{"status":"ok","message-type":"work","message-version":"1.0.0","message":{"indexed":{"date-parts":[[2026,4,9]],"date-time":"2026-04-09T14:37:29Z","timestamp":1775745449104,"version":"3.50.1"},"reference-count":34,"publisher":"Springer Science and Business Media LLC","issue":"4","license":[{"start":{"date-parts":[[2022,1,6]],"date-time":"2022-01-06T00:00:00Z","timestamp":1641427200000},"content-version":"tdm","delay-in-days":0,"URL":"https:\/\/www.springernature.com\/gp\/researchers\/text-and-data-mining"},{"start":{"date-parts":[[2022,1,6]],"date-time":"2022-01-06T00:00:00Z","timestamp":1641427200000},"content-version":"vor","delay-in-days":0,"URL":"https:\/\/www.springernature.com\/gp\/researchers\/text-and-data-mining"}],"content-domain":{"domain":["link.springer.com"],"crossmark-restriction":false},"short-container-title":["Front. Comput. Sci."],"published-print":{"date-parts":[[2022,8]]},"DOI":"10.1007\/s11704-021-0342-8","type":"journal-article","created":{"date-parts":[[2022,1,6]],"date-time":"2022-01-06T06:02:25Z","timestamp":1641448945000},"update-policy":"https:\/\/doi.org\/10.1007\/springer_crossmark_policy","source":"Crossref","is-referenced-by-count":10,"title":["SeBROP: blind ROP attacks without returns"],"prefix":"10.1007","volume":"16","author":[{"given":"Tianning","family":"Zhang","sequence":"first","affiliation":[],"role":[{"role":"author","vocabulary":"crossref"}]},{"given":"Miao","family":"Cai","sequence":"additional","affiliation":[],"role":[{"role":"author","vocabulary":"crossref"}]},{"given":"Diming","family":"Zhang","sequence":"additional","affiliation":[],"role":[{"role":"author","vocabulary":"crossref"}]},{"given":"Hao","family":"Huang","sequence":"additional","affiliation":[],"role":[{"role":"author","vocabulary":"crossref"}]}],"member":"297","published-online":{"date-parts":[[2022,1,6]]},"reference":[{"issue":"1","key":"342_CR1","doi-asserted-by":"publisher","first-page":"2:1","DOI":"10.1145\/2133375.2133377","volume":"15","author":"R Roemer","year":"2012","unstructured":"Roemer R, Buchanan E, Shacham H, Savage S. Return-oriented programming: systems, languages, and applications. ACM Transactions on Information and System Security, 2012, 15(1): 2:1\u20132:34","journal-title":"ACM Transactions on Information and System Security"},{"key":"342_CR2","unstructured":"Whitehouse, Ollie. An analysis of address space layout randomization on windows vista. Symantec Advanced Threat Research, 2007, 1\u201314"},{"key":"342_CR3","doi-asserted-by":"crossref","unstructured":"Lie D, Thekkath C A, Mitchell M, Lincoln P, Boneh D, Mitchell J C, Horowitz M. Architectural support for copy and tamper resistant software. In: Proceedings of International Conference on Architectural Support for Programming Languages and Operating Systems. 2000, 168\u2013177","DOI":"10.1145\/384264.379237"},{"key":"342_CR4","doi-asserted-by":"crossref","unstructured":"Bittau A, Belay A, Mashtizadeh A J, Mazi\u00e8res D, Boneh D. Hacking blind. In: Proceedings of IEEE Symposium on Security and Privacy. 2014, 227\u2013242","DOI":"10.1109\/SP.2014.22"},{"key":"342_CR5","doi-asserted-by":"crossref","unstructured":"Lu K, Song C, Lee B, Chung S P, Kim T, Lee W. Aslr-guard: Stopping address space leakage for code reuse attacks. In: Proceedings of ACM Conference on Computer and Communications Security. 