{"id":"https://openalex.org/W3104682281","doi":"https://doi.org/10.1134/s0361768821040071","title":"Survey of Methods for Automated Code-Reuse Exploit Generation","display_name":"Survey of Methods for Automated Code-Reuse Exploit Generation","publication_year":2021,"publication_date":"2021-07-01","ids":{"openalex":"https://openalex.org/W3104682281","doi":"https://doi.org/10.1134/s0361768821040071","mag":"3104682281"},"language":"en","primary_location":{"id":"doi:10.1134/s0361768821040071","is_oa":false,"landing_page_url":"https://doi.org/10.1134/s0361768821040071","pdf_url":null,"source":{"id":"https://openalex.org/S150218641","display_name":"Programming and Computer Software","issn_l":"0361-7688","issn":["0361-7688","1608-3261"],"is_oa":false,"is_in_doaj":false,"is_core":false,"host_organization":"https://openalex.org/P4310320267","host_organization_name":"Pleiades Publishing","host_organization_lineage":["https://openalex.org/P4310320267","https://openalex.org/P4310319965"],"host_organization_lineage_names":["Pleiades Publishing","Springer Nature"],"type":"journal"},"license":null,"license_id":null,"version":"publishedVersion","is_accepted":true,"is_published":true,"raw_source_name":"Programming and Computer Software","raw_type":"journal-article"},"type":"article","indexed_in":["arxiv","crossref","datacite"],"open_access":{"is_oa":true,"oa_status":"green","oa_url":"https://arxiv.org/pdf/2011.07862","any_repository_has_fulltext":true},"authorships":[{"author_position":"first","author":{"id":"https://openalex.org/A5068117658","display_name":"Alexey Vishnyakov","orcid":"https://orcid.org/0000-0003-1819-220X"},"institutions":[{"id":"https://openalex.org/I4210101868","display_name":"Institute for System Programming","ror":"https://ror.org/017ef8252","country_code":"RU","type":"facility","lineage":["https://openalex.org/I1313323035","https://openalex.org/I4210101868","https://openalex.org/I4210124601"]}],"countries":["RU"],"is_corresponding":false,"raw_author_name":"A. V. Vishnyakov","raw_affiliation_strings":["Ivannikov Institute for System Programming, Russian Academy of Sciences, 109004, Moscow, Russia","Ivannikov Institute for System Programming, Russian Academy of Sciences, Moscow, Russia"],"raw_orcid":null,"affiliations":[{"raw_affiliation_string":"Ivannikov Institute for System Programming, Russian Academy of Sciences, 109004, Moscow, Russia","institution_ids":["https://openalex.org/I4210101868"]},{"raw_affiliation_string":"Ivannikov Institute for System Programming, Russian Academy of Sciences, Moscow, Russia","institution_ids":["https://openalex.org/I4210101868"]}]},{"author_position":"last","author":{"id":"https://openalex.org/A5008804900","display_name":"\u0410. \u0420. \u041d\u0443\u0440\u043c\u0443\u0445\u0430\u043c\u0435\u0442\u043e\u0432","orcid":"https://orcid.org/0000-0001-7434-1754"},"institutions":[{"id":"https://openalex.org/I4210101868","display_name":"Institute for System Programming","ror":"https://ror.org/017ef8252","country_code":"RU","type":"facility","lineage":["https://openalex.org/I1313323035","https://openalex.org/I4210101868","https://openalex.org/I4210124601"]}],"countries":["RU"],"is_corresponding":false,"raw_author_name":"A. R. Nurmukhametov","raw_affiliation_strings":["Ivannikov Institute for System Programming, Russian Academy of Sciences, 109004, Moscow, Russia","Ivannikov Institute for System Programming, Russian Academy of Sciences, Moscow, Russia"],"raw_orcid":null,"affiliations":[{"raw_affiliation_string":"Ivannikov Institute for System Programming, Russian Academy of Sciences, 109004, Moscow, Russia","institution_ids":["https://openalex.org/I4210101868"]},{"raw_affiliation_string":"Ivannikov Institute for System Programming, Russian Academy of