{"id":"https://openalex.org/W2897614888","doi":"https://doi.org/10.1109/tifs.2019.2894356","title":"Musti: Dynamic Prevention of Invalid Object Initialization Attacks","display_name":"Musti: Dynamic Prevention of Invalid Object Initialization Attacks","publication_year":2019,"publication_date":"2019-02-01","ids":{"openalex":"https://openalex.org/W2897614888","doi":"https://doi.org/10.1109/tifs.2019.2894356","mag":"2897614888"},"language":"en","primary_location":{"id":"doi:10.1109/tifs.2019.2894356","is_oa":true,"landing_page_url":"https://doi.org/10.1109/tifs.2019.2894356","pdf_url":"https://ieeexplore.ieee.org/ielx7/10206/8710012/08632755.pdf","source":{"id":"https://openalex.org/S61310614","display_name":"IEEE Transactions on Information Forensics and Security","issn_l":"1556-6013","issn":["1556-6013","1556-6021"],"is_oa":false,"is_in_doaj":false,"is_core":true,"host_organization":"https://openalex.org/P4310319808","host_organization_name":"Institute of Electrical and Electronics Engineers","host_organization_lineage":["https://openalex.org/P4310319808"],"host_organization_lineage_names":["Institute of Electrical and Electronics Engineers"],"type":"journal"},"license":"cc-by","license_id":"https://openalex.org/licenses/cc-by","version":"publishedVersion","is_accepted":true,"is_published":true,"raw_source_name":"IEEE Transactions on Information Forensics and Security","raw_type":"journal-article"},"type":"article","indexed_in":["crossref"],"open_access":{"is_oa":true,"oa_status":"hybrid","oa_url":"https://ieeexplore.ieee.org/ielx7/10206/8710012/08632755.pdf","any_repository_has_fulltext":true},"authorships":[{"author_position":"first","author":{"id":"https://openalex.org/A5019300625","display_name":"Alexandre Bartel","orcid":"https://orcid.org/0000-0003-1383-0372"},"institutions":[{"id":"https://openalex.org/I186903577","display_name":"University of Luxembourg","ror":"https://ror.org/036x5ad56","country_code":"LU","type":"education","lineage":["https://openalex.org/I186903577"]},{"id":"https://openalex.org/I90267481","display_name":"Ume\u00e5 University","ror":"https://ror.org/05kb8h459","country_code":"SE","type":"education","lineage":["https://openalex.org/I90267481"]}],"countries":["LU","SE"],"is_corresponding":true,"raw_author_name":"Alexandre Bartel","raw_affiliation_strings":["University of Luxembourg, L-1359 Luxembourg, Luxembourg","Department of Computing Science [Ume\u00e5, Sweden]"],"affiliations":[{"raw_affiliation_string":"University of Luxembourg, L-1359 Luxembourg, Luxembourg","institution_ids":["https://openalex.org/I186903577"]},{"raw_affiliation_string":"Department of Computing Science [Ume\u00e5, Sweden]","institution_ids":["https://openalex.org/I90267481"]}]},{"author_position":"middle","author":{"id":"https://openalex.org/A5040326968","display_name":"Jacques Klein","orcid":"https://orcid.org/0000-0003-4052-475X"},"institutions":[{"id":"https://openalex.org/I186903577","display_name":"University of Luxembourg","ror":"https://ror.org/036x5ad56","country_code":"LU","type":"education","lineage":["https://openalex.org/I186903577"]}],"countries":["LU"],"is_corresponding":false,"raw_author_name":"Jacques Klein","raw_affiliation_strings":["University of Luxembourg, L-1359 Luxembourg, Luxembourg","Interdisciplinary Centre for Security, Reliability and Trust"],"affiliations":[{"raw_affiliation_string":"University of Luxembourg, L-1359 Luxembourg, Luxembourg","institution_ids":["https://openalex.org/I186903577"]},{"raw_affiliation_string":"Interdisciplinary Centre for Security, Reliability and Trust","institution_ids":[]}]},{"author_position":"last","author":{"id":"https://openalex.org/A5040574362","display_name":"Yves Le Traon","orcid":"https://orcid.org/0000-0002-1045-4861"},"institutions":[{"id":"https://openalex.org/I186903577","display_name":"University of Luxembourg","ror":"https://ror.org/036x5ad56","country_code":"LU","type":"education","lineage":["https://openalex.org/I186903577"]}],"countries":["LU"],"is_corresponding":false,"raw_author_name":"Yves Le Traon","raw_affiliation_strings":["University