{"status":"ok","message-type":"work","message-version":"1.0.0","message":{"indexed":{"date-parts":[[2026,6,9]],"date-time":"2026-06-09T08:46:16Z","timestamp":1780994776838,"version":"3.54.1"},"publisher-location":"New York, NY, USA","reference-count":59,"publisher":"ACM","license":[{"start":{"date-parts":[[2015,12,7]],"date-time":"2015-12-07T00:00:00Z","timestamp":1449446400000},"content-version":"vor","delay-in-days":0,"URL":"https:\/\/www.acm.org\/publications\/policies\/copyright_policy#Background"}],"funder":[{"DOI":"10.13039\/100000001","name":"National Science Foundation","doi-asserted-by":"publisher","award":["CNS-0831298, CNS-1319137"],"award-info":[{"award-number":["CNS-0831298, CNS-1319137"]}],"id":[{"id":"10.13039\/100000001","id-type":"DOI","asserted-by":"publisher"}]}],"content-domain":{"domain":["dl.acm.org"],"crossmark-restriction":true},"short-container-title":[],"published-print":{"date-parts":[[2015,12,7]]},"DOI":"10.1145\/2818000.2818021","type":"proceedings-article","created":{"date-parts":[[2015,12,11]],"date-time":"2015-12-11T17:06:08Z","timestamp":1449853568000},"page":"101-110","update-policy":"https:\/\/doi.org\/10.1145\/crossmark-policy","source":"Crossref","is-referenced-by-count":18,"title":["A Principled Approach for ROP Defense"],"prefix":"10.1145","author":[{"given":"Rui","family":"Qiao","sequence":"first","affiliation":[{"name":"Stony Brook University"}],"role":[{"vocabulary":"crossref","role":"author"}]},{"given":"Mingwei","family":"Zhang","sequence":"additional","affiliation":[{"name":"Intel Labs"}],"role":[{"vocabulary":"crossref","role":"author"}]},{"given":"R.","family":"Sekar","sequence":"additional","affiliation":[{"name":"Stony Brook University"}],"role":[{"vocabulary":"crossref","role":"author"}]}],"member":"320","published-online":{"date-parts":[[2015,12,7]]},"reference":[{"key":"e_1_3_2_1_1_1","unstructured":"HT\n   editor 2.0.20 - buffer overflow (ROP PoC). https:\/\/www.exploit-db.com\/exploits\/22683\/.  HT editor 2.0.20 - buffer overflow (ROP PoC). https:\/\/www.exploit-db.com\/exploits\/22683\/."},{"key":"e_1_3_2_1_2_1","doi-asserted-by":"publisher","DOI":"10.1145\/1102120.1102165"},{"key":"e_1_3_2_1_3_1","volume-title":"USENIX Security","author":"Akritidis P.","year":"2009","unstructured":"P. Akritidis , M. Costa , M. Castro , and S. Hand . Baggy bounds checking: An efficient and backwards-compatible defense against out-of-bounds errors . In USENIX Security , 2009 . P. Akritidis, M. Costa, M. Castro, and S. Hand. Baggy bounds checking: An efficient and backwards-compatible defense against out-of-bounds errors. In USENIX Security, 2009."},{"key":"e_1_3_2_1_4_1","volume-title":"USENIX Security Symposium","author":"Backes M.","year":"2014","unstructured":"M. Backes and S. N\u00fcrnberger . Oxymoron: Making fine-grained memory randomization practical by allowing code sharing . In USENIX Security Symposium , 2014 . M. Backes and S. N\u00fcrnberger. Oxymoron: Making fine-grained memory randomization practical by allowing code sharing. In USENIX Security Symposium, 2014."},{"key":"e_1_3_2_1_5_1","volume-title":"USENIX Security Symposium","author":"Carlini N.","year":"2015","unstructured":"N. Carlini , A. Barresi , M. Payer , D. Wagner , and T. R. Gross . Control-flow bending: On the effectiveness of control-flow integrity . In USENIX Security Symposium , 2015 . N. Carlini, A. Barresi, M. Payer, D. Wagner, and T. R. Gross. Control-flow bending: On the effectiveness of control-flow integrity. In USENIX Security Symposium, 2015."