{"id":"https://openalex.org/W2151152024","doi":"https://doi.org/10.1145/2660267.2660363","title":"Code Reuse Attacks in PHP","display_name":"Code Reuse Attacks in PHP","publication_year":2014,"publication_date":"2014-11-03","ids":{"openalex":"https://openalex.org/W2151152024","doi":"https://doi.org/10.1145/2660267.2660363","mag":"2151152024"},"language":"en","primary_location":{"id":"doi:10.1145/2660267.2660363","is_oa":false,"landing_page_url":"https://doi.org/10.1145/2660267.2660363","pdf_url":null,"source":null,"license":null,"license_id":null,"version":"publishedVersion","is_accepted":true,"is_published":true,"raw_source_name":"Proceedings of the 2014 ACM SIGSAC Conference on Computer and Communications Security","raw_type":"proceedings-article"},"type":"article","indexed_in":["crossref"],"open_access":{"is_oa":false,"oa_status":"closed","oa_url":null,"any_repository_has_fulltext":false},"authorships":[{"author_position":"first","author":{"id":"https://openalex.org/A5027679966","display_name":"Johannes Dahse","orcid":null},"institutions":[{"id":"https://openalex.org/I904495901","display_name":"Ruhr University Bochum","ror":"https://ror.org/04tsk2644","country_code":"DE","type":"education","lineage":["https://openalex.org/I904495901"]}],"countries":["DE"],"is_corresponding":true,"raw_author_name":"Johannes Dahse","raw_affiliation_strings":["Ruhr-University Bochum, Bochum, Germany"],"affiliations":[{"raw_affiliation_string":"Ruhr-University Bochum, Bochum, Germany","institution_ids":["https://openalex.org/I904495901"]}]},{"author_position":"middle","author":{"id":"https://openalex.org/A5045972973","display_name":"Nikolai Krein","orcid":null},"institutions":[{"id":"https://openalex.org/I904495901","display_name":"Ruhr University Bochum","ror":"https://ror.org/04tsk2644","country_code":"DE","type":"education","lineage":["https://openalex.org/I904495901"]}],"countries":["DE"],"is_corresponding":false,"raw_author_name":"Nikolai Krein","raw_affiliation_strings":["Ruhr-University Bochum, Bochum, Germany"],"affiliations":[{"raw_affiliation_string":"Ruhr-University Bochum, Bochum, Germany","institution_ids":["https://openalex.org/I904495901"]}]},{"author_position":"last","author":{"id":"https://openalex.org/A5056790702","display_name":"Thorsten Holz","orcid":"https://orcid.org/0000-0002-2783-1264"},"institutions":[{"id":"https://openalex.org/I904495901","display_name":"Ruhr University Bochum","ror":"https://ror.org/04tsk2644","country_code":"DE","type":"education","lineage":["https://openalex.org/I904495901"]}],"countries":["DE"],"is_corresponding":false,"raw_author_name":"Thorsten Holz","raw_affiliation_strings":["Ruhr-University Bochum, Bochum, Germany"],"affiliations":[{"raw_affiliation_string":"Ruhr-University Bochum, Bochum, Germany","institution_ids":["https://openalex.org/I904495901"]}]}],"institutions":[],"countries_distinct_count":1,"institutions_distinct_count":3,"corresponding_author_ids":["https://openalex.org/A5027679966"],"corresponding_institution_ids":["https://openalex.org/I904495901"],"apc_list":null,"apc_paid":null,"fwci":6.3111,"has_fulltext":false,"cited_by_count":41,"citation_normalized_percentile":{"value":0.96361939,"is_in_top_1_percent":false,"is_in_top_10_percent":true},"cited_by_percentile_year":{"min":89,"max":99},"biblio":{"volume":null,"issue":null,"first_page":"42","last_page":"53"},"is_retracted":false,"is_paratext":false,"is_xpac":false,"primary_topic":{"id":"https://openalex.org/T12479","display_name":"Web Application Security Vulnerabilities","score":0.9998999834060669,"subfield":{"id":"https://openalex.org/subfields/1710","display_name":"Information Systems"},"field":{"id":"https://openalex.org/fields/17","display_name":"Computer Science"},"domain":{"id":"https://openalex.org/domains/3","display_name":"Physical Sciences"}},"topics":[{"id":"https://openalex.org/T12479","display_name":"Web Application Security Vulnerabilities","score":0.9998999834060669,"subfield":{"id":"https://openalex.org/subfields/1710","display_name":"Information Systems"},"field":{"id":"https://openalex.org/fields/17","display_name":"Computer Science"},"domain":{"id":"https://openalex.org/domains/3","display_name":"Physical