{"id":"https://openalex.org/W4385080349","doi":"https://doi.org/10.1109/sp46215.2023.10179328","title":"Effective ReDoS Detection by Principled Vulnerability Modeling and Exploit Generation","display_name":"Effective ReDoS Detection by Principled Vulnerability Modeling and Exploit Generation","publication_year":2023,"publication_date":"2023-05-01","ids":{"openalex":"https://openalex.org/W4385080349","doi":"https://doi.org/10.1109/sp46215.2023.10179328"},"language":"en","primary_location":{"id":"doi:10.1109/sp46215.2023.10179328","is_oa":false,"landing_page_url":"https://doi.org/10.1109/sp46215.2023.10179328","pdf_url":null,"source":null,"license":null,"license_id":null,"version":"publishedVersion","is_accepted":true,"is_published":true,"raw_source_name":"2023 IEEE Symposium on Security and Privacy (SP)","raw_type":"proceedings-article"},"type":"article","indexed_in":["crossref"],"open_access":{"is_oa":false,"oa_status":"closed","oa_url":null,"any_repository_has_fulltext":false},"authorships":[{"author_position":"first","author":{"id":"https://openalex.org/A5100382950","display_name":"Xinyi Wang","orcid":"https://orcid.org/0000-0002-6280-1300"},"institutions":[{"id":"https://openalex.org/I4210156404","display_name":"Institute of Information Engineering","ror":"https://ror.org/04r53se39","country_code":"CN","type":"facility","lineage":["https://openalex.org/I19820366","https://openalex.org/I4210156404"]},{"id":"https://openalex.org/I4210165038","display_name":"University of Chinese Academy of Sciences","ror":"https://ror.org/05qbk4x57","country_code":"CN","type":"education","lineage":["https://openalex.org/I19820366","https://openalex.org/I4210165038"]}],"countries":["CN"],"is_corresponding":true,"raw_author_name":"Xinyi Wang","raw_affiliation_strings":["{CAS-KLONAT, BKLONSPT}, Institute of Information Engineering, CAS","School of Cyber Security, University of Chinese Academy of Sciences"],"affiliations":[{"raw_affiliation_string":"{CAS-KLONAT, BKLONSPT}, Institute of Information Engineering, CAS","institution_ids":["https://openalex.org/I4210156404"]},{"raw_affiliation_string":"School of Cyber Security, University of Chinese Academy of Sciences","institution_ids":["https://openalex.org/I4210165038"]}]},{"author_position":"middle","author":{"id":"https://openalex.org/A5043424403","display_name":"Cen Zhang","orcid":"https://orcid.org/0000-0003-0838-5614"},"institutions":[{"id":"https://openalex.org/I172675005","display_name":"Nanyang Technological University","ror":"https://ror.org/02e7b5302","country_code":"SG","type":"education","lineage":["https://openalex.org/I172675005"]}],"countries":["SG"],"is_corresponding":false,"raw_author_name":"Cen Zhang","raw_affiliation_strings":["Nanyang Technological University"],"affiliations":[{"raw_affiliation_string":"Nanyang Technological University","institution_ids":["https://openalex.org/I172675005"]}]},{"author_position":"middle","author":{"id":"https://openalex.org/A5037974123","display_name":"Yeting Li","orcid":"https://orcid.org/0000-0003-0991-4231"},"institutions":[{"id":"https://openalex.org/I4210165038","display_name":"University of Chinese Academy of Sciences","ror":"https://ror.org/05qbk4x57","country_code":"CN","type":"education","lineage":["https://openalex.org/I19820366","https://openalex.org/I4210165038"]},{"id":"https://openalex.org/I4210156404","display_name":"Institute of Information Engineering","ror":"https://ror.org/04r53se39","country_code":"CN","type":"facility","lineage":["https://openalex.org/I19820366","https://openalex.org/I4210156404"]}],"countries":["CN"],"is_corresponding":false,"raw_author_name":"Yeting