{"id":"https://openalex.org/W2949277075","doi":"https://doi.org/10.17615/jdde-8451","title":"Identifying Code Injection and Reuse Payloads In Memory Error Exploits","display_name":"Identifying Code Injection and Reuse Payloads In Memory Error Exploits","publication_year":2019,"publication_date":"2019-08-12","ids":{"openalex":"https://openalex.org/W2949277075","doi":"https://doi.org/10.17615/jdde-8451","mag":"2949277075"},"language":"en","primary_location":{"id":"pmh:oai:cdr.lib.unc.edu:uuid:7ffd79c5-4067-4eb2-a3f7-74e60fb7d8e0","is_oa":true,"landing_page_url":"https://cdr.lib.unc.edu/record/uuid:7ffd79c5-4067-4eb2-a3f7-74e60fb7d8e0","pdf_url":"https://cdr.lib.unc.edu/record/uuid:7ffd79c5-4067-4eb2-a3f7-74e60fb7d8e0","source":{"id":"https://openalex.org/S4306401075","display_name":"Carolina Digital Repository (University of North Carolina at Chapel Hill)","issn_l":null,"issn":null,"is_oa":false,"is_in_doaj":false,"is_core":false,"host_organization":"https://openalex.org/I114027177","host_organization_name":"University of North Carolina at Chapel Hill","host_organization_lineage":["https://openalex.org/I114027177"],"host_organization_lineage_names":[],"type":"repository"},"license":null,"license_id":null,"version":"submittedVersion","is_accepted":false,"is_published":false,"raw_source_name":"","raw_type":"Text"},"type":"article","indexed_in":["datacite"],"open_access":{"is_oa":true,"oa_status":"green","oa_url":"https://cdr.lib.unc.edu/record/uuid:7ffd79c5-4067-4eb2-a3f7-74e60fb7d8e0","any_repository_has_fulltext":true},"authorships":[{"author_position":"first","author":{"id":"https://openalex.org/A5019527145","display_name":"Kevin Z. Snow","orcid":"https://orcid.org/0009-0007-3666-9880"},"institutions":[{"id":"https://openalex.org/I114027177","display_name":"University of North Carolina at Chapel Hill","ror":"https://ror.org/0130frc33","country_code":"US","type":"education","lineage":["https://openalex.org/I114027177"]}],"countries":["US"],"is_corresponding":true,"raw_author_name":"Snow, Kevin","raw_affiliation_strings":["University of North Carolina at Chapel Hill"],"affiliations":[{"raw_affiliation_string":"University of North Carolina at Chapel Hill","institution_ids":["https://openalex.org/I114027177"]}]}],"institutions":[],"countries_distinct_count":1,"institutions_distinct_count":1,"corresponding_author_ids":["https://openalex.org/A5019527145"],"corresponding_institution_ids":["https://openalex.org/I114027177"],"apc_list":null,"apc_paid":null,"fwci":0.0,"has_fulltext":false,"cited_by_count":0,"citation_normalized_percentile":{"value":0.05411003,"is_in_top_1_percent":false,"is_in_top_10_percent":false},"cited_by_percentile_year":null,"biblio":{"volume":null,"issue":null,"first_page":null,"last_page":null},"is_retracted":false,"is_paratext":false,"is_xpac":false,"primary_topic":{"id":"https://openalex.org/T11424","display_name":"Security and Verification in Computing","score":0.9998000264167786,"subfield":{"id":"https://openalex.org/subfields/1702","display_name":"Artificial Intelligence"},"field":{"id":"https://openalex.org/fields/17","display_name":"Computer Science"},"domain":{"id":"https://openalex.org/domains/3","display_name":"Physical Sciences"}},"topics":[{"id":"https://openalex.org/T11424","display_name":"Security and Verification in Computing","score":0.9998000264167786,"subfield":{"id":"https://openalex.org/subfields/1702","display_name":"Artificial Intelligence"},"field":{"id":"https://openalex.org/fields/17","display_name":"Computer Science"},"domain":{"id":"https://openalex.org/domains/3","display_name":"Physical Sciences"}},{"id":"https://openalex.org/T11241","display_name":"Advanced Malware Detection Techniques","score":0.9983000159263611,"subfield":{"id":"https://openalex.org/subfields/1711","display_name":"Signal