{"id":"https://openalex.org/W2767251466","doi":"https://doi.org/10.1109/ase.2017.8115636","title":"Static detection of asymptotic resource side-channel vulnerabilities in web applications","display_name":"Static detection of asymptotic resource side-channel vulnerabilities in web applications","publication_year":2017,"publication_date":"2017-10-01","ids":{"openalex":"https://openalex.org/W2767251466","doi":"https://doi.org/10.1109/ase.2017.8115636","mag":"2767251466"},"language":"en","primary_location":{"id":"doi:10.1109/ase.2017.8115636","is_oa":false,"landing_page_url":"https://doi.org/10.1109/ase.2017.8115636","pdf_url":null,"source":null,"license":null,"license_id":null,"version":"publishedVersion","is_accepted":true,"is_published":true,"raw_source_name":"2017 32nd IEEE/ACM International Conference on Automated Software Engineering (ASE)","raw_type":"proceedings-article"},"type":"article","indexed_in":["crossref"],"open_access":{"is_oa":false,"oa_status":"closed","oa_url":null,"any_repository_has_fulltext":false},"authorships":[{"author_position":"first","author":{"id":"https://openalex.org/A5100416039","display_name":"Jia Chen","orcid":"https://orcid.org/0009-0005-0957-1744"},"institutions":[{"id":"https://openalex.org/I86519309","display_name":"The University of Texas at Austin","ror":"https://ror.org/00hj54h04","country_code":"US","type":"education","lineage":["https://openalex.org/I86519309"]}],"countries":["US"],"is_corresponding":true,"raw_author_name":"Jia Chen","raw_affiliation_strings":["The University of Texas at Austin, United States"],"affiliations":[{"raw_affiliation_string":"The University of Texas at Austin, United States","institution_ids":["https://openalex.org/I86519309"]}]},{"author_position":"middle","author":{"id":"https://openalex.org/A5068639762","display_name":"Oswaldo Olivo","orcid":null},"institutions":[{"id":"https://openalex.org/I86519309","display_name":"The University of Texas at Austin","ror":"https://ror.org/00hj54h04","country_code":"US","type":"education","lineage":["https://openalex.org/I86519309"]}],"countries":["US"],"is_corresponding":false,"raw_author_name":"Oswaldo Olivo","raw_affiliation_strings":["The University of Texas at Austin, United States"],"affiliations":[{"raw_affiliation_string":"The University of Texas at Austin, United States","institution_ids":["https://openalex.org/I86519309"]}]},{"author_position":"middle","author":{"id":"https://openalex.org/A5006424908","display_name":"I\u015f\u0131l Dillig","orcid":"https://orcid.org/0000-0001-8006-1230"},"institutions":[{"id":"https://openalex.org/I86519309","display_name":"The University of Texas at Austin","ror":"https://ror.org/00hj54h04","country_code":"US","type":"education","lineage":["https://openalex.org/I86519309"]}],"countries":["US"],"is_corresponding":false,"raw_author_name":"Isil Dillig","raw_affiliation_strings":["The University of Texas at Austin, United States"],"affiliations":[{"raw_affiliation_string":"The University of Texas at Austin, United States","institution_ids":["https://openalex.org/I86519309"]}]},{"author_position":"last","author":{"id":"https://openalex.org/A5103038181","display_name":"Calvin Lin","orcid":"https://orcid.org/0000-0001-6284-4629"},"institutions":[{"id":"https://openalex.org/I86519309","display_name":"The University of Texas at Austin","ror":"https://ror.org/00hj54h04","country_code":"US","type":"education","lineage":["https://openalex.org/I86519309"]}],"countries":["US"],"is_corresponding":false,"raw_author_name":"Calvin Lin","raw_affiliation_strings":["The University of Texas at Austin, United States"],"affiliations":[{"raw_affiliation_string":"The University of Texas at Austin, United States","institution_ids":["https://openalex.org/I86519309"]}]}],"institutions":[],"countries_distinct_count":1,"institutions_distinct_count":4,"corresponding_author_ids":["https://openalex.org/A5100416039"],"corresponding_institution_ids":["https://openalex.org/I86519309"],"apc_list":null,"apc_paid":null,"fwci":0.9673,"has_fulltext":false,"cited_by_count":2,"citation_normalized_percentile":{"value":0.83311389,"is_in_top_1_percent":false,"is_in_top_10_percent":false},"cited_by_percentile_year":{"min":89,"max":94},"biblio":{"volume":"2005","issue":null,"first_page":"229","last_page":"239"},"is_retracted":false,"is_paratext":false,"is_xpac":false,"primary_topic":{"id":"https://openalex.org/T12479","display_name":"Web Application Security Vulnerabilities","score":0.9998000264167786,"subfield":{"id":"https://openalex.org/subfields/1710","display_name":"Information