{"status":"ok","message-type":"work","message-version":"1.0.0","message":{"indexed":{"date-parts":[[2025,7,3]],"date-time":"2025-07-03T05:45:13Z","timestamp":1751521513656,"version":"3.41.0"},"reference-count":32,"publisher":"Association for Computing Machinery (ACM)","issue":"2","license":[{"start":{"date-parts":[[2014,2,1]],"date-time":"2014-02-01T00:00:00Z","timestamp":1391212800000},"content-version":"vor","delay-in-days":0,"URL":"https:\/\/www.acm.org\/publications\/policies\/copyright_policy#Background"}],"funder":[{"DOI":"10.13039\/100000001","name":"National Science Foundation","doi-asserted-by":"publisher","id":[{"id":"10.13039\/100000001","id-type":"DOI","asserted-by":"publisher"}]},{"DOI":"10.13039\/100000185","name":"Defense Advanced Research Projects Agency","doi-asserted-by":"publisher","id":[{"id":"10.13039\/100000185","id-type":"DOI","asserted-by":"publisher"}]},{"DOI":"10.13039\/100002186","name":"Lockheed Martin","doi-asserted-by":"publisher","id":[{"id":"10.13039\/100002186","id-type":"DOI","asserted-by":"publisher"}]},{"name":"Prabhu and Poonam Goel Fellowship"},{"DOI":"10.13039\/100005014","name":"Northrop Grumman","doi-asserted-by":"publisher","id":[{"id":"10.13039\/100005014","id-type":"DOI","asserted-by":"publisher"}]}],"content-domain":{"domain":["dl.acm.org"],"crossmark-restriction":true},"short-container-title":["Commun. ACM"],"published-print":{"date-parts":[[2014,2]]},"abstract":"

The idea is to identify security-critical software bugs so they can be fixed first.","DOI":"10.1145\/2560217.2560219","type":"journal-article","created":{"date-parts":[[2014,1,28]],"date-time":"2014-01-28T13:49:22Z","timestamp":1390916962000},"page":"74-84","update-policy":"https:\/\/doi.org\/10.1145\/crossmark-policy","source":"Crossref","is-referenced-by-count":150,"title":["Automatic exploit generation"],"prefix":"10.1145","volume":"57","author":[{"given":"Thanassis","family":"Avgerinos","sequence":"first","affiliation":[{"name":"Carnegie Mellon University, Pittsburgh, PA"}]},{"given":"Sang Kil","family":"Cha","sequence":"additional","affiliation":[{"name":"Carnegie Mellon University, Pittsburgh, PA"}]},{"given":"Alexandre","family":"Rebert","sequence":"additional","affiliation":[{"name":"Carnegie Mellon University, Pittsburgh, PA"}]},{"given":"Edward J.","family":"Schwartz","sequence":"additional","affiliation":[{"name":"Carnegie Mellon University, Pittsburgh, PA"}]},{"given":"Maverick","family":"Woo","sequence":"additional","affiliation":[{"name":"Carnegie Mellon University, Pittsburgh, PA"}]},{"given":"David","family":"Brumley","sequence":"additional","affiliation":[{"name":"Carnegie Mellon University, Pittsburgh, PA"}]}],"member":"320","published-online":{"date-parts":[[2014,2]]},"reference":[{"key":"e_1_2_1_1_1","first-page":"300","volume":"283","author":"Avgerinos T.","year":"2011","unstructured":"Avgerinos , T. , Cha , S.K. , Lim , B.T.H. , and Brumley , D. AEG: Automatic Exploit Generation . In Proceedings of the Network and Distributed System Security Symposium (San Diego, CA, Feb. 6--9). Internet Society , Reston , VA , 2011 , 283 -- 300 . Avgerinos, T., Cha, S.K., Lim, B.T.H., and Brumley, D. AEG: Automatic Exploit Generation. In Proceedings of the Network and Distributed System Security Symposium (San Diego, CA, Feb. 6--9). Internet Society, Reston, VA, 2011, 283--300.","journal-title":"VA"},{"key":"e_1_2_1_3_1","doi-asserted-by":"publisher","DOI":"10.1145\/2382196.2382284"},{"key":"e_1_2_1_5_1","doi-asserted-by":"publisher","DOI":"10.1145\/800027.808445"},{"key":"e_1_2_1_7_1","volume-title":"Proceedings of the International Conference on Computer Aided Verification (Snowbird, UT, July 14--20)","author":"Brumley D.","year":"2011","unstructured":"Brumley , D. , Jager , I. , Avgerinos , T. , and Schwartz , E.J . BAP: A binary analysis platform . In Proceedings of the International Conference on Computer Aided Verification (Snowbird, UT, July 14--20) . Springer , Berlin, Heidelberg , Germany, 2011 , 463--469. Brumley, D., Jager, I., Avgerinos, T., and Schwartz, E.J. BAP: A binary analysis platform. In Proceedings of the International Conference on Computer Aided Verification (Snowbird, UT, July 14--20). Springer, Berlin, Heidelberg, Germany, 2011, 463--469."