{"id":"https://openalex.org/W4396723244","doi":"https://doi.org/10.1145/3589334.3645476","title":"Medusa: Unveil Memory Exhaustion DoS Vulnerabilities in Protocol Implementations","display_name":"Medusa: Unveil Memory Exhaustion DoS Vulnerabilities in Protocol Implementations","publication_year":2024,"publication_date":"2024-05-08","ids":{"openalex":"https://openalex.org/W4396723244","doi":"https://doi.org/10.1145/3589334.3645476"},"language":"en","primary_location":{"id":"doi:10.1145/3589334.3645476","is_oa":false,"landing_page_url":"https://doi.org/10.1145/3589334.3645476","pdf_url":null,"source":null,"license":null,"license_id":null,"version":"publishedVersion","is_accepted":true,"is_published":true,"raw_source_name":"Proceedings of the ACM Web Conference 2024","raw_type":"proceedings-article"},"type":"article","indexed_in":["crossref"],"open_access":{"is_oa":false,"oa_status":"closed","oa_url":null,"any_repository_has_fulltext":false},"authorships":[{"author_position":"first","author":{"id":"https://openalex.org/A5007997313","display_name":"Zhengjie Du","orcid":"https://orcid.org/0009-0002-7032-2681"},"institutions":[{"id":"https://openalex.org/I881766915","display_name":"Nanjing University","ror":"https://ror.org/01rxvg760","country_code":"CN","type":"education","lineage":["https://openalex.org/I881766915"]}],"countries":["CN"],"is_corresponding":true,"raw_author_name":"Zhengjie Du","raw_affiliation_strings":["State Key Laboratory for Novel Software Technology, Nanjing University, Nanjing, Jiangsu, China"],"affiliations":[{"raw_affiliation_string":"State Key Laboratory for Novel Software Technology, Nanjing University, Nanjing, Jiangsu, China","institution_ids":["https://openalex.org/I881766915"]}]},{"author_position":"middle","author":{"id":"https://openalex.org/A5068561556","display_name":"Yuekang Li","orcid":"https://orcid.org/0000-0003-4382-0757"},"institutions":[{"id":"https://openalex.org/I31746571","display_name":"UNSW Sydney","ror":"https://ror.org/03r8z3t63","country_code":"AU","type":"education","lineage":["https://openalex.org/I31746571"]}],"countries":["AU"],"is_corresponding":false,"raw_author_name":"Yuekang Li","raw_affiliation_strings":["University of New South Wales, Sydney, Australia"],"affiliations":[{"raw_affiliation_string":"University of New South Wales, Sydney, Australia","institution_ids":["https://openalex.org/I31746571"]}]},{"author_position":"middle","author":{"id":"https://openalex.org/A5053886363","display_name":"Yaowen Zheng","orcid":"https://orcid.org/0000-0002-8953-0782"},"institutions":[{"id":"https://openalex.org/I172675005","display_name":"Nanyang Technological University","ror":"https://ror.org/02e7b5302","country_code":"SG","type":"education","lineage":["https://openalex.org/I172675005"]}],"countries":["SG"],"is_corresponding":false,"raw_author_name":"Yaowen Zheng","raw_affiliation_strings":["Continental-NTU Corporate Lab, Nanyang Technological University, Singapore, Singapore"],"affiliations":[{"raw_affiliation_string":"Continental-NTU Corporate Lab, Nanyang Technological University, Singapore, Singapore","institution_ids":["https://openalex.org/I172675005"]}]},{"author_position":"middle","author":{"id":"https://openalex.org/A5032962222","display_name":"Xiaohan Zhang","orcid":"https://orcid.org/0000-0003-3260-4530"},"institutions":[{"id":"https://openalex.org/I149594827","display_name":"Xidian University","ror":"https://ror.org/05s92vm98","country_code":"CN","type":"education","lineage":["https://openalex.org/I149594827"]}],"countries":["CN"],"is_corresponding":false,"raw_author_name":"Xiaohan Zhang","raw_affiliation_strings":["Xidian University, Xi'an, China"],"affiliations":[{"raw_affiliation_string":"Xidian University, Xi'an, China","institution_ids":["https://openalex.org/I149594827"]}]},{"author_position":"middle","author":{"id":"https://openalex.org/A5071275263","display_name":"Cen Zhang","orcid":"https://orcid.org/0000-0001-5603-1322"},"institutions":[{"id":"https://openalex.org/I172675005","display_name":"Nanyang