{"id":"https://openalex.org/W2138040966","doi":"https://doi.org/10.1109/scam.2015.7335407","title":"Data tainting and obfuscation: Improving plausibility of incorrect taint","display_name":"Data tainting and obfuscation: Improving plausibility of incorrect taint","publication_year":2015,"publication_date":"2015-09-01","ids":{"openalex":"https://openalex.org/W2138040966","doi":"https://doi.org/10.1109/scam.2015.7335407","mag":"2138040966"},"language":"en","primary_location":{"id":"doi:10.1109/scam.2015.7335407","is_oa":false,"landing_page_url":"https://doi.org/10.1109/scam.2015.7335407","pdf_url":null,"source":null,"license":null,"license_id":null,"version":"publishedVersion","is_accepted":true,"is_published":true,"raw_source_name":"2015 IEEE 15th International Working Conference on Source Code Analysis and Manipulation (SCAM)","raw_type":"proceedings-article"},"type":"preprint","indexed_in":["crossref"],"open_access":{"is_oa":false,"oa_status":"closed","oa_url":null,"any_repository_has_fulltext":false},"authorships":[{"author_position":"first","author":{"id":"https://openalex.org/A5017440499","display_name":"Sandrine Blazy","orcid":"https://orcid.org/0000-0002-0189-0223"},"institutions":[{"id":"https://openalex.org/I2802519937","display_name":"Institut de Recherche en Informatique et Syst\u00e8mes Al\u00e9atoires","ror":"https://ror.org/00myn0z94","country_code":"FR","type":"facility","lineage":["https://openalex.org/I1294671590","https://openalex.org/I1294671590","https://openalex.org/I1326498283","https://openalex.org/I205703379","https://openalex.org/I2802204017","https://openalex.org/I2802519937","https://openalex.org/I28221208","https://openalex.org/I4210127572","https://openalex.org/I4210159245","https://openalex.org/I56067802"]},{"id":"https://openalex.org/I56067802","display_name":"Universit\u00e9 de Rennes","ror":"https://ror.org/015m7wh34","country_code":"FR","type":"education","lineage":["https://openalex.org/I56067802"]}],"countries":["FR"],"is_corresponding":true,"raw_author_name":"Sandrine Blazy","raw_affiliation_strings":["Universit\u00e9 de Rennes 1, IRISA, France"],"affiliations":[{"raw_affiliation_string":"Universit\u00e9 de Rennes 1, IRISA, France","institution_ids":["https://openalex.org/I56067802","https://openalex.org/I2802519937"]}]},{"author_position":"middle","author":{"id":"https://openalex.org/A5073197955","display_name":"St\u00e9phanie Riaud","orcid":null},"institutions":[{"id":"https://openalex.org/I1326498283","display_name":"Institut national de recherche en sciences et technologies du num\u00e9rique","ror":"https://ror.org/02kvxyf05","country_code":"FR","type":"government","lineage":["https://openalex.org/I1326498283"]}],"countries":["FR"],"is_corresponding":false,"raw_author_name":"Stephanie Riaud","raw_affiliation_strings":["DGA Ma\u00eetrise de l'Information Inria, France","DGA Ma\u00edtrise de l'Information, Inria, France"],"affiliations":[{"raw_affiliation_string":"DGA Ma\u00eetrise de l'Information Inria, France","institution_ids":["https://openalex.org/I1326498283"]},{"raw_affiliation_string":"DGA Ma\u00edtrise de l'Information, Inria, France","institution_ids":["https://openalex.org/I1326498283"]}]},{"author_position":"last","author":{"id":"https://openalex.org/A5040533861","display_name":"Thomas Sirvent","orcid":null},"institutions":[{"id":"https://openalex.org/I1326498283","display_name":"Institut national de recherche en sciences et technologies du num\u00e9rique","ror":"https://ror.org/02kvxyf05","country_code":"FR","type":"government","lineage":["https://openalex.org/I1326498283"]},{"id":"https://openalex.org/I2802519937","display_name":"Institut de Recherche en Informatique et Syst\u00e8mes