{"id":"https://openalex.org/W3027167064","doi":"https://doi.org/10.1109/tdsc.2020.2995542","title":"JNI Global References Are Still Vulnerable: Attacks and Defenses","display_name":"JNI Global References Are Still Vulnerable: Attacks and Defenses","publication_year":2020,"publication_date":"2020-05-18","ids":{"openalex":"https://openalex.org/W3027167064","doi":"https://doi.org/10.1109/tdsc.2020.2995542","mag":"3027167064"},"language":"en","primary_location":{"id":"doi:10.1109/tdsc.2020.2995542","is_oa":false,"landing_page_url":"https://doi.org/10.1109/tdsc.2020.2995542","pdf_url":null,"source":{"id":"https://openalex.org/S133795288","display_name":"IEEE Transactions on Dependable and Secure Computing","issn_l":"1545-5971","issn":["1545-5971","1941-0018","2160-9209"],"is_oa":false,"is_in_doaj":false,"is_core":true,"host_organization":"https://openalex.org/P4310320439","host_organization_name":"IEEE Computer Society","host_organization_lineage":["https://openalex.org/P4310320439","https://openalex.org/P4310319808"],"host_organization_lineage_names":["IEEE Computer Society","Institute of Electrical and Electronics Engineers"],"type":"journal"},"license":null,"license_id":null,"version":"publishedVersion","is_accepted":true,"is_published":true,"raw_source_name":"IEEE Transactions on Dependable and Secure Computing","raw_type":"journal-article"},"type":"article","indexed_in":["crossref"],"open_access":{"is_oa":false,"oa_status":"closed","oa_url":null,"any_repository_has_fulltext":false},"authorships":[{"author_position":"first","author":{"id":"https://openalex.org/A5115053616","display_name":"Yi He","orcid":"https://orcid.org/0000-0002-1807-4185"},"institutions":[{"id":"https://openalex.org/I99065089","display_name":"Tsinghua University","ror":"https://ror.org/03cve4549","country_code":"CN","type":"education","lineage":["https://openalex.org/I99065089"]},{"id":"https://openalex.org/I4210156423","display_name":"National Engineering Research Center for Information Technology in Agriculture","ror":"https://ror.org/04c3j3t84","country_code":"CN","type":"facility","lineage":["https://openalex.org/I4210156423"]}],"countries":["CN"],"is_corresponding":true,"raw_author_name":"Yi He","raw_affiliation_strings":["Beijing National Research Center for Information Science and Technology (BNRist), Beijing, China","Institute for Network Sciences and Cyberspace, Tsinghua University, Beijing, China"],"affiliations":[{"raw_affiliation_string":"Beijing National Research Center for Information Science and Technology (BNRist), Beijing, China","institution_ids":["https://openalex.org/I4210156423"]},{"raw_affiliation_string":"Institute for Network Sciences and Cyberspace, Tsinghua University, Beijing, China","institution_ids":["https://openalex.org/I99065089"]}]},{"author_position":"middle","author":{"id":"https://openalex.org/A5100630884","display_name":"Yuan Zhou","orcid":"https://orcid.org/0000-0002-0474-2314"},"institutions":[{"id":"https://openalex.org/I99065089","display_name":"Tsinghua University","ror":"https://ror.org/03cve4549","country_code":"CN","type":"education","lineage":["https://openalex.org/I99065089"]},{"id":"https://openalex.org/I4210114105","display_name":"Tsinghua\u2013Berkeley Shenzhen Institute","ror":"https://ror.org/02hhwwz98","country_code":"CN","type":"facility","lineage":["https://openalex.org/I4210114105","https://openalex.org/I95457486","https://openalex.org/I99065089"]},{"id":"https://openalex.org/I168879160","display_name":"Zhejiang University of Science and Technology","ror":"https://ror.org/05mx0wr29","country_code":"CN","type":"education","lineage":["https://openalex.org/I168879160"]}],"countries":["CN"],"is_corresponding":false,"raw_author_name":"Yuan Zhou","raw_affiliation_strings":["School of Cyber Space and Technology, College of Computer Science and Technology, Zhejiang University, Hangzhou, China","Tsinghua-Berkeley Shenzhen Institute, Tsinghua University, Shenzhen, China"],"affiliations":[{"raw_affiliation_string":"School of Cyber Space and Technology, College of Computer Science and Technology, Zhejiang