{"status":"ok","message-type":"work","message-version":"1.0.0","message":{"indexed":{"date-parts":[[2025,12,23]],"date-time":"2025-12-23T10:32:21Z","timestamp":1766485941566,"version":"3.41.0"},"publisher-location":"New York, NY, USA","reference-count":37,"publisher":"ACM","license":[{"start":{"date-parts":[[2009,3,31]],"date-time":"2009-03-31T00:00:00Z","timestamp":1238457600000},"content-version":"vor","delay-in-days":0,"URL":"https:\/\/www.acm.org\/publications\/policies\/copyright_policy#Background"}],"content-domain":{"domain":["dl.acm.org"],"crossmark-restriction":true},"short-container-title":[],"published-print":{"date-parts":[[2009,3,31]]},"DOI":"10.1145\/1519144.1519145","type":"proceedings-article","created":{"date-parts":[[2009,4,6]],"date-time":"2009-04-06T16:34:53Z","timestamp":1239035693000},"page":"1-8","update-policy":"https:\/\/doi.org\/10.1145\/crossmark-policy","source":"Crossref","is-referenced-by-count":97,"title":["Breaking the memory secrecy assumption"],"prefix":"10.1145","author":[{"given":"Raoul","family":"Strackx","sequence":"first","affiliation":[{"name":"Katholieke Universiteit Leuven, Heverlee, Belgium"}],"role":[{"role":"author","vocabulary":"crossref"}]},{"given":"Yves","family":"Younan","sequence":"additional","affiliation":[{"name":"Katholieke Universiteit Leuven, Heverlee, Belgium"}],"role":[{"role":"author","vocabulary":"crossref"}]},{"given":"Pieter","family":"Philippaerts","sequence":"additional","affiliation":[{"name":"Katholieke Universiteit Leuven, Heverlee, Belgium"}],"role":[{"role":"author","vocabulary":"crossref"}]},{"given":"Frank","family":"Piessens","sequence":"additional","affiliation":[{"name":"Katholieke Universiteit Leuven, Heverlee, Belgium"}],"role":[{"role":"author","vocabulary":"crossref"}]},{"given":"Sven","family":"Lachmund","sequence":"additional","affiliation":[{"name":"DOCOMO Euro-Labs, Munich, Germany"}],"role":[{"role":"author","vocabulary":"crossref"}]},{"given":"Thomas","family":"Walter","sequence":"additional","affiliation":[{"name":"DOCOMO Euro-Labs, Munich, Germany"}],"role":[{"role":"author","vocabulary":"crossref"}]}],"member":"320","published-online":{"date-parts":[[2009,3,31]]},"reference":[{"key":"e_1_3_2_1_1_1","first-page":"49","author":"Smashing","year":"1996","unstructured":"Aleph1. Smashing the stack for fun and profit. Phrack , 49 , 1996 . Aleph1. Smashing the stack for fun and profit. Phrack, 49, 1996.","journal-title":"Phrack"},{"issue":"3","key":"e_1_3_2_1_2_1","volume":"30","author":"Alexander Steven","year":"2005","unstructured":"Steven Alexander . Defeating compiler-level buffer overflow protection. ;login : The USENIX Magazine , 30 ( 3 ), June 2005 . Steven Alexander. Defeating compiler-level buffer overflow protection. ;login: The USENIX Magazine, 30(3), June 2005.","journal-title":"The USENIX Magazine"},{"key":"e_1_3_2_1_3_1","first-page":"57","author":"Anonymous","year":"2001","unstructured":"Anonymous . Once upon a free(). Phrack , 57 , 2001 . Anonymous. Once upon a free(). Phrack, 57, 2001.","journal-title":"Phrack"},{"key":"e_1_3_2_1_4_1","unstructured":"Apple. Mac OS X Leopard - Security Features. http:\/\/www.apple.com\/macosx\/features\/300.html#security.  Apple. Mac OS X Leopard - Security Features. http:\/\/www.apple.com\/macosx\/features\/300.html#security."