{"id":"https://openalex.org/W2914075476","doi":"https://doi.org/10.4018/ijsssp.2018070101","title":"What Do We Know About Buffer Overflow Detection?","display_name":"What Do We Know About Buffer Overflow Detection?","publication_year":2018,"publication_date":"2018-07-01","ids":{"openalex":"https://openalex.org/W2914075476","doi":"https://doi.org/10.4018/ijsssp.2018070101","mag":"2914075476"},"language":"en","primary_location":{"id":"doi:10.4018/ijsssp.2018070101","is_oa":false,"landing_page_url":"https://doi.org/10.4018/ijsssp.2018070101","pdf_url":null,"source":{"id":"https://openalex.org/S4210212113","display_name":"International Journal of Systems and Software Security and Protection","issn_l":"2640-4265","issn":["2640-4265","2640-4273"],"is_oa":false,"is_in_doaj":false,"is_core":true,"host_organization":"https://openalex.org/P4310320424","host_organization_name":"IGI Global","host_organization_lineage":["https://openalex.org/P4310320424"],"host_organization_lineage_names":["IGI Global"],"type":"journal"},"license":null,"license_id":null,"version":"publishedVersion","is_accepted":true,"is_published":true,"raw_source_name":"International Journal of Systems and Software Security and Protection","raw_type":"journal-article"},"type":"article","indexed_in":["crossref"],"open_access":{"is_oa":true,"oa_status":"green","oa_url":"http://dx.doi.org/10.4018/IJSSSP.2018070101","any_repository_has_fulltext":true},"authorships":[{"author_position":"first","author":{"id":"https://openalex.org/A5020521912","display_name":"Marcos Lordello Chaim","orcid":"https://orcid.org/0000-0001-7157-5141"},"institutions":[{"id":"https://openalex.org/I17974374","display_name":"Universidade de S\u00e3o Paulo","ror":"https://ror.org/036rp1748","country_code":"BR","type":"education","lineage":["https://openalex.org/I17974374"]}],"countries":["BR"],"is_corresponding":true,"raw_author_name":"Marcos Lordello Chaim","raw_affiliation_strings":["School of Arts, Sciences and Humanities, University of Sao Paulo, Sao Paulo, Brazil"],"affiliations":[{"raw_affiliation_string":"School of Arts, Sciences and Humanities, University of Sao Paulo, Sao Paulo, Brazil","institution_ids":["https://openalex.org/I17974374"]}]},{"author_position":"middle","author":{"id":"https://openalex.org/A5031427804","display_name":"Daniel Soares Santos","orcid":"https://orcid.org/0000-0002-4015-1722"},"institutions":[{"id":"https://openalex.org/I4210131883","display_name":"Brazilian Society of Computational and Applied Mathematics","ror":"https://ror.org/03kcw4w74","country_code":"BR","type":"other","lineage":["https://openalex.org/I4210131883"]},{"id":"https://openalex.org/I17974374","display_name":"Universidade de S\u00e3o Paulo","ror":"https://ror.org/036rp1748","country_code":"BR","type":"education","lineage":["https://openalex.org/I17974374"]}],"countries":["BR"],"is_corresponding":false,"raw_author_name":"Daniel Soares Santos","raw_affiliation_strings":["Institute of Mathematical Sciences and Computing, University of Sao Paulo, S\u00e3o Carlos, Brazil"],"affiliations":[{"raw_affiliation_string":"Institute of Mathematical Sciences and Computing, University of Sao Paulo, S\u00e3o Carlos, Brazil","institution_ids":["https://openalex.org/I4210131883","https://openalex.org/I17974374"]}]},{"author_position":"last","author":{"id":"https://openalex.org/A5020122062","display_name":"Daniela S. Cruzes","orcid":"https://orcid.org/0000-0002-2490-902X"},"institutions":[{"id":"https://openalex.org/I173888879","display_name":"SINTEF","ror":"https://ror.org/01f677e56","country_code":"NO","type":"facility","lineage":["https://openalex.org/I173888879"]},{"id":"https://openalex.org/I4387930215","display_name":"SINTEF Digital","ror":"https://ror.org/028m52w57","country_code":null,"type":"facility","lineage":["https://openalex.org/I173888879","https://openalex.org/I4387930215"]}],"countries":["NO"],"is_corresponding":false,"raw_author_name":"Daniela Soares Cruzes","raw_affiliation_strings":["Department of Software Engineering, Safety & Security, SINTEF Digital, Trondheim, Norway"],"affiliations":[{"raw_affiliation_string":"Department of Software Engineering, Safety & Security, SINTEF