Al\u00e9atoires","ror":"https://ror.org/00myn0z94","country_code":"FR","type":"facility","lineage":["https://openalex.org/I1294671590","https://openalex.org/I1294671590","https://openalex.org/I1326498283","https://openalex.org/I205703379","https://openalex.org/I2802204017","https://openalex.org/I2802519937","https://openalex.org/I28221208","https://openalex.org/I4210127572","https://openalex.org/I4210159245","https://openalex.org/I56067802"]}],"countries":["FR"],"is_corresponding":false,"raw_author_name":"Thomas Sirvent","raw_affiliation_strings":["DGA Ma\u00eetrise de l'Information Inria, France","DGA Ma\u00eetrise de l'Information, IRISA, France"],"affiliations":[{"raw_affiliation_string":"DGA Ma\u00eetrise de l'Information Inria, France","institution_ids":["https://openalex.org/I1326498283"]},{"raw_affiliation_string":"DGA Ma\u00eetrise de l'Information, IRISA, France","institution_ids":["https://openalex.org/I2802519937"]}]}],"institutions":[],"countries_distinct_count":1,"institutions_distinct_count":3,"corresponding_author_ids":["https://openalex.org/A5017440499"],"corresponding_institution_ids":["https://openalex.org/I2802519937","https://openalex.org/I56067802"],"apc_list":null,"apc_paid":null,"fwci":0.81655792,"has_fulltext":false,"cited_by_count":3,"citation_normalized_percentile":{"value":0.75215069,"is_in_top_1_percent":false,"is_in_top_10_percent":false},"cited_by_percentile_year":{"min":90,"max":96},"biblio":{"volume":"5137","issue":null,"first_page":"111","last_page":"120"},"is_retracted":false,"is_paratext":false,"is_xpac":false,"primary_topic":{"id":"https://openalex.org/T11241","display_name":"Advanced Malware Detection Techniques","score":0.9994999766349792,"subfield":{"id":"https://openalex.org/subfields/1711","display_name":"Signal Processing"},"field":{"id":"https://openalex.org/fields/17","display_name":"Computer Science"},"domain":{"id":"https://openalex.org/domains/3","display_name":"Physical Sciences"}},"topics":[{"id":"https://openalex.org/T11241","display_name":"Advanced Malware Detection Techniques","score":0.9994999766349792,"subfield":{"id":"https://openalex.org/subfields/1711","display_name":"Signal Processing"},"field":{"id":"https://openalex.org/fields/17","display_name":"Computer Science"},"domain":{"id":"https://openalex.org/domains/3","display_name":"Physical Sciences"}},{"id":"https://openalex.org/T11424","display_name":"Security and Verification in Computing","score":0.9994999766349792,"subfield":{"id":"https://openalex.org/subfields/1702","display_name":"Artificial Intelligence"},"field":{"id":"https://openalex.org/fields/17","display_name":"Computer Science"},"domain":{"id":"https://openalex.org/domains/3","display_name":"Physical Sciences"}},{"id":"https://openalex.org/T12479","display_name":"Web Application Security Vulnerabilities","score":0.9952999949455261,"subfield":{"id":"https://openalex.org/subfields/1710","display_name":"Information Systems"},"field":{"id":"https://openalex.org/fields/17","display_name":"Computer Science"},"domain":{"id":"https://openalex.org/domains/3","display_name":"Physical Sciences"}}],"keywords":[{"id":"https://openalex.org/keywords/obfuscation","display_name":"Obfuscation","score":0.9077827334403992},{"id":"https://openalex.org/keywords/reverse-engineering","display_name":"Reverse engineering","score":0.8620204925537109},{"id":"https://openalex.org/keywords/computer-science","display_name":"Computer science","score":0.8269568681716919},{"id":"https://openalex.org/keywords/exploit","display_name":"Exploit","score":0.6880049109458923},{"id":"https://openalex.org/keywords/software","display_name":"Software","score":0.677460253238678},{"id":"https://openalex.org/keywords/taint-checking","display_name":"Taint checking","score":0.6495951414108276},{"id":"https://openalex.org/keywords/code","display_name":"Code (set theory)","score":0.4770561754703522},{"id":"https://openalex.org/keywords/malware","display_name":"Malware","score":0.477043092250824},{"id":"https://openalex.org/keywords/software-security-assurance","display_name":"Software security