{"status":"ok","message-type":"work","message-version":"1.0.0","message":{"indexed":{"date-parts":[[2025,5,28]],"date-time":"2025-05-28T04:21:21Z","timestamp":1748406081544,"version":"3.41.0"},"publisher-location":"Cham","reference-count":44,"publisher":"Springer International Publishing","isbn-type":[{"type":"print","value":"9783319184661"},{"type":"electronic","value":"9783319184678"}],"license":[{"start":{"date-parts":[[2015,1,1]],"date-time":"2015-01-01T00:00:00Z","timestamp":1420070400000},"content-version":"tdm","delay-in-days":0,"URL":"http:\/\/www.springer.com\/tdm"}],"content-domain":{"domain":["link.springer.com"],"crossmark-restriction":false},"short-container-title":[],"published-print":{"date-parts":[[2015]]},"DOI":"10.1007\/978-3-319-18467-8_29","type":"book-chapter","created":{"date-parts":[[2015,5,8]],"date-time":"2015-05-08T12:12:03Z","timestamp":1431087123000},"page":"431-445","update-policy":"https:\/\/doi.org\/10.1007\/springer_crossmark_policy","source":"Crossref","is-referenced-by-count":0,"title":["Mitigating Code-Reuse Attacks on CISC Architectures in a Hardware Approach"],"prefix":"10.1007","author":[{"given":"Zhijiao","family":"Zhang","sequence":"first","affiliation":[],"role":[{"role":"author","vocabulary":"crossref"}]},{"given":"Yashuai","family":"L\u00fc","sequence":"additional","affiliation":[],"role":[{"role":"author","vocabulary":"crossref"}]},{"given":"Yu","family":"Chen","sequence":"additional","affiliation":[],"role":[{"role":"author","vocabulary":"crossref"}]},{"given":"Yongqiang","family":"L\u00fc","sequence":"additional","affiliation":[],"role":[{"role":"author","vocabulary":"crossref"}]},{"given":"Yuanchun","family":"Shi","sequence":"additional","affiliation":[],"role":[{"role":"author","vocabulary":"crossref"}]}],"member":"297","published-online":{"date-parts":[[2015,5,9]]},"reference":[{"key":"29_CR1","unstructured":"Symantec: Internet Security Threat Report (2014). http:\/\/www.symantec.com\/security_response\/publications\/threatreport.jsp"},{"issue":"49","key":"29_CR2","first-page":"14","volume":"7","author":"A One","year":"1996","unstructured":"One, A.: Smashing the stack for fun and profit. Phrack Magazine 7(49), 14\u201316 (1996)","journal-title":"Phrack Magazine"},{"key":"29_CR3","unstructured":"Scut, T.T.: Exploiting format string vulnerabilities (2001)"},{"key":"29_CR4","unstructured":"Cowan, C., Beattie, S., Johansen, J., Wagle, P.: Pointguard TM: protecting pointers from buffer overflow vulnerabilities. In: Proceedings of the 12th Conference on USENIX Security Symposium, vol. 12, pp. 91\u2013104, August 2003"},{"key":"29_CR5","unstructured":"Cowan, C., Pu, C., Maier, D., Walpole, J., Bakke, P., Beattie, S., Hinton, H: StackGuard: automatic adaptive detection and prevention of buffer-overflow attacks. In: Usenix Security, vol. 98, pp. 63\u201378 (1998)"},{"key":"29_CR6","doi-asserted-by":"crossref","unstructured":"Cowan, C., Wagle, P., Pu, C., Beattie, S., Walpole, J.: Buffer overflows: attacks and defenses for the vulnerability of the decade. In: Proceedings of DARPA Information Survivability Conference and Exposition, DISCEX 2000, vol. 2, pp. 119\u2013129. IEEE (2000)","DOI":"10.1109\/DISCEX.2000.821514"},{"key":"29_CR7","unstructured":"Etoh, H., Yoda, K.: GCC extension for protecting applications from stack-smashing attacks (2014). http:\/\/www.research.ibm.com\/trl\/projects\/security\/ssp\/"},{"key":"29_CR8","unstructured":"Shield, S.: A stack smashing technique protection tool for Linux (2014). http:\/\/www.angelfire.com\/sk\/stackshield\/"},{"key":"29_CR9","unstructured":"Pax Team: Non-executable pages design and