{"status":"ok","message-type":"work","message-version":"1.0.0","message":{"indexed":{"date-parts":[[2026,2,21]],"date-time":"2026-02-21T19:13:21Z","timestamp":1771701201757,"version":"3.50.1"},"publisher-location":"New York, NY, USA","reference-count":59,"publisher":"ACM","license":[{"start":{"date-parts":[[2015,10,12]],"date-time":"2015-10-12T00:00:00Z","timestamp":1444608000000},"content-version":"vor","delay-in-days":0,"URL":"https:\/\/www.acm.org\/publications\/policies\/copyright_policy#Background"}],"content-domain":{"domain":["dl.acm.org"],"crossmark-restriction":true},"short-container-title":[],"published-print":{"date-parts":[[2015,10,12]]},"DOI":"10.1145\/2810103.2813671","type":"proceedings-article","created":{"date-parts":[[2015,10,6]],"date-time":"2015-10-06T15:22:12Z","timestamp":1444144932000},"page":"952-963","update-policy":"https:\/\/doi.org\/10.1145\/crossmark-policy","source":"Crossref","is-referenced-by-count":92,"title":["Losing Control"],"prefix":"10.1145","author":[{"given":"Mauro","family":"Conti","sequence":"first","affiliation":[{"name":"University of Padua, Padua, Italy"}]},{"given":"Stephen","family":"Crane","sequence":"additional","affiliation":[{"name":"University of California, Irvine, Irvine, USA"}]},{"given":"Lucas","family":"Davi","sequence":"additional","affiliation":[{"name":"Technische Universit\u00e4t Darmstadt, Darmstadt, Germany"}]},{"given":"Michael","family":"Franz","sequence":"additional","affiliation":[{"name":"University of California, Irvine, Irvine, USA"}]},{"given":"Per","family":"Larsen","sequence":"additional","affiliation":[{"name":"University of California, Irvine, Irvine, USA"}]},{"given":"Marco","family":"Negro","sequence":"additional","affiliation":[{"name":"Technische Universit\u00e4t Darmstadt, Darmstadt, Germany"}]},{"given":"Christopher","family":"Liebchen","sequence":"additional","affiliation":[{"name":"Technische Universit\u00e4t Darmstadt, Darmstadt, Germany"}]},{"given":"Mohaned","family":"Qunaibit","sequence":"additional","affiliation":[{"name":"University of California, Irvine, Irvine, USA"}]},{"given":"Ahmad-Reza","family":"Sadeghi","sequence":"additional","affiliation":[{"name":"Technische Universit\u00e4t Darmstadt, Darmstadt, Germany"}]}],"member":"320","published-online":{"date-parts":[[2015,10,12]]},"reference":[{"key":"e_1_3_2_1_1_1","doi-asserted-by":"publisher","DOI":"10.1145\/1102120.1102165"},{"key":"e_1_3_2_1_2_1","doi-asserted-by":"publisher","DOI":"10.1007\/11576280_9"},{"key":"e_1_3_2_1_3_1","doi-asserted-by":"publisher","DOI":"10.1145\/1609956.1609960"},{"issue":"14","key":"e_1_3_2_1_4_1","volume":"49","author":"One Aleph","year":"2000","unstructured":"Aleph One . Smashing the stack for fun and profit. Phrack Magazine , 49 ( 14 ), 2000 . Aleph One. Smashing the stack for fun and profit. Phrack Magazine, 49(14), 2000.","journal-title":"Phrack Magazine"},{"key":"e_1_3_2_1_5_1","doi-asserted-by":"publisher","DOI":"10.1145\/2660267.2660378"},{"key":"e_1_3_2_1_6_1","volume-title":"23rd USENIX Security Symposium, USENIX Sec","author":"Backes M.","year":"2014","unstructured":"M. Backes and S. N\u00fcrnberger . Oxymoron: Making fine-grained memory randomization practical by allowing code sharing . In 23rd USENIX Security Symposium, USENIX Sec , 2014 . M. Backes and S. N\u00fcrnberger. Oxymoron: Making fine-grained memory randomization practical by allowing code sharing. In 23rd USENIX Security Symposium, USENIX Sec, 2014."