assurance","score":0.4558807611465454},{"id":"https://openalex.org/keywords/computer-security","display_name":"Computer security","score":0.4473086893558502},{"id":"https://openalex.org/keywords/static-analysis","display_name":"Static analysis","score":0.4431685507297516},{"id":"https://openalex.org/keywords/operating-system","display_name":"Operating system","score":0.2177487313747406},{"id":"https://openalex.org/keywords/programming-language","display_name":"Programming language","score":0.14966943860054016},{"id":"https://openalex.org/keywords/information-security","display_name":"Information security","score":0.13287025690078735}],"concepts":[{"id":"https://openalex.org/C40305131","wikidata":"https://www.wikidata.org/wiki/Q2616305","display_name":"Obfuscation","level":2,"score":0.9077827334403992},{"id":"https://openalex.org/C207850805","wikidata":"https://www.wikidata.org/wiki/Q269608","display_name":"Reverse engineering","level":2,"score":0.8620204925537109},{"id":"https://openalex.org/C41008148","wikidata":"https://www.wikidata.org/wiki/Q21198","display_name":"Computer science","level":0,"score":0.8269568681716919},{"id":"https://openalex.org/C165696696","wikidata":"https://www.wikidata.org/wiki/Q11287","display_name":"Exploit","level":2,"score":0.6880049109458923},{"id":"https://openalex.org/C2777904410","wikidata":"https://www.wikidata.org/wiki/Q7397","display_name":"Software","level":2,"score":0.677460253238678},{"id":"https://openalex.org/C63116202","wikidata":"https://www.wikidata.org/wiki/Q7676227","display_name":"Taint checking","level":3,"score":0.6495951414108276},{"id":"https://openalex.org/C2776760102","wikidata":"https://www.wikidata.org/wiki/Q5139990","display_name":"Code (set theory)","level":3,"score":0.4770561754703522},{"id":"https://openalex.org/C541664917","wikidata":"https://www.wikidata.org/wiki/Q14001","display_name":"Malware","level":2,"score":0.477043092250824},{"id":"https://openalex.org/C62913178","wikidata":"https://www.wikidata.org/wiki/Q7554361","display_name":"Software security assurance","level":4,"score":0.4558807611465454},{"id":"https://openalex.org/C38652104","wikidata":"https://www.wikidata.org/wiki/Q3510521","display_name":"Computer security","level":1,"score":0.4473086893558502},{"id":"https://openalex.org/C97686452","wikidata":"https://www.wikidata.org/wiki/Q7604153","display_name":"Static analysis","level":2,"score":0.4431685507297516},{"id":"https://openalex.org/C111919701","wikidata":"https://www.wikidata.org/wiki/Q9135","display_name":"Operating system","level":1,"score":0.2177487313747406},{"id":"https://openalex.org/C199360897","wikidata":"https://www.wikidata.org/wiki/Q9143","display_name":"Programming language","level":1,"score":0.14966943860054016},{"id":"https://openalex.org/C527648132","wikidata":"https://www.wikidata.org/wiki/Q189900","display_name":"Information security","level":2,"score":0.13287025690078735},{"id":"https://openalex.org/C29983905","wikidata":"https://www.wikidata.org/wiki/Q7445066","display_name":"Security service","level":3,"score":0.0},{"id":"https://openalex.org/C177264268","wikidata":"https://www.wikidata.org/wiki/Q1514741","display_name":"Set (abstract data type)","level":2,"score":0.0}],"mesh":[],"locations_count":1,"locations":[{"id":"doi:10.1109/scam.2015.7335407","is_oa":false,"landing_page_url":"https://doi.org/10.1109/scam.2015.7335407","pdf_url":null,"source":null,"license":null,"license_id":null,"version":"publishedVersion","is_accepted":true,"is_published":true,"raw_source_name":"2015 IEEE 15th International Working Conference on Source Code Analysis and Manipulation (SCAM)","raw_type":"proceedings-article"}],"best_oa_location":null,"sustainable_development_goals":[],"awards":[],"funders":[],"has_content":{"pdf":false,"grobid_xml":false},"content_urls":null,"referenced_works_count":49,"referenced_works":["https://openalex.org/W14568393","https://openalex.org/W138996787","https://openalex.org/W175329226","https://openalex.org/W341234694","https://openalex.org/W1499241274","https://openalex.org/W1499992849","https://openalex.org/W1514171102","https://openalex.org/W1515790419","https://openalex.org/W1567046609","https://openalex.org/W1584150393","https://openalex.org/W1655226010","https://openalex.org/W1710734607","https://openalex.org/W1963971515","https://openalex.org/W1974492275","https://openalex.org/W2014559961","https://openalex.org/W2089745089","https://openalex.org/W2098806455","https://openalex.org/W2100666033","https://openalex.org/W2102970979","https://openalex.org/W2103919170","https://openalex.org/W2115095269","https://openalex.org/W2119251836","https://openalex.org/W2129362719","https://openalex.org/W2132897303","https://openalex.org/W2134633067","https://openalex.org/W2135891363","https://openalex.org/W2138788987","https://openalex.org/W2143546156","https://openalex.org/W2144706305","https://openalex.org/W2144789413","https://openalex.org/W2146325724","https://openalex.org/W2151135920","https://openalex.org/W2166616871","https://openalex.org/W2181649971","https://openalex.org/W4239813889","https://openalex.org/W4252291398","https://openalex.org/W6605603782","https://openalex.org/W6607172604","https://openalex.org/W6611556036","https://openalex.org/W6629716660","https://openalex.org/W6629885503","https://openalex.org/W6634033044","https://openalex.org/W6636991409","https://openalex.org/W6637688222","https://openalex.org/W6641190993","https://openalex.org/W6675416627","https://openalex.org/W6681546528","https://openalex.org/W6685624694","https://openalex.org/W6922295283"],"related_works":["https://openalex.org/W2913519194","https://openalex.org/W2007287520","https://openalex.org/W2132360941","https://openalex.org/W4362634109","https://openalex.org/W2055981842","https://openalex.org/W4388820743","https://openalex.org/W2793135307","https://openalex.org/W2532550198","https://openalex.org/W3134235726","https://openalex.org/W1486481742"],"abstract_inverted_index":{"Code":[0],"obfuscation":[1],"is":[2,16],"designed":[3],"to":[4,21,39,43,75,115,122,133],"impede":[5],"the":[6,77,90,95,99,147,153,156],"reverse":[7,145],"engineering":[8,146],"of":[9,79,85,155],"a":[10,27,70,82],"binary":[11,149],"software.":[12,28,150],"Dynamic":[13],"data":[14,25,31,101,125],"tainting":[15,32,102],"an":[17,53,62,113],"analysis":[18,139],"technique":[19,73],"used":[20],"identify":[22],"dependencies":[23],"between":[24],"in":[26,89],"Performing":[29],"dynamic":[30,100],"on":[33],"obfuscated":[34,91],"software":[35,157],"usually":[36,131],"yields":[37],"hard":[38],"exploit":[40],"results,":[41],"due":[42],"over-tainted":[44],"data.":[45],"Such":[46],"results":[47,96,107],"are":[48,87],"clearly":[49],"identifiable":[50],"as":[51],"useless:":[52],"attacker":[54,114],"will":[55,130],"immediately":[56],"discard":[57],"them":[58],"and":[59,111,119,137,141],"opt":[60],"for":[61],"alternative":[63],"tool.":[64],"In":[65],"this":[66],"paper,":[67],"we":[68],"present":[69],"code":[71,86],"transformation":[72],"meant":[74],"prevent":[76],"identification":[78],"useless":[80],"results:":[81],"few":[83],"lines":[84],"inserted":[88],"software,":[92],"so":[93,127],"that":[94,128],"obtained":[97],"by":[98],"approach":[103],"appear":[104],"acceptable.":[105],"These":[106],"remain":[108],"however":[109],"wrong":[110],"lead":[112],"waste":[116],"enough":[117],"time":[118],"resources":[120],"trying":[121],"analyze":[123],"incorrect":[124],"dependencies,":[126],"he":[129],"decide":[132],"use":[134],"less":[135],"automated":[136],"advanced":[138],"techniques,":[140],"maybe":[142],"give":[143],"up":[144],"current":[148],"This":[151],"improves":[152],"security":[154],"against":[158],"malicious":[159],"analysis.":[160]},"counts_by_year":[{"year":2018,"cited_by_count":2},{"year":2016,"cited_by_count":1}],"updated_date":"2025-11-06T03:46:38.306776","created_date":"2025-10-10T00:00:00"}