},{"key":"e_1_3_2_1_6_1","volume-title":"USENIX Security Symposium","author":"Carlini N.","year":"2014","unstructured":"N. Carlini and D. Wagner . ROP is still dangerous: Breaking modern defenses . In USENIX Security Symposium , 2014 . N. Carlini and D. Wagner. ROP is still dangerous: Breaking modern defenses. In USENIX Security Symposium, 2014."},{"key":"e_1_3_2_1_7_1","doi-asserted-by":"publisher","DOI":"10.14722\/ndss.2014.23156"},{"key":"e_1_3_2_1_8_1","volume-title":"International Conference on Distributed Computing Systems","author":"Chiueh T.-c.","year":"2001","unstructured":"T.-c. Chiueh and F.-H. Hsu . RAD : A compile-time solution to buffer overflow attacks . In International Conference on Distributed Computing Systems , 2001 . T.-c. Chiueh and F.-H. Hsu. RAD: A compile-time solution to buffer overflow attacks. In International Conference on Distributed Computing Systems, 2001."},{"key":"e_1_3_2_1_9_1","volume-title":"USENIX Annual Technical Conference","author":"Chiueh T.-c.","year":"2003","unstructured":"T.-c. Chiueh and M. Prasad . A binary rewriting defense against stack based overflow attacks . In USENIX Annual Technical Conference , 2003 . T.-c. Chiueh and M. Prasad. A binary rewriting defense against stack based overflow attacks. In USENIX Annual Technical Conference, 2003."},{"key":"e_1_3_2_1_10_1","doi-asserted-by":"publisher","DOI":"10.1145\/2810103.2813671"},{"key":"e_1_3_2_1_11_1","doi-asserted-by":"publisher","DOI":"10.1145\/1055626.1055636"},{"key":"e_1_3_2_1_12_1","volume-title":"Readactor: Practical code randomization resilient to memory disclosure","author":"Crane S.","year":"2015","unstructured":"S. Crane , C. Liebchen , A. Homescu , L. Davi , P. Larsen , A.-R. Sadeghi , S. Brunthaler , and M. Franz . Readactor: Practical code randomization resilient to memory disclosure . In IEEE Security and Privacy , 2015 . S. Crane, C. Liebchen, A. Homescu, L. Davi, P. Larsen, A.-R. Sadeghi, S. Brunthaler, and M. Franz. Readactor: Practical code randomization resilient to memory disclosure. In IEEE Security and Privacy, 2015."},{"key":"e_1_3_2_1_13_1","doi-asserted-by":"publisher","DOI":"10.1145\/2714576.2714635"},{"key":"e_1_3_2_1_14_1","doi-asserted-by":"publisher","DOI":"10.1145\/2744769.2744847"},{"key":"e_1_3_2_1_15_1","doi-asserted-by":"publisher","DOI":"10.14722\/ndss.2015.23262"},{"key":"e_1_3_2_1_16_1","volume-title":"USENIX Security Symposium","author":"Davi L.","year":"2014","unstructured":"L. Davi , A.-R. Sadeghi , D. Lehmann , and F. Monrose . Stitching the gadgets: On the ineffectiveness of coarse-grained control-flow integrity protection . In USENIX Security Symposium , 2014 . L. Davi, A.-R. Sadeghi, D. Lehmann, and F. Monrose. Stitching the gadgets: On the ineffectiveness of coarse-grained control-flow integrity protection. In USENIX Security Symposium, 2014."