implementation. http:\/\/paxgrsecurity.net\/docs\/pageexec.txt"},{"key":"29_CR10","unstructured":"Krahmer, S.: x86-64 buffer overflow exploits and the borrowed code chunks exploitation technique (2005). http:\/\/www.suse.de\/krahmer\/no-nx.pdf"},{"key":"29_CR11","unstructured":"McDonald, J.: Defeating Solaris\/SPARC non-executable stack protection. Bugtraq (1999)"},{"key":"29_CR12","unstructured":"Microsoft. KB 875352: A detailed description of the Data Execution Prevention (DEP) feature in Windows XP Service Pack 2, Windows XP Tablet PC Edition 2005, and Windows Server (2003). http:\/\/support.microsoft.com\/KB\/875352 (September 2006)"},{"key":"29_CR13","unstructured":"Designer, S.: Linux kernel patch from the Openwall project. http:\/\/www.openwall.com\/linux"},{"key":"29_CR14","unstructured":"OpenBSD Foundation. OpenBSD 3.3 release (2003). http:\/\/www.openbsd.org\/33.html"},{"key":"29_CR15","unstructured":"Solar Designer.: Return-to-libc attack. Technical report, bugtraq (1997)"},{"key":"29_CR16","doi-asserted-by":"crossref","unstructured":"Shacham, H.: The geometry of innocent flesh on the bone: Return-into-libc without function calls (on the x86). In: Proceedings of the 14th ACM Conference on Computer and Communications security, pp. 552\u2013561. ACM (2007)","DOI":"10.1145\/1315245.1315313"},{"key":"29_CR17","doi-asserted-by":"crossref","unstructured":"Davi, L., Sadeghi, A.R., Winandy, M.: Dynamic integrity measurement and attestation: towards defense against return-oriented programming attacks.: In: Proceedings of the 2009 ACM Workshop on Scalable Trusted Computing, pp. 49\u201354 (2009)","DOI":"10.1145\/1655108.1655117"},{"key":"29_CR18","series-title":"Lecture Notes in Computer Science","doi-asserted-by":"publisher","first-page":"163","DOI":"10.1007\/978-3-642-10772-6_13","volume-title":"Information Systems Security","author":"P Chen","year":"2009","unstructured":"Chen, P., Xiao, H., Shen, X., Yin, X., Mao, B., Xie, L.: DROP: detecting return-oriented programming malicious code. In: Prakash, A., Sen Gupta, I. (eds.) ICISS 2009. LNCS, vol. 5905, pp. 163\u2013177. Springer, Heidelberg (2009)"},{"key":"29_CR19","doi-asserted-by":"crossref","unstructured":"Li, J., Wang, Z., Jiang, X., Grace, M., Bahram, S.: Defeating return-oriented rootkits with return-less kernels. In: Proceedings of the 5th European Conference on Computer systems, pp. 195\u2013208. ACM (2010)","DOI":"10.1145\/1755913.1755934"},{"key":"29_CR20","doi-asserted-by":"crossref","unstructured":"Bletsch, T., Jiang, X., Freeh, V.W., Liang, Z.: Jump-oriented programming: a new class of code-reuse attack. In: Proceedings of the 6th ACM Symposium on Information, Computer and Communications Security, pp. 30\u201340. ACM (2011)","DOI":"10.1145\/1966913.1966919"},{"key":"29_CR21","doi-asserted-by":"crossref","unstructured":"Checkoway, S., Davi, L., Dmitrienko, A., Sadeghi, A.R., Shacham, H., Winandy, M.: Return-oriented programming without returns. In: Proceedings of the 17th ACM Conference on Computer and Communications Security, pp. 559\u2013572. ACM. (2010)","DOI":"10.1145\/1866307.1866370"},{"key":"29_CR22","doi-asserted-by":"crossref","unstructured":"Chen, P., Xing, X., Mao, B., Xie, L., Shen, X., Yin, X.: Automatic construction of jump-oriented programming shellcode (on the x86). In: Proceedings of the 6th ACM Symposium on Information, Computer and Communications Security, pp. 20\u201329. ACM (2011)","DOI":"10.1145\/1966913.1966918"},{"key":"29_CR23","doi-asserted-by":"crossref","unstructured":"McGregor, J.P., Karig, D.K., Shi, Z., Lee, R.B.: A processor architecture defense against buffer overflow attacks. In: Proceedings of the IEEE International Conference on Information