{"id":"https://openalex.org/W3212205244","doi":"https://doi.org/10.1145/3460120.3482788","title":"Are we done yet? Our Journey to Fight against Memory-safety Bugs","display_name":"Are we done yet? Our Journey to Fight against Memory-safety Bugs","publication_year":2021,"publication_date":"2021-11-12","ids":{"openalex":"https://openalex.org/W3212205244","doi":"https://doi.org/10.1145/3460120.3482788","mag":"3212205244"},"language":"en","primary_location":{"id":"doi:10.1145/3460120.3482788","is_oa":true,"landing_page_url":"https://doi.org/10.1145/3460120.3482788","pdf_url":"https://dl.acm.org/doi/pdf/10.1145/3460120.3482788","source":null,"license":null,"license_id":null,"version":"publishedVersion","is_accepted":true,"is_published":true,"raw_source_name":"Proceedings of the 2021 ACM SIGSAC Conference on Computer and Communications Security","raw_type":"proceedings-article"},"type":"article","indexed_in":["crossref"],"open_access":{"is_oa":true,"oa_status":"gold","oa_url":"https://dl.acm.org/doi/pdf/10.1145/3460120.3482788","any_repository_has_fulltext":null},"authorships":[{"author_position":"first","author":{"id":"https://openalex.org/A5100743709","display_name":"Taesoo Kim","orcid":"https://orcid.org/0000-0002-7440-2067"},"institutions":[{"id":"https://openalex.org/I130701444","display_name":"Georgia Institute of Technology","ror":"https://ror.org/01zkghx44","country_code":"US","type":"education","lineage":["https://openalex.org/I130701444"]},{"id":"https://openalex.org/I4210101778","display_name":"Samsung (United States)","ror":"https://ror.org/01bfbvm65","country_code":"US","type":"company","lineage":["https://openalex.org/I2250650973","https://openalex.org/I4210101778"]}],"countries":["US"],"is_corresponding":true,"raw_author_name":"Taesoo Kim","raw_affiliation_strings":["Georgia Institute of Technology &amp; Samsung Research, Atlanta, GA, USA"],"affiliations":[{"raw_affiliation_string":"Georgia Institute of Technology &amp; Samsung Research, Atlanta, GA, USA","institution_ids":["https://openalex.org/I130701444","https://openalex.org/I4210101778"]}]}],"institutions":[],"countries_distinct_count":1,"institutions_distinct_count":1,"corresponding_author_ids":["https://openalex.org/A5100743709"],"corresponding_institution_ids":["https://openalex.org/I130701444","https://openalex.org/I4210101778"],"apc_list":null,"apc_paid":null,"fwci":0.0,"has_fulltext":false,"cited_by_count":0,"citation_normalized_percentile":{"value":0.16811783,"is_in_top_1_percent":false,"is_in_top_10_percent":false},"cited_by_percentile_year":null,"biblio":{"volume":null,"issue":null,"first_page":"4","last_page":"4"},"is_retracted":false,"is_paratext":false,"is_xpac":false,"primary_topic":{"id":"https://openalex.org/T11424","display_name":"Security and Verification in Computing","score":0.9991999864578247,"subfield":{"id":"https://openalex.org/subfields/1702","display_name":"Artificial Intelligence"},"field":{"id":"https://openalex.org/fields/17","display_name":"Computer Science"},"domain":{"id":"https://openalex.org/domains/3","display_name":"Physical Sciences"}},"topics":[{"id":"https://openalex.org/T11424","display_name":"Security and Verification in Computing","score":0.9991999864578247,"subfield":{"id":"https://openalex.org/subfields/1702","display_name":"Artificial Intelligence"},"field":{"id":"https://openalex.org/fields/17","display_name":"Computer Science"},"domain":{"id":"https://openalex.org/domains/3","display_name":"Physical Sciences"}},{"id":"https://openalex.org/T12479","display_name":"Web Application Security Vulnerabilities","score":0.9937000274658203,"subfield":{"id":"https://openalex.org/subfields/1710","display_name":"Information Systems"},"field":{"id":"https://openalex.org/fields/17","display_name":"Computer Science"},"domain":{"id":"https://openalex.org/domains/3","display_name":"Physical Sciences"}},{"id":"https://openalex.org/T11241","display_name":"Advanced