{"id":"https://openalex.org/W3120812951","doi":"https://doi.org/10.1145/3418898","title":"Exploiting Mixed Binaries","display_name":"Exploiting Mixed Binaries","publication_year":2021,"publication_date":"2021-01-02","ids":{"openalex":"https://openalex.org/W3120812951","doi":"https://doi.org/10.1145/3418898","mag":"3120812951"},"language":"en","primary_location":{"id":"doi:10.1145/3418898","is_oa":true,"landing_page_url":"https://doi.org/10.1145/3418898","pdf_url":"https://dl.acm.org/doi/pdf/10.1145/3418898","source":{"id":"https://openalex.org/S4210174050","display_name":"ACM Transactions on Privacy and Security","issn_l":"2471-2566","issn":["2471-2566","2471-2574"],"is_oa":false,"is_in_doaj":false,"is_core":true,"host_organization":"https://openalex.org/P4310319798","host_organization_name":"Association for Computing Machinery","host_organization_lineage":["https://openalex.org/P4310319798"],"host_organization_lineage_names":["Association for Computing Machinery"],"type":"journal"},"license":null,"license_id":null,"version":"publishedVersion","is_accepted":true,"is_published":true,"raw_source_name":"ACM Transactions on Privacy and Security","raw_type":"journal-article"},"type":"article","indexed_in":["crossref"],"open_access":{"is_oa":true,"oa_status":"bronze","oa_url":"https://dl.acm.org/doi/pdf/10.1145/3418898","any_repository_has_fulltext":true},"authorships":[{"author_position":"first","author":{"id":"https://openalex.org/A5040258425","display_name":"Michalis Papaevripides","orcid":null},"institutions":[{"id":"https://openalex.org/I34771391","display_name":"University of Cyprus","ror":"https://ror.org/02qjrjx09","country_code":"CY","type":"education","lineage":["https://openalex.org/I34771391"]}],"countries":["CY"],"is_corresponding":true,"raw_author_name":"Michalis Papaevripides","raw_affiliation_strings":["University of Cyprus, Nicosia, Cyprus"],"affiliations":[{"raw_affiliation_string":"University of Cyprus, Nicosia, Cyprus","institution_ids":["https://openalex.org/I34771391"]}]},{"author_position":"last","author":{"id":"https://openalex.org/A5102849919","display_name":"\u0397\u03bb\u03af\u03b1\u03c2 \u0391\u03b8\u03b1\u03bd\u03b1\u03c3\u03cc\u03c0\u03bf\u03c5\u03bb\u03bf\u03c2","orcid":"https://orcid.org/0000-0002-8759-3261"},"institutions":[{"id":"https://openalex.org/I34771391","display_name":"University of Cyprus","ror":"https://ror.org/02qjrjx09","country_code":"CY","type":"education","lineage":["https://openalex.org/I34771391"]}],"countries":["CY"],"is_corresponding":false,"raw_author_name":"Elias Athanasopoulos","raw_affiliation_strings":["University of Cyprus, Nicosia, Cyprus"],"affiliations":[{"raw_affiliation_string":"University of Cyprus, Nicosia, Cyprus","institution_ids":["https://openalex.org/I34771391"]}]}],"institutions":[],"countries_distinct_count":1,"institutions_distinct_count":2,"corresponding_author_ids":["https://openalex.org/A5040258425"],"corresponding_institution_ids":["https://openalex.org/I34771391"],"apc_list":null,"apc_paid":null,"fwci":1.1199,"has_fulltext":true,"cited_by_count":11,"citation_normalized_percentile":{"value":0.81597035,"is_in_top_1_percent":false,"is_in_top_10_percent":false},"cited_by_percentile_year":{"min":94,"max":98},"biblio":{"volume":"24","issue":"2","first_page":"1","last_page":"29"},"is_retracted":false,"is_paratext":false,"is_xpac":false,"primary_topic":{"id":"https://openalex.org/T11424","display_name":"Security and Verification in Computing","score":0.9998999834060669,"subfield":{"id":"https://openalex.org/subfields/1702","display_name":"Artificial Intelligence"},"field":{"id":"https://openalex.org/fields/17","display_name":"Computer Science"},"domain":{"id":"https://openalex.org/domains/3","display_name":"Physical Sciences"}},"topics":[{"id":"https://openalex.org/T11424","display_name":"Security and Verification in Computing","score":0.9998999834060669,"subfield":{"id":"https://openalex.org/subfields/1702","display_name":"Artificial Intelligence"},"field":{"id":"https://openalex.org/fields/17","display_name":"Computer Science"},"domain":{"id":"https://openalex.org/domains/3","display_name":"Physical Sciences"}},{"id":"https://openalex.org/T11241","display_name":"Advanced Malware Detection Techniques","score":0.9865000247955322,"subfield":{"id":"https://openalex.org/subfields/1711","display_name":"Signal