{"id":"https://openalex.org/W2767925973","doi":"https://doi.org/10.1109/ase.2017.8115640","title":"Automatically assessing crashes from heap overflows","display_name":"Automatically assessing crashes from heap overflows","publication_year":2017,"publication_date":"2017-10-01","ids":{"openalex":"https://openalex.org/W2767925973","doi":"https://doi.org/10.1109/ase.2017.8115640","mag":"2767925973"},"language":"en","primary_location":{"id":"doi:10.1109/ase.2017.8115640","is_oa":false,"landing_page_url":"https://doi.org/10.1109/ase.2017.8115640","pdf_url":null,"source":null,"license":null,"license_id":null,"version":"publishedVersion","is_accepted":true,"is_published":true,"raw_source_name":"2017 32nd IEEE/ACM International Conference on Automated Software Engineering (ASE)","raw_type":"proceedings-article"},"type":"article","indexed_in":["crossref"],"open_access":{"is_oa":false,"oa_status":"closed","oa_url":null,"any_repository_has_fulltext":false},"authorships":[{"author_position":"first","author":{"id":"https://openalex.org/A5107878142","display_name":"Liang He","orcid":null},"institutions":[{"id":"https://openalex.org/I19820366","display_name":"Chinese Academy of Sciences","ror":"https://ror.org/034t30j35","country_code":"CN","type":"government","lineage":["https://openalex.org/I19820366"]}],"countries":["CN"],"is_corresponding":true,"raw_author_name":"Liang He","raw_affiliation_strings":["Trusted Computing and Information Assurance Laboratory, Chinese Academy of Sciences, Beijing, China"],"affiliations":[{"raw_affiliation_string":"Trusted Computing and Information Assurance Laboratory, Chinese Academy of Sciences, Beijing, China","institution_ids":["https://openalex.org/I19820366"]}]},{"author_position":"middle","author":{"id":"https://openalex.org/A5019924930","display_name":"Yan Cai","orcid":"https://orcid.org/0000-0002-4768-0272"},"institutions":[{"id":"https://openalex.org/I19820366","display_name":"Chinese Academy of Sciences","ror":"https://ror.org/034t30j35","country_code":"CN","type":"government","lineage":["https://openalex.org/I19820366"]}],"countries":["CN"],"is_corresponding":false,"raw_author_name":"Yan Cai","raw_affiliation_strings":["State Key Laboratory of Computer Science, Chinese Academy of Sciences, Beijing, China"],"affiliations":[{"raw_affiliation_string":"State Key Laboratory of Computer Science, Chinese Academy of Sciences, Beijing, China","institution_ids":["https://openalex.org/I19820366"]}]},{"author_position":"middle","author":{"id":"https://openalex.org/A5102150414","display_name":"Hong Hu","orcid":"https://orcid.org/0000-0002-6261-3190"},"institutions":[{"id":"https://openalex.org/I165932596","display_name":"National University of Singapore","ror":"https://ror.org/01tgyzw49","country_code":"SG","type":"education","lineage":["https://openalex.org/I165932596"]}],"countries":["SG"],"is_corresponding":false,"raw_author_name":"Hong Hu","raw_affiliation_strings":["Department of Computer Science, National University of Singapore"],"affiliations":[{"raw_affiliation_string":"Department of Computer Science, National University of Singapore","institution_ids":["https://openalex.org/I165932596"]}]},{"author_position":"middle","author":{"id":"https://openalex.org/A5010291758","display_name":"Purui Su","orcid":"https://orcid.org/0000-0001-6701-0383"},"institutions":[{"id":"https://openalex.org/I19820366","display_name":"Chinese Academy of Sciences","ror":"https://ror.org/034t30j35","country_code":"CN","type":"government","lineage":["https://openalex.org/I19820366"]}],"countries":["CN"],"is_corresponding":false,"raw_author_name":"Purui Su","raw_affiliation_strings":["State Key Laboratory of Computer Science, Chinese Academy of Sciences, Beijing, China"],"affiliations":[{"raw_affiliation_string":"State Key Laboratory of Computer Science, Chinese Academy of Sciences, Beijing, China","institution_ids":["https://openalex.org/I19820366"]}]},{"author_position":"middle","author":{"id":"https://openalex.org/A5084611756","display_name":"Zhenkai Liang","orcid":"https://orcid.org/0000-0001-7138-5030"},"institutions":[{"id":"https://openalex.org/I165932596","display_name":"National