Malware Detection Techniques","score":0.9934999942779541,"subfield":{"id":"https://openalex.org/subfields/1711","display_name":"Signal Processing"},"field":{"id":"https://openalex.org/fields/17","display_name":"Computer Science"},"domain":{"id":"https://openalex.org/domains/3","display_name":"Physical Sciences"}}],"keywords":[{"id":"https://openalex.org/keywords/memory-safety","display_name":"Memory safety","score":0.761780858039856},{"id":"https://openalex.org/keywords/fuzz-testing","display_name":"Fuzz testing","score":0.7581244707107544},{"id":"https://openalex.org/keywords/computer-science","display_name":"Computer science","score":0.6475316286087036},{"id":"https://openalex.org/keywords/computer-security","display_name":"Computer security","score":0.6324092149734497},{"id":"https://openalex.org/keywords/safe-haven","display_name":"Safe haven","score":0.5022244453430176},{"id":"https://openalex.org/keywords/software-bug","display_name":"Software bug","score":0.49648886919021606},{"id":"https://openalex.org/keywords/aside","display_name":"Aside","score":0.4722784459590912},{"id":"https://openalex.org/keywords/memory-leak","display_name":"Memory leak","score":0.4563160836696625},{"id":"https://openalex.org/keywords/internet-privacy","display_name":"Internet privacy","score":0.43706077337265015},{"id":"https://openalex.org/keywords/software","display_name":"Software","score":0.41236376762390137},{"id":"https://openalex.org/keywords/world-wide-web","display_name":"World Wide Web","score":0.40546277165412903},{"id":"https://openalex.org/keywords/operating-system","display_name":"Operating system","score":0.3023327589035034},{"id":"https://openalex.org/keywords/memory-management","display_name":"Memory management","score":0.24667313694953918}],"concepts":[{"id":"https://openalex.org/C28180684","wikidata":"https://www.wikidata.org/wiki/Q4080983","display_name":"Memory safety","level":3,"score":0.761780858039856},{"id":"https://openalex.org/C111065885","wikidata":"https://www.wikidata.org/wiki/Q1189053","display_name":"Fuzz testing","level":3,"score":0.7581244707107544},{"id":"https://openalex.org/C41008148","wikidata":"https://www.wikidata.org/wiki/Q21198","display_name":"Computer science","level":0,"score":0.6475316286087036},{"id":"https://openalex.org/C38652104","wikidata":"https://www.wikidata.org/wiki/Q3510521","display_name":"Computer security","level":1,"score":0.6324092149734497},{"id":"https://openalex.org/C2992712416","wikidata":"https://www.wikidata.org/wiki/Q7398532","display_name":"Safe haven","level":2,"score":0.5022244453430176},{"id":"https://openalex.org/C1009929","wikidata":"https://www.wikidata.org/wiki/Q179550","display_name":"Software bug","level":3,"score":0.49648886919021606},{"id":"https://openalex.org/C2778120072","wikidata":"https://www.wikidata.org/wiki/Q2858150","display_name":"Aside","level":2,"score":0.4722784459590912},{"id":"https://openalex.org/C156731835","wikidata":"https://www.wikidata.org/wiki/Q751740","display_name":"Memory leak","level":4,"score":0.4563160836696625},{"id":"https://openalex.org/C108827166","wikidata":"https://www.wikidata.org/wiki/Q175975","display_name":"Internet privacy","level":1,"score":0.43706077337265015},{"id":"https://openalex.org/C2777904410","wikidata":"https://www.wikidata.org/wiki/Q7397","display_name":"Software","level":2,"score":0.41236376762390137},{"id":"https://openalex.org/C136764020","wikidata":"https://www.wikidata.org/wiki/Q466","display_name":"World Wide Web","level":1,"score":0.40546277165412903},{"id":"https://openalex.org/C111919701","wikidata":"https://www.wikidata.org/wiki/Q9135","display_name":"Operating system","level":1,"score":0.3023327589035034},{"id":"https://openalex.org/C176649486","wikidata":"https://www.wikidata.org/wiki/Q2308807","display_name":"Memory