{"id":"https://openalex.org/W2642053679","doi":"https://doi.org/10.1109/sp.2017.67","title":"Your Exploit is Mine: Automatic Shellcode Transplant for Remote Exploits","display_name":"Your Exploit is Mine: Automatic Shellcode Transplant for Remote Exploits","publication_year":2017,"publication_date":"2017-05-01","ids":{"openalex":"https://openalex.org/W2642053679","doi":"https://doi.org/10.1109/sp.2017.67","mag":"2642053679"},"language":"en","primary_location":{"id":"doi:10.1109/sp.2017.67","is_oa":false,"landing_page_url":"https://doi.org/10.1109/sp.2017.67","pdf_url":null,"source":null,"license":null,"license_id":null,"version":"publishedVersion","is_accepted":true,"is_published":true,"raw_source_name":"2017 IEEE Symposium on Security and Privacy (SP)","raw_type":"proceedings-article"},"type":"article","indexed_in":["crossref"],"open_access":{"is_oa":false,"oa_status":"closed","oa_url":null,"any_repository_has_fulltext":false},"authorships":[{"author_position":"first","author":{"id":"https://openalex.org/A5076987446","display_name":"Tiffany Bao","orcid":"https://orcid.org/0000-0001-6424-0001"},"institutions":[{"id":"https://openalex.org/I74973139","display_name":"Carnegie Mellon University","ror":"https://ror.org/05x2bcf33","country_code":"US","type":"education","lineage":["https://openalex.org/I74973139"]}],"countries":["US"],"is_corresponding":true,"raw_author_name":"Tiffany Bao","raw_affiliation_strings":["Carnegie Mellon University"],"affiliations":[{"raw_affiliation_string":"Carnegie Mellon University","institution_ids":["https://openalex.org/I74973139"]}]},{"author_position":"middle","author":{"id":"https://openalex.org/A5100653715","display_name":"Ruoyu Wang","orcid":"https://orcid.org/0000-0003-4623-6724"},"institutions":[{"id":"https://openalex.org/I154570441","display_name":"University of California, Santa Barbara","ror":"https://ror.org/02t274463","country_code":"US","type":"education","lineage":["https://openalex.org/I154570441"]}],"countries":["US"],"is_corresponding":false,"raw_author_name":"Ruoyu Wang","raw_affiliation_strings":["UC Santa Barbara"],"affiliations":[{"raw_affiliation_string":"UC Santa Barbara","institution_ids":["https://openalex.org/I154570441"]}]},{"author_position":"middle","author":{"id":"https://openalex.org/A5026842092","display_name":"Yan Shoshitaishvili","orcid":"https://orcid.org/0000-0001-8832-1789"},"institutions":[{"id":"https://openalex.org/I154570441","display_name":"University of California, Santa Barbara","ror":"https://ror.org/02t274463","country_code":"US","type":"education","lineage":["https://openalex.org/I154570441"]}],"countries":["US"],"is_corresponding":false,"raw_author_name":"Yan Shoshitaishvili","raw_affiliation_strings":["UC Santa Barbara"],"affiliations":[{"raw_affiliation_string":"UC Santa Barbara","institution_ids":["https://openalex.org/I154570441"]}]},{"author_position":"last","author":{"id":"https://openalex.org/A5016565332","display_name":"David Brumley","orcid":null},"institutions":[{"id":"https://openalex.org/I74973139","display_name":"Carnegie Mellon University","ror":"https://ror.org/05x2bcf33","country_code":"US","type":"education","lineage":["https://openalex.org/I74973139"]}],"countries":["US"],"is_corresponding":false,"raw_author_name":"David Brumley","raw_affiliation_strings":["Carnegie Mellon University"],"affiliations":[{"raw_affiliation_string":"Carnegie Mellon University","institution_ids":["https://openalex.org/I74973139"]}]}],"institutions":[],"countries_distinct_count":1,"institutions_distinct_count":4,"corresponding_author_ids":["https://openalex.org/A5076987446"],"corresponding_institution_ids":["https://openalex.org/I74973139"],"apc_list":null,"apc_paid":null,"fwci":3.6985,"has_fulltext":false,"cited_by_count":55,"citation_normalized_percentile":{"value":0.94314497,"is_in_top_1_percent":false,"is_in_top_10_percent":true},"cited_by_percentile_year":{"min":90,"max":100},"biblio":{"volume":null,"issue":null,"first_page":"824","last_page":"839"},"is_retracted":false,"is_paratext":false,"is_xpac":false,"primary_topic":{"id":"https://openalex.org/T11241","display_name":"Advanced