},{"key":"e_1_3_2_1_5_1","doi-asserted-by":"publisher","DOI":"10.1145\/948109.948147"},{"key":"e_1_3_2_1_6_1","first-page":"105","volume-title":"Proceedings of the 12th USENIX Security Symposium","author":"Bhatkar Sandeep","year":"2003","unstructured":"Sandeep Bhatkar , Daniel C. Duvarney , and R. Sekar . Address obfuscation: An efficient approach to combat a broad range of memory error exploits . In Proceedings of the 12th USENIX Security Symposium , pages 105 -- 120 , Washington, D.C., U.S.A. , August 2003 . USENIX Association. Sandeep Bhatkar, Daniel C. Duvarney, and R. Sekar. Address obfuscation: An efficient approach to combat a broad range of memory error exploits. In Proceedings of the 12th USENIX Security Symposium, pages 105--120, Washington, D.C., U.S.A., August 2003. USENIX Association."},{"key":"e_1_3_2_1_7_1","doi-asserted-by":"publisher","DOI":"10.1007\/978-3-540-70542-0_1"},{"key":"e_1_3_2_1_8_1","unstructured":"Brandon Bray. Compiler security checks in depth. http:\/\/msdn.microsoft.com\/en-us\/library\/aa290051.aspx February 2002.  Brandon Bray. Compiler security checks in depth. http:\/\/msdn.microsoft.com\/en-us\/library\/aa290051.aspx February 2002."},{"key":"e_1_3_2_1_9_1","volume-title":"November","author":"Bray Brandon","year":"2003","unstructured":"Brandon Bray . Security improvements to the whidbey compiler , November 2003 . Brandon Bray. Security improvements to the whidbey compiler, November 2003."},{"key":"e_1_3_2_1_10_1","first-page":"56","author":"Bypassing Stackguard Bulba","year":"2000","unstructured":"Bulba and Kil3r. Bypassing Stackguard and stackshield. Phrack , 56 , 2000 . Bulba and Kil3r. Bypassing Stackguard and stackshield. Phrack, 56, 2000.","journal-title":"Phrack"},{"key":"e_1_3_2_1_11_1","unstructured":"Jonathan Corbet. Address space randomization in 2.6. http:\/\/lwn.net\/Articles\/121845\/ February 2005.  Jonathan Corbet. Address space randomization in 2.6. http:\/\/lwn.net\/Articles\/121845\/ February 2005."},{"key":"e_1_3_2_1_12_1","volume-title":"November","author":"Cowan Crispin","year":"1999","unstructured":"Crispin Cowan . StackGuard mechanism: Emsi's vulnerability. urlhttp:\/\/www.immunix.org\/StackGuard\/emsi_vuln.html , November 1999 . Crispin Cowan. StackGuard mechanism: Emsi's vulnerability. urlhttp:\/\/www.immunix.org\/StackGuard\/emsi_vuln.html, November 1999."},{"key":"e_1_3_2_1_13_1","volume-title":"Proceedings of Linux Expo 1999","author":"Cowan Crispin","year":"1999","unstructured":"Crispin Cowan , Steve Beattie , Ryan F. Day , Calton Pu , Perry Wagle , and Eric Walthinsen . Protecting systems from stack smashing attacks with StackGuard . In Proceedings of Linux Expo 1999 , Raleigh, North Carolina, U.S.A. , May 1999 . Crispin Cowan, Steve Beattie, Ryan F. Day, Calton Pu, Perry Wagle, and Eric Walthinsen. Protecting systems from stack smashing attacks with StackGuard. In Proceedings of Linux Expo 1999, Raleigh, North Carolina, U.S.A., May 1999."},{"key":"e_1_3_2_1_14_1","first-page":"91","volume-title":"Proceedings of the 12th USENIX Security Symposium","author":"Cowan Crispin","year":"2003","unstructured":"Crispin Cowan , Steve Beattie , John Johansen , and Perry Wagle . PointGuard : protecting pointers from buffer overflow vulnerabilities . In Proceedings of the 12th USENIX Security Symposium , pages 91 -- 104 , Washington, D.C., U.S.A. , August 2003 . USENIX Association. Crispin Cowan, Steve Beattie, John Johansen, and Perry Wagle. PointGuard: protecting pointers from buffer overflow vulnerabilities. In Proceedings of the 12th USENIX Security Symposium, pages 91--104, Washington, D.C., U.S.A., August 2003. USENIX Association."