{"status":"ok","message-type":"work","message-version":"1.0.0","message":{"indexed":{"date-parts":[[2026,3,10]],"date-time":"2026-03-10T14:57:46Z","timestamp":1773154666233,"version":"3.50.1"},"publisher-location":"New York, NY, USA","reference-count":36,"publisher":"ACM","license":[{"start":{"date-parts":[[2011,12,5]],"date-time":"2011-12-05T00:00:00Z","timestamp":1323043200000},"content-version":"vor","delay-in-days":0,"URL":"https:\/\/www.acm.org\/publications\/policies\/copyright_policy#Background"}],"content-domain":{"domain":["dl.acm.org"],"crossmark-restriction":true},"short-container-title":[],"published-print":{"date-parts":[[2011,12,5]]},"DOI":"10.1145\/2076732.2076783","type":"proceedings-article","created":{"date-parts":[[2011,12,13]],"date-time":"2011-12-13T15:46:00Z","timestamp":1323791160000},"page":"353-362","update-policy":"https:\/\/doi.org\/10.1145\/crossmark-policy","source":"Crossref","is-referenced-by-count":88,"title":["Mitigating code-reuse attacks with control-flow locking"],"prefix":"10.1145","author":[{"given":"Tyler","family":"Bletsch","sequence":"first","affiliation":[{"name":"NC State University, Raleigh, NC"}]},{"given":"Xuxian","family":"Jiang","sequence":"additional","affiliation":[{"name":"NC State University, Raleigh, NC"}]},{"given":"Vince","family":"Freeh","sequence":"additional","affiliation":[{"name":"NC State University, Raleigh, NC"}]}],"member":"320","published-online":{"date-parts":[[2011,12,5]]},"reference":[{"key":"e_1_3_2_1_1_1","unstructured":"Wikipedia. W^X. http:\/\/en.wikipedia.org\/wiki\/W^X.  Wikipedia. W^X. http:\/\/en.wikipedia.org\/wiki\/W^X."},{"key":"e_1_3_2_1_2_1","volume-title":"Bugtraq","author":"Designer Solar","year":"1997","unstructured":"Solar Designer . Getting around non-executable stack (and fix) . Bugtraq , 1997 . Solar Designer. Getting around non-executable stack (and fix). Bugtraq, 1997."},{"key":"e_1_3_2_1_3_1","doi-asserted-by":"publisher","DOI":"10.1145\/1315245.1315313"},{"key":"e_1_3_2_1_4_1","doi-asserted-by":"publisher","DOI":"10.1007\/978-3-642-10772-6_13"},{"key":"e_1_3_2_1_5_1","doi-asserted-by":"publisher","DOI":"10.1145\/1655108.1655117"},{"key":"e_1_3_2_1_6_1","doi-asserted-by":"publisher","DOI":"10.1145\/1755913.1755934"},{"key":"e_1_3_2_1_8_1","volume-title":"21st IEEE ICDCS","author":"Fu-Hau Hsu Chiueh","year":"2001","unstructured":"Tzi-cker Chiueh and Fu-Hau Hsu . RAD : A Compile-Time Solution to Buffer Overflow Attacks . In 21st IEEE ICDCS , April 2001 . Tzi-cker Chiueh and Fu-Hau Hsu. RAD: A Compile-Time Solution to Buffer Overflow Attacks. In 21st IEEE ICDCS, April 2001."},{"key":"e_1_3_2_1_9_1","volume-title":"Frantzen and Mike Shuey. StackGhost: Hardware Facilitated Stack Protection. In 10th USENIX Security Symposium","author":"Mike","year":"2001","unstructured":"Mike Frantzen and Mike Shuey. StackGhost: Hardware Facilitated Stack Protection. In 10th USENIX Security Symposium , 2001 . Mike Frantzen and Mike Shuey. StackGhost: Hardware Facilitated Stack Protection. In 10th USENIX Security Symposium, 2001."