Sciences, Moscow, Russia","institution_ids":["https://openalex.org/I4210101868"]}]}],"institutions":[],"countries_distinct_count":1,"institutions_distinct_count":2,"corresponding_author_ids":[],"corresponding_institution_ids":[],"apc_list":null,"apc_paid":null,"fwci":0.0,"has_fulltext":false,"cited_by_count":0,"citation_normalized_percentile":{"value":0.0125523,"is_in_top_1_percent":false,"is_in_top_10_percent":false},"cited_by_percentile_year":null,"biblio":{"volume":"47","issue":"4","first_page":"271","last_page":"297"},"is_retracted":false,"is_paratext":false,"is_xpac":false,"primary_topic":{"id":"https://openalex.org/T10743","display_name":"Software Testing and Debugging Techniques","score":0.5539000034332275,"subfield":{"id":"https://openalex.org/subfields/1712","display_name":"Software"},"field":{"id":"https://openalex.org/fields/17","display_name":"Computer Science"},"domain":{"id":"https://openalex.org/domains/3","display_name":"Physical Sciences"}},"topics":[{"id":"https://openalex.org/T10743","display_name":"Software Testing and Debugging Techniques","score":0.5539000034332275,"subfield":{"id":"https://openalex.org/subfields/1712","display_name":"Software"},"field":{"id":"https://openalex.org/fields/17","display_name":"Computer Science"},"domain":{"id":"https://openalex.org/domains/3","display_name":"Physical Sciences"}},{"id":"https://openalex.org/T11424","display_name":"Security and Verification in Computing","score":0.2126999944448471,"subfield":{"id":"https://openalex.org/subfields/1702","display_name":"Artificial Intelligence"},"field":{"id":"https://openalex.org/fields/17","display_name":"Computer Science"},"domain":{"id":"https://openalex.org/domains/3","display_name":"Physical Sciences"}},{"id":"https://openalex.org/T10126","display_name":"Logic, programming, and type systems","score":0.09790000319480896,"subfield":{"id":"https://openalex.org/subfields/1702","display_name":"Artificial Intelligence"},"field":{"id":"https://openalex.org/fields/17","display_name":"Computer Science"},"domain":{"id":"https://openalex.org/domains/3","display_name":"Physical Sciences"}}],"keywords":[{"id":"https://openalex.org/keywords/computer-science","display_name":"Computer science","score":0.8910708427429199},{"id":"https://openalex.org/keywords/exploit","display_name":"Exploit","score":0.877403199672699},{"id":"https://openalex.org/keywords/gadget","display_name":"Gadget","score":0.8452556133270264},{"id":"https://openalex.org/keywords/code-reuse","display_name":"Code reuse","score":0.6648123860359192},{"id":"https://openalex.org/keywords/code-generation","display_name":"Code generation","score":0.6210681200027466},{"id":"https://openalex.org/keywords/compiler","display_name":"Compiler","score":0.5692307353019714},{"id":"https://openalex.org/keywords/executable","display_name":"Executable","score":0.5570434927940369},{"id":"https://openalex.org/keywords/programming-language","display_name":"Programming language","score":0.5350640416145325},{"id":"https://openalex.org/keywords/reuse","display_name":"Reuse","score":0.47300201654434204},{"id":"https://openalex.org/keywords/source-code","display_name":"Source code","score":0.4476303160190582},{"id":"https://openalex.org/keywords/set","display_name":"Set (abstract data type)","score":0.4188835322856903},{"id":"https://openalex.org/keywords/benchmark","display_name":"Benchmark (surveying)","score":0.41012099385261536},{"id":"https://openalex.org/keywords/operating-system","display_name":"Operating system","score":0.3800891041755676},{"id":"https://openalex.org/keywords/software","display_name":"Software","score":0.17102104425430298},{"id":"https://openalex.org/keywords/algorithm","display_name":"Algorithm","score":0.12112462520599365},{"id":"https://openalex.org/keywords/computer-security","display_name":"Computer security","score":0.10908082127571106}],"concepts":[{"id":"https://openalex.org/C41008148","wikidata":"https://www.wikidata.org/wiki/Q21198","display_name":"Computer