{"id":"https://openalex.org/W4287634532","doi":"https://doi.org/10.1109/sp46214.2022.9833597","title":"Repairing DoS Vulnerability of Real-World Regexes","display_name":"Repairing DoS Vulnerability of Real-World Regexes","publication_year":2022,"publication_date":"2022-05-01","ids":{"openalex":"https://openalex.org/W4287634532","doi":"https://doi.org/10.1109/sp46214.2022.9833597"},"language":"en","primary_location":{"id":"doi:10.1109/sp46214.2022.9833597","is_oa":false,"landing_page_url":"https://doi.org/10.1109/sp46214.2022.9833597","pdf_url":null,"source":{"id":"https://openalex.org/S4363606603","display_name":"2022 IEEE Symposium on Security and Privacy (SP)","issn_l":null,"issn":null,"is_oa":false,"is_in_doaj":false,"is_core":false,"host_organization":null,"host_organization_name":null,"host_organization_lineage":[],"host_organization_lineage_names":[],"type":"conference"},"license":null,"license_id":null,"version":"publishedVersion","is_accepted":true,"is_published":true,"raw_source_name":"2022 IEEE Symposium on Security and Privacy (SP)","raw_type":"proceedings-article"},"type":"article","indexed_in":["crossref"],"open_access":{"is_oa":false,"oa_status":"closed","oa_url":null,"any_repository_has_fulltext":false},"authorships":[{"author_position":"first","author":{"id":"https://openalex.org/A5063355691","display_name":"Nariyoshi Chida","orcid":"https://orcid.org/0000-0002-9542-9234"},"institutions":[{"id":"https://openalex.org/I150744194","display_name":"Waseda University","ror":"https://ror.org/00ntfnx83","country_code":"JP","type":"education","lineage":["https://openalex.org/I150744194"]}],"countries":["JP"],"is_corresponding":true,"raw_author_name":"Nariyoshi Chida","raw_affiliation_strings":["NTT Corporation / Waseda University"],"affiliations":[{"raw_affiliation_string":"NTT Corporation / Waseda University","institution_ids":["https://openalex.org/I150744194"]}]},{"author_position":"last","author":{"id":"https://openalex.org/A5031661604","display_name":"Tachio Terauchi","orcid":"https://orcid.org/0000-0001-5305-4916"},"institutions":[{"id":"https://openalex.org/I150744194","display_name":"Waseda University","ror":"https://ror.org/00ntfnx83","country_code":"JP","type":"education","lineage":["https://openalex.org/I150744194"]}],"countries":["JP"],"is_corresponding":false,"raw_author_name":"Tachio Terauchi","raw_affiliation_strings":["Waseda University"],"affiliations":[{"raw_affiliation_string":"Waseda University","institution_ids":["https://openalex.org/I150744194"]}]}],"institutions":[],"countries_distinct_count":1,"institutions_distinct_count":2,"corresponding_author_ids":["https://openalex.org/A5063355691"],"corresponding_institution_ids":["https://openalex.org/I150744194"],"apc_list":null,"apc_paid":null,"fwci":1.5278,"has_fulltext":false,"cited_by_count":14,"citation_normalized_percentile":{"value":0.82396088,"is_in_top_1_percent":false,"is_in_top_10_percent":false},"cited_by_percentile_year":{"min":96,"max":98},"biblio":{"volume":null,"issue":null,"first_page":"2060","last_page":"2077"},"is_retracted":false,"is_paratext":false,"is_xpac":false,"primary_topic":{"id":"https://openalex.org/T10743","display_name":"Software Testing and Debugging Techniques","score":0.9991000294685364,"subfield":{"id":"https://openalex.org/subfields/1712","display_name":"Software"},"field":{"id":"https://openalex.org/fields/17","display_name":"Computer Science"},"domain":{"id":"https://openalex.org/domains/3","display_name":"Physical Sciences"}},"topics":[{"id":"https://openalex.org/T10743","display_name":"Software Testing and Debugging Techniques","score":0.9991000294685364,"subfield":{"id":"https://openalex.org/subfields/1712","display_name":"Software"},"field":{"id":"https://openalex.org/fields/17","display_name":"Computer Science"},"domain":{"id":"https://openalex.org/domains/3","display_name":"Physical Sciences"}},{"id":"https://openalex.org/T12479","display_name":"Web Application Security Vulnerabilities","score":0.9983999729156494,"subfield":{"id":"https://openalex.org/subfields/1710","display_name":"Information Systems"},"field":{"id":"https://openalex.org/fields/17","display_name":"Computer Science"},"domain":{"id":"https://openalex.org/domains/3","display_name":"Physical Sciences"}},{"id":"https://openalex.org/T11424","display_name":"Security and Verification in Computing","score":0.9980999827384949,"subfield":{"id":"https://openalex.org/subfields/1702","display_name":"Artificial