{"id":"https://openalex.org/W2100583963","doi":"https://doi.org/10.1109/sp.2006.41","title":"Towards automatic generation of vulnerability-based signatures","display_name":"Towards automatic generation of vulnerability-based signatures","publication_year":2006,"publication_date":"2006-01-01","ids":{"openalex":"https://openalex.org/W2100583963","doi":"https://doi.org/10.1109/sp.2006.41","mag":"2100583963"},"language":"en","primary_location":{"id":"doi:10.1109/sp.2006.41","is_oa":false,"landing_page_url":"https://doi.org/10.1109/sp.2006.41","pdf_url":null,"source":null,"license":null,"license_id":null,"version":"publishedVersion","is_accepted":true,"is_published":true,"raw_source_name":"2006 IEEE Symposium on Security and Privacy (S&amp;P'06)","raw_type":"proceedings-article"},"type":"article","indexed_in":["crossref","datacite"],"open_access":{"is_oa":true,"oa_status":"green","oa_url":"https://figshare.com/articles/Towards_Automatic_Generation_of_Vulnerability-Based_Signatures/6469487","any_repository_has_fulltext":true},"authorships":[{"author_position":"first","author":{"id":"https://openalex.org/A5016565332","display_name":"David Brumley","orcid":null},"institutions":[{"id":"https://openalex.org/I74973139","display_name":"Carnegie Mellon University","ror":"https://ror.org/05x2bcf33","country_code":"US","type":"education","lineage":["https://openalex.org/I74973139"]}],"countries":["US"],"is_corresponding":true,"raw_author_name":"D. Brumley","raw_affiliation_strings":["Carnegie Mellon University, Pittsburgh, PA, USA","Carnegie-Mellon University, Pittsburgh, Pa., USA#TAB#"],"affiliations":[{"raw_affiliation_string":"Carnegie Mellon University, Pittsburgh, PA, USA","institution_ids":["https://openalex.org/I74973139"]},{"raw_affiliation_string":"Carnegie-Mellon University, Pittsburgh, Pa., USA#TAB#","institution_ids":["https://openalex.org/I74973139"]}]},{"author_position":"middle","author":{"id":"https://openalex.org/A5114182284","display_name":"J.P. Newsome","orcid":null},"institutions":[{"id":"https://openalex.org/I74973139","display_name":"Carnegie Mellon University","ror":"https://ror.org/05x2bcf33","country_code":"US","type":"education","lineage":["https://openalex.org/I74973139"]}],"countries":["US"],"is_corresponding":false,"raw_author_name":"J. Newsome","raw_affiliation_strings":["Carnegie Mellon University, Pittsburgh, PA, USA","Carnegie-Mellon University, Pittsburgh, Pa., USA#TAB#"],"affiliations":[{"raw_affiliation_string":"Carnegie Mellon University, Pittsburgh, PA, USA","institution_ids":["https://openalex.org/I74973139"]},{"raw_affiliation_string":"Carnegie-Mellon University, Pittsburgh, Pa., USA#TAB#","institution_ids":["https://openalex.org/I74973139"]}]},{"author_position":"middle","author":{"id":"https://openalex.org/A5019426968","display_name":"Dawn Song","orcid":"https://orcid.org/0000-0001-9745-6802"},"institutions":[{"id":"https://openalex.org/I74973139","display_name":"Carnegie Mellon University","ror":"https://ror.org/05x2bcf33","country_code":"US","type":"education","lineage":["https://openalex.org/I74973139"]}],"countries":["US"],"is_corresponding":false,"raw_author_name":"D. Song","raw_affiliation_strings":["Carnegie Mellon University, Pittsburgh, PA, USA","Carnegie-Mellon University, Pittsburgh, Pa., USA#TAB#"],"affiliations":[{"raw_affiliation_string":"Carnegie Mellon University, Pittsburgh, PA, USA","institution_ids":["https://openalex.org/I74973139"]},{"raw_affiliation_string":"Carnegie-Mellon University, Pittsburgh, Pa., USA#TAB#","institution_ids":["https://openalex.org/I74973139"]}]},{"author_position":"middle","author":{"id":"https://openalex.org/A5100446064","display_name":"Hao