Li","raw_affiliation_strings":["{CAS-KLONAT, BKLONSPT}, Institute of Information Engineering, CAS","School of Cyber Security, University of Chinese Academy of Sciences"],"affiliations":[{"raw_affiliation_string":"{CAS-KLONAT, BKLONSPT}, Institute of Information Engineering, CAS","institution_ids":["https://openalex.org/I4210156404"]},{"raw_affiliation_string":"School of Cyber Security, University of Chinese Academy of Sciences","institution_ids":["https://openalex.org/I4210165038"]}]},{"author_position":"middle","author":{"id":"https://openalex.org/A5089943764","display_name":"Zhiwu Xu","orcid":"https://orcid.org/0000-0001-6727-440X"},"institutions":[{"id":"https://openalex.org/I180726961","display_name":"Shenzhen University","ror":"https://ror.org/01vy4gh70","country_code":"CN","type":"education","lineage":["https://openalex.org/I180726961"]}],"countries":["CN"],"is_corresponding":false,"raw_author_name":"Zhiwu Xu","raw_affiliation_strings":["Shenzhen University"],"affiliations":[{"raw_affiliation_string":"Shenzhen University","institution_ids":["https://openalex.org/I180726961"]}]},{"author_position":"middle","author":{"id":"https://openalex.org/A5112964893","display_name":"Shuailin Huang","orcid":null},"institutions":[{"id":"https://openalex.org/I4210165038","display_name":"University of Chinese Academy of Sciences","ror":"https://ror.org/05qbk4x57","country_code":"CN","type":"education","lineage":["https://openalex.org/I19820366","https://openalex.org/I4210165038"]},{"id":"https://openalex.org/I4210156404","display_name":"Institute of Information Engineering","ror":"https://ror.org/04r53se39","country_code":"CN","type":"facility","lineage":["https://openalex.org/I19820366","https://openalex.org/I4210156404"]}],"countries":["CN"],"is_corresponding":false,"raw_author_name":"Shuailin Huang","raw_affiliation_strings":["{CAS-KLONAT, BKLONSPT}, Institute of Information Engineering, CAS","School of Cyber Security, University of Chinese Academy of Sciences"],"affiliations":[{"raw_affiliation_string":"{CAS-KLONAT, BKLONSPT}, Institute of Information Engineering, CAS","institution_ids":["https://openalex.org/I4210156404"]},{"raw_affiliation_string":"School of Cyber Security, University of Chinese Academy of Sciences","institution_ids":["https://openalex.org/I4210165038"]}]},{"author_position":"middle","author":{"id":"https://openalex.org/A5100739891","display_name":"Yi Liu","orcid":"https://orcid.org/0000-0001-7575-2299"},"institutions":[{"id":"https://openalex.org/I172675005","display_name":"Nanyang Technological University","ror":"https://ror.org/02e7b5302","country_code":"SG","type":"education","lineage":["https://openalex.org/I172675005"]}],"countries":["SG"],"is_corresponding":false,"raw_author_name":"Yi Liu","raw_affiliation_strings":["Nanyang Technological University"],"affiliations":[{"raw_affiliation_string":"Nanyang Technological University","institution_ids":["https://openalex.org/I172675005"]}]},{"author_position":"middle","author":{"id":"https://openalex.org/A5101226226","display_name":"Yican Yao","orcid":null},"institutions":[{"id":"https://openalex.org/I4210156404","display_name":"Institute of Information Engineering","ror":"https://ror.org/04r53se39","country_code":"CN","type":"facility","lineage":["https://openalex.org/I19820366","https://openalex.org/I4210156404"]},{"id":"https://openalex.org/I4210165038","display_name":"University of Chinese Academy of