Sciences"}},{"id":"https://openalex.org/T11424","display_name":"Security and Verification in Computing","score":0.9998000264167786,"subfield":{"id":"https://openalex.org/subfields/1702","display_name":"Artificial Intelligence"},"field":{"id":"https://openalex.org/fields/17","display_name":"Computer Science"},"domain":{"id":"https://openalex.org/domains/3","display_name":"Physical Sciences"}},{"id":"https://openalex.org/T11241","display_name":"Advanced Malware Detection Techniques","score":0.9886999726295471,"subfield":{"id":"https://openalex.org/subfields/1711","display_name":"Signal Processing"},"field":{"id":"https://openalex.org/fields/17","display_name":"Computer Science"},"domain":{"id":"https://openalex.org/domains/3","display_name":"Physical Sciences"}}],"keywords":[{"id":"https://openalex.org/keywords/computer-science","display_name":"Computer science","score":0.8140325546264648},{"id":"https://openalex.org/keywords/code-reuse","display_name":"Code reuse","score":0.7664093971252441},{"id":"https://openalex.org/keywords/computer-security","display_name":"Computer security","score":0.6590282917022705},{"id":"https://openalex.org/keywords/code","display_name":"Code (set theory)","score":0.6450360417366028},{"id":"https://openalex.org/keywords/reuse","display_name":"Reuse","score":0.6242443323135376},{"id":"https://openalex.org/keywords/executable","display_name":"Executable","score":0.6174707412719727},{"id":"https://openalex.org/keywords/adversary","display_name":"Adversary","score":0.4941404163837433},{"id":"https://openalex.org/keywords/control-flow","display_name":"Control flow","score":0.4731346666812897},{"id":"https://openalex.org/keywords/programming-language","display_name":"Programming language","score":0.3227654695510864},{"id":"https://openalex.org/keywords/software","display_name":"Software","score":0.17164266109466553},{"id":"https://openalex.org/keywords/engineering","display_name":"Engineering","score":0.10461416840553284}],"concepts":[{"id":"https://openalex.org/C41008148","wikidata":"https://www.wikidata.org/wiki/Q21198","display_name":"Computer science","level":0,"score":0.8140325546264648},{"id":"https://openalex.org/C2778583558","wikidata":"https://www.wikidata.org/wiki/Q771245","display_name":"Code reuse","level":3,"score":0.7664093971252441},{"id":"https://openalex.org/C38652104","wikidata":"https://www.wikidata.org/wiki/Q3510521","display_name":"Computer security","level":1,"score":0.6590282917022705},{"id":"https://openalex.org/C2776760102","wikidata":"https://www.wikidata.org/wiki/Q5139990","display_name":"Code (set theory)","level":3,"score":0.6450360417366028},{"id":"https://openalex.org/C206588197","wikidata":"https://www.wikidata.org/wiki/Q846574","display_name":"Reuse","level":2,"score":0.6242443323135376},{"id":"https://openalex.org/C160145156","wikidata":"https://www.wikidata.org/wiki/Q778586","display_name":"Executable","level":2,"score":0.6174707412719727},{"id":"https://openalex.org/C41065033","wikidata":"https://www.wikidata.org/wiki/Q2825412","display_name":"Adversary","level":2,"score":0.4941404163837433},{"id":"https://openalex.org/C160191386","wikidata":"https://www.wikidata.org/wiki/Q868299","display_name":"Control flow","level":2,"score":0.4731346666812897},{"id":"https://openalex.org/C199360897","wikidata":"https://www.wikidata.org/wiki/Q9143","display_name":"Programming language","level":1,"score":0.3227654695510864},{"id":"https://openalex.org/C2777904410","wikidata":"https://www.wikidata.org/wiki/Q7397","display_name":"Software","level":2,"score":0.17164266109466553},{"id":"https://openalex.org/C127413603","wikidata":"https://www.wikidata.org/wiki/Q11023","display_name":"Engineering","level":0,"score":0.10461416840553284},{"id":"https://openalex.org/C177264268","wikidata":"https://www.wikidata.org/wiki/Q1514741","display_name":"Set (abstract data type)","level":2,"score":0.0},{"id":"https://openalex.org/C548081761","wikidata":"https://www.wikidata.org/wiki/Q180388","display_name":"Waste