science","level":0,"score":0.8910708427429199},{"id":"https://openalex.org/C165696696","wikidata":"https://www.wikidata.org/wiki/Q11287","display_name":"Exploit","level":2,"score":0.877403199672699},{"id":"https://openalex.org/C119770614","wikidata":"https://www.wikidata.org/wiki/Q5516347","display_name":"Gadget","level":2,"score":0.8452556133270264},{"id":"https://openalex.org/C2778583558","wikidata":"https://www.wikidata.org/wiki/Q771245","display_name":"Code reuse","level":3,"score":0.6648123860359192},{"id":"https://openalex.org/C133162039","wikidata":"https://www.wikidata.org/wiki/Q1061077","display_name":"Code generation","level":3,"score":0.6210681200027466},{"id":"https://openalex.org/C169590947","wikidata":"https://www.wikidata.org/wiki/Q47506","display_name":"Compiler","level":2,"score":0.5692307353019714},{"id":"https://openalex.org/C160145156","wikidata":"https://www.wikidata.org/wiki/Q778586","display_name":"Executable","level":2,"score":0.5570434927940369},{"id":"https://openalex.org/C199360897","wikidata":"https://www.wikidata.org/wiki/Q9143","display_name":"Programming language","level":1,"score":0.5350640416145325},{"id":"https://openalex.org/C206588197","wikidata":"https://www.wikidata.org/wiki/Q846574","display_name":"Reuse","level":2,"score":0.47300201654434204},{"id":"https://openalex.org/C43126263","wikidata":"https://www.wikidata.org/wiki/Q128751","display_name":"Source code","level":2,"score":0.4476303160190582},{"id":"https://openalex.org/C177264268","wikidata":"https://www.wikidata.org/wiki/Q1514741","display_name":"Set (abstract data type)","level":2,"score":0.4188835322856903},{"id":"https://openalex.org/C185798385","wikidata":"https://www.wikidata.org/wiki/Q1161707","display_name":"Benchmark (surveying)","level":2,"score":0.41012099385261536},{"id":"https://openalex.org/C111919701","wikidata":"https://www.wikidata.org/wiki/Q9135","display_name":"Operating system","level":1,"score":0.3800891041755676},{"id":"https://openalex.org/C2777904410","wikidata":"https://www.wikidata.org/wiki/Q7397","display_name":"Software","level":2,"score":0.17102104425430298},{"id":"https://openalex.org/C11413529","wikidata":"https://www.wikidata.org/wiki/Q8366","display_name":"Algorithm","level":1,"score":0.12112462520599365},{"id":"https://openalex.org/C38652104","wikidata":"https://www.wikidata.org/wiki/Q3510521","display_name":"Computer security","level":1,"score":0.10908082127571106},{"id":"https://openalex.org/C13280743","wikidata":"https://www.wikidata.org/wiki/Q131089","display_name":"Geodesy","level":1,"score":0.0},{"id":"https://openalex.org/C18903297","wikidata":"https://www.wikidata.org/wiki/Q7150","display_name":"Ecology","level":1,"score":0.0},{"id":"https://openalex.org/C205649164","wikidata":"https://www.wikidata.org/wiki/Q1071","display_name":"Geography","level":0,"score":0.0},{"id":"https://openalex.org/C86803240","wikidata":"https://www.wikidata.org/wiki/Q420","display_name":"Biology","level":0,"score":0.0},{"id":"https://openalex.org/C26517878","wikidata":"https://www.wikidata.org/wiki/Q228039","display_name":"Key (lock)","level":2,"score":0.0}],"mesh":[],"locations_count":3,"locations":[{"id":"doi:10.1134/s0361768821040071","is_oa":false,"landing_page_url":"https://doi.org/10.1134/s0361768821040071","pdf_url":null,"source":{"id":"https://openalex.org/S150218641","display_name":"Programming and Computer Software","issn_l":"0361-7688","issn":["0361-7688","1608-3261"],"is_oa":false,"is_in_doaj":false,"is_core":false,"host_organization":"https://openalex.org/P4310320267","host_organization_name":"Pleiades Publishing","host_organization_lineage":["https://openalex.org/P4310320267","https://openalex.org/P4310319965"],"host_organization_lineage_names":["Pleiades Publishing","Springer Nature"],"type":"journal"},"license":null,"license_id":null,"version":"publishedVersion","is_accepted":true,"is_published":true,"raw_source_name":"Programming