2015, 280\u2013291","DOI":"10.1145\/2810103.2813694"},{"key":"342_CR6","doi-asserted-by":"crossref","unstructured":"Bosman E, Bos H. Framing signals \u2014 a return to portable shellcode. In: Proceedings of IEEE Symposium on Security and Privacy. 2014, 243\u2013258","DOI":"10.1109\/SP.2014.23"},{"key":"342_CR7","first-page":"63","volume":"98","author":"C Cowan","year":"1998","unstructured":"Cowan C, Pu C, Maier D, et al. Stackguard: automatic adaptive detection and prevention of buffer-overflow attacks. In: Proceedings of USENIX Security Symposium. 1998, 98: 63\u201378","journal-title":"Proceedings of USENIX Security Symposium"},{"key":"342_CR8","doi-asserted-by":"crossref","unstructured":"Kil C, Jun J, Bookholt C, Xu J, Ning P. Address space layout permutation aslp: Towards fine-grained randomization of commodity software. In: Proceedings of Annual Computer Security Applications Conference. 2006, 339\u2013348","DOI":"10.1109\/ACSAC.2006.9"},{"key":"342_CR9","doi-asserted-by":"crossref","unstructured":"Crane S, Liebchen C, Homescu A, Davi L, Larsen P, Sadeghi A, Brunthaler S, Franz M. Readactor: practical code randomization resilient to memory disclosure. In: Proceedings of IEEE Symposium on Security and Privacy. 2015, 763\u2013780","DOI":"10.1109\/SP.2015.52"},{"key":"342_CR10","doi-asserted-by":"crossref","unstructured":"Crane S J, Volckaert S, Schuster F, Liebchen C, Larsen P, Davi L, Sadeghi A, Holz T, Sutter B D, Franz M. It\u2019s a trap: table randomization and protection against function-reuse attacks. In: Proceedings of ACM Conference on Computer and Communications Security. 2015, 243\u2013255","DOI":"10.1145\/2810103.2813682"},{"key":"342_CR11","doi-asserted-by":"crossref","unstructured":"Snow K Z, Monrose F, Davi L, Dmitrienko A, Liebchen C, Sadeghi A. Just-in-time code reuse: on the effectiveness of fine-grained address space layout randomization. In: Proceedings of IEEE Symposium on Security and Privacy. 2013, 574\u2013588","DOI":"10.1109\/SP.2013.45"},{"key":"342_CR12","unstructured":"Maisuradze G, Backes M, Rossow C. What cannot be read, cannot be leveraged? revisiting assumptions of jit-rop defenses. In: Proceedings of USENIX Security Symposium. 2016, 139\u2013156"},{"key":"342_CR13","unstructured":"Bhatkar S, DuVarney D C, Sekar R. Efficient techniques for comprehensive protection from memory error exploits. In: Proceedings of USENIX Security Symposium. 2005, 255\u2013270"},{"key":"342_CR14","doi-asserted-by":"crossref","unstructured":"Davi L V, Dmitrienko A, N\u00fcrnberger S, Sadeghi A. Gadge me if you can: secure and efficient ad-hoc instruction-level randomization for x86 and ARM. In: Proceedings of ACM Symposium on Information, Computer and Communications Security. 2013, 299\u2013310","DOI":"10.1145\/2484313.2484351"},{"key":"342_CR15","doi-asserted-by":"crossref","unstructured":"Wartell R, Mohan V, Hamlen K W, Lin Z. Binary stirring: selfrandomizing instruction addresses of legacy x86 binary code. In: Proceedings of the ACM Conference on Computer and Communications Security. 2012, 157\u2013168","DOI":"10.1145\/2382196.2382216"},{"key":"342_CR16","doi-asserted-by":"crossref","unstructured":"Hiser J, Nguyen-Tuong A, Co M, Hall M, Davidson J W. Ilr: where\u2019d my gadgets go? In: Proceedings of IEEE Symposium on Security and Privacy. 