FRINK Linked Data Fragments server

Matches in SemOpenAlex for { <https://semopenalex.org/work/W4387321736> ?p ?o ?g. }

• W4387321736 abstract "Over the past decade, use-after-free (UaF) has become one of the most exploited types of vulnerabilities. To address this increasing threat, we need to advance the defense in multiple directions, such as UaF vulnerability detection, UaF exploit defense, and UaF bug fix. Unfortunately, the intricacy rooted in the temporal nature of UaF vulnerabilities makes it quite challenging to develop effective and efficient defenses in these directions. This calls for an in-depth understanding of real-world UaF characteristics. This paper presents the first comprehensive empirical study of UaF vulnerabilities, with 150 cases randomly sampled from multiple representative software suites, such as Linux kernel, Python, and Mozilla Firefox. We aim to identify the commonalities, root causes, and patterns from real-world UaF bugs, so that the empirical results can provide operational guidance to avoid, detect, deter, and fix UaF vulnerabilities. Our main finding is that the root causes of UaF bugs are diverse, and they are not evenly or equally distributed among different software. This implies that a generic UaF detector/fuzzer is probably not an optimal solution. We further categorize the root causes into 11 patterns, several of which can be translated into simple static detection rules to cover a large portion of the 150 UaF vulnerabilities with high accuracy. Motivated by our findings, we implement 11 checkers in a static bug detector called Palfrey. Running Palfrey on the code of popular open source software, we detect 9 new UaF vulnerabilities. Compared with state-of-the-art static bug detectors, Palfrey outperforms in coverage and accuracy for UaF detection, as well as time and memory overhead." @default.
• W4387321736 created "2023-10-04" @default.
• W4387321736 creator A5030431784 @default.
• W4387321736 creator A5053996887 @default.
• W4387321736 creator A5059795206 @default.
• W4387321736 creator A5076503447 @default.
• W4387321736 date "2023-10-16" @default.
• W4387321736 modified "2023-10-18" @default.
• W4387321736 title "All Use-After-Free Vulnerabilities Are Not Created Equal: An Empirical Study on Their Characteristics and Detectability" @default.
• W4387321736 cites W1546956568 @default.
• W4387321736 cites W1599830632 @default.
• W4387321736 cites W1984471991 @default.
• W4387321736 cites W1985679169 @default.
• W4387321736 cites W2002934700 @default.
• W4387321736 cites W2028820179 @default.
• W4387321736 cites W2043811931 @default.
• W4387321736 cites W2059278087 @default.
• W4387321736 cites W2078186835 @default.
• W4387321736 cites W2089750484 @default.
• W4387321736 cites W2101161997 @default.
• W4387321736 cites W2127321265 @default.
• W4387321736 cites W2130745898 @default.
• W4387321736 cites W2134028114 @default.
• W4387321736 cites W2144706305 @default.
• W4387321736 cites W2145458045 @default.
• W4387321736 cites W2146649139 @default.
• W4387321736 cites W2146878883 @default.
• W4387321736 cites W2149263382 @default.
• W4387321736 cites W2154557525 @default.
• W4387321736 cites W2156858199 @default.
• W4387321736 cites W2165266180 @default.
• W4387321736 cites W2243109068 @default.
• W4387321736 cites W2315953879 @default.
• W4387321736 cites W2327265941 @default.
• W4387321736 cites W2508576555 @default.
• W4387321736 cites W2534728012 @default.
• W4387321736 cites W2606752733 @default.
• W4387321736 cites W2613534458 @default.
• W4387321736 cites W2766540688 @default.
• W4387321736 cites W2773223713 @default.
• W4387321736 cites W2777430404 @default.
• W4387321736 cites W2790465281 @default.
• W4387321736 cites W2794889478 @default.
• W4387321736 cites W2890363035 @default.
• W4387321736 cites W2947565728 @default.
• W4387321736 cites W3024830775 @default.
• W4387321736 cites W4251707615 @default.
• W4387321736 cites W4251803824 @default.
• W4387321736 cites W4366324995 @default.
• W4387321736 cites W71566816 @default.
• W4387321736 doi "https://doi.org/10.1145/3607199.3607229" @default.
• W4387321736 hasPublicationYear "2023" @default.
• W4387321736 type Work @default.
• W4387321736 citedByCount "0" @default.
• W4387321736 crossrefType "proceedings-article" @default.
• W4387321736 hasAuthorship W4387321736A5030431784 @default.
• W4387321736 hasAuthorship W4387321736A5053996887 @default.
• W4387321736 hasAuthorship W4387321736A5059795206 @default.
• W4387321736 hasAuthorship W4387321736A5076503447 @default.
• W4387321736 hasConcept C1009929 @default.
• W4387321736 hasConcept C105795698 @default.
• W4387321736 hasConcept C115903868 @default.
• W4387321736 hasConcept C120936955 @default.
• W4387321736 hasConcept C138885662 @default.
• W4387321736 hasConcept C165696696 @default.
• W4387321736 hasConcept C171078966 @default.
• W4387321736 hasConcept C199360897 @default.
• W4387321736 hasConcept C2777904410 @default.
• W4387321736 hasConcept C33923547 @default.
• W4387321736 hasConcept C38652104 @default.
• W4387321736 hasConcept C41008148 @default.
• W4387321736 hasConcept C41895202 @default.
• W4387321736 hasConcept C43126263 @default.
• W4387321736 hasConcept C519991488 @default.
• W4387321736 hasConceptScore W4387321736C1009929 @default.
• W4387321736 hasConceptScore W4387321736C105795698 @default.
• W4387321736 hasConceptScore W4387321736C115903868 @default.
• W4387321736 hasConceptScore W4387321736C120936955 @default.
• W4387321736 hasConceptScore W4387321736C138885662 @default.
• W4387321736 hasConceptScore W4387321736C165696696 @default.
• W4387321736 hasConceptScore W4387321736C171078966 @default.
• W4387321736 hasConceptScore W4387321736C199360897 @default.
• W4387321736 hasConceptScore W4387321736C2777904410 @default.
• W4387321736 hasConceptScore W4387321736C33923547 @default.
• W4387321736 hasConceptScore W4387321736C38652104 @default.
• W4387321736 hasConceptScore W4387321736C41008148 @default.
• W4387321736 hasConceptScore W4387321736C41895202 @default.
• W4387321736 hasConceptScore W4387321736C43126263 @default.
• W4387321736 hasConceptScore W4387321736C519991488 @default.
• W4387321736 hasLocation W43873217361 @default.
• W4387321736 hasOpenAccess W4387321736 @default.
• W4387321736 hasPrimaryLocation W43873217361 @default.
• W4387321736 hasRelatedWork W1496222301 @default.
• W4387321736 hasRelatedWork W1590307681 @default.
• W4387321736 hasRelatedWork W2537809616 @default.
• W4387321736 hasRelatedWork W2789551765 @default.
• W4387321736 hasRelatedWork W2886678613 @default.
• W4387321736 hasRelatedWork W3014289436 @default.
• W4387321736 hasRelatedWork W3207760230 @default.
• W4387321736 hasRelatedWork W4285370786 @default.

• next