{"id":"https://openalex.org/W4400796952","doi":"https://doi.org/10.1186/s42400-024-00244-6","title":"Revealing the exploitability of heap overflow through PoC analysis","display_name":"Revealing the exploitability of heap overflow through PoC analysis","publication_year":2024,"publication_date":"2024-07-18","ids":{"openalex":"https://openalex.org/W4400796952","doi":"https://doi.org/10.1186/s42400-024-00244-6"},"language":"en","primary_location":{"id":"doi:10.1186/s42400-024-00244-6","is_oa":true,"landing_page_url":"http://dx.doi.org/10.1186/s42400-024-00244-6","pdf_url":"https://link.springer.com/content/pdf/10.1186/s42400-024-00244-6.pdf","source":{"id":"https://openalex.org/S3035238565","display_name":"Cybersecurity","issn_l":"2523-3246","issn":["2523-3246"],"is_oa":true,"is_in_doaj":true,"is_core":true,"host_organization":"https://openalex.org/P4310319965","host_organization_name":"Springer Nature","host_organization_lineage":["https://openalex.org/P4310319965"],"host_organization_lineage_names":["Springer Nature"],"type":"journal"},"license":"cc-by","license_id":"https://openalex.org/licenses/cc-by","version":"publishedVersion","is_accepted":true,"is_published":true,"raw_source_name":"Cybersecurity","raw_type":"journal-article"},"type":"article","indexed_in":["crossref","doaj"],"open_access":{"is_oa":true,"oa_status":"diamond","oa_url":"https://link.springer.com/content/pdf/10.1186/s42400-024-00244-6.pdf","any_repository_has_fulltext":true},"authorships":[{"author_position":"first","author":{"id":"https://openalex.org/A5019278589","display_name":"Qintao Shen","orcid":"https://orcid.org/0009-0001-9671-6120"},"institutions":[{"id":"https://openalex.org/I19820366","display_name":"Chinese Academy of Sciences","ror":"https://ror.org/034t30j35","country_code":"CN","type":"government","lineage":["https://openalex.org/I19820366"]},{"id":"https://openalex.org/I4210156404","display_name":"Institute of Information Engineering","ror":"https://ror.org/04r53se39","country_code":"CN","type":"facility","lineage":["https://openalex.org/I19820366","https://openalex.org/I4210156404"]},{"id":"https://openalex.org/I4210165038","display_name":"University of Chinese Academy of Sciences","ror":"https://ror.org/05qbk4x57","country_code":"CN","type":"education","lineage":["https://openalex.org/I19820366","https://openalex.org/I4210165038"]}],"countries":["CN"],"is_corresponding":true,"raw_author_name":"Qintao Shen","raw_affiliation_strings":["SKLOIS, Institute of Information Engineering, Chinese Academy of Sciences, Beijing, China","School of Cyber Security, University of Chinese Academy of Sciences, Beijing, China"],"affiliations":[{"raw_affiliation_string":"SKLOIS, Institute of Information Engineering, Chinese Academy of Sciences, Beijing, China","institution_ids":["https://openalex.org/I4210156404","https://openalex.org/I19820366"]},{"raw_affiliation_string":"School of Cyber Security, University of Chinese Academy of Sciences, Beijing, China","institution_ids":["https://openalex.org/I4210165038"]}]},{"author_position":"middle","author":{"id":"https://openalex.org/A5017417068","display_name":"Guozhu Meng","orcid":"https://orcid.org/0000-0001-6388-2571"},"institutions":[{"id":"https://openalex.org/I19820366","display_name":"Chinese Academy of Sciences","ror":"https://ror.org/034t30j35","country_code":"CN","type":"government","lineage":["https://openalex.org/I19820366"]},{"id":"https://openalex.org/I4210156404","display_name":"Institute of Information Engineering","ror":"https://ror.org/04r53se39","country_code":"CN","type":"facility","lineage":["https://openalex.org/I19820366","https://openalex.org/I4210156404"]},{"id":"https://openalex.org/I4210165038","display_name":"University of Chinese Academy of Sciences","ror":"https://ror.org/05qbk4x57","country_code":"CN","type":"education","lineage":["https://openalex.org/I19820366","https://openalex.org/I4210165038"]}],"countries":["CN"],"is_corresponding":false,"raw_author_name":"Guozhu Meng","raw_affiliation_strings":["SKLOIS, Institute of Information Engineering, Chinese Academy of Sciences, Beijing, China","School of Cyber Security, University of Chinese Academy of