},{"key":"e_1_3_2_1_15_1","first-page":"63","volume-title":"Proceedings of the 7th USENIX Security Symposium","author":"Cowan Crispin","year":"1998","unstructured":"Crispin Cowan , Calton Pu , Dave Maier , Heather Hinton , Jonathan Walpole , Peat Bakke , Steve Beattie , Aaron Grier , Perry Wagle , and Qian Zhang . StackGuard : Automatic adaptive detection and prevention of buffer-overflow attacks . In Proceedings of the 7th USENIX Security Symposium , pages 63 -- 78 , San Antonio, Texas, U.S.A. , January 1998 . USENIX Association. Crispin Cowan, Calton Pu, Dave Maier, Heather Hinton, Jonathan Walpole, Peat Bakke, Steve Beattie, Aaron Grier, Perry Wagle, and Qian Zhang. StackGuard: Automatic adaptive detection and prevention of buffer-overflow attacks. In Proceedings of the 7th USENIX Security Symposium, pages 63--78, San Antonio, Texas, U.S.A., January 1998. USENIX Association."},{"key":"e_1_3_2_1_16_1","volume-title":"Phrack","author":"Durden Tyler","year":"2002","unstructured":"Tyler Durden . Bypassing pax aslr protection . Phrack , 59, July 2002 . Tyler Durden. Bypassing pax aslr protection. Phrack, 59, July 2002."},{"key":"e_1_3_2_1_17_1","volume-title":"Tokyo Research Laboratory","author":"Etoh Hiroaki","year":"2000","unstructured":"Hiroaki Etoh and Kunikazu Yoda . Protecting from stack-smashing attacks. Technical report, IBM Research Divison , Tokyo Research Laboratory , June 2000 . Hiroaki Etoh and Kunikazu Yoda. Protecting from stack-smashing attacks. Technical report, IBM Research Divison, Tokyo Research Laboratory, June 2000."},{"key":"e_1_3_2_1_18_1","unstructured":"Free Software Foundation. Gcc 4.1 release series -- changes new features and fixes. http:\/\/gcc.gnu.org\/gcc-4.1\/changes.html September 2007.  Free Software Foundation. Gcc 4.1 release series -- changes new features and fixes. http:\/\/gcc.gnu.org\/gcc-4.1\/changes.html September 2007."},{"key":"e_1_3_2_1_19_1","unstructured":"Michael Howard. Address space layout randomization in Windows Vista. http:\/\/blogs.msdn.com\/michael_howard\/archive\/2006\/05\/26\/address-space-layout-randomization-in-windows-vista.aspx May 2006.  Michael Howard. Address space layout randomization in Windows Vista. http:\/\/blogs.msdn.com\/michael_howard\/archive\/2006\/05\/26\/address-space-layout-randomization-in-windows-vista.aspx May 2006."},{"key":"e_1_3_2_1_20_1","unstructured":"Michael Howard. Protecting against pointer subterfuge (kinda!). http:\/\/blogs.msdn.com\/michael_howard\/archive\/2006\/01\/30\/520200.aspx January 2006.  Michael Howard. Protecting against pointer subterfuge (kinda!). http:\/\/blogs.msdn.com\/michael_howard\/archive\/2006\/01\/30\/520200.aspx January 2006."},{"key":"e_1_3_2_1_21_1","doi-asserted-by":"publisher","DOI":"10.1145\/948109.948146"},{"key":"e_1_3_2_1_22_1","unstructured":"Tom Krazit. Armed for the living room. http:\/\/news.cnet.com\/ARMed-for-the-living-room\/2100-1006_3-6056729.html April 2006.  