149704539"]}]}],"institutions":[],"countries_distinct_count":1,"institutions_distinct_count":3,"corresponding_author_ids":[],"corresponding_institution_ids":[],"apc_list":{"value":1850,"currency":"USD","value_usd":1850},"apc_paid":{"value":1850,"currency":"USD","value_usd":1850},"fwci":0.5543,"has_fulltext":true,"cited_by_count":3,"citation_normalized_percentile":{"value":0.61910363,"is_in_top_1_percent":false,"is_in_top_10_percent":false},"cited_by_percentile_year":{"min":90,"max":96},"biblio":{"volume":"11","issue":null,"first_page":"52009","last_page":"52025"},"is_retracted":false,"is_paratext":false,"is_xpac":false,"primary_topic":{"id":"https://openalex.org/T11241","display_name":"Advanced Malware Detection Techniques","score":0.9998999834060669,"subfield":{"id":"https://openalex.org/subfields/1711","display_name":"Signal Processing"},"field":{"id":"https://openalex.org/fields/17","display_name":"Computer Science"},"domain":{"id":"https://openalex.org/domains/3","display_name":"Physical Sciences"}},"topics":[{"id":"https://openalex.org/T11241","display_name":"Advanced Malware Detection Techniques","score":0.9998999834060669,"subfield":{"id":"https://openalex.org/subfields/1711","display_name":"Signal Processing"},"field":{"id":"https://openalex.org/fields/17","display_name":"Computer Science"},"domain":{"id":"https://openalex.org/domains/3","display_name":"Physical Sciences"}},{"id":"https://openalex.org/T10400","display_name":"Network Security and Intrusion Detection","score":0.9997000098228455,"subfield":{"id":"https://openalex.org/subfields/1705","display_name":"Computer Networks and Communications"},"field":{"id":"https://openalex.org/fields/17","display_name":"Computer Science"},"domain":{"id":"https://openalex.org/domains/3","display_name":"Physical Sciences"}},{"id":"https://openalex.org/T11424","display_name":"Security and Verification in Computing","score":0.9991999864578247,"subfield":{"id":"https://openalex.org/subfields/1702","display_name":"Artificial Intelligence"},"field":{"id":"https://openalex.org/fields/17","display_name":"Computer Science"},"domain":{"id":"https://openalex.org/domains/3","display_name":"Physical Sciences"}}],"keywords":[{"id":"https://openalex.org/keywords/computer-science","display_name":"Computer science","score":0.8587244153022766},{"id":"https://openalex.org/keywords/exploit","display_name":"Exploit","score":0.8336976766586304},{"id":"https://openalex.org/keywords/buffer-overflow","display_name":"Buffer overflow","score":0.6820558905601501},{"id":"https://openalex.org/keywords/software","display_name":"Software","score":0.6152969002723694},{"id":"https://openalex.org/keywords/machine-learning","display_name":"Machine learning","score":0.5987759828567505},{"id":"https://openalex.org/keywords/ensemble-learning","display_name":"Ensemble learning","score":0.5526344776153564},{"id":"https://openalex.org/keywords/focus","display_name":"Focus (optics)","score":0.49118635058403015},{"id":"https://openalex.org/keywords/artificial-intelligence","display_name":"Artificial intelligence","score":0.47263190150260925},{"id":"https://openalex.org/keywords/feature","display_name":"Feature (linguistics)","score":0.4531838595867157},{"id":"https://openalex.org/keywords/data-mining","display_name":"Data mining","score":0.44982004165649414},{"id":"https://openalex.org/keywords/vulnerability","display_name":"Vulnerability (computing)","score":0.4272562265396118},{"id":"https://openalex.org/keywords/application-programming-interface","display_name":"Application programming interface","score":0.42626211047172546},{"id":"https://openalex.org/keywords/false-positive-rate","display_name":"False positive rate","score":0.416156530380249},{"id":"https://openalex.org/keywords/computer-security","display_name":"Computer security","score":0.17232820391654968},{"id":"https://openalex.org/keywords/operating-system","display_name":"Operating