{"id":"https://openalex.org/W2534610146","doi":"https://doi.org/10.1145/2976749.2978380","title":"Chainsaw","display_name":"Chainsaw","publication_year":2016,"publication_date":"2016-10-24","ids":{"openalex":"https://openalex.org/W2534610146","doi":"https://doi.org/10.1145/2976749.2978380","mag":"2534610146"},"language":"en","primary_location":{"id":"doi:10.1145/2976749.2978380","is_oa":true,"landing_page_url":"https://doi.org/10.1145/2976749.2978380","pdf_url":"https://dl.acm.org/doi/pdf/10.1145/2976749.2978380?download=true","source":null,"license":null,"license_id":null,"version":"publishedVersion","is_accepted":true,"is_published":true,"raw_source_name":"Proceedings of the 2016 ACM SIGSAC Conference on Computer and Communications Security","raw_type":"proceedings-article"},"type":"article","indexed_in":["crossref"],"open_access":{"is_oa":true,"oa_status":"gold","oa_url":"https://dl.acm.org/doi/pdf/10.1145/2976749.2978380?download=true","any_repository_has_fulltext":null},"authorships":[{"author_position":"first","author":{"id":"https://openalex.org/A5024214057","display_name":"Abeer Alhuzali","orcid":null},"institutions":[{"id":"https://openalex.org/I39422238","display_name":"University of Illinois Chicago","ror":"https://ror.org/02mpq6x41","country_code":"US","type":"education","lineage":["https://openalex.org/I39422238"]}],"countries":["US"],"is_corresponding":true,"raw_author_name":"Abeer Alhuzali","raw_affiliation_strings":["University of Illinois at Chicago, Chicago, IL, USA"],"affiliations":[{"raw_affiliation_string":"University of Illinois at Chicago, Chicago, IL, USA","institution_ids":["https://openalex.org/I39422238"]}]},{"author_position":"middle","author":{"id":"https://openalex.org/A5079219412","display_name":"Birhanu Eshete","orcid":"https://orcid.org/0000-0002-2549-4030"},"institutions":[{"id":"https://openalex.org/I39422238","display_name":"University of Illinois Chicago","ror":"https://ror.org/02mpq6x41","country_code":"US","type":"education","lineage":["https://openalex.org/I39422238"]}],"countries":["US"],"is_corresponding":false,"raw_author_name":"Birhanu Eshete","raw_affiliation_strings":["University of Illinois at Chicago, Chicago, IL, USA"],"affiliations":[{"raw_affiliation_string":"University of Illinois at Chicago, Chicago, IL, USA","institution_ids":["https://openalex.org/I39422238"]}]},{"author_position":"middle","author":{"id":"https://openalex.org/A5051819817","display_name":"Rigel Gjomemo","orcid":"https://orcid.org/0009-0001-3715-077X"},"institutions":[{"id":"https://openalex.org/I39422238","display_name":"University of Illinois Chicago","ror":"https://ror.org/02mpq6x41","country_code":"US","type":"education","lineage":["https://openalex.org/I39422238"]}],"countries":["US"],"is_corresponding":false,"raw_author_name":"Rigel Gjomemo","raw_affiliation_strings":["University of Illinois at Chicago, Chicago, IL, USA"],"affiliations":[{"raw_affiliation_string":"University of Illinois at Chicago, Chicago, IL, USA","institution_ids":["https://openalex.org/I39422238"]}]},{"author_position":"last","author":{"id":"https://openalex.org/A5058117020","display_name":"V. N. Venkatakrishnan","orcid":"https://orcid.org/0000-0002-1690-9185"},"institutions":[{"id":"https://openalex.org/I39422238","display_name":"University of Illinois Chicago","ror":"https://ror.org/02mpq6x41","country_code":"US","type":"education","lineage":["https://openalex.org/I39422238"]}],"countries":["US"],"is_corresponding":false,"raw_author_name":"V.N. Venkatakrishnan","raw_affiliation_strings":["University of Illinois at Chicago, Chicago, IL, USA"],"affiliations":[{"raw_affiliation_string":"University of Illinois at Chicago, Chicago, IL, USA","institution_ids":["https://openalex.org/I39422238"]}]}],"institutions":[],"countries_distinct_count":1,"institutions_distinct_count":4,"corresponding_author_ids":["https://openalex.org/A5024214057"],"corresponding_institution_ids":["https://openalex.org/I39422238"],"apc_list":null,"apc_paid":null,"fwci":5.5241,"has_fulltext":true,"cited_by_count":36,"citation_normalized_percentile":{"value":0.95971455,"is_in_top_1_percent":false,"is_in_top_10_percent":true},"cited_by_percentile_year":{"min":94,"max":98},"biblio":{"volume":null,"issue":null,"first_page":"641","last_page":"652"},"is_retracted":false,"is_paratext":false,"is_xpac":false,"primary_topic":{"id":"https://openalex.org/T12479","display_name":"Web