Digital, Trondheim, Norway","institution_ids":["https://openalex.org/I173888879","https://openalex.org/I4387930215"]}]}],"institutions":[],"countries_distinct_count":2,"institutions_distinct_count":3,"corresponding_author_ids":["https://openalex.org/A5020521912"],"corresponding_institution_ids":["https://openalex.org/I17974374"],"apc_list":null,"apc_paid":null,"fwci":0.3385,"has_fulltext":false,"cited_by_count":4,"citation_normalized_percentile":{"value":0.70823356,"is_in_top_1_percent":false,"is_in_top_10_percent":false},"cited_by_percentile_year":{"min":89,"max":94},"biblio":{"volume":"9","issue":"3","first_page":"1","last_page":"33"},"is_retracted":false,"is_paratext":false,"is_xpac":false,"primary_topic":{"id":"https://openalex.org/T11424","display_name":"Security and Verification in Computing","score":0.9998999834060669,"subfield":{"id":"https://openalex.org/subfields/1702","display_name":"Artificial Intelligence"},"field":{"id":"https://openalex.org/fields/17","display_name":"Computer Science"},"domain":{"id":"https://openalex.org/domains/3","display_name":"Physical Sciences"}},"topics":[{"id":"https://openalex.org/T11424","display_name":"Security and Verification in Computing","score":0.9998999834060669,"subfield":{"id":"https://openalex.org/subfields/1702","display_name":"Artificial Intelligence"},"field":{"id":"https://openalex.org/fields/17","display_name":"Computer Science"},"domain":{"id":"https://openalex.org/domains/3","display_name":"Physical Sciences"}},{"id":"https://openalex.org/T11241","display_name":"Advanced Malware Detection Techniques","score":0.9994000196456909,"subfield":{"id":"https://openalex.org/subfields/1711","display_name":"Signal Processing"},"field":{"id":"https://openalex.org/fields/17","display_name":"Computer Science"},"domain":{"id":"https://openalex.org/domains/3","display_name":"Physical Sciences"}},{"id":"https://openalex.org/T10743","display_name":"Software Testing and Debugging Techniques","score":0.9984999895095825,"subfield":{"id":"https://openalex.org/subfields/1712","display_name":"Software"},"field":{"id":"https://openalex.org/fields/17","display_name":"Computer Science"},"domain":{"id":"https://openalex.org/domains/3","display_name":"Physical Sciences"}}],"keywords":[{"id":"https://openalex.org/keywords/computer-science","display_name":"Computer science","score":0.8006033897399902},{"id":"https://openalex.org/keywords/buffer-overflow","display_name":"Buffer overflow","score":0.7636187076568604},{"id":"https://openalex.org/keywords/vulnerability","display_name":"Vulnerability (computing)","score":0.5380274057388306},{"id":"https://openalex.org/keywords/code","display_name":"Code (set theory)","score":0.529535174369812},{"id":"https://openalex.org/keywords/static-analysis","display_name":"Static analysis","score":0.528563380241394},{"id":"https://openalex.org/keywords/symbolic-execution","display_name":"Symbolic execution","score":0.5284103155136108},{"id":"https://openalex.org/keywords/task","display_name":"Task (project management)","score":0.5140656232833862},{"id":"https://openalex.org/keywords/static-program-analysis","display_name":"Static program analysis","score":0.5026035308837891},{"id":"https://openalex.org/keywords/process","display_name":"Process (computing)","score":0.4990983009338379},{"id":"https://openalex.org/keywords/memory-leak","display_name":"Memory leak","score":0.46849092841148376},{"id":"https://openalex.org/keywords/software","display_name":"Software","score":0.46644824743270874},{"id":"https://openalex.org/keywords/computer-security","display_name":"Computer security","score":0.44177931547164917},{"id":"https://openalex.org/keywords/software-security-assurance","display_name":"Software security assurance","score":0.41965168714523315},{"id":"https://openalex.org/keywords/software-engineering","display_name":"Software engineering","score":0.41434934735298157},{"id":"https://openalex.org/keywords/program-analysis","display_name":"Program analysis","score":0.4103030264377594},{"id":"https://openalex.org/keywords/software-development","display_name":"Software development","score":0.2876046597957611},{"id":"https://openalex.org/keywords/programming-language","display_name":"Programming