{"status":"ok","message-type":"work","message-version":"1.0.0","message":{"indexed":{"date-parts":[[2025,8,28]],"date-time":"2025-08-28T00:02:09Z","timestamp":1756339329492,"version":"3.44.0"},"reference-count":37,"publisher":"IEEE","license":[{"start":{"date-parts":[[2025,8,4]],"date-time":"2025-08-04T00:00:00Z","timestamp":1754265600000},"content-version":"stm-asf","delay-in-days":0,"URL":"https:\/\/doi.org\/10.15223\/policy-029"},{"start":{"date-parts":[[2025,8,4]],"date-time":"2025-08-04T00:00:00Z","timestamp":1754265600000},"content-version":"stm-asf","delay-in-days":0,"URL":"https:\/\/doi.org\/10.15223\/policy-037"}],"content-domain":{"domain":[],"crossmark-restriction":false},"short-container-title":[],"published-print":{"date-parts":[[2025,8,4]]},"DOI":"10.1109\/csr64739.2025.11130175","type":"proceedings-article","created":{"date-parts":[[2025,8,26]],"date-time":"2025-08-26T19:04:27Z","timestamp":1756235067000},"page":"9-16","source":"Crossref","is-referenced-by-count":0,"title":["Reimagining the Usermode Process Space by Utilizing Hardware-Enforced Sub-Process Isolation"],"prefix":"10.1109","author":[{"given":"Mark","family":"Nelson","sequence":"first","affiliation":[{"name":"University of Hawai‘i at Mānoa,Information and Computer Sciences,Honolulu,Hawaii"}]},{"given":"Mehdi","family":"Mirakhorli","sequence":"additional","affiliation":[{"name":"University of Hawai‘i at Mānoa,Information and Computer Sciences,Honolulu,Hawaii"}]}],"member":"263","reference":[{"key":"ref1","doi-asserted-by":"publisher","DOI":"10.1145\/775265.775268"},{"key":"ref2","doi-asserted-by":"publisher","DOI":"10.1145\/361268.361275"},{"key":"ref3","doi-asserted-by":"publisher","DOI":"10.1016\/0165-6074(87)90234-1"},{"article-title":"Donky: Domain keys-efficient in-process isolation for RISC-V and x86","volume-title":"Proceedings of the 29th USENIX Conference on Security Symposium, ser. SEC\u201920. USA: USENIX Association","author":"Schrammel","key":"ref4"},{"key":"ref5","first-page":"1221","article-title":"ERIM: Secure, efficient in-process isolation with protection keys (MPK)","volume-title":"Proceedings of the 28th USENIX Conference on Security Symposium, ser. SEC\u201919. USA: USENIX Association","volume":"2019","author":"Vahldiek-Oberwagner"},{"issue":"1","key":"ref6","doi-asserted-by":"crossref","DOI":"10.1145\/2133375.2133377","article-title":"Return-oriented programming: Systems, languages, and applications","volume":"15","author":"Roemer","year":"2012","journal-title":"ACM Trans. Inf. Syst. Secur"},{"key":"ref7","doi-asserted-by":"publisher","DOI":"10.1109\/TDSC.2022.3192524"},{"key":"ref8","first-page":"83","article-title":"IMIX: In-process memory isolation extension","volume-title":"Proceedings of the 27th USENIX Conference on Security Symposium, ser. SEC\u201918. USA: USENIX Association","volume":"2018","author":"Frassetto"},{"key":"ref9","article-title":"Intel x86 considered harmful","author":"Rutkowska","year":"2015","journal-title":"The Invisible Things Lab"},{"key":"ref10","first-page":"83","article-title":"Memory safety for low-level software\/hardware interactions","volume-title":"Proceedings of the 18th Conference on USENIX Security Symposium, ser. SSYM\u201909. USA: USENIX Association","volume":"2009","author":"Criswell"},{"key":"ref11","article-title":"The case for memory safe roadmaps: Why both C-suite executives and technical experts need to take memory safe coding seriously","volume-title":"CISA: Cybersecurity and Infrastructure Security Agency, Tech. Rep","author":"CISA","year":"2023"},{"key":"ref12","doi-asserted-by":"publisher","DOI":"10.1109\/ACCESS.2024.3380478"},{"key":"ref13","doi-asserted-by":"publisher","DOI":"10.1145\/3708553"},{"key":"ref14","doi-asserted-by":"publisher","DOI":"10.6028\/NIST.CSWP.01262018"},{"article-title":"Safe