management","level":3,"score":0.24667313694953918},{"id":"https://openalex.org/C124952713","wikidata":"https://www.wikidata.org/wiki/Q8242","display_name":"Literature","level":1,"score":0.0},{"id":"https://openalex.org/C18547055","wikidata":"https://www.wikidata.org/wiki/Q47417","display_name":"International economics","level":1,"score":0.0},{"id":"https://openalex.org/C136085584","wikidata":"https://www.wikidata.org/wiki/Q910289","display_name":"Overlay","level":2,"score":0.0},{"id":"https://openalex.org/C142362112","wikidata":"https://www.wikidata.org/wiki/Q735","display_name":"Art","level":0,"score":0.0},{"id":"https://openalex.org/C162324750","wikidata":"https://www.wikidata.org/wiki/Q8134","display_name":"Economics","level":0,"score":0.0}],"mesh":[],"locations_count":1,"locations":[{"id":"doi:10.1145/3460120.3482788","is_oa":true,"landing_page_url":"https://doi.org/10.1145/3460120.3482788","pdf_url":"https://dl.acm.org/doi/pdf/10.1145/3460120.3482788","source":null,"license":null,"license_id":null,"version":"publishedVersion","is_accepted":true,"is_published":true,"raw_source_name":"Proceedings of the 2021 ACM SIGSAC Conference on Computer and Communications Security","raw_type":"proceedings-article"}],"best_oa_location":{"id":"doi:10.1145/3460120.3482788","is_oa":true,"landing_page_url":"https://doi.org/10.1145/3460120.3482788","pdf_url":"https://dl.acm.org/doi/pdf/10.1145/3460120.3482788","source":null,"license":null,"license_id":null,"version":"publishedVersion","is_accepted":true,"is_published":true,"raw_source_name":"Proceedings of the 2021 ACM SIGSAC Conference on Computer and Communications Security","raw_type":"proceedings-article"},"sustainable_development_goals":[{"display_name":"Peace, Justice and strong institutions","id":"https://metadata.un.org/sdg/16","score":0.49000000953674316}],"awards":[{"id":"https://openalex.org/G187716753","display_name":null,"funder_award_id":"2014-3-00035","funder_id":"https://openalex.org/F4320322093","funder_display_name":"Electronics and Telecommunications Research Institute"},{"id":"https://openalex.org/G2637195115","display_name":null,"funder_award_id":"4-18-1-","funder_id":"https://openalex.org/F4320337345","funder_display_name":"Office of Naval Research"},{"id":"https://openalex.org/G2978776036","display_name":null,"funder_award_id":"2014-3-00035","funder_id":"https://openalex.org/F4320335489","funder_display_name":"Institute for Information and Communications Technology Promotion"},{"id":"https://openalex.org/G3366692587","display_name":null,"funder_award_id":"N00014-18-1-2662","funder_id":"https://openalex.org/F4320337345","funder_display_name":"Office of Naval Research"},{"id":"https://openalex.org/G4504108201","display_name":null,"funder_award_id":"N00014-17-1","funder_id":"https://openalex.org/F4320337345","funder_display_name":"Office of Naval Research"},{"id":"https://openalex.org/G459429484","display_name":null,"funder_award_id":"CNS-1749711,","funder_id":"https://openalex.org/F4320306076","funder_display_name":"National Science Foundation"},{"id":"https://openalex.org/G4751570384","display_name":null,"funder_award_id":"4-17-1-","funder_id":"https://openalex.org/F4320337345","funder_display_name":"Office of Naval Research"},{"id":"https://openalex.org/G60922421","display_name":null,"funder_award_id":"CNS-1563848","funder_id":"https://openalex.org/F4320306076","funder_display_name":"National Science Foundation"},{"id":"https://openalex.org/G637290822","display_name":null,"funder_award_id":"N00014-17-1-289","funder_id":"https://openalex.org/F4320337345","funder_display_name":"Office of Naval Research"},{"id":"https://openalex.org/G6612379881","display_name":null,"funder_award_id":"N00014-18-1-2662, N00014-15-1-2162, N00014-17-1-2895","funder_id":"https://openalex.org/F4320337345","funder_display_name":"Office of Naval Research"},{"id":"https://openalex.org/G7360261236","display_name":null,"funder_award_id":"IITP/KEIT[2014-3-00035]","funder_id":"https://openalex.org/F4320322093","funder_display_name":"Electronics