{"status":"ok","message-type":"work","message-version":"1.0.0","message":{"indexed":{"date-parts":[[2025,8,24]],"date-time":"2025-08-24T01:19:28Z","timestamp":1755998368917,"version":"3.41.0"},"publisher-location":"New York, NY, USA","reference-count":42,"publisher":"ACM","license":[{"start":{"date-parts":[[2015,12,7]],"date-time":"2015-12-07T00:00:00Z","timestamp":1449446400000},"content-version":"vor","delay-in-days":0,"URL":"https:\/\/www.acm.org\/publications\/policies\/copyright_policy#Background"}],"content-domain":{"domain":["dl.acm.org"],"crossmark-restriction":true},"short-container-title":[],"published-print":{"date-parts":[[2015,12,7]]},"DOI":"10.1145\/2818000.2818023","type":"proceedings-article","created":{"date-parts":[[2015,12,11]],"date-time":"2015-12-11T17:06:08Z","timestamp":1449853568000},"page":"111-120","update-policy":"https:\/\/doi.org\/10.1145\/crossmark-policy","source":"Crossref","is-referenced-by-count":17,"title":["Defeating ROP Through Denial of Stack Pivot"],"prefix":"10.1145","author":[{"given":"Aravind","family":"Prakash","sequence":"first","affiliation":[{"name":"Binghamton University"}]},{"given":"Heng","family":"Yin","sequence":"additional","affiliation":[{"name":"Syracuse University"}]}],"member":"320","published-online":{"date-parts":[[2015,12,7]]},"reference":[{"key":"e_1_3_2_1_1_1","unstructured":"Metasploit penetration testing framework. http:\/\/http:\/\/www.metasploit.com\/.  Metasploit penetration testing framework. http:\/\/http:\/\/www.metasploit.com\/."},{"key":"e_1_3_2_1_2_1","volume-title":"August","author":"Mitigation Experience Toolkit Microsoft Enhanced","year":"2014","unstructured":"Microsoft Enhanced Mitigation Experience Toolkit . http:\/\/support.microsoft.com\/kb\/2458544 , August 2014 . Microsoft Enhanced Mitigation Experience Toolkit. http:\/\/support.microsoft.com\/kb\/2458544, August 2014."},{"key":"e_1_3_2_1_3_1","doi-asserted-by":"publisher","DOI":"10.1145\/1102120.1102165"},{"key":"e_1_3_2_1_4_1","first-page":"105","volume-title":"USENIX Security","volume":"3","author":"Bhatkar S.","year":"2003","unstructured":"S. Bhatkar , D. C. DuVarney , and R. Sekar . Address Obfuscation: An Efficient Approach to Combat a Broad Range of Memory Error Exploits . In USENIX Security , volume 3 , pages 105 -- 120 , 2003 . S. Bhatkar, D. C. DuVarney, and R. Sekar. Address Obfuscation: An Efficient Approach to Combat a Broad Range of Memory Error Exploits. In USENIX Security, volume 3, pages 105--120, 2003."},{"key":"e_1_3_2_1_5_1","doi-asserted-by":"publisher","DOI":"10.1007\/978-3-540-70542-0_1"},{"key":"e_1_3_2_1_6_1","doi-asserted-by":"publisher","DOI":"10.1109\/SP.2014.22"},{"key":"e_1_3_2_1_7_1","doi-asserted-by":"publisher","DOI":"10.1145\/1966913.1966919"},{"key":"e_1_3_2_1_8_1","volume-title":"23rd USENIX Security Symposium (USENIX Security'14)","author":"Carlini N.","year":"2014","unstructured":"N. Carlini and D. Wagner . ROP is still dangerous: Breaking modern defenses . In 23rd USENIX Security Symposium (USENIX Security'14) , 2014 . N. Carlini and D. Wagner. ROP is still dangerous: Breaking modern defenses. In 23rd USENIX Security Symposium (USENIX Security'14), 2014."