{"status":"ok","message-type":"work","message-version":"1.0.0","message":{"indexed":{"date-parts":[[2026,1,31]],"date-time":"2026-01-31T07:47:48Z","timestamp":1769845668766,"version":"3.49.0"},"publisher-location":"Cham","reference-count":55,"publisher":"Springer International Publishing","isbn-type":[{"value":"9783030526825","type":"print"},{"value":"9783030526832","type":"electronic"}],"license":[{"start":{"date-parts":[[2020,1,1]],"date-time":"2020-01-01T00:00:00Z","timestamp":1577836800000},"content-version":"tdm","delay-in-days":0,"URL":"http:\/\/www.springer.com\/tdm"},{"start":{"date-parts":[[2020,1,1]],"date-time":"2020-01-01T00:00:00Z","timestamp":1577836800000},"content-version":"vor","delay-in-days":0,"URL":"http:\/\/www.springer.com\/tdm"}],"content-domain":{"domain":["link.springer.com"],"crossmark-restriction":false},"short-container-title":[],"published-print":{"date-parts":[[2020]]},"DOI":"10.1007\/978-3-030-52683-2_11","type":"book-chapter","created":{"date-parts":[[2020,7,6]],"date-time":"2020-07-06T23:19:19Z","timestamp":1594077559000},"page":"217-237","update-policy":"https:\/\/doi.org\/10.1007\/springer_crossmark_policy","source":"Crossref","is-referenced-by-count":17,"title":["Distributed Heterogeneous N-Variant Execution"],"prefix":"10.1007","author":[{"given":"Alexios","family":"Voulimeneas","sequence":"first","affiliation":[],"role":[{"role":"author","vocabulary":"crossref"}]},{"given":"Dokyung","family":"Song","sequence":"additional","affiliation":[],"role":[{"role":"author","vocabulary":"crossref"}]},{"given":"Fabian","family":"Parzefall","sequence":"additional","affiliation":[],"role":[{"role":"author","vocabulary":"crossref"}]},{"given":"Yeoul","family":"Na","sequence":"additional","affiliation":[],"role":[{"role":"author","vocabulary":"crossref"}]},{"given":"Per","family":"Larsen","sequence":"additional","affiliation":[],"role":[{"role":"author","vocabulary":"crossref"}]},{"given":"Michael","family":"Franz","sequence":"additional","affiliation":[],"role":[{"role":"author","vocabulary":"crossref"}]},{"given":"Stijn","family":"Volckaert","sequence":"additional","affiliation":[],"role":[{"role":"author","vocabulary":"crossref"}]}],"member":"297","published-online":{"date-parts":[[2020,7,7]]},"reference":[{"key":"11_CR1","doi-asserted-by":"crossref","unstructured":"Abadi, M., Budiu, M., Erlingsson, U., Ligatti, J.: Control-flow integrity. In: CCS (2005)","DOI":"10.1145\/1102120.1102165"},{"key":"11_CR2","doi-asserted-by":"crossref","unstructured":"Avizienis, A.: The N-version approach to fault-tolerant software. IEEE TSE (12), 1491\u20131501 (1985)","DOI":"10.1109\/TSE.1985.231893"},{"key":"11_CR3","doi-asserted-by":"crossref","unstructured":"Berger, E.D., Zorn, B.G.: Diehard: probabilistic memory safety for unsafe languages. In: PLDI (2006)","DOI":"10.1145\/1133981.1134000"},{"key":"11_CR4","doi-asserted-by":"crossref","unstructured":"Bittau, A., Belay, A., Mashtizadeh, A., Mazi\u00e8res, D., Boneh, D.: Hacking blind. In: IEEE S&P (2014)","DOI":"10.1109\/SP.2014.22"},{"key":"11_CR5","doi-asserted-by":"crossref","unstructured":"Bruschi, D., Cavallaro, L., Lanzi, A.: Diversified process replic\u00e6 for defeating memory error exploits. In: IEEE IPCCC (2007)","DOI":"10.1109\/PCCC.2007.358924"},{"issue":"1","key":"11_CR6","doi-asserted-by":"publisher","first-page":"16","DOI":"10.1145\/3054924","volume":"50","author":"N Burow","year":"2017","unstructured":"Burow, N., et al.: Control-flow integrity: precision, security, and performance. ACM Comput. Surv. (CSUR) 50(1), 16 (2017)","journal-title":"ACM Comput. Surv. (CSUR)"},{"key":"11_CR7","doi-asserted-by":"crossref","unstructured":"Checkoway, S., Davi, L., Dmitrienko, A., Sadeghi, A., Shacham, H., Winandy, M.: Return-oriented programming without returns. In: CCS (2010)","DOI":"10.1145\/1866307.1866370"},{"key":"11_CR8","unstructured":"Chen, L., Avizienis, A.: N-version programming: a fault-tolerance approach to reliability of software operation. In: FTCS (1978)"},{"key":"11_CR9","unstructured":"Chen, S., Xu, J., Sezer, E.C., Gauriar, P., Iyer, R.K.: Non-control-data attacks are realistic threats. In: USENIX Security Symposium (2005)"},{"key":"11_CR10","series-title":"Lecture Notes in Computer Science","doi-asserted-by":"publisher","first-page":"85","DOI":"10.1007\/978-3-319-51966-1_6","volume-title":"Foundations and Practice of Security","author":"Z Chen","year":"2017","unstructured":"Chen, Z., Han, H.: Attack mitigation by data structure randomization. In: Cuppens, F., Wang, L., Cuppens-Boulahia, N., Tawbi, N., Garcia-Alfaro, J. (eds.) FPS 2016. LNCS, vol. 10128, pp. 85\u201393. Springer, Cham (2017). \nhttps:\/\/doi.org\/10.1007\/978-3-319-51966-1_6"},{"key":"11_CR11","doi-asserted-by":"crossref","unstructured":"Conti, M., et al.: Losing control: on the effectiveness of control-flow integrity under stack attacks. In: CCS (2015)","DOI":"10.1145\/2810103.2813671"},{"key":"11_CR12","unstructured":"Cox, B., et al.: N-variant systems: a secretless framework for security through diversity. In: USENIX Security Symposium (2006)"},{"key":"11_CR13","unstructured":"Durden, T.: Bypassing PaX ASLR protection. Phrack Mag. 11 (2002)"},{"key":"11_CR14","doi-asserted-by":"crossref","unstructured":"Evans, I., et al.: Control jujutsu: on the weaknesses of fine-grained control flow integrity. In: CCS (2015)","DOI":"10.1145\/2810103.2813646"},{"key":"11_CR15","doi-asserted-by":"crossref","unstructured":"Gil, R., Okhravi, H., Shrobe, H.: There\u2019s a hole in the bottom of the C: on the effectiveness of allocation protection. In: IEEE SecDev (2018)","DOI":"10.1109\/SecDev.2018.00021"},{"key":"11_CR16","doi-asserted-by":"crossref","unstructured":"G\u00f6ktas, E., et al.: Position-independent code reuse: on the effectiveness of ASLR in the absence of information disclosure. In: IEEE EuroS&P (2018)","DOI":"10.1109\/EuroSP.2018.00024"},{"key":"11_CR17","unstructured":"ENet: Reliable UDP networking library. \nhttp:\/\/enet.bespin.org"},{"key":"11_CR18","doi-asserted-by":"crossref","unstructured":"Gras, B., Razavi, K., Bosman, E., Bos, H., Giuffrida, C.: ASLR on the line: practical cache attacks on the MMU. In: NDSS (2017)","DOI":"10.14722\/ndss.2017.23271"},{"key":"11_CR19","series-title":"Lecture Notes in Computer Science","doi-asserted-by":"publisher","first-page":"300","DOI":"10.1007\/978-3-319-40667-1_15","volume-title":"Detection of Intrusions and Malware, and Vulnerability Assessment","author":"D Gruss","year":"2016","unstructured":"Gruss, D., Maurice, C., Mangard, S.: Rowhammer.js: a remote software-induced fault attack in