{"id":"https://openalex.org/W3217130398","doi":"https://doi.org/10.1145/3491371.3491372","title":"Finding Memory Vulnerabilities in Protocol Stack Implementations using Hybrid Program Analysis","display_name":"Finding Memory Vulnerabilities in Protocol Stack Implementations using Hybrid Program Analysis","publication_year":2021,"publication_date":"2021-12-02","ids":{"openalex":"https://openalex.org/W3217130398","doi":"https://doi.org/10.1145/3491371.3491372","mag":"3217130398"},"language":"en","primary_location":{"id":"doi:10.1145/3491371.3491372","is_oa":false,"landing_page_url":"https://doi.org/10.1145/3491371.3491372","pdf_url":null,"source":null,"license":null,"license_id":null,"version":"publishedVersion","is_accepted":true,"is_published":true,"raw_source_name":"8th International Conference on Networking, Systems and Security","raw_type":"proceedings-article"},"type":"article","indexed_in":["crossref"],"open_access":{"is_oa":false,"oa_status":"closed","oa_url":null,"any_repository_has_fulltext":false},"authorships":[{"author_position":"first","author":{"id":"https://openalex.org/A5073132031","display_name":"Farhaan Fowze","orcid":"https://orcid.org/0000-0002-3575-3067"},"institutions":[{"id":"https://openalex.org/I33213144","display_name":"University of Florida","ror":"https://ror.org/02y3ad647","country_code":"US","type":"education","lineage":["https://openalex.org/I33213144"]}],"countries":["US"],"is_corresponding":true,"raw_author_name":"Farhaan Fowze","raw_affiliation_strings":["University of Florida, USA"],"affiliations":[{"raw_affiliation_string":"University of Florida, USA","institution_ids":["https://openalex.org/I33213144"]}]},{"author_position":"last","author":{"id":"https://openalex.org/A5056009068","display_name":"Tuba Yavuz","orcid":"https://orcid.org/0000-0002-5542-2142"},"institutions":[{"id":"https://openalex.org/I33213144","display_name":"University of Florida","ror":"https://ror.org/02y3ad647","country_code":"US","type":"education","lineage":["https://openalex.org/I33213144"]}],"countries":["US"],"is_corresponding":false,"raw_author_name":"Tuba Yavuz","raw_affiliation_strings":["University of Florida, USA"],"affiliations":[{"raw_affiliation_string":"University of Florida, USA","institution_ids":["https://openalex.org/I33213144"]}]}],"institutions":[],"countries_distinct_count":1,"institutions_distinct_count":2,"corresponding_author_ids":["https://openalex.org/A5073132031"],"corresponding_institution_ids":["https://openalex.org/I33213144"],"apc_list":null,"apc_paid":null,"fwci":0.0,"has_fulltext":false,"cited_by_count":0,"citation_normalized_percentile":{"value":0.1663286,"is_in_top_1_percent":false,"is_in_top_10_percent":false},"cited_by_percentile_year":null,"biblio":{"volume":null,"issue":null,"first_page":"29","last_page":"39"},"is_retracted":false,"is_paratext":false,"is_xpac":false,"primary_topic":{"id":"https://openalex.org/T11241","display_name":"Advanced Malware Detection Techniques","score":0.9998999834060669,"subfield":{"id":"https://openalex.org/subfields/1711","display_name":"Signal Processing"},"field":{"id":"https://openalex.org/fields/17","display_name":"Computer Science"},"domain":{"id":"https://openalex.org/domains/3","display_name":"Physical Sciences"}},"topics":[{"id":"https://openalex.org/T11241","display_name":"Advanced Malware Detection Techniques","score":0.9998999834060669,"subfield":{"id":"https://openalex.org/subfields/1711","display_name":"Signal Processing"},"field":{"id":"https://openalex.org/fields/17","display_name":"Computer Science"},"domain":{"id":"https://openalex.org/domains/3","display_name":"Physical Sciences"}},{"id":"https://openalex.org/T10743","display_name":"Software Testing and Debugging Techniques","score":0.9997000098228455,"subfield":{"id":"https://openalex.org/subfields/1712","display_name":"Software"},"field":{"id":"https://openalex.org/fields/17","display_name":"Computer