},{"key":"e_1_3_2_1_7_1","volume-title":"12th USENIX Security Symposium, USENIX Sec","author":"Bhatkar S.","year":"2003","unstructured":"S. Bhatkar , D. DuVarney , and R. Sekar . Address obfuscation: An efficient approach to combat a broad range of memory error exploits . In 12th USENIX Security Symposium, USENIX Sec , 2003 . S. Bhatkar, D. DuVarney, and R. Sekar. Address obfuscation: An efficient approach to combat a broad range of memory error exploits. In 12th USENIX Security Symposium, USENIX Sec, 2003."},{"key":"e_1_3_2_1_8_1","doi-asserted-by":"publisher","DOI":"10.1109\/SP.2014.22"},{"key":"e_1_3_2_1_9_1","volume-title":"24th USENIX Security Symposium, USENIX Sec","author":"Carlini N.","year":"2015","unstructured":"N. Carlini , A. Barresi , M. Payer , D. Wagner , and T. R. Gross . Control-flow bending: On the effectiveness of control-flow integrity . In 24th USENIX Security Symposium, USENIX Sec , 2015 . N. Carlini, A. Barresi, M. Payer, D. Wagner, and T. R. Gross. Control-flow bending: On the effectiveness of control-flow integrity. In 24th USENIX Security Symposium, USENIX Sec, 2015."},{"key":"e_1_3_2_1_10_1","volume-title":"23rd USENIX Security Symposium, USENIX Sec","author":"Carlini N.","year":"2014","unstructured":"N. Carlini and D. Wagner . ROP is still dangerous: Breaking modern defenses . In 23rd USENIX Security Symposium, USENIX Sec , 2014 . N. Carlini and D. Wagner. ROP is still dangerous: Breaking modern defenses. In 23rd USENIX Security Symposium, USENIX Sec, 2014."},{"key":"e_1_3_2_1_11_1","doi-asserted-by":"publisher","DOI":"10.14722\/ndss.2015.23248"},{"key":"e_1_3_2_1_12_1","doi-asserted-by":"publisher","DOI":"10.14722\/ndss.2014.23156"},{"key":"e_1_3_2_1_13_1","volume-title":"8st USENIX Security Symposium, USENIX Sec","author":"Cowan C.","year":"1998","unstructured":"C. Cowan , C. Pu , D. Maier , H. Hintony , J. Walpole , P. Bakke , S. Beattie , A. Grier , P. Wagle , and Q. Zhang . StackGuard: Automatic adaptive detection and prevention of buffer-overflow attacks . In 8st USENIX Security Symposium, USENIX Sec , 1998 . C. Cowan, C. Pu, D. Maier, H. Hintony, J. Walpole, P. Bakke, S. Beattie, A. Grier, P. Wagle, and Q. Zhang. StackGuard: Automatic adaptive detection and prevention of buffer-overflow attacks. In 8st USENIX Security Symposium, USENIX Sec, 1998."},{"key":"e_1_3_2_1_14_1","doi-asserted-by":"publisher","DOI":"10.1109\/SP.2015.52"},{"key":"e_1_3_2_1_15_1","doi-asserted-by":"publisher","DOI":"10.1145\/2810103.2813682"},{"key":"e_1_3_2_1_16_1","doi-asserted-by":"publisher","DOI":"10.1145\/2714576.2714635"},{"key":"e_1_3_2_1_17_1","doi-asserted-by":"publisher","DOI":"10.14722\/ndss.2015.23262"},{"key":"e_1_3_2_1_18_1","volume-title":"23rd USENIX Security Symposium, USENIX Sec","author":"Davi L.","year":"2014","unstructured":"L. Davi , A. Sadeghi , D. Lehmann , and F. Monrose . Stitching the gadgets: On the ineffectiveness of coarse-grained control-flow integrity protection . In 23rd USENIX Security Symposium, USENIX Sec , 2014 . L. Davi, A. Sadeghi, D. Lehmann, and F. Monrose. Stitching the gadgets: On the ineffectiveness of coarse-grained control-flow integrity protection. In 23rd USENIX Security Symposium, USENIX Sec, 2014."