University of Singapore","ror":"https://ror.org/01tgyzw49","country_code":"SG","type":"education","lineage":["https://openalex.org/I165932596"]}],"countries":["SG"],"is_corresponding":false,"raw_author_name":"Zhenkai Liang","raw_affiliation_strings":["Department of Computer Science, National University of Singapore","Dept. of Computer Science, National Univ of Singapore#TAB#"],"affiliations":[{"raw_affiliation_string":"Department of Computer Science, National University of Singapore","institution_ids":["https://openalex.org/I165932596"]},{"raw_affiliation_string":"Dept. of Computer Science, National Univ of Singapore#TAB#","institution_ids":["https://openalex.org/I165932596"]}]},{"author_position":"middle","author":{"id":"https://openalex.org/A5090266285","display_name":"Yi Yang","orcid":"https://orcid.org/0000-0002-8133-6678"},"institutions":[{"id":"https://openalex.org/I19820366","display_name":"Chinese Academy of Sciences","ror":"https://ror.org/034t30j35","country_code":"CN","type":"government","lineage":["https://openalex.org/I19820366"]}],"countries":["CN"],"is_corresponding":false,"raw_author_name":"Yi Yang","raw_affiliation_strings":["Trusted Computing and Information Assurance Laboratory, Chinese Academy of Sciences, Beijing, China"],"affiliations":[{"raw_affiliation_string":"Trusted Computing and Information Assurance Laboratory, Chinese Academy of Sciences, Beijing, China","institution_ids":["https://openalex.org/I19820366"]}]},{"author_position":"middle","author":{"id":"https://openalex.org/A5110663545","display_name":"Huafeng Huang","orcid":null},"institutions":[{"id":"https://openalex.org/I19820366","display_name":"Chinese Academy of Sciences","ror":"https://ror.org/034t30j35","country_code":"CN","type":"government","lineage":["https://openalex.org/I19820366"]}],"countries":["CN"],"is_corresponding":false,"raw_author_name":"Huafeng Huang","raw_affiliation_strings":["Trusted Computing and Information Assurance Laboratory, Chinese Academy of Sciences, Beijing, China"],"affiliations":[{"raw_affiliation_string":"Trusted Computing and Information Assurance Laboratory, Chinese Academy of Sciences, Beijing, China","institution_ids":["https://openalex.org/I19820366"]}]},{"author_position":"middle","author":{"id":"https://openalex.org/A5101705676","display_name":"Jia Yan","orcid":"https://orcid.org/0000-0001-5402-4698"},"institutions":[{"id":"https://openalex.org/I19820366","display_name":"Chinese Academy of Sciences","ror":"https://ror.org/034t30j35","country_code":"CN","type":"government","lineage":["https://openalex.org/I19820366"]}],"countries":["CN"],"is_corresponding":false,"raw_author_name":"Jia Yan","raw_affiliation_strings":["Trusted Computing and Information Assurance Laboratory, Chinese Academy of Sciences, Beijing, China"],"affiliations":[{"raw_affiliation_string":"Trusted Computing and Information Assurance Laboratory, Chinese Academy of Sciences, Beijing, China","institution_ids":["https://openalex.org/I19820366"]}]},{"author_position":"middle","author":{"id":"https://openalex.org/A5022277470","display_name":"Xiangkun Jia","orcid":"https://orcid.org/0000-0003-3782-1526"},"institutions":[{"id":"https://openalex.org/I19820366","display_name":"Chinese Academy of Sciences","ror":"https://ror.org/034t30j35","country_code":"CN","type":"government","lineage":["https://openalex.org/I19820366"]}],"countries":["CN"],"is_corresponding":false,"raw_author_name":"Xiangkun Jia","raw_affiliation_strings":["Trusted Computing and Information Assurance Laboratory, Chinese Academy of Sciences, Beijing, China"],"affiliations":[{"raw_affiliation_string":"Trusted Computing and Information Assurance Laboratory, Chinese Academy of Sciences, Beijing, China","institution_ids":["https://openalex.org/I19820366"]}]},{"author_position":"last","author":{"id":"https://openalex.org/A5101790997","display_name":"Dengguo Feng","orcid":"https://orcid.org/0000-0002-8515-7124"},"institutions":[{"id":"https://openalex.org/I19820366","display_name":"Chinese Academy of