{"status":"ok","message-type":"work","message-version":"1.0.0","message":{"indexed":{"date-parts":[[2025,7,27]],"date-time":"2025-07-27T07:40:17Z","timestamp":1753602017339,"version":"3.40.3"},"publisher-location":"Cham","reference-count":43,"publisher":"Springer International Publishing","isbn-type":[{"type":"print","value":"9783030526825"},{"type":"electronic","value":"9783030526832"}],"license":[{"start":{"date-parts":[[2020,1,1]],"date-time":"2020-01-01T00:00:00Z","timestamp":1577836800000},"content-version":"tdm","delay-in-days":0,"URL":"http:\/\/www.springer.com\/tdm"},{"start":{"date-parts":[[2020,1,1]],"date-time":"2020-01-01T00:00:00Z","timestamp":1577836800000},"content-version":"vor","delay-in-days":0,"URL":"http:\/\/www.springer.com\/tdm"}],"content-domain":{"domain":["link.springer.com"],"crossmark-restriction":false},"short-container-title":[],"published-print":{"date-parts":[[2020]]},"DOI":"10.1007\/978-3-030-52683-2_13","type":"book-chapter","created":{"date-parts":[[2020,7,6]],"date-time":"2020-07-06T23:19:19Z","timestamp":1594077559000},"page":"259-279","update-policy":"https:\/\/doi.org\/10.1007\/springer_crossmark_policy","source":"Crossref","is-referenced-by-count":7,"title":["Efficient Context-Sensitive CFI Enforcement Through a Hardware Monitor"],"prefix":"10.1007","author":[{"given":"Sadullah","family":"Canakci","sequence":"first","affiliation":[]},{"given":"Leila","family":"Delshadtehrani","sequence":"additional","affiliation":[]},{"given":"Boyou","family":"Zhou","sequence":"additional","affiliation":[]},{"given":"Ajay","family":"Joshi","sequence":"additional","affiliation":[]},{"given":"Manuel","family":"Egele","sequence":"additional","affiliation":[]}],"member":"297","published-online":{"date-parts":[[2020,7,7]]},"reference":[{"key":"13_CR1","unstructured":"bu-icsg. \nhttps:\/\/github.com\/bu-icsg\/PHMon\n\n. Accessed 10 Feb 2020"},{"key":"13_CR2","unstructured":"uCFI-GATech. \ngithub.com\/uCFI-GATech\/ucfi-compiler\/commit\/6502e1c\n\n. Accessed 10 Feb 2020"},{"key":"13_CR3","unstructured":"uCFI-GATech. \ngithub.com\/uCFI-GATech\/ucfi-monitor\/commit\/8787121\n\n. Accessed 10 Feb 2020"},{"key":"13_CR4","unstructured":"uCFI-GATech. \ngithub.com\/uCFI-GATech\/ucfi-kernel\/commit\/08a15f7\n\n. Accessed 10 Feb 2020"},{"key":"13_CR5","unstructured":"Intel memory protection extensions (2013). \nhttps:\/\/software.intel.com\/en-us\/articles\/introduction-to-intel-memory-protection-extensions"},{"key":"13_CR6","unstructured":"Intel control-flow enforcement technology (2019). \nsoftware.intel.com\/sites\/default\/files\/managed\/4d\/2a\/control-flow-enforcement-technology-preview.pdf\n\n. Accessed 10 Feb 2020"},{"issue":"1","key":"13_CR7","doi-asserted-by":"publisher","first-page":"1","DOI":"10.1145\/1609956.1609960","volume":"13","author":"M Abadi","year":"2009","unstructured":"Abadi, M., Budiu, M., Erlingsson, \u00da., Ligatti, J.: Control-flow integrity principles, implementations, and applications. ACM Trans. Inf. Syst. Secur. (TISSEC) 13(1), 1\u201340 (2009)","journal-title":"ACM Trans. Inf. Syst. Secur. (TISSEC)"},{"key":"13_CR8","unstructured":"Andersen, S.: Changes to functionality in Microsoft windows XP service pack 2 part 3: memory protection technologies (2004)"},{"key":"13_CR9","unstructured":"Asanovi\u0107, K., et al.: The rocket chip generator. Technical report, EECS Department, UC Berkeley (2016)"},{"issue":"1","key":"13_CR10","doi-asserted-by":"publisher","first-page":"1","DOI":"10.1145\/3054924","volume":"50","author":"N Burow","year":"2017","unstructured":"Burow, N., et al.: Control-flow integrity: precision, security, and