javascript. In: Caballero, J., Zurutuza, U., Rodr\u00edguez, R.J. (eds.) DIMVA 2016. LNCS, vol. 9721, pp. 300\u2013321. Springer, Cham (2016). \nhttps:\/\/doi.org\/10.1007\/978-3-319-40667-1_15"},{"key":"11_CR20","doi-asserted-by":"crossref","unstructured":"Hosek, P., Cadar, C.: Safe software updates via multi-version execution. In: ICSE (2013)","DOI":"10.1109\/ICSE.2013.6606607"},{"key":"11_CR21","doi-asserted-by":"crossref","unstructured":"Hosek, P., Cadar, C.: Varan the unbelievable: an efficient n-version execution framework. In: ASPLOS (2015)","DOI":"10.1145\/2694344.2694390"},{"key":"11_CR22","unstructured":"Hu, H., Chua, Z.L., Adrian, S., Saxena, P., Liang, Z.: Automatic generation of data-oriented exploits. In: USENIX Security Symposium (2015)"},{"key":"11_CR23","doi-asserted-by":"crossref","unstructured":"Hu, H., Shinde, S., Adrian, S., Chua, Z.L., Saxena, P., Liang, Z.: Data-oriented programming: on the expressiveness of non-control data attacks. In: IEEE S&P (2016)","DOI":"10.1109\/SP.2016.62"},{"key":"11_CR24","doi-asserted-by":"crossref","unstructured":"Hund, R., Willems, C., Holz, T.: Practical timing side channel attacks against kernel space ASLR. In: IEEE S&P (2013)","DOI":"10.1109\/SP.2013.23"},{"key":"11_CR25","doi-asserted-by":"crossref","unstructured":"Kim, D., Kwon, Y., Sumner, W.N., Zhang, X., Xu, D.: Dual execution for on the fly fine grained execution comparison. In: ASPLOS (2015)","DOI":"10.1145\/2694344.2694394"},{"key":"11_CR26","doi-asserted-by":"crossref","unstructured":"Koning, K., Bos, H., Giuffrida, C.: Secure and efficient multi-variant execution using hardware-assisted process virtualization. In: DSN (2016)","DOI":"10.1109\/DSN.2016.46"},{"key":"11_CR27","doi-asserted-by":"crossref","unstructured":"Kwon, Y., et al.: LDX: causality inference by lightweight dual execution. In: ASPLOS (2016)","DOI":"10.1145\/2872362.2872395"},{"key":"11_CR28","doi-asserted-by":"crossref","unstructured":"Larsen, P., Homescu, A., Brunthaler, S., Franz, M.: SoK: automated software diversity. In: IEEE S&P (2014)","DOI":"10.1109\/SP.2014.25"},{"key":"11_CR29","unstructured":"Mellanox\u2019s Messaging Accelerator. \nhttps:\/\/github.com\/Mellanox\/libvma\/"},{"key":"11_CR30","series-title":"Lecture Notes in Computer Science","doi-asserted-by":"publisher","first-page":"107","DOI":"10.1007\/978-3-642-02918-9_7","volume-title":"Detection of Intrusions and Malware, and Vulnerability Assessment","author":"Z Lin","year":"2009","unstructured":"Lin, Z., Riley, R.D., Xu, D.: Polymorphing software by randomizing data structure layout. In: Flegel, U., Bruschi, D. (eds.) DIMVA 2009. LNCS, vol. 5587, pp. 107\u2013126. Springer, Heidelberg (2009). \nhttps:\/\/doi.org\/10.1007\/978-3-642-02918-9_7"},{"key":"11_CR31","doi-asserted-by":"crossref","unstructured":"Lu, K., Xu, M., Song, C., Kim, T., Lee, W.: Stopping memory disclosures via diversification and replicated execution. In: IEEE TDSC (2018)","DOI":"10.1109\/TDSC.2018.2878234"},{"key":"11_CR32","unstructured":"Maurer, M., Brumley, D.: TACHYON: tandem execution for efficient live patch testing. In: USENIX Security Symposium (2012)"},{"key":"11_CR33","unstructured":"Mellanox ConnectX-5 EN Adapter Supporting 100\u00a0Gb\/s Ethernet"},{"key":"11_CR34","doi-asserted-by":"crossref","unstructured":"Nagarakatte, S., Zhao, J., Martin, M.M., Zdancewic, S.: SoftBound: highly compatible and complete spatial memory safety for C. In: PLDI (2009)","DOI":"10.1145\/1542476.1542504"},{"key":"11_CR35","doi-asserted-by":"crossref","unstructured":"Nagarakatte, S., Zhao, J., Martin, M.M., Zdancewic, S.: CETS: compiler enforced temporal safety for C. In: ISMM (2010)","DOI":"10.1145\/1806651.1806657"},{"key":"11_CR36","doi-asserted-by":"crossref","unstructured":"Novark, G., Berger, E.D.: DieHarder: securing the heap. In: CCS (2010)","DOI":"10.1145\/1866307.1866371"},{"key":"11_CR37","unstructured":"Pessl, P., Gruss, D., Maurice, C., Schwarz, M., Mangard, S.: Drama: Exploiting dram addressing for cross-cpu attacks. In: USENIX Security Symposium (2016)"},{"key":"11_CR38","doi-asserted-by":"crossref","unstructured":"Pina, L., Andronidis, A., Hicks, M., Cadar, C.: Mvedsua: higher availability dynamic software updates via multi-version execution. In: ASPLOS (2019)","DOI":"10.1145\/3297858.3304063"},{"key":"11_CR39","doi-asserted-by":"crossref","unstructured":"Salamat, B., Jackson, T., Gal, A., Franz, M.: Orchestra: intrusion detection using parallel execution and monitoring of program variants in user-space. In: EuroSys (2009)","DOI":"10.1145\/1519065.1519071"},{"key":"11_CR40","unstructured":"Schirra, S.: Ropper (2014). \nhttps:\/\/github.com\/sashs\/Ropper"},{"key":"11_CR41","unstructured":"Seaborn, M., Dullien, T.: Exploiting the dram rowhammer bug to gain kernel privileges. In: BlackHat USA (2015)"},{"key":"11_CR42","doi-asserted-by":"crossref","unstructured":"Shacham, H.: The geometry of innocent flesh on the bone: return-into-libc without function calls (on the x86). In: CCS (2007)","DOI":"10.1145\/1315245.1315313"},{"key":"11_CR43","doi-asserted-by":"crossref","unstructured":"Snow, K.Z., Monrose, F., Davi, L., Dmitrienko, A., Liebchen, C., Sadeghi, A.: Just-in-time code reuse: on the effectiveness of fine-grained address space layout randomization. In: IEEE S&P (2013)","DOI":"10.1109\/SP.2013.45"},{"key":"11_CR44","doi-asserted-by":"crossref","unstructured":"Song, D., et al.: SoK: sanitizing for security. In: IEEE S&P (2019)","DOI":"10.1109\/SP.2019.00010"},{"key":"11_CR45","unstructured":"System call intercepting library. \nhttps:\/\/github.com\/pmem\/syscall_intercept"},{"key":"11_CR46","doi-asserted-by":"crossref","unstructured":"Szekeres, L., Payer, M., Wei, T., Song, D.: SoK: eternal war in memory. In: IEEE S&P (2013)","DOI":"10.1109\/SP.2013.13"},{"key":"11_CR47","doi-asserted-by":"crossref","unstructured":"Tatar, A., Giuffrida, C., Bos, H., Razavi, K.: Defeating software mitigations against rowhammer: a surgical precision hammer. In: RAID (2018)","DOI":"10.1007\/978-3-030-00470-5_3"},{"key":"11_CR48","doi-asserted-by":"crossref","unstructured":"van der Veen, V., Andriesse, D., Stamatogiannakis, M., Chen, X., Bos, H., Giuffrida, C.: The dynamics of innocent flesh on the bone: Code reuse ten years later. In: CCS (2017)","DOI":"10.1145\/3133956.3134026"},{"key":"11_CR49","doi-asserted-by":"crossref","unstructured":"Van Der Veen, V., et al.: Drammer: deterministic rowhammer attacks on mobile platforms. In: CCS (2016)","DOI":"10.1145\/2976749.2978406"},{"issue":"4","key":"11_CR50","first-page":"437","volume":"13","author":"S