{"id":"https://openalex.org/W2600950714","doi":"https://doi.org/10.1145/3029806.3029826","title":"Analysis of Exception-Based Control Transfers","display_name":"Analysis of Exception-Based Control Transfers","publication_year":2017,"publication_date":"2017-03-20","ids":{"openalex":"https://openalex.org/W2600950714","doi":"https://doi.org/10.1145/3029806.3029826","mag":"2600950714"},"language":"en","primary_location":{"id":"doi:10.1145/3029806.3029826","is_oa":false,"landing_page_url":"https://doi.org/10.1145/3029806.3029826","pdf_url":null,"source":null,"license":null,"license_id":null,"version":"publishedVersion","is_accepted":true,"is_published":true,"raw_source_name":"Proceedings of the Seventh ACM on Conference on Data and Application Security and Privacy","raw_type":"proceedings-article"},"type":"article","indexed_in":["crossref"],"open_access":{"is_oa":false,"oa_status":"closed","oa_url":null,"any_repository_has_fulltext":false},"authorships":[{"author_position":"first","author":{"id":"https://openalex.org/A5079631371","display_name":"Babak Yadegari","orcid":null},"institutions":[{"id":"https://openalex.org/I138006243","display_name":"University of Arizona","ror":"https://ror.org/03m2x1q45","country_code":"US","type":"education","lineage":["https://openalex.org/I138006243"]}],"countries":["US"],"is_corresponding":true,"raw_author_name":"Babak Yadegari","raw_affiliation_strings":["University of Arizona, Tucson, AZ, USA"],"affiliations":[{"raw_affiliation_string":"University of Arizona, Tucson, AZ, USA","institution_ids":["https://openalex.org/I138006243"]}]},{"author_position":"middle","author":{"id":"https://openalex.org/A5110662994","display_name":"Jon Stephens","orcid":null},"institutions":[{"id":"https://openalex.org/I138006243","display_name":"University of Arizona","ror":"https://ror.org/03m2x1q45","country_code":"US","type":"education","lineage":["https://openalex.org/I138006243"]}],"countries":["US"],"is_corresponding":false,"raw_author_name":"Jon Stephens","raw_affiliation_strings":["University of Arizona, Tucson, AZ, USA"],"affiliations":[{"raw_affiliation_string":"University of Arizona, Tucson, AZ, USA","institution_ids":["https://openalex.org/I138006243"]}]},{"author_position":"last","author":{"id":"https://openalex.org/A5108542327","display_name":"Saumya Debray","orcid":null},"institutions":[{"id":"https://openalex.org/I138006243","display_name":"University of Arizona","ror":"https://ror.org/03m2x1q45","country_code":"US","type":"education","lineage":["https://openalex.org/I138006243"]}],"countries":["US"],"is_corresponding":false,"raw_author_name":"Saumya Debray","raw_affiliation_strings":["University of Arizona, Tucson, AZ, USA"],"affiliations":[{"raw_affiliation_string":"University of Arizona, Tucson, AZ, USA","institution_ids":["https://openalex.org/I138006243"]}]}],"institutions":[],"countries_distinct_count":1,"institutions_distinct_count":3,"corresponding_author_ids":["https://openalex.org/A5079631371"],"corresponding_institution_ids":["https://openalex.org/I138006243"],"apc_list":null,"apc_paid":null,"fwci":0.9751,"has_fulltext":false,"cited_by_count":8,"citation_normalized_percentile":{"value":0.81294103,"is_in_top_1_percent":false,"is_in_top_10_percent":false},"cited_by_percentile_year":{"min":89,"max":96},"biblio":{"volume":null,"issue":null,"first_page":"205","last_page":"216"},"is_retracted":false,"is_paratext":false,"is_xpac":false,"primary_topic":{"id":"https://openalex.org/T11424","display_name":"Security and Verification in Computing","score":0.9998000264167786,"subfield":{"id":"https://openalex.org/subfields/1702","display_name":"Artificial Intelligence"},"field":{"id":"https://openalex.org/fields/17","display_name":"Computer Science"},"domain":{"id":"https://openalex.org/domains/3","display_name":"Physical Sciences"}},"topics":[{"id":"https://openalex.org/T11424","display_name":"Security and Verification in Computing","score":0.9998000264167786,"subfield":{"id":"https://openalex.org/subfields/1702","display_name":"Artificial Intelligence"},"field":{"id":"https://openalex.org/fields/17","display_name":"Computer Science"},"domain":{"id":"https://openalex.org/domains/3","display_name":"Physical Sciences"}},{"id":"https://openalex.org/T11241","display_name":"Advanced Malware Detection Techniques","score":0.9997000098228455,"subfield":{"id":"https://openalex.org/subfields/1711","display_name":"Signal Processing"},"field":{"id":"https://openalex.org/fields/17","display_name":"Computer Science"},"domain":{"id":"https://openalex.org/domains/3","display_name":"Physical Sciences"}},{"id":"https://openalex.org/T12479","display_name":"Web Application Security