Wang","orcid":"https://orcid.org/0000-0001-9301-5989"},"institutions":[{"id":"https://openalex.org/I135310074","display_name":"University of Wisconsin\u2013Madison","ror":"https://ror.org/01y2jtd41","country_code":"US","type":"education","lineage":["https://openalex.org/I135310074"]}],"countries":["US"],"is_corresponding":false,"raw_author_name":"Hao Wang","raw_affiliation_strings":["University of Wisconsin, Madison, Madison, WI, USA","University of Wisconsin, Madison"],"affiliations":[{"raw_affiliation_string":"University of Wisconsin, Madison, Madison, WI, USA","institution_ids":["https://openalex.org/I135310074"]},{"raw_affiliation_string":"University of Wisconsin, Madison","institution_ids":["https://openalex.org/I135310074"]}]},{"author_position":"last","author":{"id":"https://openalex.org/A5088826068","display_name":"Somesh Jha","orcid":"https://orcid.org/0000-0001-5877-0436"},"institutions":[{"id":"https://openalex.org/I135310074","display_name":"University of Wisconsin\u2013Madison","ror":"https://ror.org/01y2jtd41","country_code":"US","type":"education","lineage":["https://openalex.org/I135310074"]}],"countries":["US"],"is_corresponding":false,"raw_author_name":"Somesh Jha","raw_affiliation_strings":["University of Wisconsin, Madison, Madison, WI, USA","University of Wisconsin, Madison"],"affiliations":[{"raw_affiliation_string":"University of Wisconsin, Madison, Madison, WI, USA","institution_ids":["https://openalex.org/I135310074"]},{"raw_affiliation_string":"University of Wisconsin, Madison","institution_ids":["https://openalex.org/I135310074"]}]}],"institutions":[],"countries_distinct_count":1,"institutions_distinct_count":5,"corresponding_author_ids":["https://openalex.org/A5016565332"],"corresponding_institution_ids":["https://openalex.org/I74973139"],"apc_list":null,"apc_paid":null,"fwci":40.9479,"has_fulltext":false,"cited_by_count":293,"citation_normalized_percentile":{"value":0.99963591,"is_in_top_1_percent":true,"is_in_top_10_percent":true},"cited_by_percentile_year":{"min":90,"max":100},"biblio":{"volume":null,"issue":null,"first_page":"15 pp.","last_page":"16"},"is_retracted":false,"is_paratext":false,"is_xpac":false,"primary_topic":{"id":"https://openalex.org/T11241","display_name":"Advanced Malware Detection Techniques","score":0.9991999864578247,"subfield":{"id":"https://openalex.org/subfields/1711","display_name":"Signal Processing"},"field":{"id":"https://openalex.org/fields/17","display_name":"Computer Science"},"domain":{"id":"https://openalex.org/domains/3","display_name":"Physical Sciences"}},"topics":[{"id":"https://openalex.org/T11241","display_name":"Advanced Malware Detection Techniques","score":0.9991999864578247,"subfield":{"id":"https://openalex.org/subfields/1711","display_name":"Signal Processing"},"field":{"id":"https://openalex.org/fields/17","display_name":"Computer Science"},"domain":{"id":"https://openalex.org/domains/3","display_name":"Physical Sciences"}},{"id":"https://openalex.org/T10743","display_name":"Software Testing and Debugging Techniques","score":0.9987999796867371,"subfield":{"id":"https://openalex.org/subfields/1712","display_name":"Software"},"field":{"id":"https://openalex.org/fields/17","display_name":"Computer Science"},"domain":{"id":"https://openalex.org/domains/3","display_name":"Physical Sciences"}},{"id":"https://openalex.org/T11424","display_name":"Security and Verification in Computing","score":0.996399998664856,"subfield":{"id":"https://openalex.org/subfields/1702","display_name":"Artificial Intelligence"},"field":{"id":"https://openalex.org/fields/17","display_name":"Computer Science"},"domain":{"id":"https://openalex.org/domains/3","display_name":"Physical Sciences"}}],"keywords":[{"id":"https://openalex.org/keywords/exploit","display_name":"Exploit","score":0.8626391887664795},{"id":"https://openalex.org/keywords/computer-science","display_name":"Computer