management","level":1,"score":0.0}],"mesh":[],"locations_count":1,"locations":[{"id":"doi:10.1145/2660267.2660363","is_oa":false,"landing_page_url":"https://doi.org/10.1145/2660267.2660363","pdf_url":null,"source":null,"license":null,"license_id":null,"version":"publishedVersion","is_accepted":true,"is_published":true,"raw_source_name":"Proceedings of the 2014 ACM SIGSAC Conference on Computer and Communications Security","raw_type":"proceedings-article"}],"best_oa_location":null,"sustainable_development_goals":[{"id":"https://metadata.un.org/sdg/16","score":0.8199999928474426,"display_name":"Peace, Justice and strong institutions"}],"awards":[],"funders":[],"has_content":{"pdf":false,"grobid_xml":false},"content_urls":null,"referenced_works_count":44,"referenced_works":["https://openalex.org/W23242426","https://openalex.org/W23790581","https://openalex.org/W109951691","https://openalex.org/W148369031","https://openalex.org/W173413620","https://openalex.org/W201766245","https://openalex.org/W1429964360","https://openalex.org/W1505465226","https://openalex.org/W1515981325","https://openalex.org/W1963947298","https://openalex.org/W1969501726","https://openalex.org/W1969599528","https://openalex.org/W1974608873","https://openalex.org/W1983142587","https://openalex.org/W1996931407","https://openalex.org/W1997577150","https://openalex.org/W2008158744","https://openalex.org/W2014590767","https://openalex.org/W2024818492","https://openalex.org/W2066070747","https://openalex.org/W2085925880","https://openalex.org/W2086631206","https://openalex.org/W2087567537","https://openalex.org/W2089448621","https://openalex.org/W2111487235","https://openalex.org/W2114030344","https://openalex.org/W2117798902","https://openalex.org/W2123436168","https://openalex.org/W2125357166","https://openalex.org/W2132685964","https://openalex.org/W2132733485","https://openalex.org/W2133824159","https://openalex.org/W2134646643","https://openalex.org/W2138788987","https://openalex.org/W2142867733","https://openalex.org/W2152225177","https://openalex.org/W2155735696","https://openalex.org/W2167363133","https://openalex.org/W2171240827","https://openalex.org/W2226733597","https://openalex.org/W2350778671","https://openalex.org/W3005412289","https://openalex.org/W4240951837","https://openalex.org/W4250404129"],"related_works":["https://openalex.org/W2359835790","https://openalex.org/W2391715591","https://openalex.org/W2182697532","https://openalex.org/W2122403474","https://openalex.org/W2171750108","https://openalex.org/W1517387344","https://openalex.org/W1544062218","https://openalex.org/W2154435823","https://openalex.org/W1754116331","https://openalex.org/W2105520056"],"abstract_inverted_index":{"Memory":[0],"corruption":[1],"vulnerabilities":[2],"that":[3,71,85],"lead":[4],"to":[5,48,66],"control-flow":[6],"hijacking":[7],"attacks":[8,18,34,93],"are":[9,19,94],"a":[10,36,68,82,96],"common":[11],"problem":[12],"for":[13,21],"binary":[14],"executables":[15],"and":[16],"such":[17,41],"known":[20],"more":[22],"than":[23],"two":[24],"decades.":[25],"Over":[26],"the":[27,54],"last":[28],"few":[29],"years,":[30],"especially":[31],"code":[32,52,61,69,91],"reuse":[33,92],"attracted":[35],"lot":[37],"of":[38],"attention.":[39],"In":[40],"attacks,":[42],"an":[43],"adversary":[44],"does":[45],"not":[46],"need":[47],"inject":[49],"her":[50,76],"own":[51],"during":[53],"exploitation":[55],"phase,":[56],"but":[57],"she":[58],"reuses":[59],"existing":[60,88],"fragments":[62],"(so":[63],"called":[64],"gadgets)":[65],"build":[67],"chain":[70],"performs":[72],"malicious":[73],"computations":[74],"on":[75],"behalf.":[77],"Return-oriented":[78],"programming":[79],"(ROP)":[80],"is":[81],"well-known":[83],"technique":[84],"bypasses":[86],"many":[87],"defenses.":[89],"Surprisingly,":[90],"also":[95],"viable":[97],"attack":[98],"vector":[99],"against":[100],"web":[101],"applications.":[102]},"counts_by_year":[{"year":2025,"cited_by_count":5},{"year":2024,"cited_by_count":7},{"year":2023,"cited_by_count":5},{"year":2022,"cited_by_count":3},{"year":2021,"cited_by_count":1},{"year":2020,"cited_by_count":3},{"year":2019,"cited_by_count":6},{"year":2018,"cited_by_count":3},{"year":2017,"cited_by_count":4},{"year":2016,"cited_by_count":2},{"year":2015,"cited_by_count":2}],"updated_date":"2025-11-06T03:46:38.306776","created_date":"2025-10-10T00:00:00"}