},{"key":"e_1_3_2_1_17_1","doi-asserted-by":"publisher","DOI":"10.1145\/1966913.1966920"},{"key":"e_1_3_2_1_18_1","doi-asserted-by":"publisher","DOI":"10.1145\/2484313.2484351"},{"key":"e_1_3_2_1_19_1","doi-asserted-by":"publisher","DOI":"10.1145\/2810103.2813646"},{"key":"e_1_3_2_1_20_1","doi-asserted-by":"publisher","DOI":"10.1145\/2664243.2664249"},{"key":"e_1_3_2_1_21_1","volume-title":"Out of Control: Overcoming control-flow integrity","author":"G\u00f6kta\u015f E.","year":"2014","unstructured":"E. G\u00f6kta\u015f , E. Athanasopoulos , H. Bos , and G. Portokalidis . Out of Control: Overcoming control-flow integrity . In IEEE Security and Privacy , 2014 . E. G\u00f6kta\u015f, E. Athanasopoulos, H. Bos, and G. Portokalidis. Out of Control: Overcoming control-flow integrity. In IEEE Security and Privacy, 2014."},{"key":"e_1_3_2_1_22_1","volume-title":"USENIX Security Symposium","author":"G\u00f6kta\u015f E.","year":"2014","unstructured":"E. G\u00f6kta\u015f , E. Athanasopoulos , M. Polychronakis , H. Bos , and G. Portokalidis . Size does matter: Why using gadget-chain length to prevent code-reuse attacks is hard . In USENIX Security Symposium , 2014 . E. G\u00f6kta\u015f, E. Athanasopoulos, M. Polychronakis, H. Bos, and G. Portokalidis. Size does matter: Why using gadget-chain length to prevent code-reuse attacks is hard. In USENIX Security Symposium, 2014."},{"key":"e_1_3_2_1_23_1","volume-title":"Stony Brook University","author":"Hasabnis N.","year":"2015","unstructured":"N. Hasabnis . Automatic Synthesis of Instruction Set Semantics and its Applications. PhD thesis , Stony Brook University , 2015 . N. Hasabnis. Automatic Synthesis of Instruction Set Semantics and its Applications. PhD thesis, Stony Brook University, 2015."},{"key":"e_1_3_2_1_24_1","doi-asserted-by":"publisher","DOI":"10.1145\/2259016.2259034"},{"key":"e_1_3_2_1_25_1","volume-title":"Workshop on Architectural and Microarchitectural Support for Binary Translation","author":"Hasabnis N.","year":"2015","unstructured":"N. Hasabnis and R. Sekar . Automatic generation of assembly to IR translators using compilers . In Workshop on Architectural and Microarchitectural Support for Binary Translation , 2015 . N. Hasabnis and R. Sekar. Automatic generation of assembly to IR translators using compilers. In Workshop on Architectural and Microarchitectural Support for Binary Translation, 2015."},{"key":"e_1_3_2_1_26_1","volume-title":"Secure Systems Lab","author":"Hasabnis N.","year":"2015","unstructured":"N. Hasabnis and R. Sekar . Lifting assembly to intermediate representation: A novel approach leveraging compilers. Technical report , Secure Systems Lab , Stony Brook University , 2015 . N. Hasabnis and R. Sekar. Lifting assembly to intermediate representation: A novel approach leveraging compilers. Technical report, Secure Systems Lab, Stony Brook University, 2015."},{"key":"e_1_3_2_1_27_1","doi-asserted-by":"publisher","DOI":"10.1109\/SP.2012.39"},{"key":"e_1_3_2_1_28_1","doi-asserted-by":"publisher","DOI":"10.14722\/ndss.2014.23287"},{"key":"e_1_3_2_1_29_1","volume-title":"AADEBUG","author":"Jones R. W. M.","year":"1997","unstructured":"R. W. M. Jones , P. H. J. Kelly , M. C, and U. Errors . Backwards-compatible bounds checking for arrays and pointers in C programs . In AADEBUG , 1997 . R. W. M. Jones, P. H. J. Kelly, M. C, and U. Errors. Backwards-compatible bounds checking for arrays and pointers in C programs. In AADEBUG, 1997."},{"key":"e_1_3_2_1_30_1","volume-title":"USENIX Symposium on Operating Systems Design and Implementation","author":"Kuznetsov V.","year":"2014","unstructured":"V. Kuznetsov , L. Szekeres , M. Payer , G. Candea , R. Sekar , and D. Song . Code-pointer integrity . In USENIX Symposium on Operating Systems Design and Implementation , 2014 . V. Kuznetsov, L. Szekeres, M. Payer, G. Candea, R. Sekar, and D. Song. Code-pointer integrity. In USENIX Symposium on Operating Systems Design and Implementation, 2014."