},{"key":"e_1_2_1_8_1","doi-asserted-by":"publisher","DOI":"10.1109\/SP.2008.17"},{"key":"e_1_2_1_9_1","volume-title":"Proceedings of the USENIX Symposium on Operating System Design and Implementation","author":"Cadar C.","year":"2008","unstructured":"Cadar , C. , Dunbar , D. , and Engler , D . KLEE: Unassisted and automatic generation of high-coverage tests for complex systems programs . In Proceedings of the USENIX Symposium on Operating System Design and Implementation ( San Diego, CA, Dec. 8--10). USENIX Association, Berkeley, CA , 2008 , 209--224. Cadar, C., Dunbar, D., and Engler, D. KLEE: Unassisted and automatic generation of high-coverage tests for complex systems programs. In Proceedings of the USENIX Symposium on Operating System Design and Implementation (San Diego, CA, Dec. 8--10). USENIX Association, Berkeley, CA, 2008, 209--224."},{"key":"e_1_2_1_10_1","doi-asserted-by":"publisher","DOI":"10.1145\/1180405.1180445"},{"key":"e_1_2_1_11_1","doi-asserted-by":"publisher","DOI":"10.1145\/2408776.2408795"},{"key":"e_1_2_1_12_1","doi-asserted-by":"publisher","DOI":"10.1109\/SP.2012.31"},{"key":"e_1_2_1_13_1","doi-asserted-by":"publisher","DOI":"10.1145\/2110356.2110358"},{"key":"e_1_2_1_14_1","first-page":"2011","volume-title":"National Institute of Standards and Technology","author":"Stack Buffer Overflow","year":"2011","unstructured":"CERT\/NIST. PHP socket_connect() Stack Buffer Overflow . National Vulnerability Database, Entry CVE-2011-1938 . National Institute of Standards and Technology , Gaithersburg, MD , May 31, 2011 ; http:\/\/web.nvd.nist.gov\/view\/vuln\/detail?vulnId=CVE- 2011 - 1938 CERT\/NIST. PHP socket_connect() Stack Buffer Overflow. National Vulnerability Database, Entry CVE-2011-1938. National Institute of Standards and Technology, Gaithersburg, MD, May 31, 2011; http:\/\/web.nvd.nist.gov\/view\/vuln\/detail?vulnId=CVE-2011-1938"},{"key":"e_1_2_1_15_1","doi-asserted-by":"publisher","DOI":"10.1145\/1995376.1995394"},{"key":"e_1_2_1_16_1","doi-asserted-by":"publisher","DOI":"10.1145\/360204.360220"},{"key":"e_1_2_1_17_1","doi-asserted-by":"publisher","DOI":"10.1145\/1062455.1062518"},{"key":"e_1_2_1_18_1","doi-asserted-by":"publisher","DOI":"10.1145\/1190216.1190226"},{"key":"e_1_2_1_19_1","doi-asserted-by":"publisher","DOI":"10.1145\/1065010.1065036"},{"key":"e_1_2_1_20_1","doi-asserted-by":"publisher","DOI":"10.1145\/2093548.2093564"},{"key":"e_1_2_1_21_1","volume-title":"ToorCon Seattle (Seattle, WA","author":"Grenier L.","year":"2007","unstructured":"Grenier , L. ( Pusscat and Lin0xx). Byakugan: Automating exploitation . In ToorCon Seattle (Seattle, WA , May 2007 ); http:\/\/seattle.toorcon.net\/ Grenier, L. (Pusscat and Lin0xx). Byakugan: Automating exploitation. In ToorCon Seattle (Seattle, WA, May 2007); http:\/\/seattle.toorcon.net\/"},{"key":"e_1_2_1_23_1","doi-asserted-by":"publisher","DOI":"10.1109\/T-C.1975.224259"},{"key":"e_1_2_1_24_1","doi-asserted-by":"publisher","DOI":"10.1145\/1592434.1592438"},{"key":"e_1_2_1_25_1","doi-asserted-by":"publisher","DOI":"10.1145\/360248.360252"},{"key":"e_1_2_1_26_1","doi-asserted-by":"publisher","DOI":"10.1145\/2254064.2254088"},{"key":"e_1_2_1_27_1","doi-asserted-by":"publisher","DOI":"10.1109\/TSE.2010.60"},{"key":"e_1_2_1_29_1","volume-title":"Technical Report","author":"Muller T. ASLR","year":"2008","unstructured":"Muller , T. ASLR Smack & Laugh Reference Seminar on Advanced Exploitation Techniques. Technical Report . RWTH Aachen University , Aachen, Germany , Feb. 2008 . Muller, T. ASLR Smack & Laugh Reference Seminar on Advanced Exploitation Techniques. Technical Report. RWTH Aachen University, Aachen, Germany, Feb. 2008."