Processing"},"field":{"id":"https://openalex.org/fields/17","display_name":"Computer Science"},"domain":{"id":"https://openalex.org/domains/3","display_name":"Physical Sciences"}}],"keywords":[{"id":"https://openalex.org/keywords/memory-safety","display_name":"Memory safety","score":0.7644088268280029},{"id":"https://openalex.org/keywords/computer-science","display_name":"Computer science","score":0.7433512210845947},{"id":"https://openalex.org/keywords/compiler","display_name":"Compiler","score":0.7371014356613159},{"id":"https://openalex.org/keywords/garbage-collection","display_name":"Garbage collection","score":0.6384168863296509},{"id":"https://openalex.org/keywords/rust","display_name":"Rust (programming language)","score":0.5906081199645996},{"id":"https://openalex.org/keywords/memory-leak","display_name":"Memory leak","score":0.5560052394866943},{"id":"https://openalex.org/keywords/exploit","display_name":"Exploit","score":0.46819743514060974},{"id":"https://openalex.org/keywords/source-code","display_name":"Source code","score":0.45349937677383423},{"id":"https://openalex.org/keywords/operating-system","display_name":"Operating system","score":0.4442169964313507},{"id":"https://openalex.org/keywords/computer-security","display_name":"Computer security","score":0.4401651620864868},{"id":"https://openalex.org/keywords/garbage","display_name":"Garbage","score":0.4346614181995392},{"id":"https://openalex.org/keywords/leverage","display_name":"Leverage (statistics)","score":0.4131469130516052},{"id":"https://openalex.org/keywords/programming-language","display_name":"Programming language","score":0.34730273485183716}],"concepts":[{"id":"https://openalex.org/C28180684","wikidata":"https://www.wikidata.org/wiki/Q4080983","display_name":"Memory safety","level":3,"score":0.7644088268280029},{"id":"https://openalex.org/C41008148","wikidata":"https://www.wikidata.org/wiki/Q21198","display_name":"Computer science","level":0,"score":0.7433512210845947},{"id":"https://openalex.org/C169590947","wikidata":"https://www.wikidata.org/wiki/Q47506","display_name":"Compiler","level":2,"score":0.7371014356613159},{"id":"https://openalex.org/C105122174","wikidata":"https://www.wikidata.org/wiki/Q322202","display_name":"Garbage collection","level":3,"score":0.6384168863296509},{"id":"https://openalex.org/C197781089","wikidata":"https://www.wikidata.org/wiki/Q575650","display_name":"Rust (programming language)","level":2,"score":0.5906081199645996},{"id":"https://openalex.org/C156731835","wikidata":"https://www.wikidata.org/wiki/Q751740","display_name":"Memory leak","level":4,"score":0.5560052394866943},{"id":"https://openalex.org/C165696696","wikidata":"https://www.wikidata.org/wiki/Q11287","display_name":"Exploit","level":2,"score":0.46819743514060974},{"id":"https://openalex.org/C43126263","wikidata":"https://www.wikidata.org/wiki/Q128751","display_name":"Source code","level":2,"score":0.45349937677383423},{"id":"https://openalex.org/C111919701","wikidata":"https://www.wikidata.org/wiki/Q9135","display_name":"Operating system","level":1,"score":0.4442169964313507},{"id":"https://openalex.org/C38652104","wikidata":"https://www.wikidata.org/wiki/Q3510521","display_name":"Computer security","level":1,"score":0.4401651620864868},{"id":"https://openalex.org/C75403996","wikidata":"https://www.wikidata.org/wiki/Q5521979","display_name":"Garbage","level":2,"score":0.4346614181995392},{"id":"https://openalex.org/C153083717","wikidata":"https://www.wikidata.org/wiki/Q6535263","display_name":"Leverage (statistics)","level":2,"score":0.4131469130516052},{"id":"https://openalex.org/C199360897","wikidata":"https://www.wikidata.org/wiki/Q9143","display_name":"Programming language","level":1,"score":0.34730273485183716},{"id":"https://openalex.org/C119857082","wikidata":"https://www.wikidata.org/wiki/Q2539","display_name":"Machine learning","level":1,"score":0.0}],"mesh":[],"locations_count":2,"locations":[{"id":"doi:10.1145/3418898","is_oa":true,"landing_page_url":"https://doi.org/10.1145/3418898","pdf_url":"https://dl.acm.org/doi/pdf/10.1145/3418898","source":{"id":"https://openalex.org/S4210174050","display_name":"ACM Transactions on Privacy and