Application Security Vulnerabilities","score":1.0,"subfield":{"id":"https://openalex.org/subfields/1710","display_name":"Information Systems"},"field":{"id":"https://openalex.org/fields/17","display_name":"Computer Science"},"domain":{"id":"https://openalex.org/domains/3","display_name":"Physical Sciences"}},"topics":[{"id":"https://openalex.org/T12479","display_name":"Web Application Security Vulnerabilities","score":1.0,"subfield":{"id":"https://openalex.org/subfields/1710","display_name":"Information Systems"},"field":{"id":"https://openalex.org/fields/17","display_name":"Computer Science"},"domain":{"id":"https://openalex.org/domains/3","display_name":"Physical Sciences"}},{"id":"https://openalex.org/T11424","display_name":"Security and Verification in Computing","score":0.9959999918937683,"subfield":{"id":"https://openalex.org/subfields/1702","display_name":"Artificial Intelligence"},"field":{"id":"https://openalex.org/fields/17","display_name":"Computer Science"},"domain":{"id":"https://openalex.org/domains/3","display_name":"Physical Sciences"}},{"id":"https://openalex.org/T10743","display_name":"Software Testing and Debugging Techniques","score":0.994700014591217,"subfield":{"id":"https://openalex.org/subfields/1712","display_name":"Software"},"field":{"id":"https://openalex.org/fields/17","display_name":"Computer Science"},"domain":{"id":"https://openalex.org/domains/3","display_name":"Physical Sciences"}}],"keywords":[{"id":"https://openalex.org/keywords/exploit","display_name":"Exploit","score":0.9731680154800415},{"id":"https://openalex.org/keywords/computer-science","display_name":"Computer science","score":0.8353769779205322},{"id":"https://openalex.org/keywords/workflow","display_name":"Workflow","score":0.6310213804244995},{"id":"https://openalex.org/keywords/database","display_name":"Database","score":0.2413683533668518},{"id":"https://openalex.org/keywords/computer-security","display_name":"Computer security","score":0.09578582644462585}],"concepts":[{"id":"https://openalex.org/C165696696","wikidata":"https://www.wikidata.org/wiki/Q11287","display_name":"Exploit","level":2,"score":0.9731680154800415},{"id":"https://openalex.org/C41008148","wikidata":"https://www.wikidata.org/wiki/Q21198","display_name":"Computer science","level":0,"score":0.8353769779205322},{"id":"https://openalex.org/C177212765","wikidata":"https://www.wikidata.org/wiki/Q627335","display_name":"Workflow","level":2,"score":0.6310213804244995},{"id":"https://openalex.org/C77088390","wikidata":"https://www.wikidata.org/wiki/Q8513","display_name":"Database","level":1,"score":0.2413683533668518},{"id":"https://openalex.org/C38652104","wikidata":"https://www.wikidata.org/wiki/Q3510521","display_name":"Computer security","level":1,"score":0.09578582644462585}],"mesh":[],"locations_count":1,"locations":[{"id":"doi:10.1145/2976749.2978380","is_oa":true,"landing_page_url":"https://doi.org/10.1145/2976749.2978380","pdf_url":"https://dl.acm.org/doi/pdf/10.1145/2976749.2978380?download=true","source":null,"license":null,"license_id":null,"version":"publishedVersion","is_accepted":true,"is_published":true,"raw_source_name":"Proceedings of the 2016 ACM SIGSAC Conference on Computer and Communications Security","raw_type":"proceedings-article"}],"best_oa_location":{"id":"doi:10.1145/2976749.2978380","is_oa":true,"landing_page_url":"https://doi.org/10.1145/2976749.2978380","pdf_url":"https://dl.acm.org/doi/pdf/10.1145/2976749.2978380?download=true","source":null,"license":null,"license_id":null,"version":"publishedVersion","is_accepted":true,"is_published":true,"raw_source_name":"Proceedings of the 2016 ACM SIGSAC Conference on Computer and Communications Security","raw_type":"proceedings-article"},"sustainable_development_goals":[],"awards":[{"id":"https://openalex.org/G3563673719","display_name":"TWC: TTP Option: Medium: Collaborative: MALDIVES: Developing a Comprehensive Understanding of Malware Delivery Mechanisms","funder_award_id":"1514472","funder_id":"https://openalex.org/F4320306076","funder_display_name":"National Science Foundation"},{"id":"https://openalex.org/G6228029218","display_name":null,"funder_award_id":"CNS-1514472 DGE-1069311","funder_id":"https://openalex.org/F4320306076","funder_display_name":"National Science Foundation"},{"id":"https://openalex.org/G6849728216","display_name":null,"funder_award_id":"1069311","funder_id":"https://openalex.org/F4320306076","funder_display_name":"National