Vulnerabilities","score":0.9986000061035156,"subfield":{"id":"https://openalex.org/subfields/1710","display_name":"Information Systems"},"field":{"id":"https://openalex.org/fields/17","display_name":"Computer Science"},"domain":{"id":"https://openalex.org/domains/3","display_name":"Physical Sciences"}}],"keywords":[{"id":"https://openalex.org/keywords/computer-science","display_name":"Computer science","score":0.8637209534645081},{"id":"https://openalex.org/keywords/taint-checking","display_name":"Taint checking","score":0.8227616548538208},{"id":"https://openalex.org/keywords/control","display_name":"Control (management)","score":0.6494448781013489},{"id":"https://openalex.org/keywords/exception-handling","display_name":"Exception handling","score":0.5488505959510803},{"id":"https://openalex.org/keywords/code","display_name":"Code (set theory)","score":0.547293484210968},{"id":"https://openalex.org/keywords/static-analysis","display_name":"Static analysis","score":0.5166473984718323},{"id":"https://openalex.org/keywords/state","display_name":"State (computer science)","score":0.5085848569869995},{"id":"https://openalex.org/keywords/symbolic-execution","display_name":"Symbolic execution","score":0.47275882959365845},{"id":"https://openalex.org/keywords/theoretical-computer-science","display_name":"Theoretical computer science","score":0.35749131441116333},{"id":"https://openalex.org/keywords/distributed-computing","display_name":"Distributed computing","score":0.33633339405059814},{"id":"https://openalex.org/keywords/programming-language","display_name":"Programming language","score":0.3049701452255249},{"id":"https://openalex.org/keywords/artificial-intelligence","display_name":"Artificial intelligence","score":0.18005257844924927},{"id":"https://openalex.org/keywords/software","display_name":"Software","score":0.07605710625648499}],"concepts":[{"id":"https://openalex.org/C41008148","wikidata":"https://www.wikidata.org/wiki/Q21198","display_name":"Computer science","level":0,"score":0.8637209534645081},{"id":"https://openalex.org/C63116202","wikidata":"https://www.wikidata.org/wiki/Q7676227","display_name":"Taint checking","level":3,"score":0.8227616548538208},{"id":"https://openalex.org/C2775924081","wikidata":"https://www.wikidata.org/wiki/Q55608371","display_name":"Control (management)","level":2,"score":0.6494448781013489},{"id":"https://openalex.org/C145428669","wikidata":"https://www.wikidata.org/wiki/Q471748","display_name":"Exception handling","level":2,"score":0.5488505959510803},{"id":"https://openalex.org/C2776760102","wikidata":"https://www.wikidata.org/wiki/Q5139990","display_name":"Code (set theory)","level":3,"score":0.547293484210968},{"id":"https://openalex.org/C97686452","wikidata":"https://www.wikidata.org/wiki/Q7604153","display_name":"Static analysis","level":2,"score":0.5166473984718323},{"id":"https://openalex.org/C48103436","wikidata":"https://www.wikidata.org/wiki/Q599031","display_name":"State (computer science)","level":2,"score":0.5085848569869995},{"id":"https://openalex.org/C2779639559","wikidata":"https://www.wikidata.org/wiki/Q7661178","display_name":"Symbolic execution","level":3,"score":0.47275882959365845},{"id":"https://openalex.org/C80444323","wikidata":"https://www.wikidata.org/wiki/Q2878974","display_name":"Theoretical computer science","level":1,"score":0.35749131441116333},{"id":"https://openalex.org/C120314980","wikidata":"https://www.wikidata.org/wiki/Q180634","display_name":"Distributed computing","level":1,"score":0.33633339405059814},{"id":"https://openalex.org/C199360897","wikidata":"https://www.wikidata.org/wiki/Q9143","display_name":"Programming language","level":1,"score":0.3049701452255249},{"id":"https://openalex.org/C154945302","wikidata":"https://www.wikidata.org/wiki/Q11660","display_name":"Artificial intelligence","level":1,"score":0.18005257844924927},{"id":"https://openalex.org/C2777904410","wikidata":"https://www.wikidata.org/wiki/Q7397","display_name":"Software","level":2,"score":0.07605710625648499},{"id":"https://openalex.org/C177264268","wikidata":"https://www.wikidata.org/wiki/Q1514741","display_name":"Set (abstract data type)","level":2,"score":0.0}],"mesh":[],"locations_count":1,"locations":[{"id":"doi:10.1145/3029806.3029826","is_oa":false,"landing_page_url":"https://doi.org/10.1145/3029806.3029826","pdf_url":null,"source":null,"license":null,"license_id":null,"version":"publishedVersion","is_accepted":true,"is_published":true,"raw_source_name":"Proceedings of the Seventh ACM on Conference on Data and Application Security and Privacy","raw_type":"proceedings-article"}],"best_oa_location":null,"sustainable_development_goals":[{"id":"https://metadata.un.org/sdg/16","display_name":"Peace, Justice