science","score":0.7744214534759521},{"id":"https://openalex.org/keywords/vulnerability","display_name":"Vulnerability (computing)","score":0.7402842044830322},{"id":"https://openalex.org/keywords/signature","display_name":"Signature (topology)","score":0.481544554233551},{"id":"https://openalex.org/keywords/vulnerability-management","display_name":"Vulnerability management","score":0.4619290232658386},{"id":"https://openalex.org/keywords/vulnerability-assessment","display_name":"Vulnerability assessment","score":0.4256702661514282},{"id":"https://openalex.org/keywords/computer-security","display_name":"Computer security","score":0.3689413368701935},{"id":"https://openalex.org/keywords/theoretical-computer-science","display_name":"Theoretical computer science","score":0.3330635130405426},{"id":"https://openalex.org/keywords/mathematics","display_name":"Mathematics","score":0.14411580562591553}],"concepts":[{"id":"https://openalex.org/C165696696","wikidata":"https://www.wikidata.org/wiki/Q11287","display_name":"Exploit","level":2,"score":0.8626391887664795},{"id":"https://openalex.org/C41008148","wikidata":"https://www.wikidata.org/wiki/Q21198","display_name":"Computer science","level":0,"score":0.7744214534759521},{"id":"https://openalex.org/C95713431","wikidata":"https://www.wikidata.org/wiki/Q631425","display_name":"Vulnerability (computing)","level":2,"score":0.7402842044830322},{"id":"https://openalex.org/C2779696439","wikidata":"https://www.wikidata.org/wiki/Q7512811","display_name":"Signature (topology)","level":2,"score":0.481544554233551},{"id":"https://openalex.org/C172776598","wikidata":"https://www.wikidata.org/wiki/Q7943570","display_name":"Vulnerability management","level":4,"score":0.4619290232658386},{"id":"https://openalex.org/C167063184","wikidata":"https://www.wikidata.org/wiki/Q1400839","display_name":"Vulnerability assessment","level":3,"score":0.4256702661514282},{"id":"https://openalex.org/C38652104","wikidata":"https://www.wikidata.org/wiki/Q3510521","display_name":"Computer security","level":1,"score":0.3689413368701935},{"id":"https://openalex.org/C80444323","wikidata":"https://www.wikidata.org/wiki/Q2878974","display_name":"Theoretical computer science","level":1,"score":0.3330635130405426},{"id":"https://openalex.org/C33923547","wikidata":"https://www.wikidata.org/wiki/Q395","display_name":"Mathematics","level":0,"score":0.14411580562591553},{"id":"https://openalex.org/C2524010","wikidata":"https://www.wikidata.org/wiki/Q8087","display_name":"Geometry","level":1,"score":0.0},{"id":"https://openalex.org/C137176749","wikidata":"https://www.wikidata.org/wiki/Q4105337","display_name":"Psychological resilience","level":2,"score":0.0},{"id":"https://openalex.org/C15744967","wikidata":"https://www.wikidata.org/wiki/Q9418","display_name":"Psychology","level":0,"score":0.0},{"id":"https://openalex.org/C542102704","wikidata":"https://www.wikidata.org/wiki/Q183257","display_name":"Psychotherapist","level":1,"score":0.0}],"mesh":[],"locations_count":9,"locations":[{"id":"doi:10.1109/sp.2006.41","is_oa":false,"landing_page_url":"https://doi.org/10.1109/sp.2006.41","pdf_url":null,"source":null,"license":null,"license_id":null,"version":"publishedVersion","is_accepted":true,"is_published":true,"raw_source_name":"2006 IEEE Symposium on Security and Privacy (S&amp;P'06)","raw_type":"proceedings-article"},{"id":"pmh:oai:figshare.com:article/6469487","is_oa":true,"landing_page_url":"https://figshare.com/articles/journal_contribution/Towards_Automatic_Generation_of_Vulnerability-Based_Signatures/6469487","pdf_url":"https://figshare.com/articles/Towards_Automatic_Generation_of_Vulnerability-Based_Signatures/6469487","source":{"id":"https://openalex.org/S4377196282","display_name":"Figshare","issn_l":null,"issn":null,"is_oa":false,"is_in_doaj":false,"is_core":false,"host_organization":"https://openalex.org/I4210132348","host_organization_name":"Figshare (United Kingdom)","host_organization_lineage":["https://openalex.org/I4210132348"],"host_organization_lineage_names":[],"type":"repository"},"license":"cc-by","license_id":"https://openalex.org/licenses/cc-by","version":"submittedVersion","is_accepted":false,"is_published":false,"raw_source_name":"","raw_type":"Text"},{"id":"pmh:oai:repository.cmu.edu:ece-1036","is_oa":false,"landing_page_url":"http://repository.cmu.edu/cgi/viewcontent.cgi?article=1036&context=ece","pdf_url":null,"source":{"id":"https://openalex.org/S4306400668","display_name":"Research Showcase @ Carnegie Mellon University (Carnegie Mellon University)","issn_l":null,"issn":null,"is_oa":false,"is_in_doaj":false,"is_core":false,"host_organization":"https://openalex.org/I74973139","host_organization_name":"Carnegie Mellon University","host_organization_lineage":["https://openalex.org/I74973139"],"host_organization_lineage_names":[],"type":"repository"},"license":null,"license_id":null,"version":"submittedVersion","is_accepted":false,"is_published":false,"raw_source_name":"Department of Electrical and Computer Engineering","raw_type":"text"},{"id":"pmh:doi:10.1184/r1/6469487","is_oa":false,"landing_page_url":null,"pdf_url":null,"source":{"id":"https://openalex.org/S4406922384","display_name":"Open MIND","issn_l":null,"issn":null,"is_oa":false,"is_in_doaj":false,"is_core":false,"host_organization":null,"host_organization_name":null,"host_organization_lineage":[],"host_organization_lineage_names":[],"type":"repository"},"license":null,"license_id":null,"version":"submittedVersion","is_accepted":false,"is_published":false,"raw_source_name":null,"raw_type":"Journal contribution"},{"id":"pmh:oai:CiteSeerX.psu:10.1.1.330.7597","is_oa":false,"landing_page_url":"http://citeseerx.ist.psu.edu/viewdoc/summary?doi=10.1.1.330.7597","pdf_url":null,"source":null,"license":null,"license_id":null,"version":"submittedVersion","is_accepted":false,"is_published":false,"raw_source_name":"http://freeworld.thc.org/root/docs/intrusion_detection/nids/Towards Automatic Generation of Vulnerability-Based Signatures.pdf","raw_type":"text"},{"id":"pmh:oai:CiteSeerX.psu:10.1.1.65.4914","is_oa":false,"landing_page_url":"http://citeseerx.ist.psu.edu/viewdoc/summary?doi=10.1.1.65.4914","pdf_url":null,"source":null,"license":null,"license_id":null,"version":"submittedVersion","is_accepted":false,"is_published":false,"raw_source_name":"http://jimnewsome.net/papers/vulnsig-oakland2006.pdf","raw_type":"text"},{"id":"pmh:oai:CiteSeerX.psu:10.1.1.74.6222","is_oa":false,"landing_page_url":"http://citeseerx.ist.psu.edu/viewdoc/summary?doi=10.1.1.74.6222","pdf_url":null,"source":null,"license":null,"license_id":null,"version":"submittedVersion","is_accepted":false,"is_published":false,"raw_source_name":"http://www.cs.wisc.edu/wisa/papers/oakland06/sigs/BNS+06.pdf","raw_type":"text"},{"id":"pmh:oai:CiteSeerX.psu:10.1.1.87.1116","is_oa":false,"landing_page_url":"http://citeseerx.ist.psu.edu/viewdoc/summary?doi=10.1.1.87.1116","pdf_url":null,"source":null,"license":null,"license_id":null,"version":"submittedVersion","is_accepted":false,"is_published":false,"raw_source_name":"http://www.cs.cmu.edu/~dbrumley/pubs/oakland-06.pdf","raw_type":"text"},{"id":"doi:10.1184/r1/6469487.v1","is_oa":true,"landing_page_url":"https://doi.org/10.1184/r1/6469487.v1","pdf_url":null,"source":{"id":"https://openalex.org/S7407050927","display_name":"KiltHub