{"id":"https://openalex.org/W2076663662","doi":"https://doi.org/10.1145/2814270.2814313","title":"Use at your own risk: the Java unsafe API in the wild","display_name":"Use at your own risk: the Java unsafe API in the wild","publication_year":2015,"publication_date":"2015-10-23","ids":{"openalex":"https://openalex.org/W2076663662","doi":"https://doi.org/10.1145/2814270.2814313","mag":"2076663662"},"language":"en","primary_location":{"id":"doi:10.1145/2814270.2814313","is_oa":false,"landing_page_url":"https://doi.org/10.1145/2814270.2814313","pdf_url":null,"source":null,"license":null,"license_id":null,"version":"publishedVersion","is_accepted":true,"is_published":true,"raw_source_name":"Proceedings of the 2015 ACM SIGPLAN International Conference on Object-Oriented Programming, Systems, Languages, and Applications","raw_type":"proceedings-article"},"type":"article","indexed_in":["crossref"],"open_access":{"is_oa":false,"oa_status":"closed","oa_url":null,"any_repository_has_fulltext":false},"authorships":[{"author_position":"first","author":{"id":"https://openalex.org/A5056625850","display_name":"Luis Mastrangelo","orcid":null},"institutions":[{"id":"https://openalex.org/I57201433","display_name":"Universit\u00e0 della Svizzera italiana","ror":"https://ror.org/03c4atk17","country_code":"CH","type":"education","lineage":["https://openalex.org/I57201433"]}],"countries":["CH"],"is_corresponding":true,"raw_author_name":"Luis Mastrangelo","raw_affiliation_strings":["University of Lugano, Switzerland","University of Lugano, Switzerland#TAB#"],"affiliations":[{"raw_affiliation_string":"University of Lugano, Switzerland","institution_ids":["https://openalex.org/I57201433"]},{"raw_affiliation_string":"University of Lugano, Switzerland#TAB#","institution_ids":["https://openalex.org/I57201433"]}]},{"author_position":"middle","author":{"id":"https://openalex.org/A5027648410","display_name":"Luca Ponzanelli","orcid":"https://orcid.org/0000-0001-9890-0557"},"institutions":[{"id":"https://openalex.org/I57201433","display_name":"Universit\u00e0 della Svizzera italiana","ror":"https://ror.org/03c4atk17","country_code":"CH","type":"education","lineage":["https://openalex.org/I57201433"]}],"countries":["CH"],"is_corresponding":false,"raw_author_name":"Luca Ponzanelli","raw_affiliation_strings":["University of Lugano, Switzerland","University of Lugano, Switzerland#TAB#"],"affiliations":[{"raw_affiliation_string":"University of Lugano, Switzerland","institution_ids":["https://openalex.org/I57201433"]},{"raw_affiliation_string":"University of Lugano, Switzerland#TAB#","institution_ids":["https://openalex.org/I57201433"]}]},{"author_position":"middle","author":{"id":"https://openalex.org/A5084194284","display_name":"Andrea Mocci","orcid":"https://orcid.org/0000-0002-8426-5676"},"institutions":[{"id":"https://openalex.org/I57201433","display_name":"Universit\u00e0 della Svizzera italiana","ror":"https://ror.org/03c4atk17","country_code":"CH","type":"education","lineage":["https://openalex.org/I57201433"]}],"countries":["CH"],"is_corresponding":false,"raw_author_name":"Andrea Mocci","raw_affiliation_strings":["University of Lugano, Switzerland","University of Lugano, Switzerland#TAB#"],"affiliations":[{"raw_affiliation_string":"University of Lugano, Switzerland","institution_ids":["https://openalex.org/I57201433"]},{"raw_affiliation_string":"University of Lugano, Switzerland#TAB#","institution_ids":["https://openalex.org/I57201433"]}]},{"author_position":"middle","author":{"id":"https://openalex.org/A5038257395","display_name":"Michele Lanza","orcid":"https://orcid.org/0000-0003-4391-0197"},"institutions":[{"id":"https://openalex.org/I57201433","display_name":"Universit\u00e0 