Technology: Research and Education, ITRE 2003, pp. 243\u2013250 (2003)","DOI":"10.1109\/ITRE.2003.1270612"},{"key":"29_CR24","series-title":"Lecture Notes in Computer Science","doi-asserted-by":"publisher","first-page":"237","DOI":"10.1007\/978-3-540-39881-3_21","volume-title":"Security in Pervasive Computing","author":"RB Lee","year":"2004","unstructured":"Lee, R.B., Karig, D.K., McGregor, J.P., Shi, Z.: Enlisting hardware architecture to thwart malicious code injection. In: Hutter, D., M\u00fcller, G., Stephan, W., Ullmann, M. (eds.) Security in Pervasive Computing. LNCS, vol. 2802, pp. 237\u2013252. Springer, Heidelberg (2004)"},{"key":"29_CR25","doi-asserted-by":"crossref","unstructured":"Davi, L., Sadeghi, A.R., Winandy, M.: ROPdefender: A detection tool to defend against return-oriented programming attacks. In: Proceedings of the 6th ACM Symposium on Information, Computer and Communications Security, pp. 40\u201351. ACM (2011)","DOI":"10.1145\/1966913.1966920"},{"key":"29_CR26","unstructured":"Xu, J., Kalbarczyk, Z., Patel, S., Iyer, R.K.: Architecture support for defending against buffer overflow attacks. In: Workshop on Evaluating and Architecting Systems for Dependability (2002)"},{"key":"29_CR27","doi-asserted-by":"crossref","unstructured":"Davi, L., Sadeghi, A.R., Winandy, M.: ROPdefender: A detection tool to defend against return-oriented programming attacks. In: Proceedings of the 6th ACM Symposium on Information, Computer and Communications Security. pp. 40\u201351. ACM. (2011)","DOI":"10.1145\/1966913.1966920"},{"key":"29_CR28","doi-asserted-by":"crossref","unstructured":"Francillon, A., Perito, D., Castelluccia, C.: Defending embedded systems against control flow attacks. In: Proceedings of the first ACM Workshop on Secure Execution of Untrusted Code, pp. 19\u201326. ACM (2009)","DOI":"10.1145\/1655077.1655083"},{"key":"29_CR29","series-title":"Lecture Notes in Computer Science","doi-asserted-by":"publisher","first-page":"140","DOI":"10.1007\/978-3-642-17714-9_11","volume-title":"Information Systems Security","author":"P Chen","year":"2010","unstructured":"Chen, P., Xing, X., Han, H., Mao, B., Xie, L.: Efficient detection of the return-oriented programming malicious code. In: Jha, S., Mathuria, A. (eds.) ICISS 2010. LNCS, vol. 6503, pp. 140\u2013155. Springer, Heidelberg (2010)"},{"key":"29_CR30","doi-asserted-by":"crossref","unstructured":"Kayaalp, M., Ozsoy, M., Abu-Ghazaleh, N., Ponomarev, D.: Branch regulation: Low-overhead protection from code reuse attacks. In: International Symposium on Computer Architecture (ISCA) (2012)","DOI":"10.1109\/ISCA.2012.6237009"},{"key":"29_CR31","doi-asserted-by":"crossref","unstructured":"Hiser, J., Nguyen-Tuong, A., Co, M., Hall, M., Davidson, J.W.: ILR: Where\u2019d my gadgets go? In: IEEE Symposium on Security and Privacy, pp. 571\u2013585. IEEE (2012)","DOI":"10.1109\/SP.2012.39"},{"key":"29_CR32","doi-asserted-by":"crossref","unstructured":"Pappas, V., Polychronakis, M., Keromytis, A.D.: Smashing the gadgets: Hindering return-oriented programming using in-place code randomization. In: IEEE Symposium on Security and Privacy (SP), pp. 601\u2013615 (2012)","DOI":"10.1109\/SP.2012.41"},{"key":"29_CR33","doi-asserted-by":"crossref","unstructured":"Onarlioglu, K., Bilge, L., Lanzi, A., Balzarotti, D., Kirda, E.: G-Free: defeating return-oriented programming through gadget-less binaries. In: Proceedings of the 26th Annual Computer Security Applications Conference (ACSAC), pp. 49\u201358. ACM (2010)","DOI":"10.1145\/1920261.1920269"},{"key":"29_CR34","doi-asserted-by":"crossref","unstructured":"Huang, Z., Zheng, T., Shi, Y., Li, A.: A Dynamic detection