},{"key":"e_1_3_2_1_9_1","doi-asserted-by":"publisher","DOI":"10.1145\/1866307.1866370"},{"volume-title":"Proceedings of the 22nd Annual Network and Distributed System Security Symposium (NDSS'15)","author":"Chen X.","key":"e_1_3_2_1_10_1","unstructured":"X. Chen , A. Slowinska , D. Andriesse , H. Bos , and C. Giuffrida . Stackarmor: Comprehensive protection from stack-based memory error vulnerabilities for binaries . In Proceedings of the 22nd Annual Network and Distributed System Security Symposium (NDSS'15) . X. Chen, A. Slowinska, D. Andriesse, H. Bos, and C. Giuffrida. Stackarmor: Comprehensive protection from stack-based memory error vulnerabilities for binaries. In Proceedings of the 22nd Annual Network and Distributed System Security Symposium (NDSS'15)."},{"key":"e_1_3_2_1_11_1","doi-asserted-by":"publisher","DOI":"10.14722\/ndss.2014.23156"},{"key":"e_1_3_2_1_13_1","first-page":"63","volume-title":"Usenix Security","volume":"98","author":"Cowan C.","year":"1998","unstructured":"C. Cowan , C. Pu , D. Maier , J. Walpole , P. Bakke , S. Beattie , A. Grier , P. Wagle , Q. Zhang , and H. Hinton . Stackguard: Automatic adaptive detection and prevention of buffer-overflow attacks . In Usenix Security , volume 98 , pages 63 -- 78 , 1998 . C. Cowan, C. Pu, D. Maier, J. Walpole, P. Bakke, S. Beattie, A. Grier, P. Wagle, Q. Zhang, and H. Hinton. Stackguard: Automatic adaptive detection and prevention of buffer-overflow attacks. In Usenix Security, volume 98, pages 63--78, 1998."},{"key":"e_1_3_2_1_14_1","doi-asserted-by":"publisher","DOI":"10.1109\/SP.2014.26"},{"key":"e_1_3_2_1_15_1","doi-asserted-by":"publisher","DOI":"10.1145\/2714576.2714635"},{"key":"e_1_3_2_1_16_1","volume-title":"Proceedings of the 19th Annual Network and Distributed System Security Symposium (NDSS'12)","author":"Davi L.","year":"2012","unstructured":"L. Davi , A. Dmitrienko , M. Egele , T. Fischer , T. Holz , R. Hund , S. N\u00fcrnberger , and A.-r. Sadeghi . MoCFI : A framework to mitigate control-flow attacks on smartphones . In Proceedings of the 19th Annual Network and Distributed System Security Symposium (NDSS'12) , 2012 . L. Davi, A. Dmitrienko, M. Egele, T. Fischer, T. Holz, R. Hund, S. N\u00fcrnberger, and A.-r. Sadeghi. MoCFI: A framework to mitigate control-flow attacks on smartphones. In Proceedings of the 19th Annual Network and Distributed System Security Symposium (NDSS'12), 2012."},{"volume-title":"Symposium on Network and Distributed System Security (NDSS'15)","author":"Davi L.","key":"e_1_3_2_1_17_1","unstructured":"L. Davi , C. Liebchen , A.-R. Sadeghi , K. Z. Snow , and F. Monrose . Isomeron: Code Randomization Resilient to (Just-In-Time) Return-Oriented Programming . In Symposium on Network and Distributed System Security (NDSS'15) . L. Davi, C. Liebchen, A.-R. Sadeghi, K. Z. Snow, and F. Monrose. Isomeron: Code Randomization Resilient to (Just-In-Time) Return-Oriented Programming. In Symposium on Network and Distributed System Security (NDSS'15)."},{"key":"e_1_3_2_1_18_1","first-page":"4","volume":"2014","author":"J","unstructured":"J . DeMott. Bypassing EMET 4.1. https:\/\/bromiumlabs.files.wordpress.com\/ 2014\/02 \/bypassing-emet- 4 - 1 .pdf. J. DeMott. Bypassing EMET 4.1. https:\/\/bromiumlabs.files.wordpress.com\/2014\/02\/bypassing-emet-4-1.pdf.","journal-title":"DeMott. Bypassing EMET 4.1. https:\/\/bromiumlabs.files.wordpress.com\/"},{"key":"e_1_3_2_1_19_1","unstructured":"E. Eng and D. Caselden. Operation Clandestine Wolf -- Adobe Flash Zero-Day in APT3 Phishing Campaign. https:\/\/www.fireeye.com\/blog\/threat-research\/2015\/06\/operation-clandestine-wolf-adobe-flash-zero-day.html.  