Sciences","ror":"https://ror.org/05qbk4x57","country_code":"CN","type":"education","lineage":["https://openalex.org/I19820366","https://openalex.org/I4210165038"]}],"countries":["CN"],"is_corresponding":false,"raw_author_name":"Yican Yao","raw_affiliation_strings":["{CAS-KLONAT, BKLONSPT}, Institute of Information Engineering, CAS","School of Cyber Security, University of Chinese Academy of Sciences"],"affiliations":[{"raw_affiliation_string":"{CAS-KLONAT, BKLONSPT}, Institute of Information Engineering, CAS","institution_ids":["https://openalex.org/I4210156404"]},{"raw_affiliation_string":"School of Cyber Security, University of Chinese Academy of Sciences","institution_ids":["https://openalex.org/I4210165038"]}]},{"author_position":"middle","author":{"id":"https://openalex.org/A5100754086","display_name":"Yang Xiao","orcid":"https://orcid.org/0000-0003-1705-2213"},"institutions":[{"id":"https://openalex.org/I4210165038","display_name":"University of Chinese Academy of Sciences","ror":"https://ror.org/05qbk4x57","country_code":"CN","type":"education","lineage":["https://openalex.org/I19820366","https://openalex.org/I4210165038"]},{"id":"https://openalex.org/I4210156404","display_name":"Institute of Information Engineering","ror":"https://ror.org/04r53se39","country_code":"CN","type":"facility","lineage":["https://openalex.org/I19820366","https://openalex.org/I4210156404"]}],"countries":["CN"],"is_corresponding":false,"raw_author_name":"Yang Xiao","raw_affiliation_strings":["{CAS-KLONAT, BKLONSPT}, Institute of Information Engineering, CAS","School of Cyber Security, University of Chinese Academy of Sciences"],"affiliations":[{"raw_affiliation_string":"{CAS-KLONAT, BKLONSPT}, Institute of Information Engineering, CAS","institution_ids":["https://openalex.org/I4210156404"]},{"raw_affiliation_string":"School of Cyber Security, University of Chinese Academy of Sciences","institution_ids":["https://openalex.org/I4210165038"]}]},{"author_position":"middle","author":{"id":"https://openalex.org/A5073354871","display_name":"Yanyan Zou","orcid":"https://orcid.org/0000-0003-4787-4832"},"institutions":[{"id":"https://openalex.org/I4210165038","display_name":"University of Chinese Academy of Sciences","ror":"https://ror.org/05qbk4x57","country_code":"CN","type":"education","lineage":["https://openalex.org/I19820366","https://openalex.org/I4210165038"]},{"id":"https://openalex.org/I4210156404","display_name":"Institute of Information Engineering","ror":"https://ror.org/04r53se39","country_code":"CN","type":"facility","lineage":["https://openalex.org/I19820366","https://openalex.org/I4210156404"]}],"countries":["CN"],"is_corresponding":false,"raw_author_name":"Yanyan Zou","raw_affiliation_strings":["{CAS-KLONAT, BKLONSPT}, Institute of Information Engineering, CAS","School of Cyber Security, University of Chinese Academy of Sciences"],"affiliations":[{"raw_affiliation_string":"{CAS-KLONAT, BKLONSPT}, Institute of Information Engineering, CAS","institution_ids":["https://openalex.org/I4210156404"]},{"raw_affiliation_string":"School of Cyber Security, University of Chinese Academy of Sciences","institution_ids":["https://openalex.org/I4210165038"]}]},{"author_position":"middle","author":{"id":"https://openalex.org/A5100355692","display_name":"Yang Liu","orcid":"https://orcid.org/0000-0001-7300-9215"},"institutions":[{"id":"https://openalex.org/I172675005","display_name":"Nanyang Technological University","ror":"https://ror.org/02e7b5302","country_code":"SG","type":"education","lineage":["https://openalex.org/I172675005"]}],"countries":["SG"],"is_corresponding":false,"raw_author_name":"Yang Liu","raw_affiliation_strings":["Nanyang Technological