Sciences, Beijing, China"],"affiliations":[{"raw_affiliation_string":"SKLOIS, Institute of Information Engineering, Chinese Academy of Sciences, Beijing, China","institution_ids":["https://openalex.org/I4210156404","https://openalex.org/I19820366"]},{"raw_affiliation_string":"School of Cyber Security, University of Chinese Academy of Sciences, Beijing, China","institution_ids":["https://openalex.org/I4210165038"]}]},{"author_position":"last","author":{"id":"https://openalex.org/A5100438008","display_name":"Kai Chen","orcid":"https://orcid.org/0000-0003-4399-8408"},"institutions":[{"id":"https://openalex.org/I19820366","display_name":"Chinese Academy of Sciences","ror":"https://ror.org/034t30j35","country_code":"CN","type":"government","lineage":["https://openalex.org/I19820366"]},{"id":"https://openalex.org/I4210156404","display_name":"Institute of Information Engineering","ror":"https://ror.org/04r53se39","country_code":"CN","type":"facility","lineage":["https://openalex.org/I19820366","https://openalex.org/I4210156404"]},{"id":"https://openalex.org/I4210165038","display_name":"University of Chinese Academy of Sciences","ror":"https://ror.org/05qbk4x57","country_code":"CN","type":"education","lineage":["https://openalex.org/I19820366","https://openalex.org/I4210165038"]}],"countries":["CN"],"is_corresponding":false,"raw_author_name":"Kai Chen","raw_affiliation_strings":["SKLOIS, Institute of Information Engineering, Chinese Academy of Sciences, Beijing, China","School of Cyber Security, University of Chinese Academy of Sciences, Beijing, China"],"affiliations":[{"raw_affiliation_string":"SKLOIS, Institute of Information Engineering, Chinese Academy of Sciences, Beijing, China","institution_ids":["https://openalex.org/I4210156404","https://openalex.org/I19820366"]},{"raw_affiliation_string":"School of Cyber Security, University of Chinese Academy of Sciences, Beijing, China","institution_ids":["https://openalex.org/I4210165038"]}]}],"institutions":[],"countries_distinct_count":1,"institutions_distinct_count":3,"corresponding_author_ids":["https://openalex.org/A5019278589"],"corresponding_institution_ids":["https://openalex.org/I19820366","https://openalex.org/I4210156404","https://openalex.org/I4210165038"],"apc_list":null,"apc_paid":null,"fwci":0.0,"has_fulltext":true,"cited_by_count":0,"citation_normalized_percentile":{"value":0.09071669,"is_in_top_1_percent":false,"is_in_top_10_percent":false},"cited_by_percentile_year":null,"biblio":{"volume":"7","issue":"1","first_page":null,"last_page":null},"is_retracted":false,"is_paratext":false,"is_xpac":false,"primary_topic":{"id":"https://openalex.org/T11424","display_name":"Security and Verification in Computing","score":0.9994999766349792,"subfield":{"id":"https://openalex.org/subfields/1702","display_name":"Artificial Intelligence"},"field":{"id":"https://openalex.org/fields/17","display_name":"Computer Science"},"domain":{"id":"https://openalex.org/domains/3","display_name":"Physical Sciences"}},"topics":[{"id":"https://openalex.org/T11424","display_name":"Security and Verification in Computing","score":0.9994999766349792,"subfield":{"id":"https://openalex.org/subfields/1702","display_name":"Artificial Intelligence"},"field":{"id":"https://openalex.org/fields/17","display_name":"Computer Science"},"domain":{"id":"https://openalex.org/domains/3","display_name":"Physical Sciences"}},{"id":"https://openalex.org/T11241","display_name":"Advanced Malware Detection Techniques","score":0.9993000030517578,"subfield":{"id":"https://openalex.org/subfields/1711","display_name":"Signal Processing"},"field":{"id":"https://openalex.org/fields/17","display_name":"Computer Science"},"domain":{"id":"https://openalex.org/domains/3","display_name":"Physical Sciences"}},{"id":"https://openalex.org/T10743","display_name":"Software Testing and Debugging Techniques","score":0.998199999332428,"subfield":{"id":"https://openalex.org/subfields/1712","display_name":"Software"},"field":{"id":"https://openalex.org/fields/17","display_name":"Computer Science"},"domain":{"id":"https://openalex.org/domains/3","display_name":"Physical Sciences"}}],"keywords":[{"id":"https://openalex.org/keywords/heap","display_name":"Heap (data structure)","score":0.9629815816879272},{"id":"https://openalex.org/keywords/computer-science","display_name":"Computer science","score":0.8664364218711853},{"id":"https://openalex.org/keywords/buffer-overflow","display_name":"Buffer overflow","score":0.6647675037384033},{"id":"https://openalex.org/keywords/exploit","display_name":"Exploit","score":0.6357210278511047},{"id":"https://openalex.org/keywords/pointer","display_name":"Pointer (user interface)","score":0.6227965354919434},{"id":"https://openalex.org/keywords/vulnerability","display_name":"Vulnerability (computing)","score":0.4305293560028076},{"id":"https://openalex.org/keywords/distributed-computing","display_name":"Distributed computing","score":0.41932329535484314},{"id":"https://openalex.org/keywords/computer-security","display_name":"Computer security","score":0.33113792538642883},{"id":"https://openalex.org/keywords/programming-language","display_name":"Programming language","score":0.22975119948387146},{"id":"https://openalex.org/keywords/artificial-intelligence","display_name":"Artificial intelligence","score":0.21335747838020325}],"concepts":[{"id":"https://openalex.org/C134757568","wikidata":"https://www.wikidata.org/wiki/Q274089","display_name":"Heap (data structure)","level":2,"score":0.9629815816879272},{"id":"https://openalex.org/C41008148","wikidata":"https://www.wikidata.org/wiki/Q21198","display_name":"Computer science","level":0,"score":0.8664364218711853},{"id":"https://openalex.org/C40842320","wikidata":"https://www.wikidata.org/wiki/Q19423","display_name":"Buffer overflow","level":2,"score":0.6647675037384033},{"id":"https://openalex.org/C165696696","wikidata":"https://www.wikidata.org/wiki/Q11287","display_name":"Exploit","level":2,"score":0.6357210278511047},{"id":"https://openalex.org/C150202949","wikidata":"https://www.wikidata.org/wiki/Q107602","display_name":"Pointer (user interface)","level":2,"score":0.6227965354919434},{"id":"https://openalex.org/C95713431","wikidata":"https://www.wikidata.org/wiki/Q631425","display_name":"Vulnerability (computing)","level":2,"score":0.4305293560028076},{"id":"https://openalex.org/C120314980","wikidata":"https://www.wikidata.org/wiki/Q180634","display_name":"Distributed computing","level":1,"score":0.41932329535484314},{"id":"https://openalex.org/C38652104","wikidata":"https://www.wikidata.org/wiki/Q3510521","display_name":"Computer security","level":1,"score":0.33113792538642883},{"id":"https://openalex.org/C199360897","wikidata":"https://www.wikidata.org/wiki/Q9143","display_name":"Programming language","level":1,"score":0.22975119948387146},{"id":"https://openalex.org/C154945302","wikidata":"https://www.wikidata.org/wiki/Q11660","display_name":"Artificial intelligence","level":1,"score":0.21335747838020325}],"mesh":[],"locations_count":2,"locations":[{"id":"doi:10.1186/s42400-024-00244-6","is_oa":true,"landing_page_url":"http://dx.doi.org/10.1186/s42400-024-00244-6","pdf_url":"https://link.springer.com/content/pdf/10.1186/s42400-024-00244-6.pdf","source":{"id":"https://openalex.org/S3035238565","display_name":"Cybersecurity","issn_l":"2523-3246","issn":["2523-3246"],"is_oa":true,"is_in_doaj":true,"is_core":true,"host_organization":"https://openalex.org/P4310319965","host_organization_name":"Springer Nature","host_organization_lineage":["https://openalex.org/P4310319965"],"host_organization_lineage_names":["Springer Nature"],"type":"journal"},"license":"cc-by","license_id":"https://openalex.org/licenses/cc-by","version":"publishedVersion","is_accepted":true,"is_published":true,"raw_source_name":"Cybersecurity","raw_type":"journal-article"},{"id":"pmh:oai:doaj.org/article:79fc6dce17d64deca33144caa1bd55fa","is_oa":true,"landing_page_url":"https://doaj.org/article/79fc6dce17d64deca33144caa1bd55fa","pdf_url":null,"source":{"id":"https://openalex.org/S112646816","display_name":"SHILAP Revista de lepidopterolog\u00eda","issn_l":"0300-5267","issn":["0300-5267","2340-4078"],"is_oa":true,"is_in_doaj":true,"is_core":false,"host_organization":null,"host_organization_name":null,"host_organization_lineage":[],"host_organization_lineage_names":[],"type":"journal"},"license":"cc-by","license_id":"https://openalex.org/licenses/cc-by","version":"submittedVersion","is_accepted":false,"is_published":false,"raw_source_name":"Cybersecurity, Vol 