2012, 571\u2013585","DOI":"10.1109\/SP.2012.39"},{"key":"342_CR17","doi-asserted-by":"crossref","unstructured":"Pappas V, Polychronakis M, Keromytis A D. Smashing the gadgets: Hindering return-oriented programming using in-place code randomization. In: Proceedings of IEEE Symposium on Security and Privacy. 2012, 601\u2013615","DOI":"10.1109\/SP.2012.41"},{"key":"342_CR18","doi-asserted-by":"crossref","unstructured":"Backes M, Holz T, Kollenda B, Kopp. P, N\u00fcrnberger S, Pewny J. You can run but you can\u2019t read: preventing disclosure exploits in executable code. In: Proceedings of ACM Conference on Computer and Communications Security. 2014, 1342\u20131353","DOI":"10.1145\/2660267.2660378"},{"key":"342_CR19","unstructured":"Backes M, N\u00fcrnberger S. Oxymoron: Making fine-grained memory randomization practical by allowing code sharing. In: Proceedings of USENIX Security Symposium. 2014, 433\u2013447"},{"key":"342_CR20","unstructured":"Zhang M, Sahita R, Liu D. executable-only-memory switch(xomswitch): Hiding your code from advanced code reuse attacks in one shot. Black Hat Asia, 2018"},{"key":"342_CR21","doi-asserted-by":"crossref","unstructured":"Pomonis M, Petsios T, Keromytis A D, Polychronakis M, Kemerlis V P. kr^x: Comprehensive kernel protection against just-in-time code reuse. In: Proceedings of European Conference on Computer Systems. 2017, 420\u2013436","DOI":"10.1145\/3064176.3064216"},{"key":"342_CR22","doi-asserted-by":"crossref","unstructured":"Tang A, Sethumadhavan S, Stolfo S J. Heisenbyte: thwarting memory disclosure attacks using destructive code reads. In: Proceedings of ACM Conference on Computer and Communications Security. 2015, 256\u2013267","DOI":"10.1145\/2810103.2813685"},{"key":"342_CR23","doi-asserted-by":"crossref","unstructured":"Shacham H, Page M, Pfaff B, Goh E, Modadugu N, Boneh D. On the effectiveness of address-space randomization. In: Proceedings of ACM Conference on Computer and Communications Security. 2004, 298\u2013307","DOI":"10.1145\/1030083.1030124"},{"key":"342_CR24","doi-asserted-by":"crossref","unstructured":"Petsios T, Kemerlis V P, Polychronakis M, Keromytis A D. Dynaguard: Armoring canary-based protections against brute-force attacks. In: Proceedings of Annual Computer Security Applications Conference. 2015, 351\u2013360","DOI":"10.1145\/2818000.2818031"},{"key":"342_CR25","unstructured":"Williams-King D, Gobieski G, Williams-King K, Blake J P, Yuan X, Colp P, Zheng M, Kemerlis V P, Yang J, Aiello W. Shuffler: fast and deployable continuous code re-randomization. In: Proceedings of USENIX Symposium on Operating Systems Design and Implementation. 2016, 367\u2013382"},{"key":"342_CR26","doi-asserted-by":"crossref","unstructured":"Wang Z, Wu C, Li J, Lai Y, Zhang X, Hsu W, Cheng Y. Reranz: A light-weight virtual machine to mitigate memory disclosure attacks. In: Proceedings of ACM SIGPLAN\/SIGOPS International Conference on Virtual Execution Environments. 2017, 143\u2013156","DOI":"10.1145\/3140607.3050752"},{"key":"342_CR27","unstructured":"Giuffrida C, Kuijsten A, Tanenbaum A S. Enhanced operating system security through efficient and fine-grained address space randomization. In: Proceedings of USENIX Security Symposium. 2012, 475\u2013490"},{"key":"342_CR28","doi-asserted-by":"crossref","unstructured":"Lu K, Lee W, N\u00fcrnberger S, Backes M. How to make aslr win the clone wars: runtime re-randomization. In: Proceedings of Annual Network and Distributed System Security Symposium. 