Processing"},"field":{"id":"https://openalex.org/fields/17","display_name":"Computer Science"},"domain":{"id":"https://openalex.org/domains/3","display_name":"Physical Sciences"}},{"id":"https://openalex.org/T10772","display_name":"Distributed systems and fault tolerance","score":0.9973999857902527,"subfield":{"id":"https://openalex.org/subfields/1705","display_name":"Computer Networks and Communications"},"field":{"id":"https://openalex.org/fields/17","display_name":"Computer Science"},"domain":{"id":"https://openalex.org/domains/3","display_name":"Physical Sciences"}}],"keywords":[{"id":"https://openalex.org/keywords/exploit","display_name":"Exploit","score":0.7382019758224487},{"id":"https://openalex.org/keywords/computer-science","display_name":"Computer science","score":0.6249895691871643},{"id":"https://openalex.org/keywords/reuse","display_name":"Reuse","score":0.6159488558769226},{"id":"https://openalex.org/keywords/code","display_name":"Code (set theory)","score":0.5229383707046509},{"id":"https://openalex.org/keywords/code-reuse","display_name":"Code reuse","score":0.4185056686401367},{"id":"https://openalex.org/keywords/programming-language","display_name":"Programming language","score":0.3509810268878937},{"id":"https://openalex.org/keywords/embedded-system","display_name":"Embedded system","score":0.33132678270339966},{"id":"https://openalex.org/keywords/computer-security","display_name":"Computer security","score":0.24400749802589417},{"id":"https://openalex.org/keywords/set","display_name":"Set (abstract data type)","score":0.2280614674091339},{"id":"https://openalex.org/keywords/engineering","display_name":"Engineering","score":0.19867974519729614},{"id":"https://openalex.org/keywords/software","display_name":"Software","score":0.09969586133956909},{"id":"https://openalex.org/keywords/waste-management","display_name":"Waste management","score":0.08274766802787781}],"concepts":[{"id":"https://openalex.org/C165696696","wikidata":"https://www.wikidata.org/wiki/Q11287","display_name":"Exploit","level":2,"score":0.7382019758224487},{"id":"https://openalex.org/C41008148","wikidata":"https://www.wikidata.org/wiki/Q21198","display_name":"Computer science","level":0,"score":0.6249895691871643},{"id":"https://openalex.org/C206588197","wikidata":"https://www.wikidata.org/wiki/Q846574","display_name":"Reuse","level":2,"score":0.6159488558769226},{"id":"https://openalex.org/C2776760102","wikidata":"https://www.wikidata.org/wiki/Q5139990","display_name":"Code (set theory)","level":3,"score":0.5229383707046509},{"id":"https://openalex.org/C2778583558","wikidata":"https://www.wikidata.org/wiki/Q771245","display_name":"Code reuse","level":3,"score":0.4185056686401367},{"id":"https://openalex.org/C199360897","wikidata":"https://www.wikidata.org/wiki/Q9143","display_name":"Programming language","level":1,"score":0.3509810268878937},{"id":"https://openalex.org/C149635348","wikidata":"https://www.wikidata.org/wiki/Q193040","display_name":"Embedded system","level":1,"score":0.33132678270339966},{"id":"https://openalex.org/C38652104","wikidata":"https://www.wikidata.org/wiki/Q3510521","display_name":"Computer security","level":1,"score":0.24400749802589417},{"id":"https://openalex.org/C177264268","wikidata":"https://www.wikidata.org/wiki/Q1514741","display_name":"Set (abstract data type)","level":2,"score":0.2280614674091339},{"id":"https://openalex.org/C127413603","wikidata":"https://www.wikidata.org/wiki/Q11023","display_name":"Engineering","level":0,"score":0.19867974519729614},{"id":"https://openalex.org/C2777904410","wikidata":"https://www.wikidata.org/wiki/Q7397","display_name":"Software","level":2,"score":0.09969586133956909},{"id":"https://openalex.org/C548081761","wikidata":"https://www.wikidata.org/wiki/Q180388","display_name":"Waste