Repository","issn_l":null,"issn":[],"is_oa":false,"is_in_doaj":false,"is_core":false,"host_organization":null,"host_organization_name":null,"host_organization_lineage":[],"host_organization_lineage_names":[],"type":"repository"},"license":null,"license_id":null,"version":null,"is_accepted":false,"is_published":null,"raw_source_name":null,"raw_type":"article-journal"}],"best_oa_location":{"id":"pmh:oai:figshare.com:article/6469487","is_oa":true,"landing_page_url":"https://figshare.com/articles/journal_contribution/Towards_Automatic_Generation_of_Vulnerability-Based_Signatures/6469487","pdf_url":"https://figshare.com/articles/Towards_Automatic_Generation_of_Vulnerability-Based_Signatures/6469487","source":{"id":"https://openalex.org/S4377196282","display_name":"Figshare","issn_l":null,"issn":null,"is_oa":false,"is_in_doaj":false,"is_core":false,"host_organization":"https://openalex.org/I4210132348","host_organization_name":"Figshare (United Kingdom)","host_organization_lineage":["https://openalex.org/I4210132348"],"host_organization_lineage_names":[],"type":"repository"},"license":"cc-by","license_id":"https://openalex.org/licenses/cc-by","version":"submittedVersion","is_accepted":false,"is_published":false,"raw_source_name":"","raw_type":"Text"},"sustainable_development_goals":[{"id":"https://metadata.un.org/sdg/10","score":0.47999998927116394,"display_name":"Reduced inequalities"}],"awards":[],"funders":[],"has_content":{"grobid_xml":false,"pdf":true},"content_urls":{"pdf":"https://content.openalex.org/works/W2100583963.pdf"},"referenced_works_count":65,"referenced_works":["https://openalex.org/W2852225","https://openalex.org/W88694106","https://openalex.org/W112225474","https://openalex.org/W1491178396","https://openalex.org/W1498585374","https://openalex.org/W1500492658","https://openalex.org/W1514171102","https://openalex.org/W1557561422","https://openalex.org/W1564075167","https://openalex.org/W1566093621","https://openalex.org/W1580559113","https://openalex.org/W1592502301","https://openalex.org/W1597305440","https://openalex.org/W1809751277","https://openalex.org/W1876033015","https://openalex.org/W1971727464","https://openalex.org/W2025304834","https://openalex.org/W2033811087","https://openalex.org/W2043100293","https://openalex.org/W2049646255","https://openalex.org/W2055477538","https://openalex.org/W2096449544","https://openalex.org/W2100198871","https://openalex.org/W2100583963","https://openalex.org/W2101512909","https://openalex.org/W2102970979","https://openalex.org/W2107580968","https://openalex.org/W2114067856","https://openalex.org/W2117058582","https://openalex.org/W2123365370","https://openalex.org/W2124153277","https://openalex.org/W2129538349","https://openalex.org/W2134006599","https://openalex.org/W2134633067","https://openalex.org/W2137786570","https://openalex.org/W2140073981","https://openalex.org/W2141109493","https://openalex.org/W2142840915","https://openalex.org/W2142934822","https://openalex.org/W2144737265","https://openalex.org/W2151996777","https://openalex.org/W2159316256","https://openalex.org/W2163762767","https://openalex.org/W2165100126","https://openalex.org/W2167190886","https://openalex.org/W2340735175","https://openalex.org/W2913459036","https://openalex.org/W4232808412","https://openalex.org/W4232820472","https://openalex.org/W4237492309","https://openalex.org/W4238846789","https://openalex.org/W4239813889","https://openalex.org/W4254762831","https://openalex.org/W4285719527","https://openalex.org/W6603729080","https://openalex.org/W6604601110","https://openalex.org/W6629791766","https://openalex.org/W6633665954","https://openalex.org/W6633890684","https://openalex.org/W6635716266","https://openalex.org/W6638271993","https://openalex.org/W6675416627","https://openalex.org/W6681135891","