2016","DOI":"10.14722\/ndss.2016.23173"},{"key":"342_CR29","doi-asserted-by":"crossref","unstructured":"Abadi M, Budiu M, Erlingsson \u00da, Ligatti J. Control-flow integrity. In: Proceedings of ACM Conference on Computer and Communications Security. 2005, 340\u2013353","DOI":"10.1145\/1102120.1102165"},{"key":"342_CR30","doi-asserted-by":"crossref","unstructured":"Christoulakis N, Christou G, Athanasopoulos E, Ioannidis S. Hcfi: hardware-enforced control-flow integrity. In: Proceedings of ACM Conference on Data and Application Security and Privacy. 2016, 38\u201349","DOI":"10.1145\/2857705.2857722"},{"key":"342_CR31","unstructured":"Pappas V, Polychronakis M, Keromytis A D. Transparent rop exploit mitigation using indirect branch tracing. In: Proceedings of USENIX Security Symposium. 2013, 447\u2013462"},{"key":"342_CR32","doi-asserted-by":"crossref","unstructured":"Cheng Y, Zhou Z, Yu M, Ding X, Deng R H. Ropecker: A generic and practical approach for defending against rop attacks. In: Proceedings of Annual Network and Distributed System Security Symposium. 2014, 1\u201314","DOI":"10.14722\/ndss.2014.23156"},{"key":"342_CR33","unstructured":"Davi L, Sadeghi A, Lehmann D, Monrose F. Stitching the gadgets: on the ineffectiveness of coarse-grained control-flow integrity protection. In: Proceedings of USENIX Security Symposium. 2014, 401\u2013416"},{"key":"342_CR34","doi-asserted-by":"crossref","unstructured":"Kuznetsov V, Szekeres L, Payer M, Candea G, Sekar R, Song D. Codepointer integrity. In: The Continuing Arms Race: Code-Reuse Attacks and Defenses, Code-Pointer Integrity. Association for Computing Machinery and Morgan Claypool, 2018","DOI":"10.1145\/3129743.3129748"}],"container-title":["Frontiers of Computer Science"],"original-title":[],"language":"en","link":[{"URL":"https:\/\/link.springer.com\/content\/pdf\/10.1007\/s11704-021-0342-8.pdf","content-type":"application\/pdf","content-version":"vor","intended-application":"text-mining"},{"URL":"https:\/\/link.springer.com\/article\/10.1007\/s11704-021-0342-8\/fulltext.html","content-type":"text\/html","content-version":"vor","intended-application":"text-mining"},{"URL":"https:\/\/link.springer.com\/content\/pdf\/10.1007\/s11704-021-0342-8.pdf","content-type":"application\/pdf","content-version":"vor","intended-application":"similarity-checking"}],"deposited":{"date-parts":[[2023,9,19]],"date-time":"2023-09-19T21:04:54Z","timestamp":1695157494000},"score":1,"resource":{"primary":{"URL":"https:\/\/link.springer.com\/10.1007\/s11704-021-0342-8"}},"subtitle":[],"short-title":[],"issued":{"date-parts":[[2022,1,6]]},"references-count":34,"journal-issue":{"issue":"4","published-print":{"date-parts":[[2022,8]]}},"alternative-id":["342"],"URL":"https:\/\/doi.org\/10.1007\/s11704-021-0342-8","relation":{},"ISSN":["2095-2228","2095-2236"],"issn-type":[{"value":"2095-2228","type":"print"},{"value":"2095-2236","type":"electronic"}],"subject":[],"published":{"date-parts":[[2022,1,6]]},"assertion":[{"value":"14 July 2020","order":1,"name":"received","label":"Received","group":{"name":"ArticleHistory","label":"Article History"}},{"value":"20 January 2021","order":2,"name":"accepted","label":"Accepted","group":{"name":"ArticleHistory","label":"Article History"}},{"value":"6 January 2022","order":3,"name":"first_online","label":"First Online","group":{"name":"ArticleHistory","label":"Article History"}}],"article-number":"164818"}}