and Computer Software","raw_type":"journal-article"},{"id":"pmh:oai:arXiv.org:2011.07862","is_oa":true,"landing_page_url":"http://arxiv.org/abs/2011.07862","pdf_url":"https://arxiv.org/pdf/2011.07862","source":{"id":"https://openalex.org/S4306400194","display_name":"arXiv (Cornell University)","issn_l":null,"issn":null,"is_oa":true,"is_in_doaj":false,"is_core":false,"host_organization":"https://openalex.org/I205783295","host_organization_name":"Cornell University","host_organization_lineage":["https://openalex.org/I205783295"],"host_organization_lineage_names":[],"type":"repository"},"license":null,"license_id":null,"version":"submittedVersion","is_accepted":false,"is_published":false,"raw_source_name":null,"raw_type":"text"},{"id":"doi:10.48550/arxiv.2011.07862","is_oa":true,"landing_page_url":"https://doi.org/10.48550/arxiv.2011.07862","pdf_url":null,"source":{"id":"https://openalex.org/S4306400194","display_name":"arXiv (Cornell University)","issn_l":null,"issn":null,"is_oa":true,"is_in_doaj":false,"is_core":false,"host_organization":"https://openalex.org/I205783295","host_organization_name":"Cornell University","host_organization_lineage":["https://openalex.org/I205783295"],"host_organization_lineage_names":[],"type":"repository"},"license":null,"license_id":null,"version":null,"is_accepted":false,"is_published":null,"raw_source_name":null,"raw_type":"article-journal"}],"best_oa_location":{"id":"pmh:oai:arXiv.org:2011.07862","is_oa":true,"landing_page_url":"http://arxiv.org/abs/2011.07862","pdf_url":"https://arxiv.org/pdf/2011.07862","source":{"id":"https://openalex.org/S4306400194","display_name":"arXiv (Cornell University)","issn_l":null,"issn":null,"is_oa":true,"is_in_doaj":false,"is_core":false,"host_organization":"https://openalex.org/I205783295","host_organization_name":"Cornell University","host_organization_lineage":["https://openalex.org/I205783295"],"host_organization_lineage_names":[],"type":"repository"},"license":null,"license_id":null,"version":"submittedVersion","is_accepted":false,"is_published":false,"raw_source_name":null,"raw_type":"text"},"sustainable_development_goals":[],"awards":[],"funders":[],"has_content":{"pdf":false,"grobid_xml":false},"content_urls":null,"referenced_works_count":71,"referenced_works":["https://openalex.org/W1112477","https://openalex.org/W157156687","https://openalex.org/W173413620","https://openalex.org/W229745036","https://openalex.org/W1459231281","https://openalex.org/W1495630617","https://openalex.org/W1496222301","https://openalex.org/W1538332098","https://openalex.org/W1545927878","https://openalex.org/W1592300071","https://openalex.org/W1631846088","https://openalex.org/W1655226010","https://openalex.org/W1963947298","https://openalex.org/W1969501726","https://openalex.org/W1994367926","https://openalex.org/W1996931407","https://openalex.org/W2002608713","https://openalex.org/W2006621394","https://openalex.org/W2022018347","https://openalex.org/W2066784081","https://openalex.org/W2089448621","https://openalex.org/W2099382052","https://openalex.org/W2101512909","https://openalex.org/W2103742248","https://openalex.org/W2113864883","https://openalex.org/W2123436168","https://openalex.org/W2138788987","https://openalex.org/W2141389113","https://openalex.org/W2143472559","https://openalex.org/W2156858199","https://openalex.org/W2159216827","https://openalex.org/W2159595840","https://openalex.org/W2162800072","https://openalex.org/W2169528473","https://openalex.org/W2171143790","https://openalex.org/W2183818732","https://openalex.org/W2185952835","https://openalex.org/W2258876169","https://openalex.org/W2265493453","https://openalex.org/W2293825325","https://openalex.org/W2296616300","https://openalex.org/W2341443489","https://openalex.org/W2460660454","https://openalex.org/W2512784977","https://openalex.org/W2514974017","https://openalex.org/W2519368194","https://openalex.org/W2537434447","https://openalex.org/W2561476661","https://openalex.org/W2612418998","https://openalex.org/W2734506521","https://openalex.org/W2780532113","https://openalex.org/W2783856788","https://openalex.org/W2785216240","https://openalex.org/W2799754168","https://openalex.org/W2800759310","https://openalex.org/W2857435418","https://openalex.org/W2883931411","https://openalex.org/W2886993607","https://openalex.org/W2890213432","https://openalex.org/W2898466078","https://openalex.org/W2912840372","https://openalex.org/W2923511423","https://openalex.org/W2943406588","https://openalex.org/W2969364302","https://openalex.org/W2972949355","https://openalex.org/W3000347778","https://openalex.org/W3025605432","https://openalex.org/W3106149149","https://openalex.org/W4239035626","https://openalex.org/W4252693939","https://openalex.org/W4302784197"],"related_works":["https://openalex.org/W9963747","https://openalex.org/W7350572","https://openalex.org/W10637615","https://openalex.org/W9668804","https://openalex.org/W1627759","https://openalex.org/W4062417","https://openalex.org/W9294880","https://openalex.org/W12159493","https://openalex.org/W11807648","https://openalex.org/W3667069"],"abstract_inverted_index":{"This":[0,46],"paper":[1,47],"provides":[2],"a":[3,23,49,78,84,89,111,118,130,145,152,156,160,215,226,231],"survey":[4,119],"of":[5,37,51,86,120,147],"methods":[6,121,134,200],"and":[7,61,83,125,213],"tools":[8,212],"for":[9,102,122],"automated":[10],"code-reuse":[11,27,53],"exploit":[12,32,96,182],"generation.":[13],"Such":[14],"exploits":[15],"use":[16,155,201,206],"code":[17,100],"that":[18,41,219],"is":[19,80,149],"already":[20],"contained":[21],"in":[22,34,76],"vulnerable":[24],"program.":[25],"The":[26],"approach":[28],"allows":[29],"one":[30,136],"to":[31,99,137,174,223],"vulnerabilities":[33],"the":[35,139],"presence":[36],"operating":[38],"system":[39,217],"protection":[40],"prohibits":[42],"data":[43],"memory":[44],"execution.":[45],"contains":[48],"description":[50],"various":[52],"methods:":[54],"return-to-libc":[55],"attack,":[56],"return-oriented":[57],"programming,":[58,60],"jump-oriented":[59],"others.":[62],"We":[63,92,116,208],"define":[64],"fundamental":[65],"terms:":[66],"gadget,":[67],"gadget":[68,70,79,131,157],"frame,":[69],"catalog.":[71],"Moreover,":[72],"we":[73,170],"show":[74],"that,":[75],"fact,":[77],"an":[81,95],"instruction,":[82],"set":[85,146],"gadgets":[87,123,148,187,195],"defines":[88,110],"virtual":[90,104,112,140],"machine.":[91,105],"can":[93,154,166,185,220],"reduce":[94],"creation":[97],"problem":[98],"generation":[101,183],"this":[103],"Each":[106],"particular":[107],"executable":[108],"file":[109],"machine":[113,141],"instruction":[114,142],"set.":[115,143],"provide":[117],"searching":[124,190],"determining":[126],"their":[127],"semantics":[128],"(creating":[129],"catalog).":[132],"These":[133],"allow":[135],"get":[138],"If":[144],"Turing-complete,":[150],"then":[151],"compiler":[153],"catalog":[158],"as":[159],"target":[161],"architecture.":[162],"However,":[163],"some":[164,198],"instructions":[165,177],"be":[167,221],"absent.":[168],"Hence":[169],"discuss":[171],"several":[172],"approaches":[173],"replace":[175],"missing":[176],"with":[178],"multiple":[179],"gadgets.":[180],"An":[181],"tool":[184],"chain":[186,228],"by":[188],"pattern":[189],"(regular":[191],"expressions)":[192],"or":[193],"considering":[194],"semantics.":[196],"Furthermore,":[197],"chaining":[199],"genetic":[202],"algorithms,":[203],"while":[204],"others":[205],"SMT-solvers.":[207],"compare":[209],"existing":[210],"open-source":[211],"propose":[214],"testing":[216],"rop-benchmark":[218],"used":[222],"verify":[224],"whether":[225],"generated":[227],"successfully":[229],"opens":[230],"shell.":[232]},"counts_by_year":[],"updated_date":"2026-06-11T09:08:48.828518","created_date":"2020-11-23T00:00:00"}