},{"key":"e_1_3_2_1_19_1","doi-asserted-by":"publisher","DOI":"10.1145\/2484313.2484351"},{"key":"e_1_3_2_1_20_1","doi-asserted-by":"publisher","DOI":"10.1109\/SP.2015.53"},{"key":"e_1_3_2_1_21_1","doi-asserted-by":"publisher","DOI":"10.1145\/2810103.2813646"},{"key":"e_1_3_2_1_22_1","doi-asserted-by":"publisher","DOI":"10.1109\/ACSAC.2009.16"},{"key":"e_1_3_2_1_23_1","doi-asserted-by":"publisher","DOI":"10.1145\/2699026.2699107"},{"key":"e_1_3_2_1_24_1","volume-title":"21st USENIX Security Symposium, USENIX Sec","author":"Giuffrida C.","year":"2012","unstructured":"C. Giuffrida , A. Kuijsten , and A. S. Tanenbaum . Enhanced operating system security through efficient and fine-grained address space randomization . In 21st USENIX Security Symposium, USENIX Sec , 2012 . C. Giuffrida, A. Kuijsten, and A. S. Tanenbaum. Enhanced operating system security through efficient and fine-grained address space randomization. In 21st USENIX Security Symposium, USENIX Sec, 2012."},{"key":"e_1_3_2_1_25_1","doi-asserted-by":"publisher","DOI":"10.1109\/SP.2014.43"},{"key":"e_1_3_2_1_26_1","volume-title":"23rd USENIX Security Symposium, USENIX Sec","author":"G\u00f6ktas E.","year":"2014","unstructured":"E. G\u00f6ktas , E. Athanasopoulos , M. Polychronakis , H. Bos , and G. Portokalidis . Size does matter: Why using gadget-chain length to prevent code-reuse attacks is hard . In 23rd USENIX Security Symposium, USENIX Sec , 2014 . E. G\u00f6ktas, E. Athanasopoulos, M. Polychronakis, H. Bos, and G. Portokalidis. Size does matter: Why using gadget-chain length to prevent code-reuse attacks is hard. In 23rd USENIX Security Symposium, USENIX Sec, 2014."},{"key":"e_1_3_2_1_27_1","doi-asserted-by":"publisher","DOI":"10.1109\/SP.2012.39"},{"key":"e_1_3_2_1_28_1","doi-asserted-by":"publisher","DOI":"10.1109\/CGO.2013.6494997"},{"key":"e_1_3_2_1_29_1","doi-asserted-by":"publisher","DOI":"10.1109\/SP.2013.23"},{"key":"e_1_3_2_1_30_1","unstructured":"Intel. Intel 64 and IA-32 architectures software developer's manual combined volumes 3A 3B and 3C: System programming guide. http:\/\/www.intel.com\/content\/dam\/www\/public\/us\/en\/documents\/manuals\/64-ia-32-architectures-software-developer-system-programming-manual-325384.pdf 2013.  Intel. Intel 64 and IA-32 architectures software developer's manual combined volumes 3A 3B and 3C: System programming guide. http:\/\/www.intel.com\/content\/dam\/www\/public\/us\/en\/documents\/manuals\/64-ia-32-architectures-software-developer-system-programming-manual-325384.pdf 2013."},{"key":"e_1_3_2_1_31_1","doi-asserted-by":"publisher","DOI":"10.1109\/ACSAC.2006.9"},{"key":"e_1_3_2_1_32_1","doi-asserted-by":"publisher","DOI":"10.5555\/2685048.2685061"},{"key":"e_1_3_2_1_33_1","doi-asserted-by":"publisher","DOI":"10.1109\/SP.2014.25"},{"key":"e_1_3_2_1_34_1","doi-asserted-by":"publisher","DOI":"10.1145\/1250734.1250766"},{"key":"e_1_3_2_1_35_1","unstructured":"Microsoft. Data Execution Prevention (DEP). http:\/\/support.microsoft.com\/kb\/875352\/EN-US\/ 2006.  Microsoft. Data Execution Prevention (DEP). http:\/\/support.microsoft.com\/kb\/875352\/EN-US\/ 2006."},{"key":"e_1_3_2_1_36_1","volume-title":"Control flow guard. https:\/\/msdn.microsoft.com\/en-us\/library\/Dn919635.aspx","year":"2015","unstructured":"Microsoft. Control flow guard. https:\/\/msdn.microsoft.com\/en-us\/library\/Dn919635.aspx , 2015 . Microsoft. Control flow guard. https:\/\/msdn.microsoft.com\/en-us\/library\/Dn919635.aspx, 2015."