Science"},"domain":{"id":"https://openalex.org/domains/3","display_name":"Physical Sciences"}},{"id":"https://openalex.org/T11424","display_name":"Security and Verification in Computing","score":0.9991999864578247,"subfield":{"id":"https://openalex.org/subfields/1702","display_name":"Artificial Intelligence"},"field":{"id":"https://openalex.org/fields/17","display_name":"Computer Science"},"domain":{"id":"https://openalex.org/domains/3","display_name":"Physical Sciences"}}],"keywords":[{"id":"https://openalex.org/keywords/computer-science","display_name":"Computer science","score":0.8540233373641968},{"id":"https://openalex.org/keywords/implementation","display_name":"Implementation","score":0.66999751329422},{"id":"https://openalex.org/keywords/protocol-stack","display_name":"Protocol stack","score":0.614955723285675},{"id":"https://openalex.org/keywords/scalability","display_name":"Scalability","score":0.600672721862793},{"id":"https://openalex.org/keywords/embedded-system","display_name":"Embedded system","score":0.5248320698738098},{"id":"https://openalex.org/keywords/protocol","display_name":"Protocol (science)","score":0.5173834562301636},{"id":"https://openalex.org/keywords/reliability","display_name":"Reliability (semiconductor)","score":0.4339714050292969},{"id":"https://openalex.org/keywords/operating-system","display_name":"Operating system","score":0.3172174096107483},{"id":"https://openalex.org/keywords/stack","display_name":"Stack (abstract data type)","score":0.2145141363143921},{"id":"https://openalex.org/keywords/programming-language","display_name":"Programming language","score":0.1091947853565216}],"concepts":[{"id":"https://openalex.org/C41008148","wikidata":"https://www.wikidata.org/wiki/Q21198","display_name":"Computer science","level":0,"score":0.8540233373641968},{"id":"https://openalex.org/C26713055","wikidata":"https://www.wikidata.org/wiki/Q245962","display_name":"Implementation","level":2,"score":0.66999751329422},{"id":"https://openalex.org/C38601921","wikidata":"https://www.wikidata.org/wiki/Q1757693","display_name":"Protocol stack","level":3,"score":0.614955723285675},{"id":"https://openalex.org/C48044578","wikidata":"https://www.wikidata.org/wiki/Q727490","display_name":"Scalability","level":2,"score":0.600672721862793},{"id":"https://openalex.org/C149635348","wikidata":"https://www.wikidata.org/wiki/Q193040","display_name":"Embedded system","level":1,"score":0.5248320698738098},{"id":"https://openalex.org/C2780385302","wikidata":"https://www.wikidata.org/wiki/Q367158","display_name":"Protocol (science)","level":3,"score":0.5173834562301636},{"id":"https://openalex.org/C43214815","wikidata":"https://www.wikidata.org/wiki/Q7310987","display_name":"Reliability (semiconductor)","level":3,"score":0.4339714050292969},{"id":"https://openalex.org/C111919701","wikidata":"https://www.wikidata.org/wiki/Q9135","display_name":"Operating system","level":1,"score":0.3172174096107483},{"id":"https://openalex.org/C9395851","wikidata":"https://www.wikidata.org/wiki/Q177929","display_name":"Stack (abstract data type)","level":2,"score":0.2145141363143921},{"id":"https://openalex.org/C199360897","wikidata":"https://www.wikidata.org/wiki/Q9143","display_name":"Programming language","level":1,"score":0.1091947853565216},{"id":"https://openalex.org/C204787440","wikidata":"https://www.wikidata.org/wiki/Q188504","display_name":"Alternative medicine","level":2,"score":0.0},{"id":"https://openalex.org/C121332964","wikidata":"https://www.wikidata.org/wiki/Q413","display_name":"Physics","level":0,"score":0.0},{"id":"https://openalex.org/C62520636","wikidata":"https://www.wikidata.org/wiki/Q944","display_name":"Quantum mechanics","level":1,"score":0.0},{"id":"https://openalex.org/C163258240","wikidata":"https://www.wikidata.org/wiki/Q25342","display_name":"Power (physics)","level":2,"score":0.0},{"id":"https://openalex.org/C142724271","wikidata":"https://www.wikidata.org/wiki/Q7208","display_name":"Pathology","level":1,"score":0.0},{"id":"https://openalex.org/C71924100","wikidata":"https://www.wikidata.org/wiki/Q11190","display_name":"Medicine","level":0,"score":0.0}],"mesh":[],"locations_count":1,"locations":[{"id":"doi:10.1145/3491371.3491372","is_oa":false,"landing_page_url":"https://doi.org/10.1145/3491371.3491372","pdf_url":null,"source":null,"license":null,"license_id":null,"version":"publishedVersion","is_accepted":true,"is_published":true,"raw_source_name":"8th International Conference on Networking, Systems and Security","raw_type":"proceedings-article"}],"best_oa_location":null,"sustainable_development_goals":[{"display_name":"Peace, Justice and strong institutions","id":"https://metadata.un.org/sdg/16","score":0.4699999988079071}],"awards":[{"id":"https://openalex.org/G6651028562","display_name":null,"funder_award_id":"CNS-1815883 CNS-1942235","funder_id":"https://openalex.org/F4320306076","funder_display_name":"National Science Foundation"}],"funders":[{"id":"https://openalex.org/F4320306076","display_name":"National Science Foundation","ror":"https://ror.org/021nxhr62"},{"id":"https://openalex.org/F4320306087","display_name":"Semiconductor Research Corporation","ror":"https://ror.org/047z4n946"}],"has_content":{"grobid_xml":false,"pdf":false},"content_urls":null,"referenced_works_count":7,"referenced_works":["https://openalex.org/W116894366","https://openalex.org/W1971719033","https://openalex.org/W2297774820","https://openalex.org/W2792181598","https://openalex.org/W2914209329","https://openalex.org/W3087624298","https://openalex.org/W3090199681"],"related_works":["https://openalex.org/W2120447654","https://openalex.org/W2977179488","https://openalex.org/W2144453115","https://openalex.org/W2128223750","https://openalex.org/W4238532390","https://openalex.org/W2188872161","https://openalex.org/W2961779879","https://openalex.org/W797688974","https://openalex.org/W2610007503","https://openalex.org/W4312899616"],"abstract_inverted_index":{"As":[0],"the":[1,14,24,41,50,65,91,94,102,126,132],"number":[2],"of":[3,5,13,35,49,98,105],"Internet":[4],"Things":[6],"(IoT)":[7],"devices":[8,30],"proliferate,":[9],"an":[10,46],"in-depth":[11],"understanding":[12],"IoT":[15,29,51,66],"attack":[16,52],"surface":[17],"has":[18],"become":[19],"quintessential":[20],"for":[21,63,80,108],"dealing":[22],"with":[23],"security":[25,67],"and":[26,31,68,101,122,128,141],"reliability":[27],"risks.":[28],"components":[32],"execute":[33],"implementations":[34,44,60],"various":[36],"communication":[37],"protocols.":[38],"Vulnerabilities":[39],"in":[40,58,84,117,146],"protocol":[42,74,85,143],"stack":[43,86],"form":[45],"important":[47],"part":[48],"surface.":[53],"Therefore,":[54],"finding":[55],"memory":[56,82,96,139],"errors":[57,83],"such":[59],"is":[61],"essential":[62],"improving":[64],"reliability.":[69],"This":[70],"paper":[71],"presents":[72],"a":[73,118,147],"knowledge":[75],"guided":[76],"hybrid":[77],"program":[78,92],"analysis":[79,107],"detecting":[81],"implementations.":[87],"Our":[88],"approach":[89,116],"utilizes":[90],"structure,":[93],"precise":[95],"model":[97],"symbolic":[99,158],"execution,":[100],"high":[103],"coverage":[104],"static":[106],"scalable":[109,149],"bug":[110],"finding.":[111],"We":[112],"have":[113],"implemented":[114],"our":[115],"tool":[119],"called":[120],"SEESAW":[121,135],"applied":[123],"it":[124],"to":[125,152,156],"USB":[127],"Bluetooth":[129],"modules":[130],"within":[131],"Linux":[133],"kernel.":[134],"can":[136],"reproduce":[137],"known":[138],"vulnerabilities":[140],"reach":[142],"relevant":[144],"targets":[145],"more":[148],"way":[150],"(up":[151],"99%":[153],"speedup)":[154],"compared":[155],"baseline":[157],"execution.":[159]},"counts_by_year":[],"updated_date":"2025-11-06T03:46:38.306776","created_date":"2025-10-10T00:00:00"}