Technological University","ror":"https://ror.org/02e7b5302","country_code":"SG","type":"education","lineage":["https://openalex.org/I172675005"]}],"countries":["SG"],"is_corresponding":false,"raw_author_name":"Cen Zhang","raw_affiliation_strings":["Nanyang Technological University, Singapore, Singapore"],"affiliations":[{"raw_affiliation_string":"Nanyang Technological University, Singapore, Singapore","institution_ids":["https://openalex.org/I172675005"]}]},{"author_position":"middle","author":{"id":"https://openalex.org/A5100330541","display_name":"Yi Liu","orcid":"https://orcid.org/0000-0002-4978-127X"},"institutions":[{"id":"https://openalex.org/I172675005","display_name":"Nanyang Technological University","ror":"https://ror.org/02e7b5302","country_code":"SG","type":"education","lineage":["https://openalex.org/I172675005"]}],"countries":["SG"],"is_corresponding":false,"raw_author_name":"Yi Liu","raw_affiliation_strings":["Continental-NTU Corporate Lab, Nanyang Technological University, Singapore, Singapore","Nanyang Technological University, Singapore, Singapore"],"affiliations":[{"raw_affiliation_string":"Continental-NTU Corporate Lab, Nanyang Technological University, Singapore, Singapore","institution_ids":["https://openalex.org/I172675005"]},{"raw_affiliation_string":"Nanyang Technological University, Singapore, Singapore","institution_ids":["https://openalex.org/I172675005"]}]},{"author_position":"middle","author":{"id":"https://openalex.org/A5046993870","display_name":"Sheikh Mahbub Habib","orcid":"https://orcid.org/0000-0003-1183-4310"},"institutions":[{"id":"https://openalex.org/I147869694","display_name":"Continental (Germany)","ror":"https://ror.org/0359s0245","country_code":"DE","type":"company","lineage":["https://openalex.org/I147869694"]}],"countries":["DE"],"is_corresponding":false,"raw_author_name":"Sheikh Mahbub Habib","raw_affiliation_strings":["Continental Automotive Technologies GmbH, Hannover, Frankfurt, Germany"],"affiliations":[{"raw_affiliation_string":"Continental Automotive Technologies GmbH, Hannover, Frankfurt, Germany","institution_ids":["https://openalex.org/I147869694"]}]},{"author_position":"middle","author":{"id":"https://openalex.org/A5100626958","display_name":"Xinghua Li","orcid":"https://orcid.org/0000-0002-5583-4155"},"institutions":[{"id":"https://openalex.org/I149594827","display_name":"Xidian University","ror":"https://ror.org/05s92vm98","country_code":"CN","type":"education","lineage":["https://openalex.org/I149594827"]}],"countries":["CN"],"is_corresponding":false,"raw_author_name":"Xinghua Li","raw_affiliation_strings":["Xidian University, Xi'an, China"],"affiliations":[{"raw_affiliation_string":"Xidian University, Xi'an, China","institution_ids":["https://openalex.org/I149594827"]}]},{"author_position":"middle","author":{"id":"https://openalex.org/A5090305216","display_name":"Linzhang Wang","orcid":"https://orcid.org/0000-0003-4794-1652"},"institutions":[{"id":"https://openalex.org/I881766915","display_name":"Nanjing University","ror":"https://ror.org/01rxvg760","country_code":"CN","type":"education","lineage":["https://openalex.org/I881766915"]}],"countries":["CN"],"is_corresponding":false,"raw_author_name":"Linzhang Wang","raw_affiliation_strings":["State Key Laboratory for Novel Software Technology, Nanjing University, Nanjing, Jiangsu, China"],"affiliations":[{"raw_affiliation_string":"State Key Laboratory for Novel Software Technology, Nanjing University, Nanjing, Jiangsu, China","institution_ids":["https://openalex.org/I881766915"]}]},{"author_position":"middle","author":{"id":"https://openalex.org/A5100355692","display_name":"Yang Liu","orcid":"https://orcid.org/0000-0001-7300-9215"},"institutions":[{"id":"https://openalex.org/I172675005","display_name":"Nanyang Technological University","ror":"https://ror.org/02e7b5302","country_code":"SG","type":"education","lineage":["https://openalex.org/I172675005"]}],"countries":["SG"],"is_corresponding":false,"raw_author_name":"Yang