Security","issn_l":"2471-2566","issn":["2471-2566","2471-2574"],"is_oa":false,"is_in_doaj":false,"is_core":true,"host_organization":"https://openalex.org/P4310319798","host_organization_name":"Association for Computing Machinery","host_organization_lineage":["https://openalex.org/P4310319798"],"host_organization_lineage_names":["Association for Computing Machinery"],"type":"journal"},"license":null,"license_id":null,"version":"publishedVersion","is_accepted":true,"is_published":true,"raw_source_name":"ACM Transactions on Privacy and Security","raw_type":"journal-article"},{"id":"pmh:oai:zenodo.org:4946696","is_oa":true,"landing_page_url":"https://zenodo.org/record/4946696","pdf_url":null,"source":{"id":"https://openalex.org/S4306400562","display_name":"Zenodo (CERN European Organization for Nuclear Research)","issn_l":null,"issn":null,"is_oa":true,"is_in_doaj":false,"is_core":false,"host_organization":"https://openalex.org/I67311998","host_organization_name":"European Organization for Nuclear Research","host_organization_lineage":["https://openalex.org/I67311998"],"host_organization_lineage_names":[],"type":"repository"},"license":"cc-by","license_id":"https://openalex.org/licenses/cc-by","version":"submittedVersion","is_accepted":false,"is_published":false,"raw_source_name":"ACM Transactions on Privacy and Security 24(2) 1-29","raw_type":"info:eu-repo/semantics/article"}],"best_oa_location":{"id":"doi:10.1145/3418898","is_oa":true,"landing_page_url":"https://doi.org/10.1145/3418898","pdf_url":"https://dl.acm.org/doi/pdf/10.1145/3418898","source":{"id":"https://openalex.org/S4210174050","display_name":"ACM Transactions on Privacy and Security","issn_l":"2471-2566","issn":["2471-2566","2471-2574"],"is_oa":false,"is_in_doaj":false,"is_core":true,"host_organization":"https://openalex.org/P4310319798","host_organization_name":"Association for Computing Machinery","host_organization_lineage":["https://openalex.org/P4310319798"],"host_organization_lineage_names":["Association for Computing Machinery"],"type":"journal"},"license":null,"license_id":null,"version":"publishedVersion","is_accepted":true,"is_published":true,"raw_source_name":"ACM Transactions on Privacy and Security","raw_type":"journal-article"},"sustainable_development_goals":[{"id":"https://metadata.un.org/sdg/16","score":0.8299999833106995,"display_name":"Peace, Justice and strong institutions"}],"awards":[{"id":"https://openalex.org/G4956428346","display_name":null,"funder_award_id":"Horizon 2020 research and innovatio","funder_id":"https://openalex.org/F4320320300","funder_display_name":"European Commission"},{"id":"https://openalex.org/G5036817778","display_name":null,"funder_award_id":"European Union's Horizon 2020 research and innov","funder_id":"https://openalex.org/F4320320300","funder_display_name":"European Commission"},{"id":"https://openalex.org/G5356549776","display_name":null,"funder_award_id":"830929","funder_id":"https://openalex.org/F4320320300","funder_display_name":"European Commission"},{"id":"https://openalex.org/G5689797814","display_name":null,"funder_award_id":"RESTART","funder_id":"https://openalex.org/F4320320300","funder_display_name":"European Commission"},{"id":"https://openalex.org/G7788277423","display_name":"REactively Defending against Advanced Cybersecurity Threats","funder_award_id":"786669","funder_id":"https://openalex.org/F4320320300","funder_display_name":"European Commission"},{"id":"https://openalex.org/G8318064016","display_name":null,"funder_award_id":"Horizon","funder_id":"https://openalex.org/F4320320300","funder_display_name":"European Commission"},{"id":"https://openalex.org/G8633428685","display_name":null,"funder_award_id":"European Union's Horizon 2020 research and innovat","funder_id":"https://openalex.org/F4320320300","funder_display_name":"European Commission"}],"funders":[{"id":"https://openalex.org/F4320320300","display_name":"European Commission","ror":"https://ror.org/00k4n6c32"},{"id":"https://openalex.org/F4320321002","display_name":"Research Promotion