method against ROP and JOP. In: International Conference on Systems and Informatics (ICSAI) (2012)","DOI":"10.1109\/ICSAI.2012.6223219"},{"key":"29_CR35","series-title":"Lecture Notes in Computer Science","doi-asserted-by":"publisher","first-page":"1","DOI":"10.1007\/978-3-319-04897-0_1","volume-title":"Engineering Secure Software and Systems","author":"ER Jacobson","year":"2014","unstructured":"Jacobson, E.R., Bernat, A.R., Williams, W.R., Miller, B.P.: Detecting code reuse attacks with a model of conformant program execution. In: J\u00fcrjens, J., Piessens, F., Bielova, N. (eds.) ESSoS. LNCS, vol. 8364, pp. 1\u201318. Springer, Heidelberg (2014)"},{"key":"29_CR36","doi-asserted-by":"crossref","unstructured":"Bletsch, T., Jiang, X., Freeh, V.: Mitigating code-reuse attacks with control-flow locking. In: Proceedings of the 27th Annual Computer Security Applications Conference, pp. 353\u2013362. ACM (2011)","DOI":"10.1145\/2076732.2076783"},{"key":"29_CR37","unstructured":"University of Virginia, Pin. http:\/\/www.cs.virginia.edu\/kim\/publicity\/pin"},{"key":"29_CR38","unstructured":"Kayaalp, M., Schmitt, T., Nomani, J., Ponomarev, D., Abu-Ghazaleh, N.: SCRAP: Architecture for signature-based protection from code reuse attacks. In: IEEE 19th International Symposium on High Performance Computer Architecture (HPCA), pp. 258\u2013269, February 23-27, 2013"},{"key":"29_CR39","unstructured":"McCamant, S., Morrisett, G.: Efficient, verifiable binary sandboxing for a CISC architecture. In: MIT Technical Report. MIT-CSAIL-TR-2005-030 (2005)"},{"key":"29_CR40","doi-asserted-by":"crossref","unstructured":"Yee, B., Sehr, D., Dardyk, G., Chen, J.B., Muth, R., Ormandy, T., Fullagar, N.: Native client: A sandbox for portable, untrusted x86 native code. In: 30th IEEE Symposium on Security and Privacy, vol. 53(1), pp. 79\u201393 (2009)","DOI":"10.1109\/SP.2009.25"},{"key":"29_CR41","unstructured":"Intel Corporation: Intel 64 and IA-32 Architectures Software Developer\u2019s Manual, vol. 2 (2013)"},{"key":"29_CR42","unstructured":"Udis86 Disassembler Library for x86\/x86-64. http:\/\/udis86.sourceforgenet\/"},{"key":"29_CR43","doi-asserted-by":"crossref","unstructured":"Binkert, N., Beckmann, B., Black, G., Reinhardt, S.K., Saidi, A., Basu, A., Wood, D.A.: The gem5 simulator. Computer Architecture News 39, 1\u20137 (2011)","DOI":"10.1145\/2024716.2024718"},{"key":"29_CR44","doi-asserted-by":"crossref","unstructured":"Henning, J.L.: Spec cpu2006 benchmark descriptions. ACM SIGARCH Computer Architecture News, 1\u201317 (2006)","DOI":"10.1145\/1186736.1186737"}],"container-title":["IFIP Advances in Information and Communication Technology","ICT Systems Security and Privacy Protection"],"original-title":[],"language":"en","link":[{"URL":"http:\/\/link.springer.com\/content\/pdf\/10.1007\/978-3-319-18467-8_29","content-type":"unspecified","content-version":"vor","intended-application":"similarity-checking"}],"deposited":{"date-parts":[[2025,5,27]],"date-time":"2025-05-27T21:22:32Z","timestamp":1748380952000},"score":1,"resource":{"primary":{"URL":"http:\/\/link.springer.com\/10.1007\/978-3-319-18467-8_29"}},"subtitle":[],"short-title":[],"issued":{"date-parts":[[2015]]},"ISBN":["9783319184661","9783319184678"],"references-count":44,"URL":"https:\/\/doi.org\/10.1007\/978-3-319-18467-8_29","relation":{},"ISSN":["1868-4238","1868-422X"],"issn-type":[{"type":"print","value":"1868-4238"},{"type":"electronic","value":"1868-422X"}],"subject":[],"published":{"date-parts":[[2015]]},"assertion":[{"value":"9 May 2015","order":1,"name":"first_online","label":"First Online","group":{"name":"ChapterHistory","label":"Chapter History"}}]}}