Liu","raw_affiliation_strings":["Continental-NTU Corporate Lab, Nanyang Technological University, Singapore, Singapore","Nanyang Technological University, Singapore, Singapore"],"affiliations":[{"raw_affiliation_string":"Continental-NTU Corporate Lab, Nanyang Technological University, Singapore, Singapore","institution_ids":["https://openalex.org/I172675005"]},{"raw_affiliation_string":"Nanyang Technological University, Singapore, Singapore","institution_ids":["https://openalex.org/I172675005"]}]},{"author_position":"last","author":{"id":"https://openalex.org/A5032564674","display_name":"Bing Mao","orcid":null},"institutions":[{"id":"https://openalex.org/I881766915","display_name":"Nanjing University","ror":"https://ror.org/01rxvg760","country_code":"CN","type":"education","lineage":["https://openalex.org/I881766915"]}],"countries":["CN"],"is_corresponding":false,"raw_author_name":"Bing Mao","raw_affiliation_strings":["State Key Laboratory for Novel Software Technology, Nanjing University, Nanjing, Jiangsu, China"],"affiliations":[{"raw_affiliation_string":"State Key Laboratory for Novel Software Technology, Nanjing University, Nanjing, Jiangsu, China","institution_ids":["https://openalex.org/I881766915"]}]}],"institutions":[],"countries_distinct_count":4,"institutions_distinct_count":11,"corresponding_author_ids":["https://openalex.org/A5007997313"],"corresponding_institution_ids":["https://openalex.org/I881766915"],"apc_list":null,"apc_paid":null,"fwci":0.698,"has_fulltext":false,"cited_by_count":2,"citation_normalized_percentile":{"value":0.6930211,"is_in_top_1_percent":false,"is_in_top_10_percent":false},"cited_by_percentile_year":{"min":90,"max":95},"biblio":{"volume":null,"issue":null,"first_page":"1668","last_page":"1679"},"is_retracted":false,"is_paratext":false,"is_xpac":false,"primary_topic":{"id":"https://openalex.org/T10400","display_name":"Network Security and Intrusion Detection","score":0.9997000098228455,"subfield":{"id":"https://openalex.org/subfields/1705","display_name":"Computer Networks and Communications"},"field":{"id":"https://openalex.org/fields/17","display_name":"Computer Science"},"domain":{"id":"https://openalex.org/domains/3","display_name":"Physical Sciences"}},"topics":[{"id":"https://openalex.org/T10400","display_name":"Network Security and Intrusion Detection","score":0.9997000098228455,"subfield":{"id":"https://openalex.org/subfields/1705","display_name":"Computer Networks and Communications"},"field":{"id":"https://openalex.org/fields/17","display_name":"Computer Science"},"domain":{"id":"https://openalex.org/domains/3","display_name":"Physical Sciences"}},{"id":"https://openalex.org/T11424","display_name":"Security and Verification in Computing","score":0.9991000294685364,"subfield":{"id":"https://openalex.org/subfields/1702","display_name":"Artificial Intelligence"},"field":{"id":"https://openalex.org/fields/17","display_name":"Computer Science"},"domain":{"id":"https://openalex.org/domains/3","display_name":"Physical Sciences"}},{"id":"https://openalex.org/T12127","display_name":"Software System Performance and Reliability","score":0.9983000159263611,"subfield":{"id":"https://openalex.org/subfields/1705","display_name":"Computer Networks and Communications"},"field":{"id":"https://openalex.org/fields/17","display_name":"Computer Science"},"domain":{"id":"https://openalex.org/domains/3","display_name":"Physical Sciences"}}],"keywords":[{"id":"https://openalex.org/keywords/computer-security","display_name":"Computer security","score":0.7549262642860413},{"id":"https://openalex.org/keywords/denial-of-service-attack","display_name":"Denial-of-service attack","score":0.7109149098396301},{"id":"https://openalex.org/keywords/computer-science","display_name":"Computer science","score":0.6851791143417358},{"id":"https://openalex.org/keywords/vulnerability","display_name":"Vulnerability (computing)","score":0.6350135803222656},{"id":"https://openalex.org/keywords/implementation","display_name":"Implementation","score":0.5984689593315125},{"id":"https://openalex.org/keywords/unavailability","display_name":"Unavailability","score":0.5270046591758728},{"id":"https://openalex.org/keywords/protocol","display_name":"Protocol (science)","score":0.49284791946411133},{"id":"https://openalex.org/keywords/server","display_name":"Server","score":0.4757792055606842},{"id":"https://openalex.org/keywords/service","display_name":"Service (business)","score":0.4429779052734375},{"id":"https://openalex.org/keywords/internet-privacy","display_name":"Internet privacy","score":0.40836799144744873},{"id":"https://openalex.org/keywords/world-wide-web","display_name":"World Wide Web","score":0.28242090344429016},{"id":"https://openalex.org/keywords/business","display_name":"Business","score":0.2183428704738617},{"id":"https://openalex.org/keywords/the-internet","display_name":"The Internet","score":0.1916508972644806},{"id":"https://openalex.org/keywords/engineering","display_name":"Engineering","score":0.12586158514022827},{"id":"https://openalex.org/keywords/software-engineering","display_name":"Software engineering","score":0.09493228793144226}],"concepts":[{"id":"https://openalex.org/C38652104","wikidata":"https://www.wikidata.org/wiki/Q3510521","display_name":"Computer security","level":1,"score":0.7549262642860413},{"id":"https://openalex.org/C38822068","wikidata":"https://www.wikidata.org/wiki/Q131406","display_name":"Denial-of-service attack","level":3,"score":0.7109149098396301},{"id":"https://openalex.org/C41008148","wikidata":"https://www.wikidata.org/wiki/Q21198","display_name":"Computer science","level":0,"score":0.6851791143417358},{"id":"https://openalex.org/C95713431","wikidata":"https://www.wikidata.org/wiki/Q631425","display_name":"Vulnerability (computing)","level":2,"score":0.6350135803222656},{"id":"https://openalex.org/C26713055","wikidata":"https://www.wikidata.org/wiki/Q245962","display_name":"Implementation","level":2,"score":0.5984689593315125},{"id":"https://openalex.org/C2780505938","wikidata":"https://www.wikidata.org/wiki/Q17093282","display_name":"Unavailability","level":2,"score":0.5270046591758728},{"id":"https://openalex.org/C2780385302","wikidata":"https://www.wikidata.org/wiki/Q367158","display_name":"Protocol (science)","level":3,"score":0.49284791946411133},{"id":"https://openalex.org/C93996380","wikidata":"https://www.wikidata.org/wiki/Q44127","display_name":"Server","level":2,"score":0.4757792055606842},{"id":"https://openalex.org/C2780378061","wikidata":"https://www.wikidata.org/wiki/Q25351891","display_name":"Service (business)","level":2,"score":0.4429779052734375},{"id":"https://openalex.org/C108827166","wikidata":"https://www.wikidata.org/wiki/Q175975","display_name":"Internet privacy","level":1,"score":0.40836799144744873},{"id":"https://openalex.org/C136764020","wikidata":"https://www.wikidata.org/wiki/Q466","display_name":"World Wide Web","level":1,"score":0.28242090344429016},{"id":"https://openalex.org/C144133560","wikidata":"https://www.wikidata.org/wiki/Q4830453","display_name":"Business","level":0,"score":0.2183428704738617},{"id":"https://openalex.org/C110875604","wikidata":"https://www.wikidata.org/wiki/Q75","display_name":"The Internet","level":2,"score":0.1916508972644806},{"id":"https://openalex.org/C127413603","wikidata":"https://www.wikidata.org/wiki/Q11023","display_name":"Engineering","level":0,"score":0.12586158514022827},{"id":"https://openalex.org/C115903868","wikidata":"https://www.wikidata.org/wiki/Q80993","display_name":"Software engineering","level":1,"score":0.09493228793144226},{"id":"https://openalex.org/C200601418","wikidata":"https://www.wikidata.org/wiki/Q2193887","display_name":"Reliability