of Luxembourg, L-1359 Luxembourg, Luxembourg","Interdisciplinary Centre for Security, Reliability and Trust"],"affiliations":[{"raw_affiliation_string":"University of Luxembourg, L-1359 Luxembourg, Luxembourg","institution_ids":["https://openalex.org/I186903577"]},{"raw_affiliation_string":"Interdisciplinary Centre for Security, Reliability and Trust","institution_ids":[]}]}],"institutions":[],"countries_distinct_count":2,"institutions_distinct_count":3,"corresponding_author_ids":["https://openalex.org/A5019300625"],"corresponding_institution_ids":["https://openalex.org/I186903577","https://openalex.org/I90267481"],"apc_list":null,"apc_paid":null,"fwci":0.6676,"has_fulltext":true,"cited_by_count":5,"citation_normalized_percentile":{"value":0.66814752,"is_in_top_1_percent":false,"is_in_top_10_percent":false},"cited_by_percentile_year":{"min":90,"max":97},"biblio":{"volume":"14","issue":"8","first_page":"2167","last_page":"2178"},"is_retracted":false,"is_paratext":false,"is_xpac":false,"primary_topic":{"id":"https://openalex.org/T11241","display_name":"Advanced Malware Detection Techniques","score":0.9997000098228455,"subfield":{"id":"https://openalex.org/subfields/1711","display_name":"Signal Processing"},"field":{"id":"https://openalex.org/fields/17","display_name":"Computer Science"},"domain":{"id":"https://openalex.org/domains/3","display_name":"Physical Sciences"}},"topics":[{"id":"https://openalex.org/T11241","display_name":"Advanced Malware Detection Techniques","score":0.9997000098228455,"subfield":{"id":"https://openalex.org/subfields/1711","display_name":"Signal Processing"},"field":{"id":"https://openalex.org/fields/17","display_name":"Computer Science"},"domain":{"id":"https://openalex.org/domains/3","display_name":"Physical Sciences"}},{"id":"https://openalex.org/T12122","display_name":"Physical Unclonable Functions (PUFs) and Hardware Security","score":0.9983000159263611,"subfield":{"id":"https://openalex.org/subfields/1708","display_name":"Hardware and Architecture"},"field":{"id":"https://openalex.org/fields/17","display_name":"Computer Science"},"domain":{"id":"https://openalex.org/domains/3","display_name":"Physical Sciences"}},{"id":"https://openalex.org/T12034","display_name":"Digital and Cyber Forensics","score":0.9975000023841858,"subfield":{"id":"https://openalex.org/subfields/1710","display_name":"Information Systems"},"field":{"id":"https://openalex.org/fields/17","display_name":"Computer Science"},"domain":{"id":"https://openalex.org/domains/3","display_name":"Physical Sciences"}}],"keywords":[{"id":"https://openalex.org/keywords/computer-science","display_name":"Computer science","score":0.93296217918396},{"id":"https://openalex.org/keywords/initialization","display_name":"Initialization","score":0.6646455526351929},{"id":"https://openalex.org/keywords/bytecode","display_name":"Bytecode","score":0.6530488729476929},{"id":"https://openalex.org/keywords/java","display_name":"Java","score":0.5377296209335327},{"id":"https://openalex.org/keywords/operating-system","display_name":"Operating system","score":0.5311485528945923},{"id":"https://openalex.org/keywords/overhead","display_name":"Overhead (engineering)","score":0.5261366367340088},{"id":"https://openalex.org/keywords/serialization","display_name":"Serialization","score":0.5233235359191895},{"id":"https://openalex.org/keywords/java-bytecode","display_name":"Java bytecode","score":0.4885185956954956},{"id":"https://openalex.org/keywords/computer-security","display_name":"Computer security","score":0.4559895992279053},{"id":"https://openalex.org/keywords/programming-language","display_name":"Programming language","score":0.45271408557891846},{"id":"https://openalex.org/keywords/mandatory-access-control","display_name":"Mandatory access control","score":0.44707411527633667},{"id":"https://openalex.org/keywords/vulnerability","display_name":"Vulnerability (computing)","score":0.43917766213417053},{"id":"https://openalex.org/keywords/code","display_name":"Code (set