{"status":"ok","message-type":"work","message-version":"1.0.0","message":{"indexed":{"date-parts":[[2025,11,18]],"date-time":"2025-11-18T09:34:00Z","timestamp":1763458440787,"version":"3.45.0"},"publisher-location":"New York, NY, USA","reference-count":64,"publisher":"ACM","license":[{"start":{"date-parts":[[2017,10,24]],"date-time":"2017-10-24T00:00:00Z","timestamp":1508803200000},"content-version":"vor","delay-in-days":365,"URL":"http:\/\/www.acm.org\/publications\/policies\/copyright_policy#Background"}],"funder":[{"DOI":"10.13039\/100000006","name":"Office of Naval Research","doi-asserted-by":"publisher","award":["N00014-15-1-2162"],"award-info":[{"award-number":["N00014-15-1-2162"]}],"id":[{"id":"10.13039\/100000006","id-type":"DOI","asserted-by":"publisher"}]},{"DOI":"10.13039\/100000001","name":"National Science Foundation","doi-asserted-by":"publisher","award":["CNS-1563848, CRI-1629851, DGE-1500084"],"award-info":[{"award-number":["CNS-1563848, CRI-1629851, DGE-1500084"]}],"id":[{"id":"10.13039\/100000001","id-type":"DOI","asserted-by":"publisher"}]},{"DOI":"10.13039\/501100003696","name":"Electronics and Telecommunications Research Institute","doi-asserted-by":"publisher","award":["MSIP\/IITP[B0101-15-0644]"],"award-info":[{"award-number":["MSIP\/IITP[B0101-15-0644]"]}],"id":[{"id":"10.13039\/501100003696","id-type":"DOI","asserted-by":"publisher"}]},{"DOI":"10.13039\/100000185","name":"Defense Advanced Research Projects Agency","doi-asserted-by":"publisher","award":["HR0011-16-C-0059, 15-15-TC-FP-006"],"award-info":[{"award-number":["HR0011-16-C-0059, 15-15-TC-FP-006"]}],"id":[{"id":"10.13039\/100000185","id-type":"DOI","asserted-by":"publisher"}]}],"content-domain":{"domain":["dl.acm.org"],"crossmark-restriction":true},"short-container-title":[],"published-print":{"date-parts":[[2016,10,24]]},"DOI":"10.1145\/2976749.2978321","type":"proceedings-article","created":{"date-parts":[[2016,10,25]],"date-time":"2016-10-25T08:46:35Z","timestamp":1477385195000},"page":"380-392","update-policy":"https:\/\/doi.org\/10.1145\/crossmark-policy","source":"Crossref","is-referenced-by-count":89,"title":["Breaking Kernel Address Space Layout Randomization with Intel TSX"],"prefix":"10.1145","author":[{"given":"Yeongjin","family":"Jang","sequence":"first","affiliation":[{"name":"Georgia Institute of Technology, Atlanga, GA, USA"}]},{"given":"Sangho","family":"Lee","sequence":"additional","affiliation":[{"name":"Georgia Institute of Technology, Atlanta, GA, USA"}]},{"given":"Taesoo","family":"Kim","sequence":"additional","affiliation":[{"name":"Georgia Institute of Technology, Atlanta, GA, USA"}]}],"member":"320","published-online":{"date-parts":[[2016,10,24]]},"reference":[{"key":"e_1_3_2_1_1_1","unstructured":"Anababa. What Does Transactional Synchronization Extensions (TSX) Processor Technology Mean to Vulnerability Exploits (e.g. Brute Forcing)? . http:\/\/hypervsir.blogspot.com\/2014\/11\/what-does-transactional-synchronization.html."},{"key":"e_1_3_2_1_2_1","unstructured":"AWS Blog. Amazon EC2 X1 Instances. https:\/\/aws.amazon.com\/ec2\/instance-types\/x1\/."},{"key":"e_1_3_2_1_3_1","doi-asserted-by":"publisher","DOI":"10.1145\/2660267.2660378"},{"key":"e_1_3_2_1_4_1","doi-asserted-by":"publisher","DOI":"10.5555\/2671225.2671253"},{"key":"e_1_3_2_1_5_1","doi-asserted-by":"publisher","DOI":"10.5555\/2831211.2831224"},{"key":"e_1_3_2_1_6_1","volume-title":"Implications of CPU caching on byte-addressable non-volatile memory programming","author":"Bhandari K.","year":"2012","unstructured":"K. Bhandari, D. R. Chakrabarti, and H.-J. Boehm. Implications of CPU caching on byte-addressable non-volatile memory programming, 2012."