E. Eng and D. Caselden. Operation Clandestine Wolf -- Adobe Flash Zero-Day in APT3 Phishing Campaign. https:\/\/www.fireeye.com\/blog\/threat-research\/2015\/06\/operation-clandestine-wolf-adobe-flash-zero-day.html."},{"key":"e_1_3_2_1_20_1","volume-title":"http:\/\/ropguard.googlecode.com\/svn-history\/r2\/trunk\/doc\/ropguard.pdf","author":"Fratric I.","year":"2014","unstructured":"I. Fratric . Runtime prevention of return-oriented programming attacks. http:\/\/ropguard.googlecode.com\/svn-history\/r2\/trunk\/doc\/ropguard.pdf , 2014 . I. Fratric. Runtime prevention of return-oriented programming attacks. http:\/\/ropguard.googlecode.com\/svn-history\/r2\/trunk\/doc\/ropguard.pdf, 2014."},{"key":"e_1_3_2_1_21_1","doi-asserted-by":"publisher","DOI":"10.1109\/SP.2014.43"},{"key":"e_1_3_2_1_22_1","doi-asserted-by":"publisher","DOI":"10.14722\/ndss.2014.23287"},{"key":"e_1_3_2_1_23_1","first-page":"275","volume-title":"Cyclone: A Safe Dialect of C. In USENIX Annual Technical Conference, General Track","author":"Jim T.","year":"2002","unstructured":"T. Jim , J. G. Morrisett , D. Grossman , M. W. Hicks , J. Cheney , and Y. Wang . Cyclone: A Safe Dialect of C. In USENIX Annual Technical Conference, General Track , pages 275 -- 288 , 2002 . T. Jim, J. G. Morrisett, D. Grossman, M. W. Hicks, J. Cheney, and Y. Wang. Cyclone: A Safe Dialect of C. In USENIX Annual Technical Conference, General Track, pages 275--288, 2002."},{"key":"e_1_3_2_1_24_1","volume-title":"Code-Pointer Integrity. In USENIX Symposium on Operating Systems Design and Implementation (OSDI)","author":"Kuznetsov V.","year":"2014","unstructured":"V. Kuznetsov , L. Szekeres , M. Payer , G. Candea , R. Sekar , and D. Song . Code-Pointer Integrity. In USENIX Symposium on Operating Systems Design and Implementation (OSDI) , 2014 . V. Kuznetsov, L. Szekeres, M. Payer, G. Candea, R. Sekar, and D. Song. Code-Pointer Integrity. In USENIX Symposium on Operating Systems Design and Implementation (OSDI), 2014."},{"key":"e_1_3_2_1_25_1","doi-asserted-by":"publisher","DOI":"10.14722\/ndss.2015.23288"},{"key":"e_1_3_2_1_26_1","doi-asserted-by":"publisher","DOI":"10.14722\/ndss.2015.23271"},{"key":"e_1_3_2_1_27_1","doi-asserted-by":"publisher","DOI":"10.1145\/1920261.1920269"},{"key":"e_1_3_2_1_28_1","doi-asserted-by":"publisher","DOI":"10.1109\/SP.2012.41"},{"key":"e_1_3_2_1_29_1","volume-title":"USENIX Security","author":"Pappas V.","year":"2013","unstructured":"V. Pappas , M. Polychronakis , and A. D. Keromytis . Transparent ROP Exploit Mitigation Using Indirect Branch Tracing . In USENIX Security , 2013 . V. Pappas, M. Polychronakis, and A. D. Keromytis. Transparent ROP Exploit Mitigation Using Indirect Branch Tracing. In USENIX Security, 2013."},{"key":"e_1_3_2_1_30_1","doi-asserted-by":"publisher","DOI":"10.14722\/ndss.2015.23297"},{"key":"e_1_3_2_1_31_1","doi-asserted-by":"publisher","DOI":"10.1145\/2484313.2484352"},{"key":"e_1_3_2_1_32_1","doi-asserted-by":"publisher","DOI":"10.1145\/1315245.1315313"},{"key":"e_1_3_2_1_33_1","doi-asserted-by":"publisher","DOI":"10.1145\/1030083.1030124"},{"key":"e_1_3_2_1_34_1","doi-asserted-by":"publisher","DOI":"10.1109\/SP.2015.51"},{"key":"e_1_3_2_1_35_1","doi-asserted-by":"publisher","DOI":"10.1109\/SP.2013.45"},{"key":"e_1_3_2_1_36_1","unstructured":"P. team. PaX: Address space alyout randomization (ASLR). http:\/\/pax.grsecurity.net\/docs\/aslr.txt 2003.  