Intelligence"},"field":{"id":"https://openalex.org/fields/17","display_name":"Computer Science"},"domain":{"id":"https://openalex.org/domains/3","display_name":"Physical Sciences"}}],"keywords":[{"id":"https://openalex.org/keywords/backtracking","display_name":"Backtracking","score":0.7556392550468445},{"id":"https://openalex.org/keywords/computer-science","display_name":"Computer science","score":0.7507648468017578},{"id":"https://openalex.org/keywords/theoretical-computer-science","display_name":"Theoretical computer science","score":0.5658798217773438},{"id":"https://openalex.org/keywords/vulnerability","display_name":"Vulnerability (computing)","score":0.5441060066223145},{"id":"https://openalex.org/keywords/matching","display_name":"Matching (statistics)","score":0.5271562933921814},{"id":"https://openalex.org/keywords/semantics","display_name":"Semantics (computer science)","score":0.5164670944213867},{"id":"https://openalex.org/keywords/formal-methods","display_name":"Formal methods","score":0.4535168707370758},{"id":"https://openalex.org/keywords/real-world-data","display_name":"Real world data","score":0.4394966661930084},{"id":"https://openalex.org/keywords/model-checking","display_name":"Model checking","score":0.4199276268482208},{"id":"https://openalex.org/keywords/programming-language","display_name":"Programming language","score":0.35844647884368896},{"id":"https://openalex.org/keywords/computer-security","display_name":"Computer security","score":0.21593403816223145},{"id":"https://openalex.org/keywords/mathematics","display_name":"Mathematics","score":0.17789089679718018}],"concepts":[{"id":"https://openalex.org/C156884757","wikidata":"https://www.wikidata.org/wiki/Q798554","display_name":"Backtracking","level":2,"score":0.7556392550468445},{"id":"https://openalex.org/C41008148","wikidata":"https://www.wikidata.org/wiki/Q21198","display_name":"Computer science","level":0,"score":0.7507648468017578},{"id":"https://openalex.org/C80444323","wikidata":"https://www.wikidata.org/wiki/Q2878974","display_name":"Theoretical computer science","level":1,"score":0.5658798217773438},{"id":"https://openalex.org/C95713431","wikidata":"https://www.wikidata.org/wiki/Q631425","display_name":"Vulnerability (computing)","level":2,"score":0.5441060066223145},{"id":"https://openalex.org/C165064840","wikidata":"https://www.wikidata.org/wiki/Q1321061","display_name":"Matching (statistics)","level":2,"score":0.5271562933921814},{"id":"https://openalex.org/C184337299","wikidata":"https://www.wikidata.org/wiki/Q1437428","display_name":"Semantics (computer science)","level":2,"score":0.5164670944213867},{"id":"https://openalex.org/C75606506","wikidata":"https://www.wikidata.org/wiki/Q1049183","display_name":"Formal methods","level":2,"score":0.4535168707370758},{"id":"https://openalex.org/C3020493868","wikidata":"https://www.wikidata.org/wiki/Q55631277","display_name":"Real world data","level":2,"score":0.4394966661930084},{"id":"https://openalex.org/C110251889","wikidata":"https://www.wikidata.org/wiki/Q1569697","display_name":"Model checking","level":2,"score":0.4199276268482208},{"id":"https://openalex.org/C199360897","wikidata":"https://www.wikidata.org/wiki/Q9143","display_name":"Programming language","level":1,"score":0.35844647884368896},{"id":"https://openalex.org/C38652104","wikidata":"https://www.wikidata.org/wiki/Q3510521","display_name":"Computer security","level":1,"score":0.21593403816223145},{"id":"https://openalex.org/C33923547","wikidata":"https://www.wikidata.org/wiki/Q395","display_name":"Mathematics","level":0,"score":0.17789089679718018},{"id":"https://openalex.org/C105795698","wikidata":"https://www.wikidata.org/wiki/Q12483","display_name":"Statistics","level":1,"score":0.0},{"id":"https://openalex.org/C2522767166","wikidata":"https://www.wikidata.org/wiki/Q2374463","display_name":"Data science","level":1,"score":0.0}],"mesh":[],"locations_count":1,"locations":[{"id":"doi:10.1109/sp46214.2022.9833597","is_oa":false,"landing_page_url":"https://doi.org/10.1109/sp46214.2022.9833597","pdf_url":null,"source":{"id":"https://openalex.org/S4363606603","display_name":"2022 IEEE Symposium on Security and Privacy (SP)","issn_l":null,"issn":null,"is_oa":false,"is_in_doaj":false,"is_core":false,"host_organization":null,"host_organization_name":null,"host_organization_lineage":[],"host_organization_lineage_names":[],"type":"conference"},"license":null,"license_id":null,"version":"publishedVersion","is_accepted":true,"is_published":true,"raw_source_name":"2022 