University, Hangzhou, China","institution_ids":["https://openalex.org/I168879160"]},{"raw_affiliation_string":"Tsinghua-Berkeley Shenzhen Institute, Tsinghua University, Shenzhen, China","institution_ids":["https://openalex.org/I4210114105","https://openalex.org/I99065089"]}]},{"author_position":"middle","author":{"id":"https://openalex.org/A5088790914","display_name":"Yajin Zhou","orcid":"https://orcid.org/0000-0001-7610-4736"},"institutions":[{"id":"https://openalex.org/I168879160","display_name":"Zhejiang University of Science and Technology","ror":"https://ror.org/05mx0wr29","country_code":"CN","type":"education","lineage":["https://openalex.org/I168879160"]},{"id":"https://openalex.org/I99065089","display_name":"Tsinghua University","ror":"https://ror.org/03cve4549","country_code":"CN","type":"education","lineage":["https://openalex.org/I99065089"]},{"id":"https://openalex.org/I4210114105","display_name":"Tsinghua\u2013Berkeley Shenzhen Institute","ror":"https://ror.org/02hhwwz98","country_code":"CN","type":"facility","lineage":["https://openalex.org/I4210114105","https://openalex.org/I95457486","https://openalex.org/I99065089"]}],"countries":["CN"],"is_corresponding":false,"raw_author_name":"Yajin Zhou","raw_affiliation_strings":["School of Cyber Space and Technology, College of Computer Science and Technology, Zhejiang University, Hangzhou, China","Tsinghua-Berkeley Shenzhen Institute, Tsinghua University, Shenzhen, China"],"affiliations":[{"raw_affiliation_string":"School of Cyber Space and Technology, College of Computer Science and Technology, Zhejiang University, Hangzhou, China","institution_ids":["https://openalex.org/I168879160"]},{"raw_affiliation_string":"Tsinghua-Berkeley Shenzhen Institute, Tsinghua University, Shenzhen, China","institution_ids":["https://openalex.org/I4210114105","https://openalex.org/I99065089"]}]},{"author_position":"middle","author":{"id":"https://openalex.org/A5100350165","display_name":"Qi Li","orcid":"https://orcid.org/0000-0001-8776-8730"},"institutions":[{"id":"https://openalex.org/I99065089","display_name":"Tsinghua University","ror":"https://ror.org/03cve4549","country_code":"CN","type":"education","lineage":["https://openalex.org/I99065089"]},{"id":"https://openalex.org/I4210156423","display_name":"National Engineering Research Center for Information Technology in Agriculture","ror":"https://ror.org/04c3j3t84","country_code":"CN","type":"facility","lineage":["https://openalex.org/I4210156423"]}],"countries":["CN"],"is_corresponding":false,"raw_author_name":"Qi Li","raw_affiliation_strings":["Beijing National Research Center for Information Science and Technology (BNRist), Beijing, China","Institute for Network Sciences and Cyberspace, Tsinghua University, Beijing, China"],"affiliations":[{"raw_affiliation_string":"Beijing National Research Center for Information Science and Technology (BNRist), Beijing, China","institution_ids":["https://openalex.org/I4210156423"]},{"raw_affiliation_string":"Institute for Network Sciences and Cyberspace, Tsinghua University, Beijing, China","institution_ids":["https://openalex.org/I99065089"]}]},{"author_position":"middle","author":{"id":"https://openalex.org/A5026728546","display_name":"Kun Sun","orcid":"https://orcid.org/0000-0003-4152-2107"},"institutions":[{"id":"https://openalex.org/I162714631","display_name":"George Mason University","ror":"https://ror.org/02jqj7156","country_code":"US","type":"education","lineage":["https://openalex.org/I162714631"]}],"countries":["US"],"is_corresponding":false,"raw_author_name":"Kun Sun","raw_affiliation_strings":["Department of Information Sciences and Technology, George Mason University, Fairfax, VA, USA"],"affiliations":[{"raw_affiliation_string":"Department of Information Sciences and Technology, George Mason University, Fairfax, VA, USA","institution_ids":["https://openalex.org/I162714631"]}]},{"author_position":"middle","author":{"id":"https://openalex.org/A5101152479","display_name":"Yacong Gu","orcid":"https://orcid.org/0000-0003-2221-5689"},"institutions":[{"id":"https://openalex.org/I4210128818","display_name":"Institute