University"],"affiliations":[{"raw_affiliation_string":"Nanyang Technological University","institution_ids":["https://openalex.org/I172675005"]}]},{"author_position":"last","author":{"id":"https://openalex.org/A5050683592","display_name":"Wei Huo","orcid":"https://orcid.org/0009-0000-7121-1196"},"institutions":[{"id":"https://openalex.org/I4210165038","display_name":"University of Chinese Academy of Sciences","ror":"https://ror.org/05qbk4x57","country_code":"CN","type":"education","lineage":["https://openalex.org/I19820366","https://openalex.org/I4210165038"]},{"id":"https://openalex.org/I4210156404","display_name":"Institute of Information Engineering","ror":"https://ror.org/04r53se39","country_code":"CN","type":"facility","lineage":["https://openalex.org/I19820366","https://openalex.org/I4210156404"]}],"countries":["CN"],"is_corresponding":false,"raw_author_name":"Wei Huo","raw_affiliation_strings":["{CAS-KLONAT, BKLONSPT}, Institute of Information Engineering, CAS","School of Cyber Security, University of Chinese Academy of Sciences"],"affiliations":[{"raw_affiliation_string":"{CAS-KLONAT, BKLONSPT}, Institute of Information Engineering, CAS","institution_ids":["https://openalex.org/I4210156404"]},{"raw_affiliation_string":"School of Cyber Security, University of Chinese Academy of Sciences","institution_ids":["https://openalex.org/I4210165038"]}]}],"institutions":[],"countries_distinct_count":2,"institutions_distinct_count":11,"corresponding_author_ids":["https://openalex.org/A5100382950"],"corresponding_institution_ids":["https://openalex.org/I4210156404","https://openalex.org/I4210165038"],"apc_list":null,"apc_paid":null,"fwci":2.2908,"has_fulltext":false,"cited_by_count":5,"citation_normalized_percentile":{"value":0.90300547,"is_in_top_1_percent":false,"is_in_top_10_percent":true},"cited_by_percentile_year":{"min":94,"max":97},"biblio":{"volume":null,"issue":null,"first_page":"2427","last_page":"2443"},"is_retracted":false,"is_paratext":false,"is_xpac":false,"primary_topic":{"id":"https://openalex.org/T12479","display_name":"Web Application Security Vulnerabilities","score":0.9998999834060669,"subfield":{"id":"https://openalex.org/subfields/1710","display_name":"Information Systems"},"field":{"id":"https://openalex.org/fields/17","display_name":"Computer Science"},"domain":{"id":"https://openalex.org/domains/3","display_name":"Physical Sciences"}},"topics":[{"id":"https://openalex.org/T12479","display_name":"Web Application Security Vulnerabilities","score":0.9998999834060669,"subfield":{"id":"https://openalex.org/subfields/1710","display_name":"Information Systems"},"field":{"id":"https://openalex.org/fields/17","display_name":"Computer Science"},"domain":{"id":"https://openalex.org/domains/3","display_name":"Physical Sciences"}},{"id":"https://openalex.org/T11241","display_name":"Advanced Malware Detection Techniques","score":0.9998000264167786,"subfield":{"id":"https://openalex.org/subfields/1711","display_name":"Signal Processing"},"field":{"id":"https://openalex.org/fields/17","display_name":"Computer Science"},"domain":{"id":"https://openalex.org/domains/3","display_name":"Physical Sciences"}},{"id":"https://openalex.org/T10400","display_name":"Network Security and Intrusion Detection","score":0.9994000196456909,"subfield":{"id":"https://openalex.org/subfields/1705","display_name":"Computer Networks and Communications"},"field":{"id":"https://openalex.org/fields/17","display_name":"Computer Science"},"domain":{"id":"https://openalex.org/domains/3","display_name":"Physical