and Telecommunications Research Institute"},{"id":"https://openalex.org/G7931865478","display_name":null,"funder_award_id":"4-15-1-","funder_id":"https://openalex.org/F4320337345","funder_display_name":"Office of Naval Research"},{"id":"https://openalex.org/G8236366147","display_name":"TWC: Medium: Collaborative: Systems, Tools, and Techniques for Executing, Managing, and Securing SGX Programs","funder_award_id":"1563848","funder_id":"https://openalex.org/F4320306076","funder_display_name":"National Science Foundation"},{"id":"https://openalex.org/G8326067817","display_name":null,"funder_award_id":"N00014-15-1-2162","funder_id":"https://openalex.org/F4320337345","funder_display_name":"Office of Naval Research"},{"id":"https://openalex.org/G8568027321","display_name":null,"funder_award_id":"N00014-17-1-2895","funder_id":"https://openalex.org/F4320337345","funder_display_name":"Office of Naval Research"},{"id":"https://openalex.org/G8876996369","display_name":null,"funder_award_id":"N00014","funder_id":"https://openalex.org/F4320337345","funder_display_name":"Office of Naval Research"}],"funders":[{"id":"https://openalex.org/F4320306076","display_name":"National Science Foundation","ror":"https://ror.org/021nxhr62"},{"id":"https://openalex.org/F4320316785","display_name":"VMware","ror":null},{"id":"https://openalex.org/F4320322093","display_name":"Electronics and Telecommunications Research Institute","ror":"https://ror.org/03ysstz10"},{"id":"https://openalex.org/F4320332180","display_name":"Defense Advanced Research Projects Agency","ror":"https://ror.org/02caytj08"},{"id":"https://openalex.org/F4320334879","display_name":"Korea Evaluation Institute of Industrial Technology","ror":"https://ror.org/03z9cwa38"},{"id":"https://openalex.org/F4320335489","display_name":"Institute for Information and Communications Technology Promotion","ror":"https://ror.org/01g0hqq23"},{"id":"https://openalex.org/F4320337345","display_name":"Office of Naval Research","ror":"https://ror.org/00rk2pe57"}],"has_content":{"pdf":true,"grobid_xml":true},"content_urls":{"pdf":"https://content.openalex.org/works/W3212205244.pdf","grobid_xml":"https://content.openalex.org/works/W3212205244.grobid-xml"},"referenced_works_count":0,"referenced_works":[],"related_works":["https://openalex.org/W614438062","https://openalex.org/W3173990398","https://openalex.org/W4205454537","https://openalex.org/W4381785649","https://openalex.org/W4206394013","https://openalex.org/W3093824853","https://openalex.org/W2939998072","https://openalex.org/W2102012911","https://openalex.org/W3048076421","https://openalex.org/W2592345979"],"abstract_inverted_index":{"Memory-safety":[0],"issues":[1],"have":[2],"been":[3],"a":[4],"long-standing":[5],"concern":[6],"of":[7,21,70,78],"the":[8,22,47,58,62,67,75,84],"security":[9],"practitioners.":[10],"According":[11],"to":[12,45],"Microsoft":[13],"and":[14,31,40,55],"Google,":[15],"memory-safety":[16],"bugs":[17],"still":[18],"represent":[19],"70%":[20],"exploited":[23],"vulnerabilities":[24],"in":[25,50],"complex,":[26],"real-world":[27],"programs":[28,86],"like":[29,53],"OSes":[30],"Web":[32],"browsers.":[33],"However,":[34],"it":[35],"doesn't":[36],"mean":[37],"that":[38],"academics":[39],"practitioners":[41],"haven't":[42],"tried":[43],"hard":[44],"alleviate":[46],"problem.":[48],"Advances":[49],"automatic":[51],"techniques":[52],"fuzzing":[54],"sanitizers":[56],"revolutionize":[57],"way":[59],"we":[60],"tame":[61],"memory":[63],"safety":[64],"bugs,":[65],"but":[66],"increasing":[68],"volume":[69],"new":[71,81],"software":[72],"simply":[73],"outpaces":[74],"adoption":[76],"rate":[77],"these":[79],"promising":[80],"techniques,":[82],"setting":[83],"legacy":[85],"aside.":[87]},"counts_by_year":[],"updated_date":"2026-04-10T15:06:20.359241","created_date":"2025-10-10T00:00:00"}