theory)","score":0.4291595220565796},{"id":"https://openalex.org/keywords/virtual-machine","display_name":"Virtual machine","score":0.42446184158325195},{"id":"https://openalex.org/keywords/object","display_name":"Object (grammar)","score":0.42153090238571167},{"id":"https://openalex.org/keywords/access-control","display_name":"Access control","score":0.22429925203323364},{"id":"https://openalex.org/keywords/java-applet","display_name":"Java applet","score":0.1886286735534668},{"id":"https://openalex.org/keywords/set","display_name":"Set (abstract data type)","score":0.1356794834136963},{"id":"https://openalex.org/keywords/java-annotation","display_name":"Java annotation","score":0.11040669679641724},{"id":"https://openalex.org/keywords/artificial-intelligence","display_name":"Artificial intelligence","score":0.10206899046897888}],"concepts":[{"id":"https://openalex.org/C41008148","wikidata":"https://www.wikidata.org/wiki/Q21198","display_name":"Computer science","level":0,"score":0.93296217918396},{"id":"https://openalex.org/C114466953","wikidata":"https://www.wikidata.org/wiki/Q6034165","display_name":"Initialization","level":2,"score":0.6646455526351929},{"id":"https://openalex.org/C2779818221","wikidata":"https://www.wikidata.org/wiki/Q837330","display_name":"Bytecode","level":3,"score":0.6530488729476929},{"id":"https://openalex.org/C548217200","wikidata":"https://www.wikidata.org/wiki/Q251","display_name":"Java","level":2,"score":0.5377296209335327},{"id":"https://openalex.org/C111919701","wikidata":"https://www.wikidata.org/wiki/Q9135","display_name":"Operating system","level":1,"score":0.5311485528945923},{"id":"https://openalex.org/C2779960059","wikidata":"https://www.wikidata.org/wiki/Q7113681","display_name":"Overhead (engineering)","level":2,"score":0.5261366367340088},{"id":"https://openalex.org/C52723943","wikidata":"https://www.wikidata.org/wiki/Q1127410","display_name":"Serialization","level":2,"score":0.5233235359191895},{"id":"https://openalex.org/C2777472213","wikidata":"https://www.wikidata.org/wiki/Q137496","display_name":"Java bytecode","level":5,"score":0.4885185956954956},{"id":"https://openalex.org/C38652104","wikidata":"https://www.wikidata.org/wiki/Q3510521","display_name":"Computer security","level":1,"score":0.4559895992279053},{"id":"https://openalex.org/C199360897","wikidata":"https://www.wikidata.org/wiki/Q9143","display_name":"Programming language","level":1,"score":0.45271408557891846},{"id":"https://openalex.org/C2777407602","wikidata":"https://www.wikidata.org/wiki/Q1888932","display_name":"Mandatory access control","level":4,"score":0.44707411527633667},{"id":"https://openalex.org/C95713431","wikidata":"https://www.wikidata.org/wiki/Q631425","display_name":"Vulnerability (computing)","level":2,"score":0.43917766213417053},{"id":"https://openalex.org/C2776760102","wikidata":"https://www.wikidata.org/wiki/Q5139990","display_name":"Code (set theory)","level":3,"score":0.4291595220565796},{"id":"https://openalex.org/C25344961","wikidata":"https://www.wikidata.org/wiki/Q192726","display_name":"Virtual machine","level":2,"score":0.42446184158325195},{"id":"https://openalex.org/C2781238097","wikidata":"https://www.wikidata.org/wiki/Q175026","display_name":"Object (grammar)","level":2,"score":0.42153090238571167},{"id":"https://openalex.org/C527821871","wikidata":"https://www.wikidata.org/wiki/Q228502","display_name":"Access control","level":2,"score":0.22429925203323364},{"id":"https://openalex.org/C15524039","wikidata":"https://www.wikidata.org/wiki/Q865817","display_name":"Java applet","level":3,"score":0.1886286735534668},{"id":"https://openalex.org/C177264268","wikidata":"https://www.wikidata.org/wiki/Q1514741","display_name":"Set (abstract data type)","level":2,"score":0.1356794834136963},{"id":"https://openalex.org/C168702491","wikidata":"https://www.wikidata.org/wiki/Q567345","display_name":"Java annotation","level":4,"score":0.11040669679641724},{"id":"https://openalex.org/C154945302","wikidata":"https://www.wikidata.org/wiki/Q11660","display_name":"Artificial