Tom Krazit. Armed for the living room. http:\/\/news.cnet.com\/ARMed-for-the-living-room\/2100-1006_3-6056729.html April 2006."},{"key":"e_1_3_2_1_23_1","volume-title":"November","author":"Krennmair Andreas","year":"2003","unstructured":"Andreas Krennmair . ContraPolice: a libc extension for protecting applications from heap-smashing attacks , November 2003 . Andreas Krennmair. ContraPolice: a libc extension for protecting applications from heap-smashing attacks, November 2003."},{"key":"e_1_3_2_1_24_1","volume-title":"September","author":"Litchfield David","year":"2003","unstructured":"David Litchfield . Defeating the stack based buffer overflow prevention mechanism of microsoft windows 2003 server , September 2003 . David Litchfield. Defeating the stack based buffer overflow prevention mechanism of microsoft windows 2003 server, September 2003."},{"key":"e_1_3_2_1_25_1","unstructured":"National Institute of Standards and Technology. National vulnerability database statistics. http:\/\/nvd.nist.gov\/statistics.cfm.  National Institute of Standards and Technology. National vulnerability database statistics. http:\/\/nvd.nist.gov\/statistics.cfm."},{"key":"e_1_3_2_1_26_1","volume-title":"June","author":"Richarte Gerardo","year":"2002","unstructured":"Gerardo Richarte . Four different tricks to bypass stackshield and stackguard protection , June 2002 . Gerardo Richarte. Four different tricks to bypass stackshield and stackguard protection, June 2002."},{"key":"e_1_3_2_1_27_1","first-page":"51","volume-title":"Proceedings of the 17th Large Installation Systems Administrators Conference","author":"Robertson William","year":"2003","unstructured":"William Robertson , Christopher Kruegel , Darren Mutz , and Frederik Valeur . Run-time detection of heap-based overflows . In Proceedings of the 17th Large Installation Systems Administrators Conference , pages 51 -- 60 , San Diego, California, U.S.A. , October 2003 . USENIX Association. William Robertson, Christopher Kruegel, Darren Mutz, and Frederik Valeur. Run-time detection of heap-based overflows. In Proceedings of the 17th Large Installation Systems Administrators Conference, pages 51--60, San Diego, California, U.S.A., October 2003. USENIX Association."},{"key":"e_1_3_2_1_28_1","doi-asserted-by":"publisher","DOI":"10.1145\/1030083.1030124"},{"key":"e_1_3_2_1_29_1","unstructured":"Derek Soeder. Memory retrieval vulnerabilities. http:\/\/research.eeye.com\/html\/papers\/download\/eeyeMRVOct2006.pdf.  Derek Soeder. Memory retrieval vulnerabilities. http:\/\/research.eeye.com\/html\/papers\/download\/eeyeMRVOct2006.pdf."},{"key":"e_1_3_2_1_30_1","unstructured":"Solar Designer. JPEG COM marker processing vulnerability in netscape browsers. http:\/\/www.openwall.com\/advisories\/OW-002-netscape-jpeg.txt July 2000.  Solar Designer. JPEG COM marker processing vulnerability in netscape browsers. http:\/\/www.openwall.com\/advisories\/OW-002-netscape-jpeg.txt July 2000."},{"key":"e_1_3_2_1_31_1","unstructured":"Alexander Sotirov. 0-day ani vulnerability in microsoft windows (CVE-2007-0038). http:\/\/seclists.org\/bugtraq\/2007\/Mar\/0461.htmll March 2007.  Alexander Sotirov. 0-day ani vulnerability in microsoft windows (CVE-2007-0038). http:\/\/seclists.org\/bugtraq\/2007\/Mar\/0461.htmll March 2007."