Sciences","ror":"https://ror.org/034t30j35","country_code":"CN","type":"government","lineage":["https://openalex.org/I19820366"]}],"countries":["CN"],"is_corresponding":false,"raw_author_name":"Dengguo Feng","raw_affiliation_strings":["State Key Laboratory of Computer Science, Chinese Academy of Sciences, Beijing, China"],"affiliations":[{"raw_affiliation_string":"State Key Laboratory of Computer Science, Chinese Academy of Sciences, Beijing, China","institution_ids":["https://openalex.org/I19820366"]}]}],"institutions":[],"countries_distinct_count":2,"institutions_distinct_count":10,"corresponding_author_ids":["https://openalex.org/A5107878142"],"corresponding_institution_ids":["https://openalex.org/I19820366"],"apc_list":null,"apc_paid":null,"fwci":0.6784,"has_fulltext":false,"cited_by_count":11,"citation_normalized_percentile":{"value":0.73830409,"is_in_top_1_percent":false,"is_in_top_10_percent":false},"cited_by_percentile_year":{"min":89,"max":97},"biblio":{"volume":null,"issue":null,"first_page":"274","last_page":"279"},"is_retracted":false,"is_paratext":false,"is_xpac":false,"primary_topic":{"id":"https://openalex.org/T10743","display_name":"Software Testing and Debugging Techniques","score":0.9972000122070312,"subfield":{"id":"https://openalex.org/subfields/1712","display_name":"Software"},"field":{"id":"https://openalex.org/fields/17","display_name":"Computer Science"},"domain":{"id":"https://openalex.org/domains/3","display_name":"Physical Sciences"}},"topics":[{"id":"https://openalex.org/T10743","display_name":"Software Testing and Debugging Techniques","score":0.9972000122070312,"subfield":{"id":"https://openalex.org/subfields/1712","display_name":"Software"},"field":{"id":"https://openalex.org/fields/17","display_name":"Computer Science"},"domain":{"id":"https://openalex.org/domains/3","display_name":"Physical Sciences"}},{"id":"https://openalex.org/T12034","display_name":"Digital and Cyber Forensics","score":0.9922999739646912,"subfield":{"id":"https://openalex.org/subfields/1710","display_name":"Information Systems"},"field":{"id":"https://openalex.org/fields/17","display_name":"Computer Science"},"domain":{"id":"https://openalex.org/domains/3","display_name":"Physical Sciences"}},{"id":"https://openalex.org/T11241","display_name":"Advanced Malware Detection Techniques","score":0.9850999712944031,"subfield":{"id":"https://openalex.org/subfields/1711","display_name":"Signal Processing"},"field":{"id":"https://openalex.org/fields/17","display_name":"Computer Science"},"domain":{"id":"https://openalex.org/domains/3","display_name":"Physical Sciences"}}],"keywords":[{"id":"https://openalex.org/keywords/heap","display_name":"Heap (data structure)","score":0.7645188570022583},{"id":"https://openalex.org/keywords/computer-science","display_name":"Computer science","score":0.7382093071937561},{"id":"https://openalex.org/keywords/programming-language","display_name":"Programming language","score":0.28381937742233276}],"concepts":[{"id":"https://openalex.org/C134757568","wikidata":"https://www.wikidata.org/wiki/Q274089","display_name":"Heap (data structure)","level":2,"score":0.7645188570022583},{"id":"https://openalex.org/C41008148","wikidata":"https://www.wikidata.org/wiki/Q21198","display_name":"Computer science","level":0,"score":0.7382093071937561},{"id":"https://openalex.org/C199360897","wikidata":"https://www.wikidata.org/wiki/Q9143","display_name":"Programming language","level":1,"score":0.28381937742233276}],"mesh":[],"locations_count":1,"locations":[{"id":"doi:10.1109/ase.2017.8115640","is_oa":false,"landing_page_url":"https://doi.org/10.1109/ase.2017.8115640","pdf_url":null,"source":null,"license":null,"license_id":null,"version":"publishedVersion","is_accepted":true,"is_published":true,"raw_source_name":"2017 32nd IEEE/ACM International Conference on Automated Software Engineering (ASE)","raw_type":"proceedings-article"}],"best_oa_location":null,"sustainable_development_goals":[{"score":0.5,"id":"https://metadata.un.org/sdg/16","display_name":"Peace, Justice and strong