system","score":0.16086384654045105}],"concepts":[{"id":"https://openalex.org/C41008148","wikidata":"https://www.wikidata.org/wiki/Q21198","display_name":"Computer science","level":0,"score":0.8587244153022766},{"id":"https://openalex.org/C165696696","wikidata":"https://www.wikidata.org/wiki/Q11287","display_name":"Exploit","level":2,"score":0.8336976766586304},{"id":"https://openalex.org/C40842320","wikidata":"https://www.wikidata.org/wiki/Q19423","display_name":"Buffer overflow","level":2,"score":0.6820558905601501},{"id":"https://openalex.org/C2777904410","wikidata":"https://www.wikidata.org/wiki/Q7397","display_name":"Software","level":2,"score":0.6152969002723694},{"id":"https://openalex.org/C119857082","wikidata":"https://www.wikidata.org/wiki/Q2539","display_name":"Machine learning","level":1,"score":0.5987759828567505},{"id":"https://openalex.org/C45942800","wikidata":"https://www.wikidata.org/wiki/Q245652","display_name":"Ensemble learning","level":2,"score":0.5526344776153564},{"id":"https://openalex.org/C192209626","wikidata":"https://www.wikidata.org/wiki/Q190909","display_name":"Focus (optics)","level":2,"score":0.49118635058403015},{"id":"https://openalex.org/C154945302","wikidata":"https://www.wikidata.org/wiki/Q11660","display_name":"Artificial intelligence","level":1,"score":0.47263190150260925},{"id":"https://openalex.org/C2776401178","wikidata":"https://www.wikidata.org/wiki/Q12050496","display_name":"Feature (linguistics)","level":2,"score":0.4531838595867157},{"id":"https://openalex.org/C124101348","wikidata":"https://www.wikidata.org/wiki/Q172491","display_name":"Data mining","level":1,"score":0.44982004165649414},{"id":"https://openalex.org/C95713431","wikidata":"https://www.wikidata.org/wiki/Q631425","display_name":"Vulnerability (computing)","level":2,"score":0.4272562265396118},{"id":"https://openalex.org/C99613125","wikidata":"https://www.wikidata.org/wiki/Q165194","display_name":"Application programming interface","level":2,"score":0.42626211047172546},{"id":"https://openalex.org/C95922358","wikidata":"https://www.wikidata.org/wiki/Q5432725","display_name":"False positive rate","level":2,"score":0.416156530380249},{"id":"https://openalex.org/C38652104","wikidata":"https://www.wikidata.org/wiki/Q3510521","display_name":"Computer security","level":1,"score":0.17232820391654968},{"id":"https://openalex.org/C111919701","wikidata":"https://www.wikidata.org/wiki/Q9135","display_name":"Operating system","level":1,"score":0.16086384654045105},{"id":"https://openalex.org/C138885662","wikidata":"https://www.wikidata.org/wiki/Q5891","display_name":"Philosophy","level":0,"score":0.0},{"id":"https://openalex.org/C41895202","wikidata":"https://www.wikidata.org/wiki/Q8162","display_name":"Linguistics","level":1,"score":0.0},{"id":"https://openalex.org/C121332964","wikidata":"https://www.wikidata.org/wiki/Q413","display_name":"Physics","level":0,"score":0.0},{"id":"https://openalex.org/C120665830","wikidata":"https://www.wikidata.org/wiki/Q14620","display_name":"Optics","level":1,"score":0.0}],"mesh":[],"locations_count":3,"locations":[{"id":"doi:10.1109/access.2023.3279280","is_oa":true,"landing_page_url":"https://doi.org/10.1109/access.2023.3279280","pdf_url":"https://ieeexplore.ieee.org/ielx7/6287639/10005208/10131927.pdf","source":{"id":"https://openalex.org/S2485537415","display_name":"IEEE Access","issn_l":"2169-3536","issn":["2169-3536"],"is_oa":true,"is_in_doaj":true,"is_core":true,"host_organization":"https://openalex.org/P4310319808","host_organization_name":"Institute of Electrical and Electronics Engineers","host_organization_lineage":["https://openalex.org/P4310319808"],"host_organization_lineage_names":["Institute of Electrical and Electronics Engineers"],"type":"journal"},"license":null,"license_id":null,"version":"publishedVersion","is_accepted":true,"is_published":true,"raw_source_name":"IEEE