},{"key":"e_1_3_2_1_10_1","unstructured":"Vendicator. Stack Shield: A \"Stack Smashing\" Technique Protection Tool for Linux. http:\/\/www.angelfire.com\/sk\/stackshield\/info.html.  Vendicator. Stack Shield: A \"Stack Smashing\" Technique Protection Tool for Linux. http:\/\/www.angelfire.com\/sk\/stackshield\/info.html."},{"key":"e_1_3_2_1_11_1","doi-asserted-by":"publisher","DOI":"10.1145\/1966913.1966919"},{"key":"e_1_3_2_1_12_1","doi-asserted-by":"publisher","DOI":"10.1145\/1866307.1866370"},{"key":"e_1_3_2_1_13_1","doi-asserted-by":"publisher","DOI":"10.1145\/1102120.1102165"},{"key":"e_1_3_2_1_14_1","volume-title":"Phrack Magazine","volume":"11","year":"2001","unstructured":"Nergal. The Advanced Return-into-lib(c) Exploits: PaX Case Study . Phrack Magazine , Volume 11 , Issue 0x58, File 4 of 14, December 2001 . Nergal. The Advanced Return-into-lib(c) Exploits: PaX Case Study. Phrack Magazine, Volume 11, Issue 0x58, File 4 of 14, December 2001."},{"key":"e_1_3_2_1_15_1","doi-asserted-by":"publisher","DOI":"10.1145\/1455770.1455776"},{"key":"e_1_3_2_1_16_1","volume-title":"CONference 2.0","author":"Lidner Felix","year":"2009","unstructured":"Felix \"FX\" Lidner . Developments in Cisco IOS Forensics . In CONference 2.0 , November 2009 . Felix \"FX\" Lidner. Developments in Cisco IOS Forensics. In CONference 2.0, November 2009."},{"key":"e_1_3_2_1_17_1","volume-title":"Ruhr-Universit\u00e4t Bochum","author":"Kornau Tim","year":"2010","unstructured":"Tim Kornau . Return oriented programming for the ARM architecture. Master's thesis , Ruhr-Universit\u00e4t Bochum , January 2010 . Tim Kornau. Return oriented programming for the ARM architecture. Master's thesis, Ruhr-Universit\u00e4t Bochum, January 2010."},{"key":"e_1_3_2_1_18_1","volume-title":"USENIX","author":"Checkoway Stephen","year":"2009","unstructured":"Stephen Checkoway , Ariel J. Feldman , Brian Kantor , J. Alex Halderman , Edward W. Felten , and Hovav Shacham . Can DREs provide long-lasting security? The case of return-oriented programming and the AVC Advantage. In EVT\/WOTE 2009 , USENIX , August 2009 . Stephen Checkoway, Ariel J. Feldman, Brian Kantor, J. Alex Halderman, Edward W. Felten, and Hovav Shacham. Can DREs provide long-lasting security? The case of return-oriented programming and the AVC Advantage. In EVT\/WOTE 2009, USENIX, August 2009."},{"key":"e_1_3_2_1_19_1","volume-title":"BlackHat USA","author":"Esser Stefan","year":"2010","unstructured":"Stefan Esser . Utilizing Code Reuse\/ROP in PHP Application Exploits . In BlackHat USA , 2010 . Stefan Esser. Utilizing Code Reuse\/ROP in PHP Application Exploits. In BlackHat USA, 2010."},{"key":"e_1_3_2_1_20_1","volume-title":"19th USENIX Security Symposium","author":"Hund Ralf","year":"2009","unstructured":"Ralf Hund , Thorsten Holz , and Felix C. Freiling . Return-oriented rootkits: Bypassing kernel code integrity protection mechanisms . In 19th USENIX Security Symposium , August 2009 . Ralf Hund, Thorsten Holz, and Felix C. Freiling. Return-oriented rootkits: Bypassing kernel code integrity protection mechanisms. In 19th USENIX Security Symposium, August 2009."