institutions"}],"awards":[],"funders":[],"has_content":{"pdf":false,"grobid_xml":false},"content_urls":null,"referenced_works_count":28,"referenced_works":["https://openalex.org/W203252516","https://openalex.org/W1459231281","https://openalex.org/W1496222301","https://openalex.org/W1499241274","https://openalex.org/W1522250664","https://openalex.org/W1634837753","https://openalex.org/W1710734607","https://openalex.org/W1946775303","https://openalex.org/W2042033151","https://openalex.org/W2057698738","https://openalex.org/W2113864883","https://openalex.org/W2119251836","https://openalex.org/W2136651729","https://openalex.org/W2137530017","https://openalex.org/W2138788987","https://openalex.org/W2165597437","https://openalex.org/W2301548261","https://openalex.org/W2413140018","https://openalex.org/W2751042294","https://openalex.org/W3160978791","https://openalex.org/W6628302897","https://openalex.org/W6629716660","https://openalex.org/W6629841029","https://openalex.org/W6631155369","https://openalex.org/W6637012887","https://openalex.org/W6637688222","https://openalex.org/W6680472633","https://openalex.org/W6743361111"],"related_works":["https://openalex.org/W2748952813","https://openalex.org/W3158777280","https://openalex.org/W2093687902","https://openalex.org/W2949158926","https://openalex.org/W4301885003","https://openalex.org/W2005058894","https://openalex.org/W1996981508","https://openalex.org/W1989205740","https://openalex.org/W4387561287","https://openalex.org/W2951476362"],"abstract_inverted_index":{"Heap":[0],"overflow":[1,16,32,67,93,136,155,163,170,196],"is":[2,22],"one":[3,194],"of":[4,14,43,45,91,133,206],"the":[5,61,72,76,89,131,134],"most":[6],"widely":[7],"exploited":[8],"vulnerabilities,":[9],"with":[10,153],"a":[11,27,83,99,143],"large":[12],"number":[13],"heap":[15,31,66,92,105,135,154,162,195],"instances":[17,94],"reported":[18],"every":[19],"year.":[20],"It":[21,175],"important":[23],"to":[24,48,64,86,123,129,149,192],"decide":[25],"whether":[26],"crash":[28],"caused":[29],"by":[30],"can":[33],"be":[34],"turned":[35],"into":[36],"an":[37],"exploit.":[38],"Efficient":[39],"and":[40,52,75,146,168,204],"effective":[41],"assessment":[42],"exploitability":[44,90],"crashes":[46,68],"facilitates":[47],"identify":[49],"severe":[50],"vulnerabilities":[51,164,171],"thus":[53],"prioritize":[54],"resources.":[55],"In":[56],"this":[57],"paper,":[58],"we":[59],"propose":[60],"first":[62],"metrics":[63],"assess":[65,88,150,193],"based":[69],"on":[70],"both":[71,202],"attack":[73],"aspect":[74],"feasibility":[77],"aspect.":[78],"We":[79,140],"further":[80],"present":[81],"HCSIFTER,":[82],"novel":[84,121],"solution":[85],"automatically":[87],"under":[95],"our":[96,138],"metrics.":[97,139],"Given":[98],"heap-based":[100],"crash,":[101],"HCSIFTER":[102,145,157],"accurately":[103],"detects":[104],"overflows":[106],"through":[107],"dynamic":[108],"execution":[109,126],"without":[110],"any":[111],"source":[112],"code":[113],"or":[114],"debugging":[115],"information.":[116],"Then":[117],"it":[118,148,186],"uses":[119],"several":[120],"methods":[122],"extract":[124],"program":[125],"information":[127],"needed":[128],"quantify":[130],"severity":[132],"using":[137],"have":[141],"implemented":[142],"prototype":[144],"applied":[147],"nine":[151],"programs":[152],"vulnerabilities.":[156],"successfully":[158],"reports":[159],"that":[160],"five":[161],"are":[165,172],"highly":[166],"exploitable":[167],"two":[169,182,190],"unlikely":[173],"exploitable.":[174],"also":[176],"gave":[177],"quantitatively":[178],"assessments":[179],"for":[180],"other":[181],"programs.":[183],"On":[184],"average,":[185],"only":[187],"takes":[188],"about":[189],"minutes":[191],"crash.":[197],"The":[198],"evaluation":[199],"result":[200],"demonstrates":[201],"effectiveness":[203],"efficiency":[205],"HC":[207],"Sifter.":[208]},"counts_by_year":[{"year":2025,"cited_by_count":2},{"year":2024,"cited_by_count":3},{"year":2023,"cited_by_count":3},{"year":2022,"cited_by_count":1},{"year":2019,"cited_by_count":1},{"year":2018,"cited_by_count":1}],"updated_date":"2026-02-01T03:34:12.195049","created_date":"2025-10-10T00:00:00"}