Malware Detection Techniques","score":0.9997000098228455,"subfield":{"id":"https://openalex.org/subfields/1711","display_name":"Signal Processing"},"field":{"id":"https://openalex.org/fields/17","display_name":"Computer Science"},"domain":{"id":"https://openalex.org/domains/3","display_name":"Physical Sciences"}},"topics":[{"id":"https://openalex.org/T11241","display_name":"Advanced Malware Detection Techniques","score":0.9997000098228455,"subfield":{"id":"https://openalex.org/subfields/1711","display_name":"Signal Processing"},"field":{"id":"https://openalex.org/fields/17","display_name":"Computer Science"},"domain":{"id":"https://openalex.org/domains/3","display_name":"Physical Sciences"}},{"id":"https://openalex.org/T11424","display_name":"Security and Verification in Computing","score":0.9995999932289124,"subfield":{"id":"https://openalex.org/subfields/1702","display_name":"Artificial Intelligence"},"field":{"id":"https://openalex.org/fields/17","display_name":"Computer Science"},"domain":{"id":"https://openalex.org/domains/3","display_name":"Physical Sciences"}},{"id":"https://openalex.org/T10743","display_name":"Software Testing and Debugging Techniques","score":0.9990000128746033,"subfield":{"id":"https://openalex.org/subfields/1712","display_name":"Software"},"field":{"id":"https://openalex.org/fields/17","display_name":"Computer Science"},"domain":{"id":"https://openalex.org/domains/3","display_name":"Physical Sciences"}}],"keywords":[{"id":"https://openalex.org/keywords/exploit","display_name":"Exploit","score":0.9905543327331543},{"id":"https://openalex.org/keywords/computer-science","display_name":"Computer science","score":0.7755732536315918},{"id":"https://openalex.org/keywords/operating-system","display_name":"Operating system","score":0.33000439405441284},{"id":"https://openalex.org/keywords/computer-security","display_name":"Computer security","score":0.3209376931190491}],"concepts":[{"id":"https://openalex.org/C165696696","wikidata":"https://www.wikidata.org/wiki/Q11287","display_name":"Exploit","level":2,"score":0.9905543327331543},{"id":"https://openalex.org/C41008148","wikidata":"https://www.wikidata.org/wiki/Q21198","display_name":"Computer science","level":0,"score":0.7755732536315918},{"id":"https://openalex.org/C111919701","wikidata":"https://www.wikidata.org/wiki/Q9135","display_name":"Operating system","level":1,"score":0.33000439405441284},{"id":"https://openalex.org/C38652104","wikidata":"https://www.wikidata.org/wiki/Q3510521","display_name":"Computer security","level":1,"score":0.3209376931190491}],"mesh":[],"locations_count":1,"locations":[{"id":"doi:10.1109/sp.2017.67","is_oa":false,"landing_page_url":"https://doi.org/10.1109/sp.2017.67","pdf_url":null,"source":null,"license":null,"license_id":null,"version":"publishedVersion","is_accepted":true,"is_published":true,"raw_source_name":"2017 IEEE Symposium on Security and Privacy (SP)","raw_type":"proceedings-article"}],"best_oa_location":null,"sustainable_development_goals":[],"awards":[],"funders":[],"has_content":{"grobid_xml":false,"pdf":false},"content_urls":null,"referenced_works_count":32,"referenced_works":["https://openalex.org/W25685792","https://openalex.org/W88694106","https://openalex.org/W646354405","https://openalex.org/W1496222301","https://openalex.org/W1582331515","https://openalex.org/W1946174678","https://openalex.org/W1970005004","https://openalex.org/W2036910349","https://openalex.org/W2112243402","https://openalex.org/W2113864883","https://openalex.org/W2122438