Science Foundation"},{"id":"https://openalex.org/G7780189208","display_name":null,"funder_award_id":"CNS-1514472","funder_id":"https://openalex.org/F4320306076","funder_display_name":"National Science Foundation"},{"id":"https://openalex.org/G8523748105","display_name":null,"funder_award_id":"DGE-1069311","funder_id":"https://openalex.org/F4320306076","funder_display_name":"National Science Foundation"}],"funders":[{"id":"https://openalex.org/F4320306076","display_name":"National Science Foundation","ror":"https://ror.org/021nxhr62"},{"id":"https://openalex.org/F4320332180","display_name":"Defense Advanced Research Projects Agency","ror":"https://ror.org/02caytj08"},{"id":"https://openalex.org/F4320338279","display_name":"Air Force Office of Scientific Research","ror":"https://ror.org/011e9bt93"}],"has_content":{"grobid_xml":true,"pdf":true},"content_urls":{"pdf":"https://content.openalex.org/works/W2534610146.pdf","grobid_xml":"https://content.openalex.org/works/W2534610146.grobid-xml"},"referenced_works_count":33,"referenced_works":["https://openalex.org/W109951691","https://openalex.org/W142308502","https://openalex.org/W1429964360","https://openalex.org/W1459231281","https://openalex.org/W1480909796","https://openalex.org/W1496222301","https://openalex.org/W1505465226","https://openalex.org/W1511560695","https://openalex.org/W1522831833","https://openalex.org/W1952344271","https://openalex.org/W1975428729","https://openalex.org/W1979931683","https://openalex.org/W1980694458","https://openalex.org/W1983142587","https://openalex.org/W2008158744","https://openalex.org/W2017035494","https://openalex.org/W2028806953","https://openalex.org/W2075573771","https://openalex.org/W2076472201","https://openalex.org/W2085925880","https://openalex.org/W2086631206","https://openalex.org/W2087115492","https://openalex.org/W2094415856","https://openalex.org/W2111487235","https://openalex.org/W2131058166","https://openalex.org/W2151619740","https://openalex.org/W2161688581","https://openalex.org/W2165597437","https://openalex.org/W2166381878","https://openalex.org/W2350778671","https://openalex.org/W2404990348","https://openalex.org/W2997473338","https://openalex.org/W4247632680"],"related_works":["https://openalex.org/W4391375266","https://openalex.org/W2899084033","https://openalex.org/W2748952813","https://openalex.org/W17155033","https://openalex.org/W3207760230","https://openalex.org/W1496222301","https://openalex.org/W4312814274","https://openalex.org/W1590307681","https://openalex.org/W2536018345","https://openalex.org/W4285370786"],"abstract_inverted_index":{"We":[0,77],"tackle":[1],"the":[2,21],"problem":[3],"of":[4,63],"automated":[5],"exploit":[6,29,34,75],"generation":[7,35],"for":[8,33],"web":[9,24,42],"applications.":[10],"In":[11],"this":[12],"regard,":[13],"we":[14],"present":[15],"an":[16],"approach":[17,32,59,80],"that":[18],"significantly":[19,105],"improves":[20],"state-of-art":[22],"in":[23,81],"injection":[25,102],"vulnerability":[26],"identification":[27],"and":[28,51,68,95,100],"generation.":[30,76],"Our":[31,58],"tackles":[36],"various":[37],"challenges":[38],"associated":[39],"with":[40],"typical":[41],"application":[43,64],"characteristics:":[44],"their":[45],"multi-module":[46],"nature,":[47],"interposed":[48],"user":[49],"input,":[50],"multi-tier":[52],"architectures":[53],"using":[54],"a":[55,82],"database":[56,66],"backend.":[57],"develops":[60],"precise":[61],"models":[62],"workflows,":[65],"schemas,":[67],"native":[69],"functions":[70],"to":[71,89],"achieve":[72],"high":[73],"quality":[74],"implemented":[78],"our":[79],"tool":[83],"called":[84],"Chainsaw.":[85],"Chainsaw":[86],"was":[87],"used":[88],"analyze":[90],"9":[91],"open":[92],"source":[93],"applications":[94],"generated":[96],"over":[97],"199":[98],"first-":[99],"second-order":[101],"exploits":[103],"combined,":[104],"outperforming":[106],"several":[107],"related":[108],"approaches.":[109]},"counts_by_year":[{"year":2025,"cited_by_count":4},{"year":2024,"cited_by_count":5},{"year":2023,"cited_by_count":4},{"year":2022,"cited_by_count":5},{"year":2021,"cited_by_count":7},{"year":2020,"cited_by_count":3},{"year":2019,"cited_by_count":2},{"year":2018,"cited_by_count":3},{"year":2017,"cited_by_count":3}],"updated_date":"2026-04-10T15:06:20.359241","created_date":"2016-10-28T00:00:00"}