language","score":0.22562018036842346},{"id":"https://openalex.org/keywords/information-security","display_name":"Information security","score":0.13888037204742432},{"id":"https://openalex.org/keywords/set","display_name":"Set (abstract data type)","score":0.11331450939178467},{"id":"https://openalex.org/keywords/memory-management","display_name":"Memory management","score":0.1000555157661438},{"id":"https://openalex.org/keywords/engineering","display_name":"Engineering","score":0.09630721807479858},{"id":"https://openalex.org/keywords/systems-engineering","display_name":"Systems engineering","score":0.09265092015266418}],"concepts":[{"id":"https://openalex.org/C41008148","wikidata":"https://www.wikidata.org/wiki/Q21198","display_name":"Computer science","level":0,"score":0.8006033897399902},{"id":"https://openalex.org/C40842320","wikidata":"https://www.wikidata.org/wiki/Q19423","display_name":"Buffer overflow","level":2,"score":0.7636187076568604},{"id":"https://openalex.org/C95713431","wikidata":"https://www.wikidata.org/wiki/Q631425","display_name":"Vulnerability (computing)","level":2,"score":0.5380274057388306},{"id":"https://openalex.org/C2776760102","wikidata":"https://www.wikidata.org/wiki/Q5139990","display_name":"Code (set theory)","level":3,"score":0.529535174369812},{"id":"https://openalex.org/C97686452","wikidata":"https://www.wikidata.org/wiki/Q7604153","display_name":"Static analysis","level":2,"score":0.528563380241394},{"id":"https://openalex.org/C2779639559","wikidata":"https://www.wikidata.org/wiki/Q7661178","display_name":"Symbolic execution","level":3,"score":0.5284103155136108},{"id":"https://openalex.org/C2780451532","wikidata":"https://www.wikidata.org/wiki/Q759676","display_name":"Task (project management)","level":2,"score":0.5140656232833862},{"id":"https://openalex.org/C137287247","wikidata":"https://www.wikidata.org/wiki/Q1329550","display_name":"Static program analysis","level":4,"score":0.5026035308837891},{"id":"https://openalex.org/C98045186","wikidata":"https://www.wikidata.org/wiki/Q205663","display_name":"Process (computing)","level":2,"score":0.4990983009338379},{"id":"https://openalex.org/C156731835","wikidata":"https://www.wikidata.org/wiki/Q751740","display_name":"Memory leak","level":4,"score":0.46849092841148376},{"id":"https://openalex.org/C2777904410","wikidata":"https://www.wikidata.org/wiki/Q7397","display_name":"Software","level":2,"score":0.46644824743270874},{"id":"https://openalex.org/C38652104","wikidata":"https://www.wikidata.org/wiki/Q3510521","display_name":"Computer security","level":1,"score":0.44177931547164917},{"id":"https://openalex.org/C62913178","wikidata":"https://www.wikidata.org/wiki/Q7554361","display_name":"Software security assurance","level":4,"score":0.41965168714523315},{"id":"https://openalex.org/C115903868","wikidata":"https://www.wikidata.org/wiki/Q80993","display_name":"Software engineering","level":1,"score":0.41434934735298157},{"id":"https://openalex.org/C98183937","wikidata":"https://www.wikidata.org/wiki/Q2112188","display_name":"Program analysis","level":2,"score":0.4103030264377594},{"id":"https://openalex.org/C529173508","wikidata":"https://www.wikidata.org/wiki/Q638608","display_name":"Software development","level":3,"score":0.2876046597957611},{"id":"https://openalex.org/C199360897","wikidata":"https://www.wikidata.org/wiki/Q9143","display_name":"Programming language","level":1,"score":0.22562018036842346},{"id":"https://openalex.org/C527648132","wikidata":"https://www.wikidata.org/wiki/Q189900","display_name":"Information security","level":2,"score":0.13888037204742432},{"id":"https://openalex.org/C177264268","wikidata":"https://www.wikidata.org/wiki/Q1514741","display_name":"Set (abstract data type)","level":2,"score":0.11331450939178467},{"id":"https://openalex.org/C176649486","wikidata":"https://www.wikidata.org/wiki/Q2308807","display_name":"Memory management","level":3,"score":0.1000555157661438},{"id":"https://openalex.org/C127413603","wikidata":"https://www.wikidata.org/wiki/Q11023","display_name":"Engineering","level":0,"score":0.09630721807479858},{"id":"https://openalex.org/C201995342","wikidata":"https://www.wikidata.org/wiki/Q682496","display_name":"Systems