Access","raw_type":"journal-article"},{"id":"pmh:oai:doaj.org/article:53dfa4377b794ac7989c6b0f1ff6c71f","is_oa":true,"landing_page_url":"https://doaj.org/article/53dfa4377b794ac7989c6b0f1ff6c71f","pdf_url":null,"source":{"id":"https://openalex.org/S4306401280","display_name":"DOAJ (DOAJ: Directory of Open Access Journals)","issn_l":null,"issn":null,"is_oa":false,"is_in_doaj":false,"is_core":false,"host_organization":null,"host_organization_name":null,"host_organization_lineage":[],"host_organization_lineage_names":[],"type":"repository"},"license":"cc-by-sa","license_id":"https://openalex.org/licenses/cc-by-sa","version":"submittedVersion","is_accepted":false,"is_published":false,"raw_source_name":"IEEE Access, Vol 11, Pp 52009-52025 (2023)","raw_type":"article"},{"id":"pmh:oai:figshare.com:article/23538774","is_oa":true,"landing_page_url":"https://figshare.com/articles/journal_contribution/Use_of_Ensemble_Learning_to_Detect_Buffer_Overflow_Exploitation/23538774","pdf_url":null,"source":{"id":"https://openalex.org/S4377196282","display_name":"Figshare","issn_l":null,"issn":null,"is_oa":false,"is_in_doaj":false,"is_core":false,"host_organization":"https://openalex.org/I4210132348","host_organization_name":"Figshare (United Kingdom)","host_organization_lineage":["https://openalex.org/I4210132348"],"host_organization_lineage_names":[],"type":"repository"},"license":"cc-by","license_id":"https://openalex.org/licenses/cc-by","version":"submittedVersion","is_accepted":false,"is_published":false,"raw_source_name":"","raw_type":"Text"}],"best_oa_location":{"id":"doi:10.1109/access.2023.3279280","is_oa":true,"landing_page_url":"https://doi.org/10.1109/access.2023.3279280","pdf_url":"https://ieeexplore.ieee.org/ielx7/6287639/10005208/10131927.pdf","source":{"id":"https://openalex.org/S2485537415","display_name":"IEEE Access","issn_l":"2169-3536","issn":["2169-3536"],"is_oa":true,"is_in_doaj":true,"is_core":true,"host_organization":"https://openalex.org/P4310319808","host_organization_name":"Institute of Electrical and Electronics Engineers","host_organization_lineage":["https://openalex.org/P4310319808"],"host_organization_lineage_names":["Institute of Electrical and Electronics Engineers"],"type":"journal"},"license":null,"license_id":null,"version":"publishedVersion","is_accepted":true,"is_published":true,"raw_source_name":"IEEE Access","raw_type":"journal-article"},"sustainable_development_goals":[{"display_name":"Life in Land","score":0.41999998688697815,"id":"https://metadata.un.org/sdg/15"}],"awards":[],"funders":[],"has_content":{"grobid_xml":true,"pdf":true},"content_urls":{"pdf":"https://content.openalex.org/works/W4377861489.pdf","grobid_xml":"https://content.openalex.org/works/W4377861489.grobid-xml"},"referenced_works_count":57,"referenced_works":["https://openalex.org/W79469354","https://openalex.org/W1546956568","https://openalex.org/W1856335686","https://openalex.org/W1972368044","https://openalex.org/W1982829328","https://openalex.org/W1996931407","https://openalex.org/W2007597182","https://openalex.org/W2008626182","https://openalex.org/W2128985333","https://openalex.org/W2186070848","https://openalex.org/W2295598076","https://openalex.org/W2296509296","https://openalex.org/W2468321486","https://openalex.org/W2495657724","https://openalex.org/W2593964806","https://openalex.org/W2597604324","https://openalex.org/W2601474892","https://openalex.org/W2612418998","https://openalex.org/W2766540688","https://openalex.org/W2787056259","https://openalex.org/W2789828921","https://openalex.org/W2793157084","https://openalex.org/W2795864650","https://openalex.org/W2803414046","https://openalex.org/W2804108441","https://openalex.org/W2806746626","https://openalex.org/W2807319534","https://openalex.org/W2808779485","https://openalex.org/W2883008388","https://openalex.org/W2884764722","https://openalex.org/W2889216390","https://openalex.org/W2900713154","https://openalex.org/W2911964244","https://openalex.org/W2958285686","https://openalex.org/W2962832406","https://openalex.org/W2976808284","https://openalex.org/W2988790801","https