of Software","ror":"https://ror.org/033dfsn42","country_code":"CN","type":"facility","lineage":["https://openalex.org/I19820366","https://openalex.org/I4210128818"]},{"id":"https://openalex.org/I19820366","display_name":"Chinese Academy of Sciences","ror":"https://ror.org/034t30j35","country_code":"CN","type":"funder","lineage":["https://openalex.org/I19820366"]}],"countries":["CN"],"is_corresponding":false,"raw_author_name":"Yacong Gu","raw_affiliation_strings":["Institute of Software, Chinese Academy of Sciences, Beijing, China"],"affiliations":[{"raw_affiliation_string":"Institute of Software, Chinese Academy of Sciences, Beijing, China","institution_ids":["https://openalex.org/I4210128818","https://openalex.org/I19820366"]}]},{"author_position":"last","author":{"id":"https://openalex.org/A5101626204","display_name":"Yong Jiang","orcid":"https://orcid.org/0000-0002-4260-1395"},"institutions":[{"id":"https://openalex.org/I4210114105","display_name":"Tsinghua\u2013Berkeley Shenzhen Institute","ror":"https://ror.org/02hhwwz98","country_code":"CN","type":"facility","lineage":["https://openalex.org/I4210114105","https://openalex.org/I95457486","https://openalex.org/I99065089"]},{"id":"https://openalex.org/I99065089","display_name":"Tsinghua University","ror":"https://ror.org/03cve4549","country_code":"CN","type":"education","lineage":["https://openalex.org/I99065089"]}],"countries":["CN"],"is_corresponding":false,"raw_author_name":"Yong Jiang","raw_affiliation_strings":["Tsinghua-Berkeley Shenzhen Institute, Tsinghua University, Shenzhen, China"],"affiliations":[{"raw_affiliation_string":"Tsinghua-Berkeley Shenzhen Institute, Tsinghua University, Shenzhen, China","institution_ids":["https://openalex.org/I4210114105","https://openalex.org/I99065089"]}]}],"institutions":[],"countries_distinct_count":2,"institutions_distinct_count":7,"corresponding_author_ids":["https://openalex.org/A5115053616"],"corresponding_institution_ids":["https://openalex.org/I4210156423","https://openalex.org/I99065089"],"apc_list":null,"apc_paid":null,"fwci":0.3031,"has_fulltext":false,"cited_by_count":3,"citation_normalized_percentile":{"value":0.52185648,"is_in_top_1_percent":false,"is_in_top_10_percent":false},"cited_by_percentile_year":{"min":91,"max":96},"biblio":{"volume":"19","issue":"1","first_page":"607","last_page":"619"},"is_retracted":false,"is_paratext":false,"is_xpac":false,"primary_topic":{"id":"https://openalex.org/T11241","display_name":"Advanced Malware Detection Techniques","score":1.0,"subfield":{"id":"https://openalex.org/subfields/1711","display_name":"Signal Processing"},"field":{"id":"https://openalex.org/fields/17","display_name":"Computer Science"},"domain":{"id":"https://openalex.org/domains/3","display_name":"Physical Sciences"}},"topics":[{"id":"https://openalex.org/T11241","display_name":"Advanced Malware Detection Techniques","score":1.0,"subfield":{"id":"https://openalex.org/subfields/1711","display_name":"Signal Processing"},"field":{"id":"https://openalex.org/fields/17","display_name":"Computer Science"},"domain":{"id":"https://openalex.org/domains/3","display_name":"Physical Sciences"}},{"id":"https://openalex.org/T10400","display_name":"Network Security and Intrusion Detection","score":0.9959999918937683,"subfield":{"id":"https://openalex.org/subfields/1705","display_name":"Computer Networks and Communications"},"field":{"id":"https://openalex.org/fields/17","display_name":"Computer Science"},"domain":{"id":"https://openalex.org/domains/3","display_name":"Physical Sciences"}},{"id":"https://openalex.org/T10743","display_name":"Software Testing and Debugging Techniques","score":0.9951000213623047,"subfield":{"id":"https://openalex.org/subfields/1712","display_name":"Software"},"field":{"id":"https://openalex.org/fields/17","display_name":"Computer Science"},"domain":{"id":"https://openalex.org/domains/3","display_name":"Physical Sciences"}}],"keywords":[{"id":"https://openalex.org/keywords/android","display_name":"Android (operating