P. team. PaX: Address space alyout randomization (ASLR). http:\/\/pax.grsecurity.net\/docs\/aslr.txt 2003."},{"key":"e_1_3_2_1_37_1","first-page":"941","volume-title":"Proceedings of 23rd USENIX Security Symposium (USENIX Security'14)","author":"Tice C.","year":"2014","unstructured":"C. Tice , T. Roeder , P. Collingbourne , S. Checkoway , \u00da. Erlingsson, L. Lozano , and G. Pike . Enforcing Forward-Edge Control-Flow Integrity in GCC & LLVM . In Proceedings of 23rd USENIX Security Symposium (USENIX Security'14) , pages 941 -- 955 , 2014 . C. Tice, T. Roeder, P. Collingbourne, S. Checkoway, \u00da. Erlingsson, L. Lozano, and G. Pike. Enforcing Forward-Edge Control-Flow Integrity in GCC & LLVM. In Proceedings of 23rd USENIX Security Symposium (USENIX Security'14), pages 941--955, 2014."},{"key":"e_1_3_2_1_38_1","first-page":"2000","volume-title":"NDSS","author":"Wagner D.","year":"2000","unstructured":"D. Wagner , J. S. Foster , E. A. Brewer , and A. Aiken . A First Step Towards Automated Detection of Buffer Overrun Vulnerabilities . In NDSS , pages 2000 -- 2002 , 2000 . D. Wagner, J. S. Foster, E. A. Brewer, and A. Aiken. A First Step Towards Automated Detection of Buffer Overrun Vulnerabilities. In NDSS, pages 2000--02, 2000."},{"key":"e_1_3_2_1_39_1","doi-asserted-by":"publisher","DOI":"10.1109\/SP.2010.30"},{"key":"e_1_3_2_1_40_1","doi-asserted-by":"publisher","DOI":"10.1145\/2382196.2382216"},{"key":"e_1_3_2_1_41_1","doi-asserted-by":"publisher","DOI":"10.5555\/1544138.1544141"},{"key":"e_1_3_2_1_42_1","doi-asserted-by":"publisher","DOI":"10.1109\/SP.2013.44"},{"key":"e_1_3_2_1_43_1","first-page":"337","volume-title":"Proceedings of the 22nd USENIX Security Symposium (Usenix Security'13)","author":"Zhang M.","year":"2013","unstructured":"M. Zhang and R. Sekar . Control flow integrity for COTS binaries . In Proceedings of the 22nd USENIX Security Symposium (Usenix Security'13) , pages 337 -- 352 , 2013 . M. Zhang and R. Sekar. Control flow integrity for COTS binaries. In Proceedings of the 22nd USENIX Security Symposium (Usenix Security'13), pages 337--352, 2013."}],"event":{"name":"ACSAC 2015: 2015 Annual Computer Security Applications Conference","sponsor":["ACSA Applied Computing Security Assoc"],"location":"Los Angeles CA USA","acronym":"ACSAC 2015"},"container-title":["Proceedings of the 31st Annual Computer Security Applications Conference"],"original-title":[],"link":[{"URL":"https:\/\/dl.acm.org\/doi\/10.1145\/2818000.2818023","content-type":"unspecified","content-version":"vor","intended-application":"text-mining"},{"URL":"https:\/\/dl.acm.org\/doi\/pdf\/10.1145\/2818000.2818023","content-type":"unspecified","content-version":"vor","intended-application":"similarity-checking"}],"deposited":{"date-parts":[[2025,6,18]],"date-time":"2025-06-18T05:43:26Z","timestamp":1750225406000},"score":1,"resource":{"primary":{"URL":"https:\/\/dl.acm.org\/doi\/10.1145\/2818000.2818023"}},"subtitle":[],"short-title":[],"issued":{"date-parts":[[2015,12,7]]},"references-count":42,"alternative-id":["10.1145\/2818000.2818023","10.1145\/2818000"],"URL":"https:\/\/doi.org\/10.1145\/2818000.2818023","relation":{},"subject":[],"published":{"date-parts":[[2015,12,7]]},"assertion":[{"value":"2015-12-07","order":2,"name":"published","label":"Published","group":{"name":"publication_history","label":"Publication History"}}]}}