della Svizzera italiana","ror":"https://ror.org/03c4atk17","country_code":"CH","type":"education","lineage":["https://openalex.org/I57201433"]}],"countries":["CH"],"is_corresponding":false,"raw_author_name":"Michele Lanza","raw_affiliation_strings":["University of Lugano, Switzerland","University of Lugano, Switzerland#TAB#"],"affiliations":[{"raw_affiliation_string":"University of Lugano, Switzerland","institution_ids":["https://openalex.org/I57201433"]},{"raw_affiliation_string":"University of Lugano, Switzerland#TAB#","institution_ids":["https://openalex.org/I57201433"]}]},{"author_position":"middle","author":{"id":"https://openalex.org/A5078770676","display_name":"Matthias Hauswirth","orcid":"https://orcid.org/0000-0001-5527-5931"},"institutions":[{"id":"https://openalex.org/I57201433","display_name":"Universit\u00e0 della Svizzera italiana","ror":"https://ror.org/03c4atk17","country_code":"CH","type":"education","lineage":["https://openalex.org/I57201433"]}],"countries":["CH"],"is_corresponding":false,"raw_author_name":"Matthias Hauswirth","raw_affiliation_strings":["University of Lugano, Switzerland","University of Lugano, Switzerland#TAB#"],"affiliations":[{"raw_affiliation_string":"University of Lugano, Switzerland","institution_ids":["https://openalex.org/I57201433"]},{"raw_affiliation_string":"University of Lugano, Switzerland#TAB#","institution_ids":["https://openalex.org/I57201433"]}]},{"author_position":"last","author":{"id":"https://openalex.org/A5111998286","display_name":"Nathaniel Nystrom","orcid":null},"institutions":[{"id":"https://openalex.org/I57201433","display_name":"Universit\u00e0 della Svizzera italiana","ror":"https://ror.org/03c4atk17","country_code":"CH","type":"education","lineage":["https://openalex.org/I57201433"]}],"countries":["CH"],"is_corresponding":false,"raw_author_name":"Nathaniel Nystrom","raw_affiliation_strings":["University of Lugano, Switzerland","University of Lugano, Switzerland#TAB#"],"affiliations":[{"raw_affiliation_string":"University of Lugano, Switzerland","institution_ids":["https://openalex.org/I57201433"]},{"raw_affiliation_string":"University of Lugano, Switzerland#TAB#","institution_ids":["https://openalex.org/I57201433"]}]}],"institutions":[],"countries_distinct_count":1,"institutions_distinct_count":6,"corresponding_author_ids":["https://openalex.org/A5056625850"],"corresponding_institution_ids":["https://openalex.org/I57201433"],"apc_list":null,"apc_paid":null,"fwci":12.4626,"has_fulltext":false,"cited_by_count":61,"citation_normalized_percentile":{"value":0.98570293,"is_in_top_1_percent":false,"is_in_top_10_percent":true},"cited_by_percentile_year":{"min":90,"max":99},"biblio":{"volume":null,"issue":null,"first_page":"695","last_page":"710"},"is_retracted":false,"is_paratext":false,"is_xpac":false,"primary_topic":{"id":"https://openalex.org/T11424","display_name":"Security and Verification in Computing","score":0.9987000226974487,"subfield":{"id":"https://openalex.org/subfields/1702","display_name":"Artificial Intelligence"},"field":{"id":"https://openalex.org/fields/17","display_name":"Computer Science"},"domain":{"id":"https://openalex.org/domains/3","display_name":"Physical Sciences"}},"topics":[{"id":"https://openalex.org/T11424","display_name":"Security and Verification in Computing","score":0.9987000226974487,"subfield":{"id":"https://openalex.org/subfields/1702","display_name":"Artificial Intelligence"},"field":{"id":"https://openalex.org/fields/17","display_name":"Computer Science"},"domain":{"id":"https://openalex.org/domains/3","display_name":"Physical