management","level":1,"score":0.08274766802787781}],"mesh":[],"locations_count":3,"locations":[{"id":"pmh:oai:cdr.lib.unc.edu:uuid:7ffd79c5-4067-4eb2-a3f7-74e60fb7d8e0","is_oa":true,"landing_page_url":"https://cdr.lib.unc.edu/record/uuid:7ffd79c5-4067-4eb2-a3f7-74e60fb7d8e0","pdf_url":"https://cdr.lib.unc.edu/record/uuid:7ffd79c5-4067-4eb2-a3f7-74e60fb7d8e0","source":{"id":"https://openalex.org/S4306401075","display_name":"Carolina Digital Repository (University of North Carolina at Chapel Hill)","issn_l":null,"issn":null,"is_oa":false,"is_in_doaj":false,"is_core":false,"host_organization":"https://openalex.org/I114027177","host_organization_name":"University of North Carolina at Chapel Hill","host_organization_lineage":["https://openalex.org/I114027177"],"host_organization_lineage_names":[],"type":"repository"},"license":null,"license_id":null,"version":"submittedVersion","is_accepted":false,"is_published":false,"raw_source_name":"","raw_type":"Text"},{"id":"mag:2949277075","is_oa":false,"landing_page_url":"http://cdr.lib.unc.edu/downloads/h415pb267","pdf_url":null,"source":null,"license":null,"license_id":null,"version":null,"is_accepted":false,"is_published":null,"raw_source_name":null,"raw_type":null},{"id":"doi:10.17615/jdde-8451","is_oa":true,"landing_page_url":"https://doi.org/10.17615/jdde-8451","pdf_url":null,"source":{"id":"https://openalex.org/S7407051488","display_name":"UNC Libraries","issn_l":null,"issn":[],"is_oa":false,"is_in_doaj":false,"is_core":false,"host_organization":null,"host_organization_name":null,"host_organization_lineage":[],"host_organization_lineage_names":[],"type":"repository"},"license":null,"license_id":null,"version":null,"is_accepted":false,"is_published":null,"raw_source_name":null,"raw_type":"thesis"}],"best_oa_location":{"id":"pmh:oai:cdr.lib.unc.edu:uuid:7ffd79c5-4067-4eb2-a3f7-74e60fb7d8e0","is_oa":true,"landing_page_url":"https://cdr.lib.unc.edu/record/uuid:7ffd79c5-4067-4eb2-a3f7-74e60fb7d8e0","pdf_url":"https://cdr.lib.unc.edu/record/uuid:7ffd79c5-4067-4eb2-a3f7-74e60fb7d8e0","source":{"id":"https://openalex.org/S4306401075","display_name":"Carolina Digital Repository (University of North Carolina at Chapel Hill)","issn_l":null,"issn":null,"is_oa":false,"is_in_doaj":false,"is_core":false,"host_organization":"https://openalex.org/I114027177","host_organization_name":"University of North Carolina at Chapel Hill","host_organization_lineage":["https://openalex.org/I114027177"],"host_organization_lineage_names":[],"type":"repository"},"license":null,"license_id":null,"version":"submittedVersion","is_accepted":false,"is_published":false,"raw_source_name":"","raw_type":"Text"},"sustainable_development_goals":[],"awards":[{"id":"https://openalex.org/G4264179445","display_name":"TC: Small: Collaborative Research: Scalable Malware Analysis Using Lightweight Virtualization","funder_award_id":"0915364","funder_id":"https://openalex.org/F4320306076","funder_display_name":"National Science Foundation"},{"id":"https://openalex.org/G5921281487","display_name":null,"funder_award_id":"number","funder_id":"https://openalex.org/F4320306076","funder_display_name":"National Science Foundation"},{"id":"https://openalex.org/G7447076839","display_name":"SDCI Sec: New Software Platforms for Supporting Network-wide Detection of Code Injection Attacks","funder_award_id":"1127361","funder_id":"https://openalex.org/F4320306076","funder_display_name":"National Science Foundation"},{"id":"https://openalex.org/G848032724","display_name":null,"funder_award_id":"Science","funder_id":"https://openalex.org/F4320306076","funder_display_name":"National Science Foundation"}],"funders":[{"id":"https://openalex.org/F4320306076","display_name":"National Science