https://openalex.org/W6685837280","https://openalex.org/W7066491068"],"related_works":["https://openalex.org/W4200107511","https://openalex.org/W2393340519","https://openalex.org/W4298219515","https://openalex.org/W3118510577","https://openalex.org/W2891427086","https://openalex.org/W2021298062","https://openalex.org/W2185499427","https://openalex.org/W1883246888","https://openalex.org/W2371301679","https://openalex.org/W2527966616"],"abstract_inverted_index":{"In":[0,260],"this":[1],"paper":[2],"we":[3,239],"explore":[4,144],"the":[5,35,38,49,54,59,76,89,107,132,145,164,173],"problem":[6],"of":[7,17,37,48,53,61,88,109,126,135,148,166,178,213,252,273],"creating":[8,136],"vulnerability":[9,12,41,63,79,90,111,128,139,149,161,174,194,223,244],"signatures.":[10,140,150,224,259],"A":[11,78],"signature":[13,80,112,129,162,189,195,245],"matches":[14],"all":[15,69,118],"exploits":[16],"a":[18,44,62,65,82,85,110,123,127,160,171,193,200,228,243,247],"given":[19,201],"vulnerability,":[20,172],"even":[21],"polymorphic":[22],"or":[23,51],"metamorphic":[24],"variants.":[25],"Our":[26,235],"work":[27],"departs":[28],"from":[29],"previous":[30,257],"approaches":[31],"by":[32,43],"focusing":[33],"on":[34],"semantics":[36,50,60],"program":[39,180],"and":[40,70,130,137,191,203,210,269],"exercised":[42],"sample":[45],"exploit":[46,55,75,249],"instead":[47],"syntax":[52],"itself.":[56],"We":[57,121,141,151,205,225],"show":[58,237],"define":[64],"language":[66],"which":[67,250],"contains":[68],"only":[71,99],"those":[72],"inputs":[73,167],"that":[74,168,182,238],"vulnerability.":[77],"is":[81,183,196,251],"representation":[83,202],"(e.g.,":[84],"regular":[86],"expression)":[87],"language.":[91],"Unlike":[92],"exploit-based":[93,258],"signatures":[94],"whose":[95],"error":[96],"rate":[97],"can":[98,113,240],"be":[100,114,272],"empirically":[101],"measured":[102],"for":[103,117,199,220],"known":[104],"test":[105,232],"cases,":[106],"quality":[108,255],"formally":[115],"quantified":[116],"possible":[119],"inputs.":[120],"provide":[122],"formal":[124],"definition":[125],"investigate":[131],"computational":[133],"complexity":[134],"matching":[138],"also":[142],"systematically":[143],"design":[146],"space":[147],"identify":[152],"three":[153],"central":[154],"issues":[155],"in":[156],"vulnerability-signature":[157],"creation:":[158],"how":[159,192],"represents":[163],"set":[165],"may":[169,271],"exercise":[170],"coverage":[175],"(i.e.,":[176],"number":[177],"vulnerable":[179],"paths)":[181],"subject":[184],"to":[185,231],"our":[186,233,262],"analysis":[187,209],"during":[188],"creation,":[190],"then":[197],"created":[198],"coverage.":[204],"propose":[206],"new":[207],"data-flow":[208],"novel":[211],"adoption":[212],"existing":[214],"techniques":[215,263],"such":[216],"as":[217],"constraint":[218],"solving":[219],"automatically":[221,241],"generating":[222],"have":[226,264],"built":[227],"prototype":[229],"system":[230],"techniques.":[234],"experiments":[236],"generate":[242],"using":[246],"single":[248],"much":[253],"higher":[254],"than":[256],"addition,":[261],"several":[265],"other":[266],"security":[267],"applications,":[268],"thus":[270],"independent":[274],"interest.":[275]},"counts_by_year":[{"year":2024,"cited_by_count":2},{"year":2023,"cited_by_count":2},{"year":2022,"cited_by_count":1},{"year":2021,"cited_by_count":7},{"year":2020,"cited_by_count":2},{"year":2019,"cited_by_count":10},{"year":2018,"cited_by_count":8},{"year":2017,"cited_by_count":8},{"year":2016,"cited_by_count":15},{"year":2015,"cited_by_count":12},{"year":2014,"cited_by_count":18},{"year":2013,"cited_by_count":23},{"year":2012,"cited_by_count":17}],"updated_date":"2026-04-05T17:49:38.594831","created_date":"2025-10-10T00:00:00"}