},{"key":"e_1_3_2_1_21_1","doi-asserted-by":"publisher","DOI":"10.1145\/1653662.1653711"},{"key":"e_1_3_2_1_22_1","volume-title":"7th USENIX Security, page 5","author":"Cowan Crispin","year":"1998","unstructured":"Crispin Cowan , Calton Pu , Dave Maier , Heather Hintony , Jonathan Walpole , Peat Bakke , Steve Beattie , Aaron Grier , Perry Wagle , and Qian Zhang . StackGuard: automatic adaptive detection and prevention of buffer-overflow attacks . In 7th USENIX Security, page 5 , 1998 . Crispin Cowan, Calton Pu, Dave Maier, Heather Hintony, Jonathan Walpole, Peat Bakke, Steve Beattie, Aaron Grier, Perry Wagle, and Qian Zhang. StackGuard: automatic adaptive detection and prevention of buffer-overflow attacks. In 7th USENIX Security, page 5, 1998."},{"key":"e_1_3_2_1_23_1","unstructured":"PaX Team. PaX ASLR Documentation. http:\/\/pax.grsecurity.net\/docs\/aslr.txt.  PaX Team. PaX ASLR Documentation. http:\/\/pax.grsecurity.net\/docs\/aslr.txt."},{"key":"e_1_3_2_1_24_1","volume-title":"12th USENIX Security","author":"Bhatkar Sandeep","year":"2003","unstructured":"Sandeep Bhatkar , Daniel C. DuVarney , and R. Sekar . Address Obfuscation: An Efficient Approach to Combat a Broad Range of Memory Error Exploits . 12th USENIX Security , 2003 . Sandeep Bhatkar, Daniel C. DuVarney, and R. Sekar. Address Obfuscation: An Efficient Approach to Combat a Broad Range of Memory Error Exploits. 12th USENIX Security, 2003."},{"key":"e_1_3_2_1_25_1","volume-title":"14th USENIX Security","author":"Bhatkar Sandeep","year":"2005","unstructured":"Sandeep Bhatkar , R. Sekar , and Daniel C . DuVarney. Efficient Techniques for Comprehensive Protection from Memory Error Exploits . 14th USENIX Security , 2005 . Sandeep Bhatkar, R. Sekar, and Daniel C. DuVarney. Efficient Techniques for Comprehensive Protection from Memory Error Exploits. 14th USENIX Security, 2005."},{"key":"e_1_3_2_1_26_1","volume-title":"Transparent Runtime Randomization for Security. 22nd SRDS","author":"Xu Jun","year":"2003","unstructured":"Jun Xu , Zbigniew Kalbarczyk , and Ravishankar K. Iyer . Transparent Runtime Randomization for Security. 22nd SRDS October 2003 . Jun Xu, Zbigniew Kalbarczyk, and Ravishankar K. Iyer. Transparent Runtime Randomization for Security. 22nd SRDS October 2003."},{"key":"e_1_3_2_1_27_1","volume-title":"Phrack Magazine","volume":"11","author":"Durden Tyler","year":"2002","unstructured":"Tyler Durden . Bypassing PaX ASLR Protection . Phrack Magazine , Volume 11 , Issue 0x59, File 9 of 18, June 2002 . Tyler Durden. Bypassing PaX ASLR Protection. Phrack Magazine, Volume 11, Issue 0x59, File 9 of 18, June 2002."},{"key":"e_1_3_2_1_28_1","doi-asserted-by":"publisher","DOI":"10.1145\/1030083.1030124"},{"key":"e_1_3_2_1_29_1","volume-title":"Saman Amarasinghe. Secure Execution Via Program Shepherding. In 11th USENIX Security Symposium","author":"Kiriansky Vladimir","year":"2002","unstructured":"Vladimir Kiriansky , Derek Bruening , and Saman Amarasinghe. Secure Execution Via Program Shepherding. In 11th USENIX Security Symposium , August 2002 . Vladimir Kiriansky, Derek Bruening, and Saman Amarasinghe. Secure Execution Via Program Shepherding. In 11th USENIX Security Symposium, August 2002."