},{"key":"e_1_2_1_30_1","doi-asserted-by":"publisher","DOI":"10.1145\/1572272.1572299"},{"key":"e_1_2_1_31_1","volume-title":"Proceedings of the USENIX Security Symposium","author":"Schwartz E.J.","year":"2011","unstructured":"Schwartz , E.J. , Avgerinos , T. , and Brumley , D . Q: Exploit hardening made easy . In Proceedings of the USENIX Security Symposium ( San Francisco, Aug. 8--12). USENIX Association, Berkeley, CA , 2011 , 379--394. Schwartz, E.J., Avgerinos, T., and Brumley, D.Q: Exploit hardening made easy. In Proceedings of the USENIX Security Symposium (San Francisco, Aug. 8--12). USENIX Association, Berkeley, CA, 2011, 379--394."},{"key":"e_1_2_1_32_1","doi-asserted-by":"publisher","DOI":"10.1145\/1081706.1081750"},{"key":"e_1_2_1_33_1","doi-asserted-by":"publisher","DOI":"10.1145\/1315245.1315313"},{"key":"e_1_2_1_34_1","doi-asserted-by":"publisher","DOI":"10.1145\/1030083.1030124"},{"key":"e_1_2_1_35_1","doi-asserted-by":"publisher","DOI":"10.1007\/978-3-642-33338-5_5"},{"key":"e_1_2_1_36_1","volume-title":"Proceedings of the USENIX Workshop on Offensive Technologies","author":"Vanegue J.","year":"2012","unstructured":"Vanegue , J. , Heelan , S. , and Rolles , R . SMT solvers for software security . In Proceedings of the USENIX Workshop on Offensive Technologies ( Bellevue, WA, Aug. 6--7). USENIX Association, Berkeley, CA , 2012 . Vanegue, J., Heelan, S., and Rolles, R. SMT solvers for software security. In Proceedings of the USENIX Workshop on Offensive Technologies (Bellevue, WA, Aug. 6--7). USENIX Association, Berkeley, CA, 2012."},{"key":"e_1_2_1_37_1","volume-title":"Proceedings of the USENIX Conference on Operating Systems Design and Implementation","author":"Wang X.","year":"2012","unstructured":"Wang , X. , Chen , H. , Jia , Z. , Zeldovich , N. , and Kaashoek , M.F . Improving integer security for systems with KINT . In Proceedings of the USENIX Conference on Operating Systems Design and Implementation ( Hollywood, CA, Oct. 8--10). USENIX Association, Berkeley, CA , 2012 , 163--177. Wang, X., Chen, H., Jia, Z., Zeldovich, N., and Kaashoek, M.F. Improving integer security for systems with KINT. In Proceedings of the USENIX Conference on Operating Systems Design and Implementation (Hollywood, CA, Oct. 8--10). USENIX Association, Berkeley, CA, 2012, 163--177."}],"container-title":["Communications of the ACM"],"original-title":[],"language":"en","link":[{"URL":"https:\/\/dl.acm.org\/doi\/10.1145\/2560217.2560219","content-type":"unspecified","content-version":"vor","intended-application":"text-mining"},{"URL":"https:\/\/dl.acm.org\/doi\/pdf\/10.1145\/2560217.2560219","content-type":"unspecified","content-version":"vor","intended-application":"similarity-checking"}],"deposited":{"date-parts":[[2025,6,18]],"date-time":"2025-06-18T08:10:21Z","timestamp":1750234221000},"score":1,"resource":{"primary":{"URL":"https:\/\/dl.acm.org\/doi\/10.1145\/2560217.2560219"}},"subtitle":[],"short-title":[],"issued":{"date-parts":[[2014,2]]},"references-count":32,"journal-issue":{"issue":"2","published-print":{"date-parts":[[2014,2]]}},"alternative-id":["10.1145\/2560217.2560219"],"URL":"https:\/\/doi.org\/10.1145\/2560217.2560219","relation":{},"ISSN":["0001-0782","1557-7317"],"issn-type":[{"type":"print","value":"0001-0782"},{"type":"electronic","value":"1557-7317"}],"subject":[],"published":{"date-parts":[[2014,2]]},"assertion":[{"value":"2014-02-01","order":2,"name":"published","label":"Published","group":{"name":"publication_history","label":"Publication History"}}]}}