Systems"},"field":{"id":"https://openalex.org/fields/17","display_name":"Computer Science"},"domain":{"id":"https://openalex.org/domains/3","display_name":"Physical Sciences"}},"topics":[{"id":"https://openalex.org/T12479","display_name":"Web Application Security Vulnerabilities","score":0.9998000264167786,"subfield":{"id":"https://openalex.org/subfields/1710","display_name":"Information Systems"},"field":{"id":"https://openalex.org/fields/17","display_name":"Computer Science"},"domain":{"id":"https://openalex.org/domains/3","display_name":"Physical Sciences"}},{"id":"https://openalex.org/T11424","display_name":"Security and Verification in Computing","score":0.9995999932289124,"subfield":{"id":"https://openalex.org/subfields/1702","display_name":"Artificial Intelligence"},"field":{"id":"https://openalex.org/fields/17","display_name":"Computer Science"},"domain":{"id":"https://openalex.org/domains/3","display_name":"Physical Sciences"}},{"id":"https://openalex.org/T11241","display_name":"Advanced Malware Detection Techniques","score":0.9983000159263611,"subfield":{"id":"https://openalex.org/subfields/1711","display_name":"Signal Processing"},"field":{"id":"https://openalex.org/fields/17","display_name":"Computer Science"},"domain":{"id":"https://openalex.org/domains/3","display_name":"Physical Sciences"}}],"keywords":[{"id":"https://openalex.org/keywords/side-channel-attack","display_name":"Side channel attack","score":0.9134294390678406},{"id":"https://openalex.org/keywords/computer-science","display_name":"Computer science","score":0.7955998182296753},{"id":"https://openalex.org/keywords/client-side","display_name":"Client-side","score":0.6318046450614929},{"id":"https://openalex.org/keywords/computer-security","display_name":"Computer security","score":0.6309787034988403},{"id":"https://openalex.org/keywords/channel","display_name":"Channel (broadcasting)","score":0.5451556444168091},{"id":"https://openalex.org/keywords/resource","display_name":"Resource (disambiguation)","score":0.5200633406639099},{"id":"https://openalex.org/keywords/confidentiality","display_name":"Confidentiality","score":0.49772337079048157},{"id":"https://openalex.org/keywords/false-positive-paradox","display_name":"False positive paradox","score":0.4564914107322693},{"id":"https://openalex.org/keywords/computer-network","display_name":"Computer network","score":0.4415467381477356},{"id":"https://openalex.org/keywords/cryptography","display_name":"Cryptography","score":0.21763566136360168},{"id":"https://openalex.org/keywords/artificial-intelligence","display_name":"Artificial intelligence","score":0.07547402381896973}],"concepts":[{"id":"https://openalex.org/C49289754","wikidata":"https://www.wikidata.org/wiki/Q2267081","display_name":"Side channel attack","level":3,"score":0.9134294390678406},{"id":"https://openalex.org/C41008148","wikidata":"https://www.wikidata.org/wiki/Q21198","display_name":"Computer science","level":0,"score":0.7955998182296753},{"id":"https://openalex.org/C202477664","wikidata":"https://www.wikidata.org/wiki/Q1352449","display_name":"Client-side","level":2,"score":0.6318046450614929},{"id":"https://openalex.org/C38652104","wikidata":"https://www.wikidata.org/wiki/Q3510521","display_name":"Computer security","level":1,"score":0.6309787034988403},{"id":"https://openalex.org/C127162648","wikidata":"https://www.wikidata.org/wiki/Q16858953","display_name":"Channel (broadcasting)","level":2,"score":0.5451556444168091},{"id":"https://openalex.org/C206345919","wikidata":"https://www.wikidata.org/wiki/Q20380951","display_name":"Resource (disambiguation)","level":2,"score":0.5200633406639099},{"id":"https://openalex.org/C71745522","wikidata":"https://www.wikidata.org/wiki/Q2476929","display_name":"Confidentiality","level":2,"score":0.49772337079048157},{"id":"https://openalex.org/C64869954","wikidata":"https://www.wikidata.org/wiki/Q1859747","display_name":"False positive paradox","level":2,"score":0.4564914107322693},{"id":"https://openalex.org/C31258907","wikidata":"https://www.wikidata.org/wiki/Q1301371","display_name":"Computer network","level":1,"score":0.4415467381477356},{"id":"https://openalex.org/C178489894","wikidata":"https://www.wikidata.org/wiki/Q8789","display_name":"Cryptography","level":2,"score":0.21763566136360168},{"id":"https://openalex.org/C154945302","wikidata":"https://www.wikidata.org/wiki/Q11660","display_name":"Artificial intelligence","level":1,"score":0.07547402381896973}],"mesh":[],"locations_count":1,"locations":[{"id":"doi:10.1109/ase.2017.8115636","is_oa":false,"landing_page_url":"https://doi.org/10.1109/ase.2017.8115636","pdf_url":null,"source":null,"license":null,"license_id":null,"version":"publishedVersion","is_accepted":true,"is_published":true,"raw_source_name":"2017 