665","https://openalex.org/W2123436168","https://openalex.org/W2134633067","https://openalex.org/W2136601052","https://openalex.org/W2145385214","https://openalex.org/W2148488259","https://openalex.org/W2156858199","https://openalex.org/W2165100126","https://openalex.org/W2165597437","https://openalex.org/W2397986719","https://openalex.org/W2514974017","https://openalex.org/W2574017551","https://openalex.org/W4239813889","https://openalex.org/W4254762831","https://openalex.org/W6603729080","https://openalex.org/W6621201870","https://openalex.org/W6629841029","https://openalex.org/W6634988252","https://openalex.org/W6640626842","https://openalex.org/W6678302136","https://openalex.org/W6682062327","https://openalex.org/W6712915683"],"related_works":["https://openalex.org/W2748952813","https://openalex.org/W17155033","https://openalex.org/W3207760230","https://openalex.org/W1496222301","https://openalex.org/W3048799479","https://openalex.org/W3006507989","https://openalex.org/W2779961139","https://openalex.org/W4240241597","https://openalex.org/W2763500028","https://openalex.org/W4240288358"],"abstract_inverted_index":{"Developing":[0],"a":[1,9,13,23,39,73,78,100,161,168,187],"remote":[2],"exploit":[3,32,41,71,80,95,146],"is":[4,47,59],"not":[5],"easy.":[6],"It":[7],"requires":[8],"comprehensive":[10],"understanding":[11],"of":[12,50,65,143,170,189,195,217],"vulnerability":[14],"and":[15,33,116,137,174,192,201],"delicate":[16],"techniques":[17],"to":[18,28,92,121,177],"bypass":[19],"defense":[20],"mechanisms.":[21],"As":[22],"result,":[24],"attackers":[25],"may":[26],"prefer":[27],"reuse":[29],"an":[30,133],"existing":[31],"make":[34],"necessary":[35],"changes":[36],"over":[37],"developing":[38],"new":[40],"from":[42,203],"scratch.":[43],"One":[44],"such":[45],"adaptation":[46],"the":[48,51,55,62,66,69,84,88,93,113,130,140,144,151,183,204,208,218],"replacement":[49,74,114],"original":[52,70,94,152,205],"shellcode":[53,101,105,123,131,171,179,196],"(i.e.,":[54],"attacker-injected":[56],"code":[57],"that":[58,81,139,163,197],"executed":[60],"as":[61,90,132,150],"final":[63],"step":[64],"exploit)":[67],"in":[68,77],"with":[72,167],"shellcode,":[75,115],"resulting":[76],"modified":[79,145],"carries":[82],"out":[83],"actions":[85],"desired":[86],"by":[87],"attacker":[89],"opposed":[91],"author.":[96],"We":[97,181],"call":[98],"this":[99],"transplant.":[102,124,180],"Current":[103],"automated":[104],"placement":[106],"methods":[107],"are":[108,198],"insufficient":[109],"because":[110],"they":[111],"over-constrain":[112],"so":[117],"cannot":[118],"be":[119,148],"used":[120],"achieve":[122,178],"For":[125],"example,":[126],"these":[127,156],"systems":[128],"consider":[129],"integrated":[134],"memory":[135],"chunk":[136],"require":[138],"execution":[141],"path":[142,175],"must":[147],"same":[149],"one.":[153],"To":[154],"resolve":[155],"issues,":[157],"we":[158],"present":[159],"ShellSwap,":[160],"system":[162,185,213],"uses":[164],"symbolic":[165],"tracing,":[166],"combination":[169,188],"layout":[172],"remediation":[173],"kneading":[176],"evaluated":[182],"ShellSwap":[184],"on":[186],"20":[190],"exploits":[191],"5":[193],"pieces":[194],"independently":[199],"developed":[200],"different":[202],"exploit.":[206],"Among":[207],"100":[209],"test":[210],"cases,":[211],"our":[212],"successfully":[214],"generated":[215],"88%":[216],"exploits.":[219]},"counts_by_year":[{"year":2026,"cited_by_count":2},{"year":2025,"cited_by_count":4},{"year":2024,"cited_by_count":9},{"year":2023,"cited_by_count":2},{"year":2022,"cited_by_count":8},{"year":2021,"cited_by_count":10},{"year":2020,"cited_by_count":6},{"year":2019,"cited_by_count":3},{"year":2018,"cited_by_count":10},{"year":2017,"cited_by_count":1}],"updated_date":"2026-02-11T14:41:00.668223","created_date":"2025-10-10T00:00:00"}