performance. ACM Comput. Surv. (CSUR) 50(1), 1\u201333 (2017)","journal-title":"ACM Comput. Surv. (CSUR)"},{"key":"13_CR11","unstructured":"Carlini, N., Wagner, D.: ROP is still dangerous: breaking modern defenses. In: Proceedings of the USENIX Security Symposium (2014)"},{"key":"13_CR12","doi-asserted-by":"crossref","unstructured":"Checkoway, S., Davi, L., Dmitrienko, A., Sadeghi, A.R., Shacham, H., Winandy, M.: Return-oriented programming without returns. In: Proceedings of the Conference on Computer and Communications Security, CCS (2010)","DOI":"10.1145\/1866307.1866370"},{"key":"13_CR13","doi-asserted-by":"crossref","unstructured":"Cheng, Y., Zhou, Z., Miao, Y., Ding, X., Deng, H.R.: ROPecker: a generic and practical approach for defending against ROP attacks. In: Symposium on Network and Distributed System Security, NDSS (2014)","DOI":"10.14722\/ndss.2014.23156"},{"key":"13_CR14","doi-asserted-by":"crossref","unstructured":"Christoulakis, N., Christou, G., Athanasopoulos, E., Ioannidis, S.: HCFI: hardware-enforced control-flow integrity. In: Proceedings of the Sixth Conference on Data and Application Security and Privacy, CODASPY (2016)","DOI":"10.1145\/2857705.2857722"},{"key":"13_CR15","unstructured":"Cui, W., et al.: REPT: reverse debugging of failures in deployed software. In: Proceedings of the USENIX Symposium on Operating Systems Design and Implementation, OSDI (2018)"},{"key":"13_CR16","doi-asserted-by":"crossref","unstructured":"Dang, T.H., Maniatis, P., Wagner, D.: The performance cost of shadow stacks and stack canaries. In: Proceedings of the ACM Symposium on Information, Computer and Communications Security, ASIA CCS (2015)","DOI":"10.1145\/2714576.2714635"},{"key":"13_CR17","doi-asserted-by":"crossref","unstructured":"Davi, L., et al.: HAFIX: hardware-assisted flow integrity extension. In: Proceedings of the Design Automation Conference, DAC (2015)","DOI":"10.1145\/2744769.2744847"},{"issue":"1","key":"13_CR18","doi-asserted-by":"publisher","first-page":"92","DOI":"10.1109\/LCA.2017.2784416","volume":"17","author":"L Delshadtehrani","year":"2018","unstructured":"Delshadtehrani, L., Eldridge, S., Canakci, S., Egele, M., Joshi, A.: Nile: a programmable monitoring coprocessor. IEEE Comput. Archit. Lett. 17(1), 92\u201395 (2018)","journal-title":"IEEE Comput. Archit. Lett."},{"key":"13_CR19","unstructured":"Delshadtehrani, L., Canakci, S., Zhou, B., Eldridge, S., Joshi, A., Egele, M.: Phmon: a programmable hardware monitor and its security use cases. In: Proceedings of the USENIX Security Symposium (2020)"},{"key":"13_CR20","unstructured":"Ding, R., Qian, C., Song, C., Harris, B., Kim, T., Lee, W.: Efficient protection of path-sensitive control security. In: Proceedings of the USENIX Security Symposium (2017)"},{"key":"13_CR21","doi-asserted-by":"crossref","unstructured":"Ge, X., Cui, W., Jaeger, T.: Griffin: guarding control flows using intel processor trace. In: Proceedings of the International Conference on Architectural Support for Programming Languages and Operating Systems, ASPLOS (2017)","DOI":"10.1145\/3037697.3037716"},{"key":"13_CR22","doi-asserted-by":"crossref","unstructured":"Gu, Y., Zhao, Q., Zhang, Y., Lin, Z.: PT-CFI: transparent backward-edge control flow violation detection using intel processor trace. In: Proceedings of the Conference on Data and Application Security and Privacy, CODASPY (2017)","DOI":"10.1145\/3029806.3029830"},{"issue":"4","key":"13_CR23","doi-asserted-by":"publisher","first-page":"1","DOI":"10.1145\/1186736.1186737","volume":"34","author":"JL Henning","year":"2006","unstructured":"Henning, J.L.: SPEC CPU2006 benchmark descriptions. ACM SIGARCH Comput. Archit. News 34(4), 1\u201317 (2006)","journal-title":"ACM SIGARCH Comput. Archit. News"},{"key":"13_CR24","doi-asserted-by":"crossref","unstructured":"Hu, H., et al.: Enforcing unique code target property for control-flow integrity. In: Proceedings of the Conference on Computer and Communications Security, CCS (2018)","DOI":"10.1145\/3243734.3243797"},{"key":"13_CR25","doi-asserted-by":"crossref","unstructured":"Huang, W., Huang, Z., Miyani, D., Lie, D.: LMP: light-weighted memory protection with hardware assistance. In: Proceedings of the Annual Conference on Computer Security Applications, ACSAC (2016)","DOI":"10.1145\/2991079.2991089"},{"key":"13_CR26","doi-asserted-by":"crossref","unstructured":"Kasikci, B., Schubert, B., Pereira, C., Pokam, G., Candea, G.: Failure sketching: a technique for automated root cause diagnosis of in-production failures. In: Proceedings of the Symposium on Operating Systems Principles, SOSP (2015)","DOI":"10.1145\/2815400.2815412"},{"key":"13_CR27","doi-asserted-by":"crossref","unstructured":"Khandaker, M., Naser, A., Liu, W., Wang, Z., Zhou, Y., Cheng, Y.: Adaptive call-site sensitive control flow integrity. In: Proceedings of the European Symposium on Security and Privacy, EuroS&P (2019)","DOI":"10.1109\/EuroSP.2019.00017"},{"key":"13_CR28","unstructured":"Khandaker, M.R., Liu, W., Naser, A., Wang, Z., Yang, J.: Origin-sensitive control flow integrity. In: Proceedings of the USENIX Security Symposium (2019)"},{"key":"13_CR29","doi-asserted-by":"crossref","unstructured":"Liu, Y., Shi, P., Wang, X., Chen, H., Zang, B., Guan, H.: Transparent and efficient CFI enforcement with intel processor trace. In: Proceedings of the International Symposium on High Performance Computer Architecture (HPCA), HPCA (2017)","DOI":"10.1109\/HPCA.2017.18"},{"issue":"2","key":"13_CR30","doi-asserted-by":"publisher","first-page":"1","DOI":"10.1145\/3224423","volume":"2","author":"O Oleksenko","year":"2018","unstructured":"Oleksenko, O., Kuvaiskii, D., Bhatotia, P., Felber, P., Fetzer, C.: Intel MPX explained: a cross-layer analysis of the intel MPX system stack. Proc. ACM Meas. Anal. Comput. Syst. 2(2), 1\u201330 (2018)","journal-title":"Proc. ACM Meas. Anal. Comput. Syst."},{"key":"13_CR31","unstructured":"Pappas, V., Polychronakis, M., Keromytis, A.D.: Transparent ROP exploit mitigation using indirect branch tracing. In: Proceedings of the USENIX Security Symposium (2013)"},{"key":"13_CR32","unstructured":"Reinders, J.: Processor tracing, June 2017. \nhttps:\/\/software.intel.com\/en-us\/blogs\/2013\/09\/18\/processor-tracing"},{"key":"13_CR33","unstructured":"Digilent\u2019s ZedBoard Zynq FPGA (2017). \nhttp:\/\/www.digilentinc.com\/Products\/Detail.cfm?Prod=ZEDBOARD\/\n\n. Accessed 10 Feb 2020"},{"key":"13_CR34","unstructured":"Intel Corporation: Intel 64 and IA-32 architectures software developer\u2019s manual. System Programming Guide, vol. 3 (3A, 3B, 3C & 3D) (2016)"},{"issue":"1","key":"13_CR35","doi-asserted-by":"publisher","first-page":"1","DOI":"10.1145\/2133375.2133377","volume":"15","author":"R Roemer","year":"2012","unstructured":"Roemer, R., Buchanan, E., Shacham, H., Savage, S.: Return-oriented programming: systems, languages, and applications. ACM Trans. Inf. Syst. Secur. (TISSEC) 15(1), 1\u201334 (2012)","journal-title":"ACM Trans. Inf. Syst. Secur. (TISSEC)"},{"key":"13_CR36","doi-asserted-by":"crossref","unstructured":"Schuster, F., Tendyck, T., Liebchen, C., Davi, L., Sadeghi, A.R., Holz, T.: Counterfeit object-oriented programming: on the difficulty of preventing code