},{"key":"e_1_3_2_1_30_1","volume-title":"7th USENIX OSDI","author":"Castro Miguel","year":"2006","unstructured":"Miguel Castro , Manuel Costa , and Tim Harris . Securing Software by Enforcing Data-Flow Integrity . In 7th USENIX OSDI , November 2006 . Miguel Castro, Manuel Costa, and Tim Harris. Securing Software by Enforcing Data-Flow Integrity. In 7th USENIX OSDI, November 2006."},{"key":"e_1_3_2_1_31_1","volume-title":"XFI: Software Guards for System Address Spaces. In 7th USENIX OSDI","author":"Erlingsson \u00dalfar","year":"2006","unstructured":"\u00dalfar Erlingsson , Martin Abadi , Michael Vrable , Mihai Budiu , and George C . Necula . XFI: Software Guards for System Address Spaces. In 7th USENIX OSDI , 2006 . \u00dalfar Erlingsson, Martin Abadi, Michael Vrable, Mihai Budiu, and George C. Necula. XFI: Software Guards for System Address Spaces. In 7th USENIX OSDI, 2006."},{"key":"e_1_3_2_1_32_1","doi-asserted-by":"publisher","DOI":"10.1109\/SP.2008.30"},{"key":"e_1_3_2_1_33_1","doi-asserted-by":"publisher","DOI":"10.1145\/1629575.1629581"},{"key":"e_1_3_2_1_34_1","doi-asserted-by":"publisher","DOI":"10.1145\/1920261.1920269"},{"key":"e_1_3_2_1_36_1","doi-asserted-by":"publisher","DOI":"10.1145\/1629175.1629203"},{"key":"e_1_3_2_1_37_1","unstructured":"Felix von Leitner etal dietlibc. http:\/\/www.fefe.de\/dietlibc\/.  Felix von Leitner et al. dietlibc. http:\/\/www.fefe.de\/dietlibc\/."},{"key":"e_1_3_2_1_38_1","first-page":"177","volume-title":"14th USENIX Security","author":"Chen Shuo","year":"2005","unstructured":"Shuo Chen , Jun Xu , Emre C. Sezer , Prachi Gauriar , and Ravishankar K. Iyer . Non-control-data attacks are realistic threats . In 14th USENIX Security , pages 177 -- 192 , 2005 . Shuo Chen, Jun Xu, Emre C. Sezer, Prachi Gauriar, and Ravishankar K. Iyer. Non-control-data attacks are realistic threats. In 14th USENIX Security, pages 177--192, 2005."}],"event":{"name":"ACSAC '11: Annual Computer Security Applications Conference","location":"Orlando Florida USA","acronym":"ACSAC '11","sponsor":["ACSA Applied Computing Security Assoc"]},"container-title":["Proceedings of the 27th Annual Computer Security Applications Conference"],"original-title":[],"link":[{"URL":"https:\/\/dl.acm.org\/doi\/10.1145\/2076732.2076783","content-type":"unspecified","content-version":"vor","intended-application":"text-mining"},{"URL":"https:\/\/dl.acm.org\/doi\/pdf\/10.1145\/2076732.2076783","content-type":"unspecified","content-version":"vor","intended-application":"similarity-checking"}],"deposited":{"date-parts":[[2025,6,18]],"date-time":"2025-06-18T09:54:46Z","timestamp":1750240486000},"score":1,"resource":{"primary":{"URL":"https:\/\/dl.acm.org\/doi\/10.1145\/2076732.2076783"}},"subtitle":[],"short-title":[],"issued":{"date-parts":[[2011,12,5]]},"references-count":36,"alternative-id":["10.1145\/2076732.2076783","10.1145\/2076732"],"URL":"https:\/\/doi.org\/10.1145\/2076732.2076783","relation":{},"subject":[],"published":{"date-parts":[[2011,12,5]]},"assertion":[{"value":"2011-12-05","order":2,"name":"published","label":"Published","group":{"name":"publication_history","label":"Publication History"}}]}}