://openalex.org/W3000914570","https://openalex.org/W3001307185","https://openalex.org/W3011558368","https://openalex.org/W3097867666","https://openalex.org/W3127782461","https://openalex.org/W3160226526","https://openalex.org/W4205437532","https://openalex.org/W4229055032","https://openalex.org/W4250934777","https://openalex.org/W4296079469","https://openalex.org/W4306742290","https://openalex.org/W6635629245","https://openalex.org/W6675416627","https://openalex.org/W6683671222","https://openalex.org/W6686600716","https://openalex.org/W6749470980","https://openalex.org/W6752968141","https://openalex.org/W6754371476","https://openalex.org/W6795043098","https://openalex.org/W6927331436"],"related_works":["https://openalex.org/W107132618","https://openalex.org/W1972760175","https://openalex.org/W2887198767","https://openalex.org/W4233969565","https://openalex.org/W4283264706","https://openalex.org/W1515699938","https://openalex.org/W1994367926","https://openalex.org/W4387360145","https://openalex.org/W946883631","https://openalex.org/W2390718939"],"abstract_inverted_index":{"Software":[0,6],"exploitation":[1,42,88,209],"detection":[2,20,43],"remains":[3],"unresolved":[4],"problem.":[5],"exploits":[7,26],"that":[8,67,159,178,199,234],"target":[9],"known":[10,25],"and":[11,27,48,63,71,114,137,141,152,186],"unknown":[12],"vulnerabilities":[13,97],"are":[14,22,139],"constantly":[15],"used":[16],"in":[17,46,98],"attacks.":[18],"Signature-based":[19],"techniques":[21,210,216],"limited":[23,45],"to":[24,29,85,164,182,214],"susceptible":[28],"circumvention.":[30],"Current":[31],"research":[32,52],"on":[33,81,94,134,174,190,205,239],"the":[34,54,107,110,115,175,191,194,200,212,231,236,242,246],"use":[35,49,55],"of":[36,56,60,65,109,112,124,193,203,208,230,241],"Machine":[37],"Learning":[38],"(ML)":[39],"for":[40],"software":[41,87],"is":[44],"quantity":[47],"cases.":[50],"Existing":[51],"lacks":[53],"public":[57],"datasets,":[58],"discussions":[59],"feature":[61],"importance,":[62],"elaboration":[64],"parameters":[66,151,177],"affect":[68],"data":[69],"preparation":[70],"subsequently":[72],"model":[73,213],"performance.":[74],"This":[75],"paper":[76],"presents":[77],"ML":[78,195],"models":[79,132,204],"based":[80],"different":[82,153,176],"ensemble":[83],"algorithms":[84],"detect":[86,215],"using":[89,148],"runtime":[90,184],"traces.":[91],"We":[92,117,172,197],"focus":[93],"buffer":[95],"overflow":[96],"user-space":[99],"applications":[100,127],"within":[101],"Windows":[102,126],"Operating":[103],"Systems":[104],"(OS),":[105],"given":[106],"prevalence":[108],"type":[111],"vulnerability":[113],"OS.":[116],"utilized":[118],"a":[119,206,228],"publicly":[120],"available":[121],"raw":[122],"dataset":[123],"11":[125],"under":[128],"exploitation.":[129],"Multiple":[130],"distinct":[131],"(based":[133],"Random":[135],"Forest":[136],"XGBoost)":[138],"created":[140],"tested.":[142],"Testing":[143],"was":[144],"performed":[145],"several":[146],"times":[147],"various":[149],"aggregation":[150],"testing":[154],"applications.":[155],"Our":[156],"results":[157],"demonstrate":[158,187,198],"we":[160,225],"can":[161],"achieve":[162],"up":[163],"100%":[165],"recall":[166],"with":[167,227,245],"0%":[168],"false":[169],"positive":[170],"rate.":[171],"report":[173],"must":[179],"be":[180],"addressed":[181],"curate":[183],"traces":[185],"their":[188],"impact":[189,238],"performance":[192],"models.":[196],"proper":[201],"training":[202],"subset":[207],"enables":[211],"never":[217],"seen":[218],"before,":[219],"such":[220],"as":[221],"return-oriented":[222],"programming.":[223],"Finally,":[224],"conclude":[226],"discussion":[229],"important":[232],"features":[233],"had":[235],"highest":[237],"each":[240],"models,":[243],"along":[244],"key":[247],"takeaways.":[248]},"counts_by_year":[{"year":2024,"cited_by_count":1},{"year":2023,"cited_by_count":2}],"updated_date":"2026-06-11T09:08:48.828518","created_date":"2025-10-10T00:00:00"}