},{"key":"e_1_3_2_1_37_1","doi-asserted-by":"publisher","DOI":"10.1109\/SP.2012.41"},{"key":"e_1_3_2_1_38_1","volume-title":"22nd USENIX Security Symposium, USENIX Sec","author":"Pappas V.","year":"2013","unstructured":"V. Pappas , M. Polychronakis , and A. D. Keromytis . Transparent ROP exploit mitigation using indirect branch tracing . In 22nd USENIX Security Symposium, USENIX Sec , 2013 . V. Pappas, M. Polychronakis, and A. D. Keromytis. Transparent ROP exploit mitigation using indirect branch tracing. In 22nd USENIX Security Symposium, USENIX Sec, 2013."},{"key":"e_1_3_2_1_39_1","doi-asserted-by":"publisher","DOI":"10.1007\/978-3-319-20550-2_8"},{"key":"e_1_3_2_1_40_1","unstructured":"F. Schuster T. Tendyck C. Liebchen L. Davi A.-R. Sadeghi and T. Holz. Counterfeit object-oriented programming: On the difficulty of preventing code reuse attacks in C  F. Schuster T. Tendyck C. Liebchen L. Davi A.-R. Sadeghi and T. Holz. Counterfeit object-oriented programming: On the difficulty of preventing code reuse attacks in C"},{"key":"e_1_3_2_1_41_1","volume-title":"36th IEEE Symposium on Security and Privacy, S&P","year":"2015","unstructured":"applications. In 36th IEEE Symposium on Security and Privacy, S&P , 2015 . applications. In 36th IEEE Symposium on Security and Privacy, S&P, 2015."},{"key":"e_1_3_2_1_42_1","doi-asserted-by":"publisher","DOI":"10.1007\/978-3-319-11379-1_5"},{"key":"e_1_3_2_1_43_1","doi-asserted-by":"publisher","DOI":"10.5555\/1929820.1929822"},{"key":"e_1_3_2_1_44_1","doi-asserted-by":"publisher","DOI":"10.1145\/2660267.2660309"},{"key":"e_1_3_2_1_45_1","doi-asserted-by":"publisher","DOI":"10.1145\/1315245.1315313"},{"key":"e_1_3_2_1_46_1","doi-asserted-by":"publisher","DOI":"10.1109\/SP.2013.45"},{"key":"e_1_3_2_1_47_1","volume-title":"Black Hat Europe","author":"Sotirov. Heap Feng A.","year":"2007","unstructured":"A. Sotirov. Heap Feng Shui in JavaScript . In Black Hat Europe , BH US , 2007 . A. Sotirov. Heap Feng Shui in JavaScript. In Black Hat Europe, BH US, 2007."},{"key":"e_1_3_2_1_48_1","doi-asserted-by":"publisher","DOI":"10.1145\/1519144.1519145"},{"key":"e_1_3_2_1_49_1","volume-title":"http:\/\/clang.llvm.org\/docs\/SafeStack.html","author":"Team The Clang","year":"2015","unstructured":"The Clang Team . Clang 3.8 documentation SafeStack . http:\/\/clang.llvm.org\/docs\/SafeStack.html , 2015 . The Clang Team. Clang 3.8 documentation SafeStack. http:\/\/clang.llvm.org\/docs\/SafeStack.html, 2015."},{"key":"e_1_3_2_1_50_1","volume-title":"GNU Tools Cauldron Workshop","author":"Tice C.","year":"2012","unstructured":"C. Tice . Improving function pointer security for virtual method dispatches . In GNU Tools Cauldron Workshop , 2012 . C. Tice. Improving function pointer security for virtual method dispatches. In GNU Tools Cauldron Workshop, 2012."},{"key":"e_1_3_2_1_51_1","volume-title":"23rd USENIX Security Symposium, USENIX Sec","author":"Tice C.","year":"2014","unstructured":"C. Tice , T. Roeder , P. Collingbourne , S. Checkoway , \u00da. Erlingsson, L. Lozano , and G. Pike . Enforcing forward-edge control-flow integrity in GCC & LLVM . In 23rd USENIX Security Symposium, USENIX Sec , 2014 . C. Tice, T. Roeder, P. Collingbourne, S. Checkoway, \u00da. Erlingsson, L. Lozano, and G. Pike. Enforcing forward-edge control-flow integrity in GCC & LLVM. In 23rd USENIX Security Symposium, USENIX Sec, 2014."