Volckaert","year":"2016","unstructured":"Volckaert, S., Coppens, B., De Sutter, B.: Cloning your gadgets: complete ROP attack immunity with multi-variant execution. IEEE TDSC 13(4), 437\u2013450 (2016)","journal-title":"IEEE TDSC"},{"key":"11_CR51","doi-asserted-by":"crossref","unstructured":"Volckaert, S., Coppens, B., De Sutter, B., De Bosschere, K., Larsen, P., Franz, M.: Taming parallelism in a multi-variant execution environment. In: EuroSys (2017)","DOI":"10.1145\/3064176.3064178"},{"key":"11_CR52","unstructured":"Volckaert, S., et al.: Secure and efficient application monitoring and replication. In: USENIX ATC (2016)"},{"key":"11_CR53","doi-asserted-by":"crossref","unstructured":"Volckaert, S., De Sutter, B., De Baets, T., De Bosschere, K.: GHUMVEE: efficient, effective, and flexible replication. In: FPS (2012)","DOI":"10.1007\/978-3-642-37119-6_17"},{"key":"11_CR54","unstructured":"Xu, M., Lu, K., Kim, T., Lee, W.: Bunshin: compositing security mechanisms through diversification. In: USENIX ATC (2017)"},{"key":"11_CR55","doi-asserted-by":"crossref","unstructured":"\u00d6sterlund, S., Koning, K., Olivier, P., Barbalace, A., Bos, H., Giuffrida, C.: kMVX: detecting kernel information leaks with multi-variant execution. In: ASPLOS (2019)","DOI":"10.1145\/3297858.3304054"}],"container-title":["Lecture Notes in Computer Science","Detection of Intrusions and Malware, and Vulnerability Assessment"],"original-title":[],"language":"en","link":[{"URL":"http:\/\/link.springer.com\/content\/pdf\/10.1007\/978-3-030-52683-2_11","content-type":"unspecified","content-version":"vor","intended-application":"similarity-checking"}],"deposited":{"date-parts":[[2020,7,7]],"date-time":"2020-07-07T00:07:31Z","timestamp":1594080451000},"score":1,"resource":{"primary":{"URL":"http:\/\/link.springer.com\/10.1007\/978-3-030-52683-2_11"}},"subtitle":[],"short-title":[],"issued":{"date-parts":[[2020]]},"ISBN":["9783030526825","9783030526832"],"references-count":55,"URL":"https:\/\/doi.org\/10.1007\/978-3-030-52683-2_11","relation":{},"ISSN":["0302-9743","1611-3349"],"issn-type":[{"value":"0302-9743","type":"print"},{"value":"1611-3349","type":"electronic"}],"subject":[],"published":{"date-parts":[[2020]]},"assertion":[{"value":"7 July 2020","order":1,"name":"first_online","label":"First Online","group":{"name":"ChapterHistory","label":"Chapter History"}},{"value":"DIMVA","order":1,"name":"conference_acronym","label":"Conference Acronym","group":{"name":"ConferenceInfo","label":"Conference Information"}},{"value":"International Conference on Detection of Intrusions and Malware, and Vulnerability Assessment","order":2,"name":"conference_name","label":"Conference Name","group":{"name":"ConferenceInfo","label":"Conference Information"}},{"value":"Lisbon","order":3,"name":"conference_city","label":"Conference City","group":{"name":"ConferenceInfo","label":"Conference Information"}},{"value":"Portugal","order":4,"name":"conference_country","label":"Conference Country","group":{"name":"ConferenceInfo","label":"Conference Information"}},{"value":"2020","order":5,"name":"conference_year","label":"Conference Year","group":{"name":"ConferenceInfo","label":"Conference Information"}},{"value":"24 June 2020","order":7,"name":"conference_start_date","label":"Conference Start Date","group":{"name":"ConferenceInfo","label":"Conference