engineering","level":1,"score":0.09265092015266418},{"id":"https://openalex.org/C136085584","wikidata":"https://www.wikidata.org/wiki/Q910289","display_name":"Overlay","level":2,"score":0.0},{"id":"https://openalex.org/C29983905","wikidata":"https://www.wikidata.org/wiki/Q7445066","display_name":"Security service","level":3,"score":0.0}],"mesh":[],"locations_count":2,"locations":[{"id":"doi:10.4018/ijsssp.2018070101","is_oa":false,"landing_page_url":"https://doi.org/10.4018/ijsssp.2018070101","pdf_url":null,"source":{"id":"https://openalex.org/S4210212113","display_name":"International Journal of Systems and Software Security and Protection","issn_l":"2640-4265","issn":["2640-4265","2640-4273"],"is_oa":false,"is_in_doaj":false,"is_core":true,"host_organization":"https://openalex.org/P4310320424","host_organization_name":"IGI Global","host_organization_lineage":["https://openalex.org/P4310320424"],"host_organization_lineage_names":["IGI Global"],"type":"journal"},"license":null,"license_id":null,"version":"publishedVersion","is_accepted":true,"is_published":true,"raw_source_name":"International Journal of Systems and Software Security and Protection","raw_type":"journal-article"},{"id":"pmh:002935677","is_oa":true,"landing_page_url":"http://dx.doi.org/10.4018/IJSSSP.2018070101","pdf_url":null,"source":{"id":"https://openalex.org/S4306402641","display_name":"LA Referencia (Red Federada de Repositorios Institucionales de Publicaciones Cient\u00edficas)","issn_l":null,"issn":null,"is_oa":false,"is_in_doaj":false,"is_core":false,"host_organization":"https://openalex.org/I4383465926","host_organization_name":"LA Referencia","host_organization_lineage":["https://openalex.org/I4383465926"],"host_organization_lineage_names":[],"type":"repository"},"license":"other-oa","license_id":"https://openalex.org/licenses/other-oa","version":"submittedVersion","is_accepted":false,"is_published":false,"raw_source_name":"reponame:Reposit\u00f3rio Institucional da USP (Biblioteca Digital da Produ\u00e7\u00e3o Intelectual)","raw_type":"info:eu-repo/semantics/publishedVersion"}],"best_oa_location":{"id":"pmh:002935677","is_oa":true,"landing_page_url":"http://dx.doi.org/10.4018/IJSSSP.2018070101","pdf_url":null,"source":{"id":"https://openalex.org/S4306402641","display_name":"LA Referencia (Red Federada de Repositorios Institucionales de Publicaciones Cient\u00edficas)","issn_l":null,"issn":null,"is_oa":false,"is_in_doaj":false,"is_core":false,"host_organization":"https://openalex.org/I4383465926","host_organization_name":"LA Referencia","host_organization_lineage":["https://openalex.org/I4383465926"],"host_organization_lineage_names":[],"type":"repository"},"license":"other-oa","license_id":"https://openalex.org/licenses/other-oa","version":"submittedVersion","is_accepted":false,"is_published":false,"raw_source_name":"reponame:Reposit\u00f3rio Institucional da USP (Biblioteca Digital da Produ\u00e7\u00e3o Intelectual)","raw_type":"info:eu-repo/semantics/publishedVersion"},"sustainable_development_goals":[{"display_name":"Peace, Justice and strong institutions","score":0.6499999761581421,"id":"https://metadata.un.org/sdg/16"}],"awards":[],"funders":[],"has_content":{"pdf":false,"grobid_xml":false},"content_urls":null,"referenced_works_count":75,"referenced_works":["https://openalex.org/W73531603","https://openalex.org/W116894366","https://openalex.org/W129991252","https://openalex.org/W1491178396","https://openalex.org/W1502612012","https://openalex.org/W1515628377","https://openalex.org/W1542462119","https://openalex.org/W1551571370","https://openalex.org/W1553894716","https://openalex.org/W1574060188","https://openalex.org/W1579850852","https://openalex.org/W1614668525","https://openalex.org/W1847604698","https://openalex.org/W1868467482","https://openalex.org/W1877773550","https://openalex.org/W1964132576","https://openalex.org/W1966634194","https://openalex.org/W1967244928","https://openalex.org/W1968306581","https://openalex.org/W1968847337","https://openalex.org/W1992114977","https://openalex.org/W1994367926","https://openalex.org/W2008106620","https://openalex.org/W2009696102","https://openalex.org/W2016415093","https://openalex.org/