IEEE Symposium on Security and Privacy (SP)","raw_type":"proceedings-article"}],"best_oa_location":null,"sustainable_development_goals":[{"id":"https://metadata.un.org/sdg/16","display_name":"Peace, Justice and strong institutions","score":0.5099999904632568}],"awards":[],"funders":[],"has_content":{"grobid_xml":false,"pdf":false},"content_urls":null,"referenced_works_count":38,"referenced_works":["https://openalex.org/W87129872","https://openalex.org/W593150012","https://openalex.org/W1572934822","https://openalex.org/W1917555234","https://openalex.org/W1986152782","https://openalex.org/W1994584977","https://openalex.org/W2024300796","https://openalex.org/W2057841333","https://openalex.org/W2059383863","https://openalex.org/W2067443406","https://openalex.org/W2072607050","https://openalex.org/W2106950427","https://openalex.org/W2138811609","https://openalex.org/W2275294428","https://openalex.org/W2286758035","https://openalex.org/W2401610261","https://openalex.org/W2460699391","https://openalex.org/W2466311470","https://openalex.org/W2506796853","https://openalex.org/W2603401210","https://openalex.org/W2606344517","https://openalex.org/W2760683747","https://openalex.org/W2806253293","https://openalex.org/W2888047193","https://openalex.org/W2897675441","https://openalex.org/W2898674000","https://openalex.org/W2899462170","https://openalex.org/W2951386665","https://openalex.org/W2979577724","https://openalex.org/W2999135213","https://openalex.org/W3011649674","https://openalex.org/W3033889389","https://openalex.org/W3099242157","https://openalex.org/W3123705249","https://openalex.org/W3156471679","https://openalex.org/W3156862845","https://openalex.org/W6640222889","https://openalex.org/W6752006691"],"related_works":["https://openalex.org/W2760348722","https://openalex.org/W2783885583","https://openalex.org/W2120095724","https://openalex.org/W2368326437","https://openalex.org/W1631221657","https://openalex.org/W2357479099","https://openalex.org/W2364309619","https://openalex.org/W1525406239","https://openalex.org/W2371864976","https://openalex.org/W2037121848"],"abstract_inverted_index":{"There":[0],"has":[1],"been":[2],"much":[3],"work":[4],"on":[5,172],"synthesizing":[6],"and":[7,46,81,109,118,152,173,184],"repairing":[8],"regular":[9],"expressions":[10],"(regexes":[11],"for":[12,115,129,145],"short)":[13],"from":[14],"examples.":[15,32],"These":[16],"programming-by-example":[17],"(PBE)":[18],"methods":[19,36,178],"help":[20],"the":[21,34,59,85,87,122,147,154,166,175,181,189],"users":[22],"write":[23],"regexes":[24,39,78,98],"by":[25,31],"letting":[26],"them":[27],"reflect":[28],"their":[29],"intention":[30],"However,":[33],"existing":[35,88],"may":[37,42],"generate":[38,68],"whose":[40],"matching":[41,113],"take":[43],"super-linear":[44],"time":[45],"are":[47,99],"vulnerable":[48],"to":[49,67,84,179,187],"regex":[50],"denial":[51],"of":[52,91,111,126,149],"service":[53],"(ReDoS)":[54],"attacks.":[55],"This":[56],"paper":[57],"presents":[58],"first":[60,103,123],"PBE":[61,156,177],"repair":[62,157,167],"method":[63,74],"that":[64,94,142,164],"is":[65,143],"guaranteed":[66],"only":[69,95],"invulnerable":[70],"regexes.":[71,131],"Importantly,":[72],"our":[73],"can":[75],"handle":[76,180],"real-world":[77,116,130,139,150,190],"containing":[79],"lookarounds":[80],"backreferences.":[82],"Due":[83],"extensions,":[86],"formal":[89,107,124],"definitions":[90],"ReDoS":[92,127],"vulnerabilities":[93],"consider":[96],"pure":[97],"insufficient.":[100],"Therefore,":[101],"we":[102,133,160],"give":[104,121],"a":[105,135],"novel":[106,136],"semantics":[108],"complexity":[110],"backtracking":[112],"algorithms":[114],"regexes,":[117,151],"with":[119,185],"them,":[120],"definition":[125],"vulnerability":[128],"Next,":[132],"present":[134,161],"condition":[137],"called":[138],"strong":[140,191],"1-unambiguity":[141,192],"sufficient":[144],"guaranteeing":[146],"invulnerability":[148],"formalize":[153],"corresponding":[155],"problem.":[158,168],"Finally,":[159],"an":[162],"algorithm":[163,170],"solves":[165],"The":[169],"builds":[171],"extends":[174],"previous":[176],"realworld":[182],"extensions":[183],"constraints":[186],"enforce":[188],"condition.":[193]},"counts_by_year":[{"year":2025,"cited_by_count":3},{"year":2024,"cited_by_count":6},{"year":2023,"cited_by_count":5}],"updated_date":"2025-11-06T03:46:38.306776","created_date":"2025-10-10T00:00:00"}