Foundation","ror":"https://ror.org/021nxhr62"}],"has_content":{"pdf":true,"grobid_xml":false},"content_urls":{"pdf":"https://content.openalex.org/works/W2949277075.pdf"},"referenced_works_count":75,"referenced_works":["https://openalex.org/W7103708","https://openalex.org/W78162143","https://openalex.org/W99657086","https://openalex.org/W173413620","https://openalex.org/W191656338","https://openalex.org/W201766245","https://openalex.org/W654785806","https://openalex.org/W1468946140","https://openalex.org/W1482566649","https://openalex.org/W1489880246","https://openalex.org/W1515653707","https://openalex.org/W1520941164","https://openalex.org/W1522250664","https://openalex.org/W1534968492","https://openalex.org/W1542906860","https://openalex.org/W1561880491","https://openalex.org/W1585946645","https://openalex.org/W1591237315","https://openalex.org/W1593678010","https://openalex.org/W1671661096","https://openalex.org/W1761672165","https://openalex.org/W1773541209","https://openalex.org/W1791341372","https://openalex.org/W1826158585","https://openalex.org/W1963947298","https://openalex.org/W1969501726","https://openalex.org/W1970867218","https://openalex.org/W1982829328","https://openalex.org/W1984187936","https://openalex.org/W1992181084","https://openalex.org/W1993651556","https://openalex.org/W1996931407","https://openalex.org/W2003619630","https://openalex.org/W2009801020","https://openalex.org/W2027963645","https://openalex.org/W2052372681","https://openalex.org/W2060276266","https://openalex.org/W2070948236","https://openalex.org/W2076342816","https://openalex.org/W2086277109","https://openalex.org/W2095450067","https://openalex.org/W2098010707","https://openalex.org/W2099382052","https://openalex.org/W2101310246","https://openalex.org/W2101699859","https://openalex.org/W2102902405","https://openalex.org/W2102970979","https://openalex.org/W2105349588","https://openalex.org/W2111038628","https://openalex.org/W2111817346","https://openalex.org/W2111927651","https://openalex.org/W2117115928","https://openalex.org/W2117798902","https://openalex.org/W2123436168","https://openalex.org/W2125895608","https://openalex.org/W2132806808","https://openalex.org/W2132874238","https://openalex.org/W2133592286","https://openalex.org/W2136938453","https://openalex.org/W2141389113","https://openalex.org/W2146211060","https://openalex.org/W2147625551","https://openalex.org/W2149263382","https://openalex.org/W2153463445","https://openalex.org/W2154795299","https://openalex.org/W2157912940","https://openalex.org/W2158302406","https://openalex.org/W2162800072","https://openalex.org/W2163718073","https://openalex.org/W2167146581","https://openalex.org/W2168843528","https://openalex.org/W2171264329","https://openalex.org/W2294049595","https://openalex.org/W2295386615","https://openalex.org/W2466075874"],"related_works":["https://openalex.org/W2900108828","https://openalex.org/W384356085","https://openalex.org/W2142401087","https://openalex.org/W2104688519","https://openalex.org/W2939554214","https://openalex.org/W2615029202","https://openalex.org/W2141499623","https://openalex.org/W2105042925","https://openalex.org/W2064155477","https://openalex.org/W2119694072","https://openalex.org/W2081764996","https://openalex.org/W2544504863","https://openalex.org/W2586995749","https://openalex.org/W2092913917","https://openalex.org/W2482688006","https://openalex.org/W2374535322","https://openalex.org/W2078478593","https://openalex.org/W2083132382","https://openalex.org/W2903090374","https://openalex.org/W2119908162"],"abstract_inverted_index":{"Today's":[0],"most":[1],"widely":[2,185],"exploited":[3,39],"applications":[4],"are":[5,58,75,219,234,266],"the":[6,35,38,62,106,128,141,203,226,243,249,307,315,325,358],"web":[7],"browsers":[8],"and":[9,95,98,160,297,302,312,340,363],"document":[10],"readers":[