Foundation","ror":"https://ror.org/00en9ce74"}],"has_content":{"pdf":true,"grobid_xml":true},"content_urls":{"pdf":"https://content.openalex.org/works/W3120812951.pdf","grobid_xml":"https://content.openalex.org/works/W3120812951.grobid-xml"},"referenced_works_count":27,"referenced_works":["https://openalex.org/W1538332098","https://openalex.org/W1967216565","https://openalex.org/W2022292029","https://openalex.org/W2072102701","https://openalex.org/W2086839628","https://openalex.org/W2109219878","https://openalex.org/W2117798902","https://openalex.org/W2122757982","https://openalex.org/W2124360577","https://openalex.org/W2128016660","https://openalex.org/W2138517425","https://openalex.org/W2154795299","https://openalex.org/W2162800072","https://openalex.org/W2296346842","https://openalex.org/W2516933175","https://openalex.org/W2612286231","https://openalex.org/W2612403404","https://openalex.org/W2756350061","https://openalex.org/W2779850521","https://openalex.org/W2793146918","https://openalex.org/W2899781671","https://openalex.org/W2947182139","https://openalex.org/W4230177578","https://openalex.org/W4237907241","https://openalex.org/W4241006348","https://openalex.org/W4250981365","https://openalex.org/W4255091852"],"related_works":["https://openalex.org/W4387773637","https://openalex.org/W2188602196","https://openalex.org/W3174776489","https://openalex.org/W2245694847","https://openalex.org/W4381304378","https://openalex.org/W2132258996","https://openalex.org/W2182829270","https://openalex.org/W4200058186","https://openalex.org/W4296880735","https://openalex.org/W2951608268"],"abstract_inverted_index":{"Unsafe":[0],"programming":[1],"systems":[2],"are":[3,61,78,212],"still":[4],"very":[5],"popular,":[6],"despite":[7],"the":[8,87,215],"shortcomings":[9],"due":[10],"to":[11,23,135],"several":[12],"published":[13],"memory-corruption":[14],"vulnerabilities.":[15],"Toward":[16],"defending":[17,82],"memory":[18,46,67,83],"corruption,":[19,84],"compilers":[20,43,108],"have":[21],"started":[22],"employ":[24],"advanced":[25],"software":[26],"hardening":[27,75,200],"such":[28],"as":[29,195],"Control-flow":[30],"Integrity":[31],"(CFI)":[32],"and":[33,63,76,115,122,137,159,209],"SafeStack.":[34],"However,":[35],"there":[36],"is":[37,89,126,138],"a":[38,196],"broad":[39],"interest":[40],"for":[41,81,198],"realizing":[42],"that":[44,102,156,177,221],"impose":[45],"safety":[47,68],"with":[48,141],"no":[49],"heavy":[50],"runtime":[51],"support":[52],"(e.g.,":[53,117],"garbage":[54],"collection).":[55],"Representative":[56],"examples":[57],"of":[58],"this":[59,92,168],"category":[60],"Rust":[62,136,173,228],"Go,":[64,158],"which":[65,131,211],"enforce":[66],"primarily":[69],"statically":[70],"at":[71],"compile":[72],"time.":[73],"Software":[74],"Rust/Go":[77,116,190],"promising":[79],"directions":[80],"albeit":[85],"combining":[86],"two":[88],"questionable.":[90],"In":[91,185,204],"article,":[93],"we":[94,149,160,187,206],"consider":[95],"hardened":[96,113],"mixed":[97,154],"binaries,":[98],"i.e.,":[99],"machine":[100],"code":[101,134,192,231],"has":[103],"been":[104],"produced":[105],"from":[106,112],"different":[107],"and,":[109],"in":[110,153,167,201,214],"particular,":[111,205],"C/C++":[114,183,202],"Mozilla":[118,129],"Firefox,":[119,130],"Dropbox,":[120],"npm,":[121],"Docker).":[123],"Our":[124,218],"analysis":[125,152],"focused":[127],"on":[128,179],"outsources":[132],"significant":[133],"open":[139],"source":[140],"known":[142],"public":[143],"vulnerabilities":[144],"(with":[145],"assigned":[146],"CVE).":[147],"Furthermore,":[148],"extend":[150],"our":[151],"binaries":[155,176],"leverage":[157],"derive":[161],"similar":[162],"results.":[163],"The":[164],"attacks":[165,236],"explored":[166],"article":[169],"do":[170],"not":[171],"exploit":[172],"or":[174,229],"Go":[175,230],"depend":[178],"some":[180],"legacy":[181],"(vulnerable)":[182],"code.":[184,203],"contrast,":[186],"explore":[188],"how":[189],"compiled":[191],"can":[193,223],"stand":[194],"vehicle":[197],"bypassing":[199],"discuss":[207],"CFI":[208,222,239],"SafeStack,":[210],"available":[213],"latest":[216],"Clang.":[217],"assessment":[219],"concludes":[220],"be":[224],"completely":[225],"nullified":[226],"through":[227],"by":[232],"constructing":[233],"much":[234],"simpler":[235],"than":[237],"state-of-the-art":[238],"bypasses.":[240]},"counts_by_year":[{"year":2026,"cited_by_count":1},{"year":2025,"cited_by_count":2},{"year":2024,"cited_by_count":3},{"year":2023,"cited_by_count":3},{"year":2022,"cited_by_count":2}],"updated_date":"2026-04-13T07:58:08.660418","created_date":"2025-10-10T00:00:00"}