loading and efficient runtime confinement: A foundation for secure execution","year":"2012","author":"Payer","key":"ref15"},{"key":"ref16","doi-asserted-by":"publisher","DOI":"10.1109\/5992.947112"},{"key":"ref17","article-title":"mu Tiles: Efficient intraprocess privilege enforcement of memory regions","author":"Tarkhani","year":"2020","journal-title":"arXiv preprint arXiv:2004.04846"},{"article-title":"Intra-process least privilege and isolation for emerging applications","year":"2019","author":"Melara","key":"ref18"},{"article-title":"Improved architectures for secure intra-process isolation","year":"2021","author":"Connor","key":"ref19"},{"key":"ref20","doi-asserted-by":"publisher","DOI":"10.1145\/3633500.3633507"},{"key":"ref21","doi-asserted-by":"publisher","DOI":"10.1145\/3317550.3321427"},{"key":"ref22","article-title":"Highly evasive attacker leverages solarwinds supply chain to compromise multiple global victims with sunburst backdoor","author":"Archer","year":"2020","journal-title":"FireEye Threat Research"},{"key":"ref23","doi-asserted-by":"publisher","DOI":"10.1145\/605397.605429"},{"key":"ref24","doi-asserted-by":"publisher","DOI":"10.1145\/3533704"},{"key":"ref25","doi-asserted-by":"publisher","DOI":"10.1109\/MSEC.2024.3396701"},{"article-title":"Dasics: Enhancing memory protection with dynamic compartmentalization","year":"2023","author":"Jin","key":"ref26"},{"article-title":"Arm Architecture Reference Manual for Armv8, for Armv8-A Architecture Profile","year":"2019","author":"Limited","key":"ref27"},{"key":"ref28","doi-asserted-by":"publisher","DOI":"10.1109\/ICICCS.2016.7542322"},{"key":"ref29","doi-asserted-by":"publisher","DOI":"10.1109\/Trustcom.2015.357"},{"key":"ref30","doi-asserted-by":"publisher","DOI":"10.1145\/2487726.2488370"},{"key":"ref31","first-page":"645","article-title":"Graphene-SGX: A practical library os for unmodified applications on SGX","volume-title":"2017 USENIX Annual Technical Conference","volume":"17","author":"Tsai"},{"key":"ref32","doi-asserted-by":"publisher","DOI":"10.1145\/3075564.3075572"},{"key":"ref33","doi-asserted-by":"publisher","DOI":"10.1145\/3373376.3378469"},{"key":"ref35","first-page":"62","article-title":"A status update: The common weaknesses enumeration","author":"Martin","year":"2006","journal-title":"Proc. of the Static Analysis Summit (NIST Special Publication 500-262)"},{"key":"ref37","doi-asserted-by":"publisher","DOI":"10.1145\/3549035.3561183"},{"key":"ref38","first-page":"12191236","article-title":"Silhouette: Efficient protected shadow stacks for embedded systems","volume-title":"29th USENIX Security Symposium (USENIX Security 20","author":"Zhou"},{"key":"ref39","article-title":"Cleanstack: A new dual-stack for defending against stackbased memory corruption attacks","author":"Chong","year":"2025","journal-title":"arXiv preprint arXiv:2503.16950"}],"event":{"name":"2025 IEEE International Conference on Cyber Security and Resilience (CSR)","start":{"date-parts":[[2025,8,4]]},"location":"Chania, Crete, Greece","end":{"date-parts":[[2025,8,6]]}},"container-title":["2025 IEEE International Conference on Cyber Security and Resilience (CSR)"],"original-title":[],"link":[{"URL":"http:\/\/xplorestaging.ieee.org\/ielx8\/11129696\/11129957\/11130175.pdf?arnumber=11130175","content-type":"unspecified","content-version":"vor","intended-application":"similarity-checking"}],"deposited":{"date-parts":[[2025,8,27]],"date-time":"2025-08-27T04:56:25Z","timestamp":1756270585000},"score":1,"resource":{"primary":{"URL":"https:\/\/ieeexplore.ieee.org\/document\/11130175\/"}},"subtitle":[],"short-title":[],"issued":{"date-parts":[[2025,8,4]]},"references-count":37,"URL":"https:\/\/doi.org\/10.1109\/csr64739.2025.11130175","relation":{},"subject":[],"published":{"date-parts":[[2025,8,4]]}}}