11],"we":[12],"use":[13,326,353],"every":[14],"day.":[15],"The":[16,176],"immediate":[17],"goal":[18],"of":[19,31,37,71,108,130,143,182,207,228,242,253,279,327,343,360],"these":[20,354],"attacks":[21,103,223],"is":[22,152,310,341],"to":[23,44,78,126,133,168,259,289,320,356,370],"compromise":[24],"target":[25,244,316],"systems":[26],"by":[27,104,224,236,271],"executing":[28],"a":[29,87,135,147,162,173,191,229,239,295,361],"snippet":[30],"malicious":[32,56,80,261],"code":[33,52,67,74,89,109,136,163,254,258],"in":[34,172,180,198,282,314],"context":[36],"application.":[40,175],"Technical":[41],"tactics":[42],"used":[43],"achieve":[45],"this":[46,83,144,329],"can":[47],"be":[48],"classified":[49],"as":[50,188,324],"either":[51],"injection":[53,110,264],"-":[54,65],"wherein":[55],"instructions":[57,132],"directly":[59],"injected":[60],"into":[61],"vulnerable":[63],"program":[64,73,121,291],"or":[66,111],"reuse,":[68],"where":[69],"bits":[70],"existing":[72,94,372],"pieced":[76],"together":[77,288],"form":[79,357],"logic.":[81,262],"In":[82],"thesis,":[84],"I":[85],"present":[86],"new":[88,155,217],"reuse":[90,112,137,164,232,257],"strategy":[91],"that":[92,256,306],"bypasses":[93],"up-and-coming":[96],"mitigations,":[97,187],"two":[99],"methods":[100,287],"for":[101,149,205,221,251,275],"detecting":[102,222,344],"identifying":[105,225],"presence":[107,227],"payloads.":[113],"Fine-grained":[114],"address":[115],"space":[116],"layout":[117],"randomization":[118],"efficiently":[119],"scrambles":[120],"code,":[122],"limiting":[123],"one's":[124],"ability":[125],"predict":[127],"location":[129],"useful":[131],"construct":[134],"payload.":[138,230],"To":[139],"expose":[140],"inadequacy":[142],"exploit":[145,309],"mitigation,":[146],"technique":[148,156],"\"just-in-time\"":[150],"exploitation":[151],"developed.":[153],"This":[154,201],"maps":[157],"memory":[158,240,250,292],"on-the-fly":[159],"compiles":[161],"payload":[165],"at":[166],"runtime":[167,269],"ensure":[169],"it":[170],"works":[171,179],"randomized":[174],"attack":[177,193],"also":[178],"face":[181],"all":[183,280],"other":[184,321],"deployed":[186],"demonstrated":[189],"with":[190,268],"proof-of-concept":[192],"against":[194],"Internet":[195],"Explorer":[196],"10":[197],"Windows":[199],"8.":[200],"motivates":[202],"need":[204],"detection":[206,286,367],"such":[208,323],"exploits":[209],"rather":[210],"than":[211],"solely":[212],"relying":[213],"on":[214,336],"prevention.":[215],"Two":[216],"techniques":[218],"presented":[220],"Code":[231,263],"payloads":[233,265],"identified":[235,267],"first":[237],"taking":[238],"snapshot":[241],"application,":[245],"then":[246],"statically":[247],"profiling":[248],"chains":[252],"pointers":[255],"implement":[260],"heuristics":[270],"leveraging":[272],"hardware":[273],"virtualization":[274],"efficient":[276],"sandboxed":[277],"execution":[278],"buffers":[281],"memory.":[283],"Employing":[284],"both":[285],"scan":[290],"takes":[293],"about":[294],"second":[296],"produces":[298],"negligible":[299],"false":[300,303],"positives":[301],"negatives":[304],"provided":[305],"given":[308],"functional":[311],"triggered":[313],"application":[317],"version.":[318],"Compared":[319],"strategies,":[322],"signatures,":[328],"approach":[330],"requires":[331],"relatively":[332],"little":[333],"effort":[334],"spent":[335],"maintenance":[337],"over":[338],"time":[339],"capable":[342],"never":[345],"before":[346],"seen":[347],"attacks.":[348],"Moving":[349],"forward,":[350],"one":[351],"could":[352],"contributions":[355],"basis":[359],"unique":[362],"effective":[364],"network":[365],"intrusion":[366],"system":[368],"(NIDS)":[369],"augment":[371],"systems.":[373]},"counts_by_year":[],"updated_date":"2026-03-15T09:29:46.208133","created_date":"2025-10-10T00:00:00"}