},{"key":"e_1_3_2_1_31_1","unstructured":"longld. Payload already inside: Data reuse for rop exploits. https:\/\/media.blackhat.com\/bh-us-10\/whitepapers\/Le\/BlackHat-USA-2010-Le-Paper-Payload-already-inside-data-reuse-for-ROP-exploits-wp.pdf.  longld. Payload already inside: Data reuse for rop exploits. https:\/\/media.blackhat.com\/bh-us-10\/whitepapers\/Le\/BlackHat-USA-2010-Le-Paper-Payload-already-inside-data-reuse-for-ROP-exploits-wp.pdf."},{"key":"e_1_3_2_1_32_1","doi-asserted-by":"publisher","DOI":"10.1145\/2810103.2813676"},{"key":"e_1_3_2_1_33_1","doi-asserted-by":"publisher","DOI":"10.14722\/ndss.2015.23271"},{"key":"e_1_3_2_1_34_1","doi-asserted-by":"publisher","DOI":"10.1145\/1542476.1542504"},{"key":"e_1_3_2_1_35_1","doi-asserted-by":"publisher","DOI":"10.1145\/2594291.2594295"},{"key":"e_1_3_2_1_36_1","doi-asserted-by":"publisher","DOI":"10.1145\/2660267.2660281"},{"key":"e_1_3_2_1_37_1","doi-asserted-by":"publisher","DOI":"10.1145\/2810103.2813644"},{"key":"e_1_3_2_1_38_1","doi-asserted-by":"publisher","DOI":"10.1145\/1920261.1920269"},{"key":"e_1_3_2_1_39_1","doi-asserted-by":"publisher","DOI":"10.1109\/SP.2012.41"},{"key":"e_1_3_2_1_40_1","volume-title":"USENIX Security Symposium","author":"Pappas V.","year":"2013","unstructured":"V. Pappas , M. Polychronakis , and A. D. Keromytis . Transparent ROP exploit mitigation using indirect branch tracing . In USENIX Security Symposium , 2013 . V. Pappas, M. Polychronakis, and A. D. Keromytis. Transparent ROP exploit mitigation using indirect branch tracing. In USENIX Security Symposium, 2013."},{"key":"e_1_3_2_1_41_1","doi-asserted-by":"publisher","DOI":"10.1007\/978-3-319-20550-2_8"},{"key":"e_1_3_2_1_42_1","doi-asserted-by":"publisher","DOI":"10.1109\/SP.2012.11"},{"key":"e_1_3_2_1_43_1","doi-asserted-by":"publisher","DOI":"10.14722\/ndss.2015.23297"},{"key":"e_1_3_2_1_44_1","doi-asserted-by":"publisher","DOI":"10.1145\/1356058.1356069"},{"key":"e_1_3_2_1_45_1","volume-title":"Counterfeit object-oriented programming: On the difficulty of preventing code reuse attacks in C++ applications","author":"Schuster F.","year":"2015","unstructured":"F. Schuster , T. Tendyck , C. Liebchen , L. Davi , A.-R. Sadeghi , and T. Holz . Counterfeit object-oriented programming: On the difficulty of preventing code reuse attacks in C++ applications . In IEEE Security and Privacy , 2015 . F. Schuster, T. Tendyck, C. Liebchen, L. Davi, A.-R. Sadeghi, and T. Holz. Counterfeit object-oriented programming: On the difficulty of preventing code reuse attacks in C++ applications. In IEEE Security and Privacy, 2015."},{"key":"e_1_3_2_1_46_1","doi-asserted-by":"publisher","DOI":"10.1145\/1315245.1315313"},{"key":"e_1_3_2_1_47_1","volume-title":"fai Wong. Transparent runtime shadow stack: Protection against malicious return address modifications","author":"Sinnadurai S.","year":"2008","unstructured":"S. Sinnadurai , Q. Zhao , and W. fai Wong. Transparent runtime shadow stack: Protection against malicious return address modifications , 2008 . S. Sinnadurai, Q. Zhao, and W. fai Wong. Transparent runtime shadow stack: Protection against malicious return address modifications, 2008."