engineering","level":1,"score":0.0},{"id":"https://openalex.org/C142724271","wikidata":"https://www.wikidata.org/wiki/Q7208","display_name":"Pathology","level":1,"score":0.0},{"id":"https://openalex.org/C71924100","wikidata":"https://www.wikidata.org/wiki/Q11190","display_name":"Medicine","level":0,"score":0.0},{"id":"https://openalex.org/C162853370","wikidata":"https://www.wikidata.org/wiki/Q39809","display_name":"Marketing","level":1,"score":0.0},{"id":"https://openalex.org/C204787440","wikidata":"https://www.wikidata.org/wiki/Q188504","display_name":"Alternative medicine","level":2,"score":0.0}],"mesh":[],"locations_count":1,"locations":[{"id":"doi:10.1145/3589334.3645476","is_oa":false,"landing_page_url":"https://doi.org/10.1145/3589334.3645476","pdf_url":null,"source":null,"license":null,"license_id":null,"version":"publishedVersion","is_accepted":true,"is_published":true,"raw_source_name":"Proceedings of the ACM Web Conference 2024","raw_type":"proceedings-article"}],"best_oa_location":null,"sustainable_development_goals":[{"score":0.4099999964237213,"display_name":"Reduced inequalities","id":"https://metadata.un.org/sdg/10"}],"awards":[],"funders":[],"has_content":{"grobid_xml":false,"pdf":false},"content_urls":null,"referenced_works_count":28,"referenced_works":["https://openalex.org/W77946476","https://openalex.org/W1878544538","https://openalex.org/W1884983968","https://openalex.org/W2018992824","https://openalex.org/W2051700952","https://openalex.org/W2159160833","https://openalex.org/W2795192879","https://openalex.org/W2914982603","https://openalex.org/W2955835447","https://openalex.org/W2964241064","https://openalex.org/W3007603430","https://openalex.org/W3019428952","https://openalex.org/W3034273612","https://openalex.org/W3043579230","https://openalex.org/W3046946156","https://openalex.org/W3047947484","https://openalex.org/W3168047084","https://openalex.org/W3172336096","https://openalex.org/W3181528482","https://openalex.org/W3189644315","https://openalex.org/W4221162427","https://openalex.org/W4251988601","https://openalex.org/W4292436989","https://openalex.org/W4311270812","https://openalex.org/W4396723244","https://openalex.org/W6810421805","https://openalex.org/W6833780757","https://openalex.org/W6863951927"],"related_works":["https://openalex.org/W4237235066","https://openalex.org/W2026539069","https://openalex.org/W207884067","https://openalex.org/W3127016596","https://openalex.org/W2365973415","https://openalex.org/W1482423459","https://openalex.org/W2996457675","https://openalex.org/W3146085540","https://openalex.org/W2129918226","https://openalex.org/W843992174"],"abstract_inverted_index":{"Web":[0],"services":[1,25,55,104],"have":[2],"brought":[3],"great":[4,28],"convenience":[5],"to":[6,14,62,70,92],"our":[7],"daily":[8],"lives.":[9],"Meanwhile,":[10],"they":[11,39],"are":[12,35,40,75],"vulnerable":[13,47,99],"Denial-of-Service":[15],"(DoS)":[16],"attacks.":[17],"DoS":[18],"attacks":[19],"launched":[20],"via":[21],"vulnerabilities":[22,31,64,74,85],"in":[23,32,123],"the":[24,41,53,63,67,88,93,98,107,111],"can":[26,50,86],"cause":[27,66],"harm.":[29],"The":[30],"protocol":[33,48],"implementations":[34],"especially":[36],"important":[37],"because":[38,83],"keystones":[42],"of":[43,59,95,113,116],"web":[44,54],"services.":[45],"One":[46],"implementation":[49],"affect":[51],"all":[52],"built":[56],"on":[57,106],"top":[58],"it.":[60],"Compared":[61],"that":[65],"target":[68],"service":[69,100],"crash,":[71],"resource":[72],"exhaustion":[73],"equally":[76],"if":[77],"not":[78,96],"more":[79],"important.":[80],"This":[81],"is":[82],"such":[84],"deplete":[87],"system":[89],"resources,":[90],"leading":[91],"unavailability":[94],"only":[97],"but":[101],"also":[102],"other":[103],"running":[105],"same":[108],"machine.":[109],"Despite":[110],"significance":[112],"this":[114,124],"type":[115],"vulnerability,":[117],"there":[118],"has":[119],"been":[120],"limited":[121],"research":[122],"area.":[125]},"counts_by_year":[{"year":2025,"cited_by_count":1},{"year":2024,"cited_by_count":1}],"updated_date":"2026-03-27T05:58:40.876381","created_date":"2025-10-10T00:00:00"}