Sciences"}}],"keywords":[{"id":"https://openalex.org/keywords/computer-science","display_name":"Computer science","score":0.817153811454773},{"id":"https://openalex.org/keywords/regular-expression","display_name":"Regular expression","score":0.6684578657150269},{"id":"https://openalex.org/keywords/vulnerability","display_name":"Vulnerability (computing)","score":0.5969268083572388},{"id":"https://openalex.org/keywords/string","display_name":"String (physics)","score":0.5696284770965576},{"id":"https://openalex.org/keywords/exploit","display_name":"Exploit","score":0.5111363530158997},{"id":"https://openalex.org/keywords/generator","display_name":"Generator (circuit theory)","score":0.5078421235084534},{"id":"https://openalex.org/keywords/fuzz-testing","display_name":"Fuzz testing","score":0.4897048771381378},{"id":"https://openalex.org/keywords/finite-state-machine","display_name":"Finite-state machine","score":0.4884447157382965},{"id":"https://openalex.org/keywords/key","display_name":"Key (lock)","score":0.4568499028682709},{"id":"https://openalex.org/keywords/process","display_name":"Process (computing)","score":0.4195970892906189},{"id":"https://openalex.org/keywords/theoretical-computer-science","display_name":"Theoretical computer science","score":0.39519184827804565},{"id":"https://openalex.org/keywords/data-mining","display_name":"Data mining","score":0.36193764209747314},{"id":"https://openalex.org/keywords/algorithm","display_name":"Algorithm","score":0.24364927411079407},{"id":"https://openalex.org/keywords/computer-security","display_name":"Computer security","score":0.18078163266181946},{"id":"https://openalex.org/keywords/programming-language","display_name":"Programming language","score":0.16772937774658203},{"id":"https://openalex.org/keywords/software","display_name":"Software","score":0.10617554187774658}],"concepts":[{"id":"https://openalex.org/C41008148","wikidata":"https://www.wikidata.org/wiki/Q21198","display_name":"Computer science","level":0,"score":0.817153811454773},{"id":"https://openalex.org/C121329065","wikidata":"https://www.wikidata.org/wiki/Q185612","display_name":"Regular expression","level":2,"score":0.6684578657150269},{"id":"https://openalex.org/C95713431","wikidata":"https://www.wikidata.org/wiki/Q631425","display_name":"Vulnerability (computing)","level":2,"score":0.5969268083572388},{"id":"https://openalex.org/C157486923","wikidata":"https://www.wikidata.org/wiki/Q1376436","display_name":"String (physics)","level":2,"score":0.5696284770965576},{"id":"https://openalex.org/C165696696","wikidata":"https://www.wikidata.org/wiki/Q11287","display_name":"Exploit","level":2,"score":0.5111363530158997},{"id":"https://openalex.org/C2780992000","wikidata":"https://www.wikidata.org/wiki/Q17016113","display_name":"Generator (circuit theory)","level":3,"score":0.5078421235084534},{"id":"https://openalex.org/C111065885","wikidata":"https://www.wikidata.org/wiki/Q1189053","display_name":"Fuzz testing","level":3,"score":0.4897048771381378},{"id":"https://openalex.org/C167822520","wikidata":"https://www.wikidata.org/wiki/Q176452","display_name":"Finite-state machine","level":2,"score":0.4884447157382965},{"id":"https://openalex.org/C26517878","wikidata":"https://www.wikidata.org/wiki/Q228039","display_name":"Key (lock)","level":2,"score":0.4568499028682709},{"id":"https://openalex.org/C98045186","wikidata":"https://www.wikidata.org/wiki/Q205663","display_name":"Process (computing)","level":2,"score":0.4195970892906189},{"id":"https://openalex.org/C80444323","wikidata":"https://www.wikidata.org/wiki/Q2878974","display_name":"Theoretical computer