and strong institutions","score":0.7300000190734863}],"awards":[],"funders":[],"has_content":{"grobid_xml":false,"pdf":false},"content_urls":null,"referenced_works_count":55,"referenced_works":["https://openalex.org/W109909280","https://openalex.org/W191656338","https://openalex.org/W238846938","https://openalex.org/W1496704300","https://openalex.org/W1515180657","https://openalex.org/W1515790419","https://openalex.org/W1551162551","https://openalex.org/W1598083179","https://openalex.org/W1694077306","https://openalex.org/W1710734607","https://openalex.org/W1849042743","https://openalex.org/W1882991369","https://openalex.org/W1910686388","https://openalex.org/W1911796317","https://openalex.org/W1996256636","https://openalex.org/W2009489720","https://openalex.org/W2010417554","https://openalex.org/W2011367000","https://openalex.org/W2011536294","https://openalex.org/W2014559961","https://openalex.org/W2020647468","https://openalex.org/W2022746390","https://openalex.org/W2041394996","https://openalex.org/W2077356321","https://openalex.org/W2089745089","https://openalex.org/W2091939272","https://openalex.org/W2096449544","https://openalex.org/W2097444001","https://openalex.org/W2102970979","https://openalex.org/W2106837287","https://openalex.org/W2107147876","https://openalex.org/W2113864883","https://openalex.org/W2117030266","https://openalex.org/W2117058582","https://openalex.org/W2119251836","https://openalex.org/W2122932578","https://openalex.org/W2125518044","https://openalex.org/W2128389850","https://openalex.org/W2129487583","https://openalex.org/W2134633067","https://openalex.org/W2137530017","https://openalex.org/W2138788987","https://openalex.org/W2144789413","https://openalex.org/W2147478478","https://openalex.org/W2150795982","https://openalex.org/W2151135920","https://openalex.org/W2156858199","https://openalex.org/W2165688098","https://openalex.org/W2166462894","https://openalex.org/W2243437504","https://openalex.org/W2401617229","https://openalex.org/W4237492309","https://openalex.org/W4239813889","https://openalex.org/W6632907626","https://openalex.org/W6639864006"],"related_works":["https://openalex.org/W4213243744","https://openalex.org/W2005010039","https://openalex.org/W2295023886","https://openalex.org/W4285586714","https://openalex.org/W2751940653","https://openalex.org/W2379780211","https://openalex.org/W4384302888","https://openalex.org/W2127761335","https://openalex.org/W4226168309","https://openalex.org/W1970932400"],"abstract_inverted_index":{"Dynamic":[0],"taint":[1,106],"analysis":[2,57,107],"and":[3,52,91,108,118],"symbolic":[4,109],"execution":[5,110],"find":[6],"many":[7],"important":[8],"applications":[9],"in":[10,56,103],"security-related":[11],"program":[12],"analyses.":[13],"However,":[14],"current":[15,150],"techniques":[16],"for":[17,39,65,124],"such":[18],"analyses":[19],"do":[20],"not":[21,75],"take":[22],"proper":[23],"account":[24,38],"of":[25,50,62,77,84,129],"control":[26,45,68,89],"transfers":[27,69,90],"due":[28,112],"to":[29,37,48,86,113],"exceptions.":[30],"As":[31],"a":[32,120,138],"result,":[33],"they":[34],"can":[35,101],"fail":[36],"implicit":[40,92,115],"flows":[41,117],"arising":[42],"from":[43,137],"exception-based":[44,114],"transfers,":[46],"leading":[47],"loss":[49],"precision":[51],"potential":[53],"false":[54],"negatives":[55],"results.":[58],"While":[59],"the":[60,82,98,127,143],"idea":[61],"using":[63,131],"exceptions":[64,85],"obfuscating":[66],"(unconditional)":[67],"is":[70],"well":[71],"known,":[72],"we":[73],"are":[74],"aware":[76],"any":[78],"prior":[79],"work":[80],"discussing":[81],"use":[83],"implement":[87],"conditional":[88],"information":[93,116],"flows.":[94],"This":[95],"paper":[96],"demonstrates":[97],"problems":[99],"that":[100,142],"arise":[102],"existing":[104],"dynamic":[105],"systems":[111],"proposes":[119],"generic":[121],"architecture-agnostic":[122],"solution":[123],"reasoning":[125],"about":[126],"behavior":[128],"code":[130],"user-defined":[132],"exception":[133],"handlers.":[134],"Experimental":[135],"results":[136,148],"prototype":[139],"implementation":[140],"indicate":[141],"ideas":[144],"described":[145],"produce":[146],"better":[147],"than":[149],"state-of-the-art":[151],"systems.":[152]},"counts_by_year":[{"year":2024,"cited_by_count":1},{"year":2022,"cited_by_count":1},{"year":2020,"cited_by_count":1},{"year":2019,"cited_by_count":1},{"year":2018,"cited_by_count":2},{"year":2017,"cited_by_count":1},{"year":2016,"cited_by_count":1}],"updated_date":"2025-11-06T03:46:38.306776","created_date":"2025-10-10T00:00:00"}