Information"}},{"value":"26 June 2020","order":8,"name":"conference_end_date","label":"Conference End Date","group":{"name":"ConferenceInfo","label":"Conference Information"}},{"value":"17","order":9,"name":"conference_number","label":"Conference Number","group":{"name":"ConferenceInfo","label":"Conference Information"}},{"value":"dimva2020","order":10,"name":"conference_id","label":"Conference ID","group":{"name":"ConferenceInfo","label":"Conference Information"}},{"value":"https:\/\/dimva2020.campus.ciencias.ulisboa.pt\/index.html","order":11,"name":"conference_url","label":"Conference URL","group":{"name":"ConferenceInfo","label":"Conference Information"}},{"value":"Double-blind","order":1,"name":"type","label":"Type","group":{"name":"ConfEventPeerReviewInformation","label":"Peer Review Information (provided by the conference organizers)"}},{"value":"Hotcrp","order":2,"name":"conference_management_system","label":"Conference Management System","group":{"name":"ConfEventPeerReviewInformation","label":"Peer Review Information (provided by the conference organizers)"}},{"value":"45","order":3,"name":"number_of_submissions_sent_for_review","label":"Number of Submissions Sent for Review","group":{"name":"ConfEventPeerReviewInformation","label":"Peer Review Information (provided by the conference organizers)"}},{"value":"12","order":4,"name":"number_of_full_papers_accepted","label":"Number of Full Papers Accepted","group":{"name":"ConfEventPeerReviewInformation","label":"Peer Review Information (provided by the conference organizers)"}},{"value":"1","order":5,"name":"number_of_short_papers_accepted","label":"Number of Short Papers Accepted","group":{"name":"ConfEventPeerReviewInformation","label":"Peer Review Information (provided by the conference organizers)"}},{"value":"27% - The value is computed by the equation \"Number of Full Papers Accepted \/ Number of Submissions Sent for Review * 100\" and then rounded to a whole number.","order":6,"name":"acceptance_rate_of_full_papers","label":"Acceptance Rate of Full Papers","group":{"name":"ConfEventPeerReviewInformation","label":"Peer Review Information (provided by the conference organizers)"}},{"value":"3","order":7,"name":"average_number_of_reviews_per_paper","label":"Average Number of Reviews per Paper","group":{"name":"ConfEventPeerReviewInformation","label":"Peer Review Information (provided by the conference organizers)"}},{"value":"3","order":8,"name":"average_number_of_papers_per_reviewer","label":"Average Number of Papers per Reviewer","group":{"name":"ConfEventPeerReviewInformation","label":"Peer Review Information (provided by the conference organizers)"}},{"value":"Yes","order":9,"name":"external_reviewers_involved","label":"External Reviewers Involved","group":{"name":"ConfEventPeerReviewInformation","label":"Peer Review Information (provided by the conference organizers)"}},{"value":"The conference was held virtually due to the COVID-19 pandemic.","order":10,"name":"additional_info_on_review_process","label":"Additional Info on Review Process","group":{"name":"ConfEventPeerReviewInformation","label":"Peer Review Information (provided by the conference organizers)"}},{"value":"This content has been made available to all.","name":"free","label":"Free to read"}]}}