},{"key":"e_1_3_2_1_48_1","doi-asserted-by":"publisher","DOI":"10.1109\/SP.2013.45"},{"key":"e_1_3_2_1_49_1","doi-asserted-by":"publisher","DOI":"10.1109\/SP.2013.13"},{"key":"e_1_3_2_1_50_1","volume-title":"USENIX Security Symposium","author":"Tice C.","year":"2014","unstructured":"C. Tice , T. Roeder , P. Collingbourne , S. Checkoway , U. Erlingsson , L. Lozano , and G. Pike . Enforcing forward-edge control-flow integrity in GCC & LLVM . In USENIX Security Symposium , 2014 . C. Tice, T. Roeder, P. Collingbourne, S. Checkoway, U. Erlingsson, L. Lozano, and G. Pike. Enforcing forward-edge control-flow integrity in GCC & LLVM. In USENIX Security Symposium, 2014."},{"key":"e_1_3_2_1_51_1","doi-asserted-by":"publisher","DOI":"10.1145\/2810103.2813673"},{"key":"e_1_3_2_1_52_1","doi-asserted-by":"publisher","DOI":"10.1145\/2382196.2382216"},{"key":"e_1_3_2_1_53_1","doi-asserted-by":"publisher","DOI":"10.1145\/1029894.1029913"},{"key":"e_1_3_2_1_54_1","doi-asserted-by":"publisher","DOI":"10.1145\/1755688.1755707"},{"key":"e_1_3_2_1_55_1","doi-asserted-by":"publisher","DOI":"10.1145\/2046707.2046713"},{"key":"e_1_3_2_1_56_1","volume-title":"Annual Network and Distributed System Security Symposium","author":"Zhang C.","year":"2015","unstructured":"C. Zhang , C. Song , K. Z. Chen , Z. Chen , and D. Song . VTint: Defending virtual function tables' integrity . In Annual Network and Distributed System Security Symposium , 2015 . C. Zhang, C. Song, K. Z. Chen, Z. Chen, and D. Song. VTint: Defending virtual function tables' integrity. In Annual Network and Distributed System Security Symposium, 2015."},{"key":"e_1_3_2_1_57_1","doi-asserted-by":"publisher","DOI":"10.1109\/SP.2013.44"},{"key":"e_1_3_2_1_58_1","doi-asserted-by":"publisher","DOI":"10.1145\/2576195.2576208"},{"key":"e_1_3_2_1_59_1","volume-title":"USENIX Security Symposium","author":"Zhang M.","year":"2013","unstructured":"M. Zhang and R. Sekar . Control flow integrity for COTS binaries . In USENIX Security Symposium , 2013 . M. Zhang and R. Sekar. Control flow integrity for COTS binaries. In USENIX Security Symposium, 2013."}],"event":{"name":"ACSAC 2015: 2015 Annual Computer Security Applications Conference","location":"Los Angeles CA USA","acronym":"ACSAC 2015","sponsor":["ACSA Applied Computing Security Assoc"]},"container-title":["Proceedings of the 31st Annual Computer Security Applications Conference"],"original-title":[],"link":[{"URL":"https:\/\/dl.acm.org\/doi\/10.1145\/2818000.2818021","content-type":"unspecified","content-version":"vor","intended-application":"text-mining"},{"URL":"https:\/\/dl.acm.org\/doi\/pdf\/10.1145\/2818000.2818021","content-type":"unspecified","content-version":"vor","intended-application":"similarity-checking"}],"deposited":{"date-parts":[[2025,6,18]],"date-time":"2025-06-18T05:43:26Z","timestamp":1750225406000},"score":1,"resource":{"primary":{"URL":"https:\/\/dl.acm.org\/doi\/10.1145\/2818000.2818021"}},"subtitle":[],"short-title":[],"issued":{"date-parts":[[2015,12,7]]},"references-count":59,"alternative-id":["10.1145\/2818000.2818021","10.1145\/2818000"],"URL":"https:\/\/doi.org\/10.1145\/2818000.2818021","relation":{},"subject":[],"published":{"date-parts":[[2015,12,7]]},"assertion":[{"value":"2015-12-07","order":2,"name":"published","label":"Published","group":{"name":"publication_history","label":"Publication History"}}]}}