intelligence","level":1,"score":0.10206899046897888},{"id":"https://openalex.org/C45567728","wikidata":"https://www.wikidata.org/wiki/Q1702839","display_name":"Role-based access control","level":3,"score":0.0}],"mesh":[],"locations_count":4,"locations":[{"id":"doi:10.1109/tifs.2019.2894356","is_oa":true,"landing_page_url":"https://doi.org/10.1109/tifs.2019.2894356","pdf_url":"https://ieeexplore.ieee.org/ielx7/10206/8710012/08632755.pdf","source":{"id":"https://openalex.org/S61310614","display_name":"IEEE Transactions on Information Forensics and Security","issn_l":"1556-6013","issn":["1556-6013","1556-6021"],"is_oa":false,"is_in_doaj":false,"is_core":true,"host_organization":"https://openalex.org/P4310319808","host_organization_name":"Institute of Electrical and Electronics Engineers","host_organization_lineage":["https://openalex.org/P4310319808"],"host_organization_lineage_names":["Institute of Electrical and Electronics Engineers"],"type":"journal"},"license":"cc-by","license_id":"https://openalex.org/licenses/cc-by","version":"publishedVersion","is_accepted":true,"is_published":true,"raw_source_name":"IEEE Transactions on Information Forensics and Security","raw_type":"journal-article"},{"id":"pmh:oai:HAL:hal-03751983v1","is_oa":true,"landing_page_url":"https://hal.science/hal-03751983","pdf_url":null,"source":{"id":"https://openalex.org/S4306402512","display_name":"HAL (Le Centre pour la Communication Scientifique Directe)","issn_l":null,"issn":null,"is_oa":false,"is_in_doaj":false,"is_core":false,"host_organization":"https://openalex.org/I1294671590","host_organization_name":"Centre National de la Recherche Scientifique","host_organization_lineage":["https://openalex.org/I1294671590"],"host_organization_lineage_names":[],"type":"repository"},"license":"other-oa","license_id":"https://openalex.org/licenses/other-oa","version":"submittedVersion","is_accepted":false,"is_published":false,"raw_source_name":"IEEE Transactions on Information Forensics and Security, 2019, 14 (8), pp.2167-2178. &#x27E8;10.1109/TIFS.2019.2894356&#x27E9;","raw_type":"Journal articles"},{"id":"pmh:oai:orbilu.uni.lu:10993/36085","is_oa":true,"landing_page_url":"http://orbilu.uni.lu/handle/10993/36085","pdf_url":null,"source":{"id":"https://openalex.org/S4306401815","display_name":"Open Repository and Bibliography (University of Luxembourg)","issn_l":null,"issn":null,"is_oa":false,"is_in_doaj":false,"is_core":false,"host_organization":"https://openalex.org/I186903577","host_organization_name":"University of Luxembourg","host_organization_lineage":["https://openalex.org/I186903577"],"host_organization_lineage_names":[],"type":"repository"},"license":"cc-by-nc-sa","license_id":"https://openalex.org/licenses/cc-by-nc-sa","version":"submittedVersion","is_accepted":false,"is_published":false,"raw_source_name":null,"raw_type":"info:eu-repo/semantics/report"},{"id":"pmh:oai:orbilu.uni.lu:10993/42590","is_oa":true,"landing_page_url":"https://orbilu.uni.lu/handle/10993/42590","pdf_url":null,"source":{"id":"https://openalex.org/S4306401815","display_name":"Open Repository and Bibliography (University of Luxembourg)","issn_l":null,"issn":null,"is_oa":false,"is_in_doaj":false,"is_core":false,"host_organization":"https://openalex.org/I186903577","host_organization_name":"University of Luxembourg","host_organization_lineage":["https://openalex.org/I186903577"],"host_organization_lineage_names":[],"type":"repository"},"license":"other-oa","license_id":"https://openalex.org/licenses/other-oa","version":"submittedVersion","is_accepted":false,"is_published":false,"raw_source_name":"","raw_type":null}],"best_oa_location":{"id":"doi:10.1109/tifs.2019.2894356","is_oa":true,"landing_page_url":"https://doi.org/10.1109/tifs.2019.2894356","pdf_url":"https://ieeexplore.ieee.org/ielx7/10206/8710012/08632755.pdf","source":{"id":"https://openalex.org/S61310614","display_name":"IEEE Transactions on Information Forensics and Security","issn_l":"1556-6013","issn":["1556-6013","1556-6021"],"is_oa":false,"is_in_doaj":false,"is_core":true,"host_organization":"https://openalex.org/P4310319808","host_organization_name":"Institute