system)","score":0.8376911878585815},{"id":"https://openalex.org/keywords/computer-science","display_name":"Computer science","score":0.8204617500305176},{"id":"https://openalex.org/keywords/denial-of-service-attack","display_name":"Denial-of-service attack","score":0.7029509544372559},{"id":"https://openalex.org/keywords/computer-security","display_name":"Computer security","score":0.6845390200614929},{"id":"https://openalex.org/keywords/reachability","display_name":"Reachability","score":0.5047527551651001},{"id":"https://openalex.org/keywords/botnet","display_name":"Botnet","score":0.42370787262916565},{"id":"https://openalex.org/keywords/attack-surface","display_name":"Attack surface","score":0.42074859142303467},{"id":"https://openalex.org/keywords/world-wide-web","display_name":"World Wide Web","score":0.23007264733314514},{"id":"https://openalex.org/keywords/operating-system","display_name":"Operating system","score":0.17490863800048828},{"id":"https://openalex.org/keywords/the-internet","display_name":"The Internet","score":0.1131608784198761}],"concepts":[{"id":"https://openalex.org/C557433098","wikidata":"https://www.wikidata.org/wiki/Q94","display_name":"Android (operating system)","level":2,"score":0.8376911878585815},{"id":"https://openalex.org/C41008148","wikidata":"https://www.wikidata.org/wiki/Q21198","display_name":"Computer science","level":0,"score":0.8204617500305176},{"id":"https://openalex.org/C38822068","wikidata":"https://www.wikidata.org/wiki/Q131406","display_name":"Denial-of-service attack","level":3,"score":0.7029509544372559},{"id":"https://openalex.org/C38652104","wikidata":"https://www.wikidata.org/wiki/Q3510521","display_name":"Computer security","level":1,"score":0.6845390200614929},{"id":"https://openalex.org/C136643341","wikidata":"https://www.wikidata.org/wiki/Q1361526","display_name":"Reachability","level":2,"score":0.5047527551651001},{"id":"https://openalex.org/C22735295","wikidata":"https://www.wikidata.org/wiki/Q317671","display_name":"Botnet","level":3,"score":0.42370787262916565},{"id":"https://openalex.org/C2776576444","wikidata":"https://www.wikidata.org/wiki/Q303569","display_name":"Attack surface","level":2,"score":0.42074859142303467},{"id":"https://openalex.org/C136764020","wikidata":"https://www.wikidata.org/wiki/Q466","display_name":"World Wide Web","level":1,"score":0.23007264733314514},{"id":"https://openalex.org/C111919701","wikidata":"https://www.wikidata.org/wiki/Q9135","display_name":"Operating system","level":1,"score":0.17490863800048828},{"id":"https://openalex.org/C110875604","wikidata":"https://www.wikidata.org/wiki/Q75","display_name":"The Internet","level":2,"score":0.1131608784198761},{"id":"https://openalex.org/C80444323","wikidata":"https://www.wikidata.org/wiki/Q2878974","display_name":"Theoretical computer science","level":1,"score":0.0}],"mesh":[],"locations_count":1,"locations":[{"id":"doi:10.1109/tdsc.2020.2995542","is_oa":false,"landing_page_url":"https://doi.org/10.1109/tdsc.2020.2995542","pdf_url":null,"source":{"id":"https://openalex.org/S133795288","display_name":"IEEE Transactions on Dependable and Secure Computing","issn_l":"1545-5971","issn":["1545-5971","1941-0018","2160-9209"],"is_oa":false,"is_in_doaj":false,"is_core":true,"host_organization":"https://openalex.org/P4310320439","host_organization_name":"IEEE Computer Society","host_organization_lineage":["https://openalex.org/P4310320439","https://openalex.org/P4310319808"],"host_organization_lineage_names":["IEEE Computer Society","Institute of Electrical and Electronics Engineers"],"type":"journal"},"license":null,"license_id":null,"version":"publishedVersion","is_accepted":true,"is_published":true,"raw_source_name":"IEEE Transactions on Dependable and Secure Computing","raw_type":"journal-article"}],"best_oa_location":null,"sustainable_development_goals":[{"score":0.4699999988079071,"display_name":"Decent work and economic growth","id":"https://metadata.un.org/sdg/8"}],"awards":[{"id":"https://openalex.org/G106991597","display_name":null,"funder_award_id":"61872438","funder_id":"https://openalex.org/F4320321001","funder_display_name":"National