},{"key":"e_1_3_2_1_52_1","unstructured":"VUPEN Security. Advanced exploitation of internet explorer heap overflow (pwn2own 2012 exploit). http:\/\/www.vupen.com\/blog\/20120710.Advanced_Exploitation_of_Internet_Explorer_HeapOv_CVE-2012--1876.php 2012.  VUPEN Security. Advanced exploitation of internet explorer heap overflow (pwn2own 2012 exploit). http:\/\/www.vupen.com\/blog\/20120710.Advanced_Exploitation_of_Internet_Explorer_HeapOv_CVE-2012--1876.php 2012."},{"key":"e_1_3_2_1_53_1","doi-asserted-by":"publisher","DOI":"10.1145\/168619.168635"},{"key":"e_1_3_2_1_54_1","doi-asserted-by":"publisher","DOI":"10.1145\/2382196.2382216"},{"key":"e_1_3_2_1_55_1","unstructured":"Web Hypertext Application Technology Working Group (WHATWG). Chapter 10 - Web workers 2015.  Web Hypertext Application Technology Working Group (WHATWG). Chapter 10 - Web workers 2015."},{"key":"e_1_3_2_1_56_1","volume-title":"Black Hat","author":"Yunhai Z.","year":"2015","unstructured":"Z. Yunhai . Bypass control flow guard comprehensively. In Black Hat , BH US , 2015 . Z. Yunhai. Bypass control flow guard comprehensively. In Black Hat, BH US, 2015."},{"key":"e_1_3_2_1_57_1","volume-title":"22nd USENIX Security Symposium, USENIX Sec","author":"Zeng B.","year":"2013","unstructured":"B. Zeng , G. Tan , and U. Erlingsson . Strato: A retargetable framework for low-level inlined-reference monitors . In 22nd USENIX Security Symposium, USENIX Sec , 2013 . B. Zeng, G. Tan, and U. Erlingsson. Strato: A retargetable framework for low-level inlined-reference monitors. In 22nd USENIX Security Symposium, USENIX Sec, 2013."},{"key":"e_1_3_2_1_58_1","doi-asserted-by":"publisher","DOI":"10.1109\/SP.2013.44"},{"key":"e_1_3_2_1_59_1","volume-title":"22nd USENIX Security Symposium, USENIX Sec","author":"Zhang M.","year":"2013","unstructured":"M. Zhang and R. Sekar . Control flow integrity for COTS binaries . In 22nd USENIX Security Symposium, USENIX Sec , 2013 . M. Zhang and R. Sekar. Control flow integrity for COTS binaries. In 22nd USENIX Security Symposium, USENIX Sec, 2013."}],"event":{"name":"CCS'15: The 22nd ACM Conference on Computer and Communications Security","location":"Denver Colorado USA","acronym":"CCS'15","sponsor":["SIGSAC ACM Special Interest Group on Security, Audit, and Control"]},"container-title":["Proceedings of the 22nd ACM SIGSAC Conference on Computer and Communications Security"],"original-title":[],"link":[{"URL":"https:\/\/dl.acm.org\/doi\/10.1145\/2810103.2813671","content-type":"unspecified","content-version":"vor","intended-application":"text-mining"},{"URL":"https:\/\/dl.acm.org\/doi\/pdf\/10.1145\/2810103.2813671","content-type":"unspecified","content-version":"vor","intended-application":"similarity-checking"}],"deposited":{"date-parts":[[2025,6,18]],"date-time":"2025-06-18T05:48:24Z","timestamp":1750225704000},"score":1,"resource":{"primary":{"URL":"https:\/\/dl.acm.org\/doi\/10.1145\/2810103.2813671"}},"subtitle":["On the Effectiveness of Control-Flow Integrity under Stack Attacks"],"short-title":[],"issued":{"date-parts":[[2015,10,12]]},"references-count":59,"alternative-id":["10.1145\/2810103.2813671","10.1145\/2810103"],"URL":"https:\/\/doi.org\/10.1145\/2810103.2813671","relation":{},"subject":[],"published":{"date-parts":[[2015,10,12]]},"assertion":[{"value":"2015-10-12","order":2,"name":"published","label":"Published","group":{"name":"publication_history","label":"Publication History"}}]}}