science","level":1,"score":0.39519184827804565},{"id":"https://openalex.org/C124101348","wikidata":"https://www.wikidata.org/wiki/Q172491","display_name":"Data mining","level":1,"score":0.36193764209747314},{"id":"https://openalex.org/C11413529","wikidata":"https://www.wikidata.org/wiki/Q8366","display_name":"Algorithm","level":1,"score":0.24364927411079407},{"id":"https://openalex.org/C38652104","wikidata":"https://www.wikidata.org/wiki/Q3510521","display_name":"Computer security","level":1,"score":0.18078163266181946},{"id":"https://openalex.org/C199360897","wikidata":"https://www.wikidata.org/wiki/Q9143","display_name":"Programming language","level":1,"score":0.16772937774658203},{"id":"https://openalex.org/C2777904410","wikidata":"https://www.wikidata.org/wiki/Q7397","display_name":"Software","level":2,"score":0.10617554187774658},{"id":"https://openalex.org/C62520636","wikidata":"https://www.wikidata.org/wiki/Q944","display_name":"Quantum mechanics","level":1,"score":0.0},{"id":"https://openalex.org/C121332964","wikidata":"https://www.wikidata.org/wiki/Q413","display_name":"Physics","level":0,"score":0.0},{"id":"https://openalex.org/C163258240","wikidata":"https://www.wikidata.org/wiki/Q25342","display_name":"Power (physics)","level":2,"score":0.0}],"mesh":[],"locations_count":1,"locations":[{"id":"doi:10.1109/sp46215.2023.10179328","is_oa":false,"landing_page_url":"https://doi.org/10.1109/sp46215.2023.10179328","pdf_url":null,"source":null,"license":null,"license_id":null,"version":"publishedVersion","is_accepted":true,"is_published":true,"raw_source_name":"2023 IEEE Symposium on Security and Privacy (SP)","raw_type":"proceedings-article"}],"best_oa_location":null,"sustainable_development_goals":[],"awards":[],"funders":[{"id":"https://openalex.org/F4320307938","display_name":"NCR","ror":"https://ror.org/00nqjkj48"}],"has_content":{"grobid_xml":false,"pdf":false},"content_urls":null,"referenced_works_count":43,"referenced_works":["https://openalex.org/W87129872","https://openalex.org/W1480909796","https://openalex.org/W1813069714","https://openalex.org/W1980938256","https://openalex.org/W1983424264","https://openalex.org/W2018045485","https://openalex.org/W2024300796","https://openalex.org/W2105956753","https://openalex.org/W2113422425","https://openalex.org/W2139249028","https://openalex.org/W2146325724","https://openalex.org/W2159586681","https://openalex.org/W2275294428","https://openalex.org/W2506796853","https://openalex.org/W2603401210","https://openalex.org/W2606344517","https://openalex.org/W2614656508","https://openalex.org/W2752340395","https://openalex.org/W2760683747","https://openalex.org/W2767914643","https://openalex.org/W2805375386","https://openalex.org/W2865298191","https://openalex.org/W2888047193","https://openalex.org/W2898689050","https://openalex.org/W2899462170","https://openalex.org/W2914982603","https://openalex.org/W2968339949","https://openalex.org/W2999135213","https://openalex.org/W3005101160","https://openalex.org/W3005362731","https://openalex.org/W3091491979","https://openalex.org/W3100164117","https://openalex.org/W3106010854","https://openalex.org/W3156471679","https://openalex.org/W3156862845","https://openalex.org/W4253813365","https://openalex.org/W6620716681","https://openalex.org/W6633864067","https://openalex.org/W6638296606","https://openalex.org/W6752006691","https://openalex.org/W6800343060","https://openalex.org/W7005376909","https://openalex.org/W7052126637"],"related_works":["https://openalex.org/W2352737138","https://openalex.org/W1549877447","https://openalex.org/W3125