Sciences"}},{"id":"https://openalex.org/T10639","display_name":"Advanced Software Engineering Methodologies","score":0.9955000281333923,"subfield":{"id":"https://openalex.org/subfields/1702","display_name":"Artificial Intelligence"},"field":{"id":"https://openalex.org/fields/17","display_name":"Computer Science"},"domain":{"id":"https://openalex.org/domains/3","display_name":"Physical Sciences"}},{"id":"https://openalex.org/T11241","display_name":"Advanced Malware Detection Techniques","score":0.9937000274658203,"subfield":{"id":"https://openalex.org/subfields/1711","display_name":"Signal Processing"},"field":{"id":"https://openalex.org/fields/17","display_name":"Computer Science"},"domain":{"id":"https://openalex.org/domains/3","display_name":"Physical Sciences"}}],"keywords":[{"id":"https://openalex.org/keywords/java","display_name":"Java","score":0.9049841165542603},{"id":"https://openalex.org/keywords/computer-science","display_name":"Computer science","score":0.8592723608016968},{"id":"https://openalex.org/keywords/real-time-java","display_name":"Real time Java","score":0.8186834454536438},{"id":"https://openalex.org/keywords/strictfp","display_name":"strictfp","score":0.814244270324707},{"id":"https://openalex.org/keywords/java-modeling-language","display_name":"Java Modeling Language","score":0.7868316173553467},{"id":"https://openalex.org/keywords/java-annotation","display_name":"Java annotation","score":0.7787399888038635},{"id":"https://openalex.org/keywords/generics-in-java","display_name":"Generics in Java","score":0.714375913143158},{"id":"https://openalex.org/keywords/java-api-for-xml-based-rpc","display_name":"Java API for XML-based RPC","score":0.7125979661941528},{"id":"https://openalex.org/keywords/java-applet","display_name":"Java applet","score":0.6489227414131165},{"id":"https://openalex.org/keywords/programming-language","display_name":"Programming language","score":0.537070095539093},{"id":"https://openalex.org/keywords/java-concurrency","display_name":"Java concurrency","score":0.5212400555610657},{"id":"https://openalex.org/keywords/backdoor","display_name":"Backdoor","score":0.4828244149684906},{"id":"https://openalex.org/keywords/java-bytecode","display_name":"Java bytecode","score":0.46790820360183716},{"id":"https://openalex.org/keywords/operating-system","display_name":"Operating system","score":0.452401727437973},{"id":"https://openalex.org/keywords/java-card","display_name":"Java Card","score":0.41887959837913513},{"id":"https://openalex.org/keywords/code","display_name":"Code (set theory)","score":0.41487616300582886},{"id":"https://openalex.org/keywords/set","display_name":"Set (abstract data type)","score":0.06524166464805603}],"concepts":[{"id":"https://openalex.org/C548217200","wikidata":"https://www.wikidata.org/wiki/Q251","display_name":"Java","level":2,"score":0.9049841165542603},{"id":"https://openalex.org/C41008148","wikidata":"https://www.wikidata.org/wiki/Q21198","display_name":"Computer science","level":0,"score":0.8592723608016968},{"id":"https://openalex.org/C132106392","wikidata":"https://www.wikidata.org/wiki/Q1373903","display_name":"Real time Java","level":3,"score":0.8186834454536438},{"id":"https://openalex.org/C174954855","wikidata":"https://www.wikidata.org/wiki/Q7623626","display_name":"strictfp","level":4,"score":0.814244270324707},{"id":"https://openalex.org/C60945770","wikidata":"https://www.wikidata.org/wiki/Q2517517","display_name":"Java Modeling Language","level":5,"score":0.7868316173553467},{"id":"https://openalex.org/C168702491","wikidata":"https://www.wikidata.org/wiki/Q567345","display_name":"Java