Improving Java Deserialization Gadget Chain Mining via Overriding-Guided Object Generation-Reference-Cited by-同舟云学术

Improving Java Deserialization Gadget Chain Mining via Overriding-Guided Object Generation

Published:2023-05 Issue: Volume: Page:
ISSN:
Container-title:2023 IEEE/ACM 45th International Conference on Software Engineering (ICSE)
language:
Short-container-title:

Author:

Cao Sicong¹,Sun Xiaobing¹,Wu Xiaoxue¹,Bo Lili¹,Li Bin¹,Wu Rongxin²,Liu Wei¹,He Biao³,Ouyang Yu³,Li Jiajia³

Affiliation:

1. Yangzhou University

2. Xiamen University

3. Ant Group

Publisher

IEEE

Link

http://xplorestaging.ieee.org/ielx7/10172484/10172342/10172888.pdf?arnumber=10172888

Reference67 articles.

1. Heaps'n leaks

2. Less is more: Quantifying the security benefits of debloating web applications;azad;Proceedings of the 28th USENIX Security Symposium (USENIX Security),0

3. TaintBench: Automatic real-world malware benchmarking of Android taint analyses

4. ObjectMap

5. Fuzzing: Challenges and Reflections

Cited by 13 articles. 订阅此论文施引文献订阅此论文施引文献，注册后可以免费订阅5篇论文的施引文献，订阅后可以查看论文全部施引文献

1. SCL-CVD: Supervised contrastive learning for code vulnerability detection via GraphCodeBERT;Computers & Security;2024-10

2. Automated Data Binding Vulnerability Detection for Java Web Frameworks via Nested Property Graph;Proceedings of the 33rd ACM SIGSOFT International Symposium on Software Testing and Analysis;2024-09-11

3. Systemic Implications of CVE-2023-33246 A Closer Look at Remote Code Exploitation Mechanisms;2024 15th International Conference on Information and Communication Systems (ICICS);2024-08-13

4. Analyzing Prerequistes of known Deserializtion Vulnerabilities on Java Applications;Proceedings of the 28th International Conference on Evaluation and Assessment in Software Engineering;2024-06-18

5. EXVul: Toward Effective and Explainable Vulnerability Detection for IoT Devices;IEEE Internet of Things Journal;2024-06-15