},{"key":"e_1_3_2_1_32_1","volume-title":"Proceedings of BlackHat 2008","author":"Sotirov Alexander","year":"2008","unstructured":"Alexander Sotirov and Mark Dowd . Bypassing browser memory protections: Setting back browser security by 10 years . In Proceedings of BlackHat 2008 , Las Vegas, Nevada, U.S.A. , August 2008 . Alexander Sotirov and Mark Dowd. Bypassing browser memory protections: Setting back browser security by 10 years. In Proceedings of BlackHat 2008, Las Vegas, Nevada, U.S.A., August 2008."},{"key":"e_1_3_2_1_33_1","volume-title":"Proceedings of the 14th USENIX Security Symposium","author":"Sovarel Nora","year":"2005","unstructured":"Nora Sovarel , David Evans , and Nathanael Paul . Where's the FEEB? the effectiveness of instruction set randomization . In Proceedings of the 14th USENIX Security Symposium , Baltimore, Maryland, U.S.A. , August 2005 . Usenix. Nora Sovarel, David Evans, and Nathanael Paul. Where's the FEEB? the effectiveness of instruction set randomization. In Proceedings of the 14th USENIX Security Symposium, Baltimore, Maryland, U.S.A., August 2005. Usenix."},{"key":"e_1_3_2_1_34_1","unstructured":"The PaX Team. Documentation for the PaX project.  The PaX Team. Documentation for the PaX project."},{"key":"e_1_3_2_1_35_1","first-page":"56","author":"Taking","year":"2000","unstructured":"Twitch. Taking advantage of non-terminated adjacent memory spaces. Phrack , 56 , 2000 . Twitch. Taking advantage of non-terminated adjacent memory spaces. Phrack, 56, 2000.","journal-title":"Phrack"},{"key":"e_1_3_2_1_36_1","first-page":"243","volume-title":"Proceedings of the GCC Developers Summit","author":"Wagle Perry","year":"2003","unstructured":"Perry Wagle and Crispin Cowan . Stackguard : Simple stack smash protection for gcc . In Proceedings of the GCC Developers Summit , pages 243 -- 256 , Ottawa, Ontario, Canada , May 2003 . Perry Wagle and Crispin Cowan. Stackguard: Simple stack smash protection for gcc. In Proceedings of the GCC Developers Summit, pages 243--256, Ottawa, Ontario, Canada, May 2003."},{"key":"e_1_3_2_1_37_1","doi-asserted-by":"publisher","DOI":"10.1109\/ACSAC.2006.33"}],"event":{"name":"EuroSys '09: Fourth EuroSys Conference 2009","sponsor":["SIGOPS ACM Special Interest Group on Operating Systems"],"location":"Nuremburg Germany","acronym":"EuroSys '09"},"container-title":["Proceedings of the Second European Workshop on System Security"],"original-title":[],"link":[{"URL":"https:\/\/dl.acm.org\/doi\/10.1145\/1519144.1519145","content-type":"unspecified","content-version":"vor","intended-application":"text-mining"},{"URL":"https:\/\/dl.acm.org\/doi\/pdf\/10.1145\/1519144.1519145","content-type":"unspecified","content-version":"vor","intended-application":"similarity-checking"}],"deposited":{"date-parts":[[2025,6,18]],"date-time":"2025-06-18T13:29:54Z","timestamp":1750253394000},"score":1,"resource":{"primary":{"URL":"https:\/\/dl.acm.org\/doi\/10.1145\/1519144.1519145"}},"subtitle":[],"short-title":[],"issued":{"date-parts":[[2009,3,31]]},"references-count":37,"alternative-id":["10.1145\/1519144.1519145","10.1145\/1519144"],"URL":"https:\/\/doi.org\/10.1145\/1519144.1519145","relation":{},"subject":[],"published":{"date-parts":[[2009,3,31]]},"assertion":[{"value":"2009-03-31","order":2,"name":"published","label":"Published","group":{"name":"publication_history","label":"Publication History"}}]}}