annotation","level":4,"score":0.7787399888038635},{"id":"https://openalex.org/C172482141","wikidata":"https://www.wikidata.org/wiki/Q379273","display_name":"Generics in Java","level":5,"score":0.714375913143158},{"id":"https://openalex.org/C32235180","wikidata":"https://www.wikidata.org/wiki/Q921902","display_name":"Java API for XML-based RPC","level":5,"score":0.7125979661941528},{"id":"https://openalex.org/C15524039","wikidata":"https://www.wikidata.org/wiki/Q865817","display_name":"Java applet","level":3,"score":0.6489227414131165},{"id":"https://openalex.org/C199360897","wikidata":"https://www.wikidata.org/wiki/Q9143","display_name":"Programming language","level":1,"score":0.537070095539093},{"id":"https://openalex.org/C181907185","wikidata":"https://www.wikidata.org/wiki/Q1100098","display_name":"Java concurrency","level":4,"score":0.5212400555610657},{"id":"https://openalex.org/C2781045450","wikidata":"https://www.wikidata.org/wiki/Q254569","display_name":"Backdoor","level":2,"score":0.4828244149684906},{"id":"https://openalex.org/C2777472213","wikidata":"https://www.wikidata.org/wiki/Q137496","display_name":"Java bytecode","level":5,"score":0.46790820360183716},{"id":"https://openalex.org/C111919701","wikidata":"https://www.wikidata.org/wiki/Q9135","display_name":"Operating system","level":1,"score":0.452401727437973},{"id":"https://openalex.org/C47747970","wikidata":"https://www.wikidata.org/wiki/Q46101","display_name":"Java Card","level":4,"score":0.41887959837913513},{"id":"https://openalex.org/C2776760102","wikidata":"https://www.wikidata.org/wiki/Q5139990","display_name":"Code (set theory)","level":3,"score":0.41487616300582886},{"id":"https://openalex.org/C177264268","wikidata":"https://www.wikidata.org/wiki/Q1514741","display_name":"Set (abstract data type)","level":2,"score":0.06524166464805603}],"mesh":[],"locations_count":2,"locations":[{"id":"doi:10.1145/2814270.2814313","is_oa":false,"landing_page_url":"https://doi.org/10.1145/2814270.2814313","pdf_url":null,"source":null,"license":null,"license_id":null,"version":"publishedVersion","is_accepted":true,"is_published":true,"raw_source_name":"Proceedings of the 2015 ACM SIGPLAN International Conference on Object-Oriented Programming, Systems, Languages, and Applications","raw_type":"proceedings-article"},{"id":"pmh:oai:CiteSeerX.psu:10.1.1.702.205","is_oa":false,"landing_page_url":"http://citeseerx.ist.psu.edu/viewdoc/summary?doi=10.1.1.702.205","pdf_url":null,"source":null,"license":null,"license_id":null,"version":"submittedVersion","is_accepted":false,"is_published":false,"raw_source_name":"http://www.inf.usi.ch/faculty/lanza/Downloads/Mast2015a.pdf","raw_type":"text"}],"best_oa_location":null,"sustainable_development_goals":[],"awards":[{"id":"https://openalex.org/G488661009","display_name":null,"funder_award_id":"CRSII2 136225","funder_id":"https://openalex.org/F4320320924","funder_display_name":"Schweizerischer Nationalfonds zur F\u00f6rderung der Wissenschaftlichen Forschung"}],"funders":[{"id":"https://openalex.org/F4320320924","display_name":"Schweizerischer Nationalfonds zur F\u00f6rderung der Wissenschaftlichen