Natural Science Foundation of China"},{"id":"https://openalex.org/G1191843724","display_name":null,"funder_award_id":"U1736209","funder_id":"https://openalex.org/F4320321001","funder_display_name":"National Natural Science Foundation of China"},{"id":"https://openalex.org/G6827592809","display_name":null,"funder_award_id":"61572278","funder_id":"https://openalex.org/F4320321001","funder_display_name":"National Natural Science Foundation of China"}],"funders":[{"id":"https://openalex.org/F4320321001","display_name":"National Natural Science Foundation of China","ror":"https://ror.org/01h0zpd94"}],"has_content":{"grobid_xml":false,"pdf":false},"content_urls":null,"referenced_works_count":18,"referenced_works":["https://openalex.org/W1893159092","https://openalex.org/W1985752637","https://openalex.org/W2010163347","https://openalex.org/W2050800980","https://openalex.org/W2077202047","https://openalex.org/W2088983597","https://openalex.org/W2106349977","https://openalex.org/W2127723417","https://openalex.org/W2166743230","https://openalex.org/W2171240827","https://openalex.org/W2273325114","https://openalex.org/W2573570214","https://openalex.org/W2626290556","https://openalex.org/W2751955863","https://openalex.org/W2890471546","https://openalex.org/W4251039970","https://openalex.org/W6669987511","https://openalex.org/W6739529590"],"related_works":["https://openalex.org/W2294483539","https://openalex.org/W2378449000","https://openalex.org/W3187581118","https://openalex.org/W3143747655","https://openalex.org/W2901835651","https://openalex.org/W2883616266","https://openalex.org/W4230824443","https://openalex.org/W2038807247","https://openalex.org/W2097156747","https://openalex.org/W2559738661"],"abstract_inverted_index":{"System":[0],"services":[1,122,151],"and":[2,129,142,180],"resources":[3],"in":[4,80,99,152],"Android":[5,55,83,101,108,140,153],"are":[6,17],"accessed":[7],"through":[8],"IPC-based":[9],"mechanisms.":[10],"Previous":[11],"research":[12],"has":[13],"demonstrated":[14],"that":[15,68,116],"they":[16],"vulnerable":[18,121],"to":[19,42,58,73,138,185],"the":[20,27,44,48,54,60,81,104,174,178,187],"denial-of-service":[21],"attack":[22,79,189],"(DoS":[23],"attack).":[24,51],"For":[25],"instance,":[26],"JNI":[28],"global":[29,195],"reference":[30,196],"(JGR),":[31],"which":[32,96],"is":[33,70,97],"widely":[34],"used":[35],"by":[36,62,190],"system":[37,45,150],"services,":[38],"can":[39,117,164],"be":[40,165],"exhausted":[41],"cause":[43,176],"reboot":[46],"(hence":[47],"name":[49],"JGRE":[50,188],"Even":[52],"though":[53],"team":[56],"tries":[57],"fix":[59],"problem":[61],"enforcing":[63],"security":[64],"checks,":[65],"we":[66,88,111],"find":[67],"it":[69],"still":[71],"possible":[72],"construct":[74],"a":[75,90,114,125,130,182],"JGR":[76,92,120],"exhaustion":[77,93],"DoS":[78,94],"latest":[82],"system.":[84],"In":[85,146],"this":[86,136],"article,":[87],"propose":[89,181],"new":[91,183],"attack,":[95],"effective":[98],"different":[100,139],"versions,":[102],"including":[103],"<i>latest":[105],"one":[106],"(i.e.,":[107],"10)</i>.":[109],"Specifically,":[110],"developed":[112],"JGREAnalyzer,":[113],"tool":[115,137],"systematically":[118],"detect":[119],"APIs":[123],"via":[124,194],"call":[126],"graph":[127],"analysis":[128],"forwarding":[131],"reachability":[132],"analysis.":[133],"We":[134,171],"applied":[135],"versions":[141],"found":[143],"multiple":[144],"vulnerabilities.":[145,160],"particular,":[147],"among":[148],"148":[149],"10,":[154],"12":[155],"of":[156,177],"them":[157],"have":[158],"21":[159],"Among":[161],"them,":[162],"9":[163],"successfully":[166],"exploited":[167],"without":[168],"any":[169],"permissions.":[170],"further":[172],"analyze":[173],"root":[175],"vulnerabilities":[179],"defense":[184],"mitigate":[186],"restricting":[191],"resource":[192],"consumption":[193],"counting.":[197]},"counts_by_year":[{"year":2025,"cited_by_count":1},{"year":2022,"cited_by_count":2}],"updated_date":"2025-11-06T03:46:38.306776","created_date":"2025-10-10T00:00:00"}