W2022203852","https://openalex.org/W2023959340","https://openalex.org/W2033635261","https://openalex.org/W2034222078","https://openalex.org/W2049695835","https://openalex.org/W2074847015","https://openalex.org/W2075496846","https://openalex.org/W2076148486","https://openalex.org/W2086037832","https://openalex.org/W2097294730","https://openalex.org/W2097444001","https://openalex.org/W2098465784","https://openalex.org/W2101512909","https://openalex.org/W2102012911","https://openalex.org/W2103904278","https://openalex.org/W2119029078","https://openalex.org/W2120138937","https://openalex.org/W2122751766","https://openalex.org/W2126247275","https://openalex.org/W2127443313","https://openalex.org/W2131359651","https://openalex.org/W2134287485","https://openalex.org/W2137952932","https://openalex.org/W2140158378","https://openalex.org/W2145568266","https://openalex.org/W2146455667","https://openalex.org/W2152055469","https://openalex.org/W2155772078","https://openalex.org/W2155851497","https://openalex.org/W2158248180","https://openalex.org/W2161540640","https://openalex.org/W2167924718","https://openalex.org/W2241224198","https://openalex.org/W2293624369","https://openalex.org/W2316974788","https://openalex.org/W2324618882","https://openalex.org/W2484118411","https://openalex.org/W2506495985","https://openalex.org/W2512083105","https://openalex.org/W2513251820","https://openalex.org/W2529696250","https://openalex.org/W2539254234","https://openalex.org/W2552080348","https://openalex.org/W2587975244","https://openalex.org/W2987635609","https://openalex.org/W3006404764","https://openalex.org/W3015669913","https://openalex.org/W4213320304","https://openalex.org/W4233410239","https://openalex.org/W4242009960"],"related_works":["https://openalex.org/W2755634893","https://openalex.org/W1507845365","https://openalex.org/W1637912404","https://openalex.org/W345638404","https://openalex.org/W2019299443","https://openalex.org/W2891085887","https://openalex.org/W2751940653","https://openalex.org/W3003055204","https://openalex.org/W2545238856","https://openalex.org/W51612467"],"abstract_inverted_index":{"Buffer":[0],"overflow":[1],"(BO)":[2],"is":[3,18,100,110,128],"a":[4,20,28,41,131,150],"well-known":[5],"and":[6,79,85,118],"widely":[7],"exploited":[8],"security":[9],"vulnerability.":[10],"Despite":[11],"the":[12,50,94,103,134],"extensive":[13],"body":[14],"of":[15,49,106,133],"research,":[16],"BO":[17,37,62,156],"still":[19],"threat":[21],"menacing":[22],"security-critical":[23],"applications.":[24],"The":[25,64],"authors":[26,65],"present":[27],"comprehensive":[29],"systematic":[30],"review":[31],"on":[32],"techniques":[33,88,139,145],"intended":[34],"to":[35,43,61],"detecting":[36],"vulnerabilities":[38,54],"before":[39],"releasing":[40],"software":[42,135],"production.":[44],"They":[45],"found":[46],"that":[47],"most":[48],"studies":[51],"addresses":[52],"several":[53],"or":[55],"memory":[56],"errors,":[57],"being":[58],"not":[59],"specific":[60],"detection.":[63,157],"organized":[66],"them":[67],"in":[68,114,124],"seven":[69],"categories:":[70],"program":[71,97],"analysis,":[72,83],"testing,":[73],"computational":[74],"intelligence,":[75],"symbolic":[76],"execution,":[77],"models,":[78],"code":[80,86,119,142],"inspection.":[81],"Program":[82],"testing":[84,109],"inspection":[87,120],"are":[89],"available":[90],"for":[91],"use":[92],"by":[93,102],"practitioner.":[95],"However,":[96],"analysis":[98,143],"adoption":[99],"hindered":[101],"high":[104],"number":[105],"false":[107],"alarms;":[108],"broadly":[111],"used":[112,123],"but":[113],"ad":[115],"hoc":[116],"manner;":[117],"can":[121],"be":[122],"practice":[125],"provided":[126],"it":[127],"added":[129],"as":[130],"task":[132],"development":[136],"process.":[137],"New":[138],"combining":[140],"object":[141],"with":[144],"from":[146],"different":[147],"categories":[148],"seem":[149],"promising":[151],"research":[152],"avenue":[153],"towards":[154],"practical":[155]},"counts_by_year":[{"year":2023,"cited_by_count":1},{"year":2022,"cited_by_count":1},{"year":2021,"cited_by_count":1},{"year":2020,"cited_by_count":1}],"updated_date":"2026-03-20T23:20:44.827607","created_date":"2019-02-21T00:00:00"}