reuse attacks in C++ applications. In: Proceedings of the Symposium on Security and Privacy, S&P (2015)","DOI":"10.1109\/SP.2015.51"},{"key":"13_CR37","doi-asserted-by":"crossref","unstructured":"Sullivan, D., Arias, O., Davi, L., Larsen, P., Sadeghi, A., Jin, Y.: Strategy without tactics: policy-agnostic hardware-enhanced control-flow integrity. In: Proceedings of the Design Automation Conference, DAC (2016)","DOI":"10.1145\/2897937.2898098"},{"key":"13_CR38","doi-asserted-by":"crossref","unstructured":"Thalheim, J., Bhatotia, P., Fetzer, C.: Inspector: data provenance using intel processor trace (PT). In: International Conference on Distributed Computing Systems (ICDCS) (2016)","DOI":"10.1109\/ICDCS.2016.86"},{"key":"13_CR39","doi-asserted-by":"crossref","unstructured":"Theodorides, M., Wagner, D.: Breaking active-set backward-edge CFI. In: International Symposium on Hardware Oriented Security and Trust, HOST (2017)","DOI":"10.1109\/HST.2017.7951803"},{"key":"13_CR40","doi-asserted-by":"crossref","unstructured":"van der Veen, V., et al.: Practical context-sensitive CFI. In: Proceedings of the Conference on Computer and Communications Security, CCS (2015)","DOI":"10.1145\/2810103.2813673"},{"key":"13_CR41","doi-asserted-by":"crossref","unstructured":"Yuan, P., Zeng, Q., Ding, X.: Hardware-assisted fine-grained code-reuse attack detection. In: Proceedings of the International Symposium on Research in Attacks, Intrusions, and Defenses, RAID (2015)","DOI":"10.1007\/978-3-319-26362-5_4"},{"key":"13_CR42","unstructured":"Xia, Y., Liu, Y., Chen, H., Zang, B.: CFIMon: detecting violation of control flow integrity using performance counters. In: IEEE\/IFIP International Conference on Dependable Systems and Networks, DSN (2012)"},{"key":"13_CR43","unstructured":"Zhang, M., Sekar, R.: Control flow integrity for COTS binaries. In: Proceedings of the USENIX Security Symposium (2013)"}],"container-title":["Lecture Notes in Computer Science","Detection of Intrusions and Malware, and Vulnerability Assessment"],"original-title":[],"language":"en","link":[{"URL":"http:\/\/link.springer.com\/content\/pdf\/10.1007\/978-3-030-52683-2_13","content-type":"unspecified","content-version":"vor","intended-application":"similarity-checking"}],"deposited":{"date-parts":[[2020,7,7]],"date-time":"2020-07-07T00:06:58Z","timestamp":1594080418000},"score":1,"resource":{"primary":{"URL":"http:\/\/link.springer.com\/10.1007\/978-3-030-52683-2_13"}},"subtitle":[],"short-title":[],"issued":{"date-parts":[[2020]]},"ISBN":["9783030526825","9783030526832"],"references-count":43,"URL":"https:\/\/doi.org\/10.1007\/978-3-030-52683-2_13","relation":{},"ISSN":["0302-9743","1611-3349"],"issn-type":[{"type":"print","value":"0302-9743"},{"type":"electronic","value":"1611-3349"}],"subject":[],"published":{"date-parts":[[2020]]},"assertion":[{"value":"7 July 2020","order":1,"name":"first_online","label":"First Online","group":{"name":"ChapterHistory","label":"Chapter History"}},{"value":"DIMVA","order":1,"name":"conference_acronym","label":"Conference Acronym","group":{"name":"ConferenceInfo","label":"Conference Information"}},{"value":"International Conference on Detection of Intrusions and Malware, and Vulnerability Assessment","order":2,"name":"conference_name","label":"Conference Name","group":{"name":"ConferenceInfo","label":"Conference Information"}},{"value":"Lisbon","order":3,"name":"conference_city","label":"Conference City","group":{"name":"ConferenceInfo","label":"Conference Information"}},{"value":"Portugal","order":4,"name":"conference_country","label":"Conference