7, Iss 1, Pp 1-15 (2024)","raw_type":"article"}],"best_oa_location":{"id":"doi:10.1186/s42400-024-00244-6","is_oa":true,"landing_page_url":"http://dx.doi.org/10.1186/s42400-024-00244-6","pdf_url":"https://link.springer.com/content/pdf/10.1186/s42400-024-00244-6.pdf","source":{"id":"https://openalex.org/S3035238565","display_name":"Cybersecurity","issn_l":"2523-3246","issn":["2523-3246"],"is_oa":true,"is_in_doaj":true,"is_core":true,"host_organization":"https://openalex.org/P4310319965","host_organization_name":"Springer Nature","host_organization_lineage":["https://openalex.org/P4310319965"],"host_organization_lineage_names":["Springer Nature"],"type":"journal"},"license":"cc-by","license_id":"https://openalex.org/licenses/cc-by","version":"publishedVersion","is_accepted":true,"is_published":true,"raw_source_name":"Cybersecurity","raw_type":"journal-article"},"sustainable_development_goals":[],"awards":[],"funders":[],"has_content":{"pdf":true,"grobid_xml":true},"content_urls":{"pdf":"https://content.openalex.org/works/W4400796952.pdf","grobid_xml":"https://content.openalex.org/works/W4400796952.grobid-xml"},"referenced_works_count":12,"referenced_works":["https://openalex.org/W2134633067","https://openalex.org/W2514974017","https://openalex.org/W2766540688","https://openalex.org/W2891235722","https://openalex.org/W2897668282","https://openalex.org/W2984993098","https://openalex.org/W2985831349","https://openalex.org/W3108020564","https://openalex.org/W4244413641","https://openalex.org/W4288057707","https://openalex.org/W4308642904","https://openalex.org/W4308643127"],"related_works":["https://openalex.org/W107132618","https://openalex.org/W1972760175","https://openalex.org/W2887198767","https://openalex.org/W1981237417","https://openalex.org/W2906845177","https://openalex.org/W4200107511","https://openalex.org/W4233969565","https://openalex.org/W2891427086","https://openalex.org/W4283264706","https://openalex.org/W2386139448"],"abstract_inverted_index":{"Abstract":[0],"The":[1,111,141],"exploitable":[2,28,33],"heap":[3,12,29,34,81,104],"layouts":[4,106],"are":[5],"used":[6],"to":[7,25,75,96,117],"determine":[8,118],"the":[9,32,39,49,53,57,64,78,120,148,160],"exploitability":[10,40,79],"of":[11,41,80,162],"vulnerabilities":[13,84,136],"in":[14,107,154],"general-purpose":[15,139],"applications.":[16],"Prior":[17],"studies":[18],"have":[19],"focused":[20],"on":[21,132],"using":[22],"fuzzing-based":[23],"methods":[24],"generate":[26],"more":[27],"layouts.":[30],"However,":[31],"layout":[35],"cannot":[36],"fully":[37],"demonstrate":[38,143],"a":[42,72,108],"vulnerability,":[43],"as":[44],"it":[45],"is":[46,114,123],"uncertain":[47],"whether":[48,119],"attacker":[50],"can":[51],"control":[52],"data":[54],"covered":[55],"by":[56,85,90],"overflow.":[58,163],"In":[59],"this":[60],"paper,":[61],"we":[62],"propose":[63],"Heap":[65],"Overflow":[66],"Exploitability":[67],"Evaluator":[68],"(":[69],"Hoee":[70,92,131,145],"),":[71],"new":[73],"approach":[74],"automatically":[76],"reveal":[77],"buffer":[82],"overflow":[83,112],"evaluating":[86],"proof-of-concepts":[87],"(PoCs)":[88],"generated":[89],"fuzzers.":[91],"leverages":[93],"several":[94],"techniques":[95],"collect":[97],"dynamic":[98],"information":[99],"at":[100],"runtime":[101],"and":[102,157],"recover":[103],"object":[105],"fine-grained":[109],"manner.":[110],"context":[113],"carefully":[115],"analyzed":[116],"sensitive":[121],"pointer":[122],"corrupted,":[124],"tainted,":[125],"or":[126],"critically":[127],"used.":[128],"We":[129],"evaluate":[130],"34":[133],"real-world":[134],"CVE":[135],"from":[137],"16":[138],"programs.":[140],"results":[142],"that":[144],"accurately":[146],"identifies":[147],"key":[149],"factors":[150],"for":[151],"developing":[152],"exploits":[153],"vulnerable":[155],"contexts":[156],"correctly":[158],"recognizes":[159],"behavior":[161]},"counts_by_year":[],"updated_date":"2026-03-17T17:19:04.345684","created_date":"2025-10-10T00:00:00"}