261964","https://openalex.org/W2347513417","https://openalex.org/W2534934828","https://openalex.org/W2181888227","https://openalex.org/W2146605784","https://openalex.org/W2039468209","https://openalex.org/W2075637111","https://openalex.org/W2502219810"],"abstract_inverted_index":{"Regular":[0],"expression":[1],"Denial-of-Service":[2],"(ReDoS)":[3],"is":[4,119,154,168],"one":[5],"kind":[6,114],"of":[7,49,68,82,102,115,148,159,163,176,259],"algorithmic":[8],"complexity":[9],"attack.":[10],"For":[11,183],"a":[12,155,237],"vulnerable":[13,84,150,185,211,222],"regex,":[14,151,186],"attackers":[15],"can":[16],"craft":[17],"certain":[18],"strings":[19],"to":[20,30,198],"trigger":[21],"the":[22,47,66,69,83,97,103,108,136,149,160,174],"super-linear":[23],"worst-case":[24],"matching":[25],"time,":[26],"which":[27,45,254],"causes":[28],"denial-of-service":[29],"regex":[31,104],"engines.":[32],"Various":[33],"ReDoS":[34,122,164],"detection":[35,231],"approaches":[36,44,54],"have":[37,55,244,255],"been":[38],"proposed":[39],"recently.":[40],"Among":[41],"them,":[42],"hybrid":[43,121],"absorb":[46],"advantages":[48],"both":[50],"static":[51],"and":[52,128,171,194],"dynamic":[53,238],"shown":[56],"their":[57],"performance":[58],"superiority.":[59],"However,":[60],"two":[61],"key":[62,138],"challenges":[63],"still":[64],"hinder":[65],"effectiveness":[67],"detection:":[70],"1)":[71,140],"Existing":[72,87],"modelings":[73,178],"summarize":[74],"localized":[75],"vulnerability":[76,126],"patterns":[77,144],"based":[78],"on":[79],"partial":[80],"features":[81,147],"regex;":[85],"2)":[86,182],"attack":[88,109,131],"string":[89,110,132],"generation":[90,196],"strategies":[91],"are":[92],"ineffective":[93],"since":[94],"they":[95,213],"neglected":[96],"fact":[98],"that":[99],"non-vulnerable":[100],"parts":[101],"may":[105],"unexpectedly":[106],"invalidate":[107],"(we":[111],"name":[112],"this":[113],"invalidation":[116],"as":[117],"disturbance.)Rengar":[118],"our":[120],"detector":[123],"with":[124,202,234],"new":[125],"modeling":[127,153,167],"disturbance":[129],"free":[130],"generator.":[133],"It":[134],"has":[135],"following":[137],"features:":[139],"Benefited":[141],"by":[142],"summarizing":[143],"from":[145],"full":[146],"its":[152,187],"more":[156,169,221,256],"precise":[157,172],"interpretation":[158],"root":[161],"cause":[162],"vulnerability.":[165],"The":[166],"descriptive":[170],"than":[173,257],"union":[175],"existing":[177],"while":[179],"keeping":[180],"conciseness;":[181],"each":[184],"generator":[188],"automatically":[189],"checks":[190],"all":[191,210],"potential":[192],"disturbances":[193],"composes":[195],"constraints":[197],"avoid":[199],"possible":[200],"disturbances.Compared":[201],"nine":[203],"state-of-the-art":[204],"tools,":[205],"Rengar":[206],"detects":[207],"not":[208],"only":[209],"regexes":[212],"found":[214],"but":[215],"also":[216],"3":[217],"\u2013":[218,228],"197":[219],"times":[220],"regexes.":[223],"Besides,":[224],"it":[225],"saves":[226],"57.41%":[227],"99.83%":[229],"average":[230],"time":[232],"compared":[233],"tools":[235],"containing":[236],"validation":[239],"process.":[240],"Using":[241],"Rengar,":[242],"we":[243],"identified":[245],"69":[246],"zero-day":[247],"vulnerabilities":[248],"(21":[249],"CVEs)":[250],"affecting":[251],"popular":[252],"projects":[253],"dozens":[258],"millions":[260],"weekly":[261],"download":[262],"count.":[263]},"counts_by_year":[{"year":2025,"cited_by_count":3},{"year":2024,"cited_by_count":2}],"updated_date":"2025-11-06T03:46:38.306776","created_date":"2025-10-10T00:00:00"}