Country","group":{"name":"ConferenceInfo","label":"Conference Information"}},{"value":"2020","order":5,"name":"conference_year","label":"Conference Year","group":{"name":"ConferenceInfo","label":"Conference Information"}},{"value":"24 June 2020","order":7,"name":"conference_start_date","label":"Conference Start Date","group":{"name":"ConferenceInfo","label":"Conference Information"}},{"value":"26 June 2020","order":8,"name":"conference_end_date","label":"Conference End Date","group":{"name":"ConferenceInfo","label":"Conference Information"}},{"value":"17","order":9,"name":"conference_number","label":"Conference Number","group":{"name":"ConferenceInfo","label":"Conference Information"}},{"value":"dimva2020","order":10,"name":"conference_id","label":"Conference ID","group":{"name":"ConferenceInfo","label":"Conference Information"}},{"value":"https:\/\/dimva2020.campus.ciencias.ulisboa.pt\/index.html","order":11,"name":"conference_url","label":"Conference URL","group":{"name":"ConferenceInfo","label":"Conference Information"}},{"value":"Double-blind","order":1,"name":"type","label":"Type","group":{"name":"ConfEventPeerReviewInformation","label":"Peer Review Information (provided by the conference organizers)"}},{"value":"Hotcrp","order":2,"name":"conference_management_system","label":"Conference Management System","group":{"name":"ConfEventPeerReviewInformation","label":"Peer Review Information (provided by the conference organizers)"}},{"value":"45","order":3,"name":"number_of_submissions_sent_for_review","label":"Number of Submissions Sent for Review","group":{"name":"ConfEventPeerReviewInformation","label":"Peer Review Information (provided by the conference organizers)"}},{"value":"12","order":4,"name":"number_of_full_papers_accepted","label":"Number of Full Papers Accepted","group":{"name":"ConfEventPeerReviewInformation","label":"Peer Review Information (provided by the conference organizers)"}},{"value":"1","order":5,"name":"number_of_short_papers_accepted","label":"Number of Short Papers Accepted","group":{"name":"ConfEventPeerReviewInformation","label":"Peer Review Information (provided by the conference organizers)"}},{"value":"27% - The value is computed by the equation \"Number of Full Papers Accepted \/ Number of Submissions Sent for Review * 100\" and then rounded to a whole number.","order":6,"name":"acceptance_rate_of_full_papers","label":"Acceptance Rate of Full Papers","group":{"name":"ConfEventPeerReviewInformation","label":"Peer Review Information (provided by the conference organizers)"}},{"value":"3","order":7,"name":"average_number_of_reviews_per_paper","label":"Average Number of Reviews per Paper","group":{"name":"ConfEventPeerReviewInformation","label":"Peer Review Information (provided by the conference organizers)"}},{"value":"3","order":8,"name":"average_number_of_papers_per_reviewer","label":"Average Number of Papers per Reviewer","group":{"name":"ConfEventPeerReviewInformation","label":"Peer Review Information (provided by the conference organizers)"}},{"value":"Yes","order":9,"name":"external_reviewers_involved","label":"External Reviewers Involved","group":{"name":"ConfEventPeerReviewInformation","label":"Peer Review Information (provided by the conference organizers)"}},{"value":"The conference was held virtually due to the COVID-19 pandemic.","order":10,"name":"additional_info_on_review_process","label":"Additional Info on Review Process","group":{"name":"ConfEventPeerReviewInformation","label":"Peer Review Information (provided by the conference organizers)"}},{"value":"This content has been made available to all.","name":"free","label":"Free to read"}]}}