Forschung","ror":"https://ror.org/00yjd3n13"}],"has_content":{"pdf":false,"grobid_xml":false},"content_urls":null,"referenced_works_count":22,"referenced_works":["https://openalex.org/W1572739102","https://openalex.org/W1577247784","https://openalex.org/W1601193885","https://openalex.org/W1644882639","https://openalex.org/W1777693579","https://openalex.org/W1850047186","https://openalex.org/W1999753800","https://openalex.org/W2028889016","https://openalex.org/W2049730362","https://openalex.org/W2060632533","https://openalex.org/W2065266923","https://openalex.org/W2077337386","https://openalex.org/W2086720197","https://openalex.org/W2106558531","https://openalex.org/W2107917004","https://openalex.org/W2112939580","https://openalex.org/W2146766856","https://openalex.org/W2148746214","https://openalex.org/W2167025094","https://openalex.org/W2168649891","https://openalex.org/W3142144036","https://openalex.org/W3186546642"],"related_works":["https://openalex.org/W2197133764","https://openalex.org/W370370040","https://openalex.org/W2068892086","https://openalex.org/W4251502439","https://openalex.org/W2483494257","https://openalex.org/W2901199323","https://openalex.org/W2066931381","https://openalex.org/W197458610","https://openalex.org/W2217332108","https://openalex.org/W412736943"],"abstract_inverted_index":{"Java":[0,14,39,47,104,146,151,171,178],"is":[1,66,71,134,213],"a":[2,34,50,135,216],"safe":[3,93,112],"language.":[4],"Its":[5],"runtime":[6,27,48,118],"environment":[7],"provides":[8],"strong":[9],"safety":[10,62,183,227],"guarantees":[11,184],"that":[12,25,52,92,138,168],"any":[13],"application":[15,44],"can":[16],"rely":[17],"on.":[18],"Or":[19],"so":[20],"we":[21,199],"think.":[22],"We":[23,140,166,188],"show":[24],"the":[26,46,89,115,117,121,124,219],"actually":[28],"does":[29],"not":[30],"provide":[31,200,215],"these":[32,100,208],"guarantees---for":[33],"large":[35],"fraction":[36],"of":[37,144,170,194,221],"today's":[38],"code.":[40],"Unbeknownst":[41],"to":[42,59,74,80,153,214,225],"many":[43],"developers,":[45],"includes":[49],"\"backdoor\"":[51],"allows":[53],"expert":[54],"library":[55],"and":[56,70,164,180,198],"framework":[57],"developers":[58],"circumvent":[60],"Java's":[61,156,182,195],"guarantees.":[63],"This":[64,132],"backdoor":[65],"there":[67],"by":[68,113],"design,":[69],"well":[72],"known":[73],"experts,":[75],"as":[76],"it":[77],"enables":[78],"them":[79],"write":[81],"high-performance":[82],"\"systems-level\"":[83],"code":[84,206],"in":[85,103,137,161,228],"Java.":[86,229],"For":[87],"much":[88],"same":[90],"reasons":[91],"languages":[94],"are":[95,159],"preferred":[96],"over":[97,149],"unsafe":[98,157,176,196],"languages,":[99],"powerful---but":[101],"unsafe---capabilities":[102],"should":[105,109,129],"be":[106,110,130,186],"restricted.":[107,131],"They":[108],"made":[111],"changing":[114],"language,":[116],"system,":[119],"or":[120],"libraries.":[122],"At":[123],"very":[125],"least,":[126],"their":[127],"use":[128],"paper":[133],"step":[136],"direction.":[139],"analyzed":[141],"74":[142],"GB":[143],"compiled":[145],"code,":[147,179],"spread":[148],"86,479":[150],"archives,":[152],"determine":[154],"how":[155],"capabilities":[158],"used":[160],"real-world":[162,205],"libraries":[163],"applications.":[165],"found":[167],"25%":[169],"bytecode":[172],"archives":[173],"depend":[174],"on":[175],"third-party":[177],"thus":[181],"cannot":[185],"trusted.":[187],"identify":[189],"14":[190],"different":[191],"usage":[192],"patterns":[193],"capabilities,":[197],"supporting":[201],"evidence":[202],"for":[203,218],"why":[204],"needs":[207],"capabilities.":[209],"Our":[210],"long-term":[211],"goal":[212],"foundation":[217],"design":[220],"new":[222],"language":[223],"features":[224],"regain":[226]},"counts_by_year":[{"year":2024,"cited_by_count":1},{"year":2023,"cited_by_count":6},{"year":2022,"cited_by_count":1},{"year":2021,"cited_by_count":6},{"year":2020,"cited_by_count":6},{"year":2019,"cited_by_count":13},{"year":2018,"cited_by_count":10},{"year":2017,"cited_by_count":11},{"year":2016,"cited_by_count":7}],"updated_date":"2026-04-05T17:49:38.594831","created_date":"2025-10-10T00:00:00"}