32nd IEEE/ACM International Conference on Automated Software Engineering (ASE)","raw_type":"proceedings-article"}],"best_oa_location":null,"sustainable_development_goals":[],"awards":[],"funders":[],"has_content":{"pdf":false,"grobid_xml":false},"content_urls":null,"referenced_works_count":57,"referenced_works":["https://openalex.org/W54762625","https://openalex.org/W57185801","https://openalex.org/W109951691","https://openalex.org/W1429964360","https://openalex.org/W1480909796","https://openalex.org/W1488986397","https://openalex.org/W1505465226","https://openalex.org/W1560720671","https://openalex.org/W1590648473","https://openalex.org/W1599625180","https://openalex.org/W1613874182","https://openalex.org/W1965209910","https://openalex.org/W1977764760","https://openalex.org/W2008158744","https://openalex.org/W2025849355","https://openalex.org/W2040210405","https://openalex.org/W2048018257","https://openalex.org/W2048702750","https://openalex.org/W2058033966","https://openalex.org/W2071929572","https://openalex.org/W2078114603","https://openalex.org/W2085925880","https://openalex.org/W2095840868","https://openalex.org/W2108104925","https://openalex.org/W2108384401","https://openalex.org/W2109863363","https://openalex.org/W2111487235","https://openalex.org/W2117550587","https://openalex.org/W2119966192","https://openalex.org/W2122049982","https://openalex.org/W2125202010","https://openalex.org/W2134429122","https://openalex.org/W2134646643","https://openalex.org/W2137062096","https://openalex.org/W2139799388","https://openalex.org/W2147436337","https://openalex.org/W2148890056","https://openalex.org/W2151481990","https://openalex.org/W2166743230","https://openalex.org/W2293441536","https://openalex.org/W2296151933","https://openalex.org/W2418260908","https://openalex.org/W2497845670","https://openalex.org/W2515614845","https://openalex.org/W2546922927","https://openalex.org/W2547267640","https://openalex.org/W2565334366","https://openalex.org/W4236991443","https://openalex.org/W4238789074","https://openalex.org/W4240835555","https://openalex.org/W4242321992","https://openalex.org/W6604462143","https://openalex.org/W6628190228","https://openalex.org/W6629227017","https://openalex.org/W6630065895","https://openalex.org/W6633554152","https://openalex.org/W6636388380"],"related_works":["https://openalex.org/W4302890120","https://openalex.org/W4402156186","https://openalex.org/W4288264855","https://openalex.org/W1995482645","https://openalex.org/W2800367972","https://openalex.org/W3212202758","https://openalex.org/W1979999931","https://openalex.org/W4402742686","https://openalex.org/W4372271877","https://openalex.org/W3123819699"],"abstract_inverted_index":{"Web":[0],"applications":[1,100],"can":[2,112],"leak":[3],"confidential":[4,124],"user":[5],"information":[6],"due":[7,25],"to":[8,26,119],"the":[9,44,53],"presence":[10],"of":[11,21,34,55,123],"unintended":[12],"side-channel":[13,22,38,84],"vulnerabilities":[14,23,39,85,95,108],"in":[15,86,96],"code.":[16],"One":[17],"particularly":[18],"subtle":[19],"class":[20],"arises":[24],"resource":[27,45,57],"usage":[28,46],"imbalances":[29],"along":[30],"different":[31,98],"execution":[32],"paths":[33],"a":[35,61,77,128],"program.":[36],"Such":[37],"are":[40],"especially":[41],"severe":[42],"if":[43],"imbalance":[47],"is":[48],"asymptotic.":[49],"This":[50],"paper":[51],"formalizes":[52],"notion":[54],"asymptotic":[56],"side-channels":[58],"and":[59,101],"presents":[60],"lightweight":[62],"static":[63],"analysis":[64],"algorithm":[65],"for":[66],"automatically":[67],"detecting":[68],"them.":[69],"Based":[70],"on":[71],"these":[72],"ideas,":[73],"we":[74],"have":[75],"developed":[76],"tool":[78],"called":[79],"SCANNER":[80,89,111],"that":[81],"detects":[82],"resource-related":[83],"PHP":[87],"applications.":[88],"has":[90],"found":[91],"18":[92],"zero-day":[93],"security":[94],"10":[97],"web":[99],"reports":[102],"only":[103],"2":[104],"false":[105],"positives.":[106],"The":[107],"uncovered":[109],"by":[110],"be":[113],"exploited":[114],"using":[115],"cross-site":[116],"search":[117],"attacks":[118],"extract":[120],"various":[121],"kinds":[122],"information,":[125],"such":[126],"as":[127],"user's":[129],"medications":[130],"or":[131],"purchase":[132],"history.":[133]},"counts_by_year":[{"year":2020,"cited_by_count":1},{"year":2019,"cited_by_count":1}],"updated_date":"2025-11-06T03:46:38.306776","created_date":"2025-10-10T00:00:00"}