of Electrical and Electronics Engineers","host_organization_lineage":["https://openalex.org/P4310319808"],"host_organization_lineage_names":["Institute of Electrical and Electronics Engineers"],"type":"journal"},"license":"cc-by","license_id":"https://openalex.org/licenses/cc-by","version":"publishedVersion","is_accepted":true,"is_published":true,"raw_source_name":"IEEE Transactions on Information Forensics and Security","raw_type":"journal-article"},"sustainable_development_goals":[{"display_name":"Peace, Justice and strong institutions","score":0.6800000071525574,"id":"https://metadata.un.org/sdg/16"}],"awards":[{"id":"https://openalex.org/G5251188678","display_name":null,"funder_award_id":"C17/IS/11693861","funder_id":"https://openalex.org/F4320321038","funder_display_name":"Fonds National de la Recherche Luxembourg"}],"funders":[{"id":"https://openalex.org/F4320310700","display_name":"Universit\u00e9 du Luxembourg","ror":"https://ror.org/036x5ad56"},{"id":"https://openalex.org/F4320321038","display_name":"Fonds National de la Recherche Luxembourg","ror":"https://ror.org/039z13y21"}],"has_content":{"pdf":true,"grobid_xml":true},"content_urls":{"pdf":"https://content.openalex.org/works/W2897614888.pdf","grobid_xml":"https://content.openalex.org/works/W2897614888.grobid-xml"},"referenced_works_count":22,"referenced_works":["https://openalex.org/W1760882240","https://openalex.org/W1785111900","https://openalex.org/W1915915253","https://openalex.org/W2010608535","https://openalex.org/W2035069210","https://openalex.org/W2061603028","https://openalex.org/W2082501931","https://openalex.org/W2095629885","https://openalex.org/W2102197271","https://openalex.org/W2121251946","https://openalex.org/W2142503704","https://openalex.org/W2166091242","https://openalex.org/W2171240827","https://openalex.org/W2208250362","https://openalex.org/W2534728012","https://openalex.org/W2688711791","https://openalex.org/W2897614888","https://openalex.org/W3005566493","https://openalex.org/W4255445045","https://openalex.org/W6637836093","https://openalex.org/W6640203312","https://openalex.org/W6755436987"],"related_works":["https://openalex.org/W1509153591","https://openalex.org/W2027642766","https://openalex.org/W20625830","https://openalex.org/W2130413583","https://openalex.org/W2537112085","https://openalex.org/W2884975599","https://openalex.org/W1536265389","https://openalex.org/W2160283408","https://openalex.org/W1590648473","https://openalex.org/W1603881466"],"abstract_inverted_index":{"Invalid":[0],"object":[1],"initialization":[2],"vulnerabilities":[3,18],"have":[4,89],"been":[5,45],"identified":[6,41],"since":[7,21],"the":[8,29,49,53,62,105,118],"1990s":[9],"by":[10],"a":[11,32,39,69,90,96],"research":[12],"group":[13],"at":[14],"Princeton":[15],"University.":[16],"These":[17],"are":[19],"critical":[20,83],"they":[22],"can":[23],"be":[24],"used":[25],"to":[26,74,88,115],"totally":[27],"compromise":[28],"security":[30],"of":[31,52,61,82,104],"Java":[33],"virtual":[34],"machine":[35],"(JVM).":[36],"Recently,":[37],"such":[38],"vulnerability":[40],"as":[42],"CVE-2017-3289":[43],"has":[44],"found":[46],"again":[47],"in":[48],"bytecode":[50],"verifier":[51],"JVM":[54],"and":[55,76,95,111],"affects":[56],"more":[57],"than":[58],"40":[59],"versions":[60],"JVM.":[63],"In":[64],"this":[65,80],"paper,":[66],"we":[67],"present":[68],"runtime":[70,91],"solution":[71],"called":[72],"MUSTI":[73,87,107],"detect":[75],"prevent":[77],"attacks":[78],"leveraging":[79],"kind":[81],"vulnerabilities.":[84],"We":[85],"optimize":[86],"overhead":[92,98],"below":[93,99],"0.5%":[94],"memory":[97],"0.42%.":[100],"Compared":[101],"with":[102],"state":[103],"art,":[106],"is":[108],"completely":[109],"automated":[110],"does":[112],"not":[113],"require":[114],"manually":[116],"annotate":[117],"code.":[119]},"counts_by_year":[{"year":2024,"cited_by_count":1},{"year":2022,"cited_by_count":1},{"year":2019,"cited_by_count":3}],"updated_date":"2026-04-04T16:13:02.066488","created_date":"2025-10-10T00:00:00"}