},{"key":"e_1_3_2_1_7_1","doi-asserted-by":"publisher","DOI":"10.5555\/1251398.1251415"},{"key":"e_1_3_2_1_8_1","doi-asserted-by":"publisher","DOI":"10.1145\/2810103.2813691"},{"key":"e_1_3_2_1_9_1","doi-asserted-by":"publisher","DOI":"10.1109\/SP.2014.22"},{"key":"e_1_3_2_1_10_1","doi-asserted-by":"publisher","DOI":"10.1109\/SP.2016.63"},{"key":"e_1_3_2_1_11_1","volume-title":"Sadeghi. Leakage-Resilient Layout Randomization for Mobile Devices. In Proceedings of the 2016 Annual Network and Distributed System Security Symposium (NDSS)","author":"Braden K.","year":"2016","unstructured":"K. Braden, S. Crane, L. Davi, M. Franz, P. Larsen, C. Liebchen, and A.-R. Sadeghi. Leakage-Resilient Layout Randomization for Mobile Devices. In Proceedings of the 2016 Annual Network and Distributed System Security Symposium (NDSS), San Diego, CA, Feb. 2016."},{"key":"e_1_3_2_1_12_1","doi-asserted-by":"publisher","DOI":"10.1145\/1866307.1866370"},{"key":"e_1_3_2_1_13_1","unstructured":"R. Chen. Some remarks on VirtualAlloc and MEM_LARGE_PAGES. https:\/\/blogs.msdn.microsoft.com\/oldnewthing\/20110128-00\/?p=11643."},{"key":"e_1_3_2_1_14_1","doi-asserted-by":"publisher","DOI":"10.5555\/1251353.1251360"},{"key":"e_1_3_2_1_15_1","doi-asserted-by":"publisher","DOI":"10.1109\/SP.2015.52"},{"key":"e_1_3_2_1_16_1","doi-asserted-by":"publisher","DOI":"10.14722\/ndss.2015.23262"},{"key":"e_1_3_2_1_17_1","unstructured":"S. Esser. mach_port_kobject() and the Kernel Address Obfuscation. https:\/\/sektioneins.de\/en\/blog\/14-12-23-mach_port_kobject.html."},{"key":"e_1_3_2_1_18_1","doi-asserted-by":"publisher","DOI":"10.1109\/SP.2015.53"},{"key":"e_1_3_2_1_19_1","doi-asserted-by":"publisher","DOI":"10.14722\/ndss.2016.23262"},{"key":"e_1_3_2_1_20_1","doi-asserted-by":"publisher","DOI":"10.1145\/2699026.2699107"},{"key":"e_1_3_2_1_21_1","doi-asserted-by":"publisher","DOI":"10.5555\/2362793.2362833"},{"key":"e_1_3_2_1_22_1","doi-asserted-by":"publisher","DOI":"10.1145\/2976749.2978356"},{"key":"e_1_3_2_1_23_1","doi-asserted-by":"publisher","DOI":"10.1109\/SP.2015.8"},{"key":"e_1_3_2_1_24_1","unstructured":"Henry. TLB and Pagewalk Coherence in x86 Processors. http:\/\/blog.stuffedcow.net\/2015\/08\/pagewalk-coherence\/."},{"key":"e_1_3_2_1_25_1","unstructured":"Heroku. Heroku: Cloud Application Platform. https:\/\/www.heroku.com\/."},{"key":"e_1_3_2_1_26_1","doi-asserted-by":"publisher","DOI":"10.1109\/SP.2012.39"},{"key":"e_1_3_2_1_27_1","doi-asserted-by":"publisher","DOI":"10.1109\/SP.2013.23"},{"key":"e_1_3_2_1_28_1","unstructured":"Intel. ARK | Your Source for Intel Protect Specifications. http:\/\/ark.intel.com."},{"key":"e_1_3_2_1_29_1","volume-title":"Desktop Intel Pentium Processor Family","author":"Intel Corporation","year":"2015","unstructured":"Intel Corporation. Desktop 4th Generation Intel CoreTM Processor Family, Desktop Intel Pentium Processor Family, and Desktop Intel Celeron Processor Family, 2015."},{"key":"e_1_3_2_1_30_1","volume-title":"Intel 64 and IA-32 Architectures Developer's Manual","author":"Intel Corporation","year":"2015","unstructured":"Intel Corporation. Intel 64 and IA-32 Architectures Developer's Manual, 2015."},{"key":"e_1_3_2_1_31_1","volume-title":"Black Hat USA","author":"Johnson K.","year":"2012","unstructured":"K. Johnson and M. Miller. Exploit Mitigation Improvements in Windows 8. In Black Hat USA, 2012."},{"key":"e_1_3_2_1_32_1","volume-title":"a security evaluation","author":"Keuper D.","year":"2012","unstructured":"D. Keuper. XNU: a security evaluation. 2012."},{"key":"e_1_3_2_1_33_1","doi-asserted-by":"publisher","DOI":"10.1109\/ACSAC.2006.9"},{"key":"e_1_3_2_1_34_1","volume-title":"Lock elision in the GNU C library","author":"Kleen A.","year":"2013","unstructured":"A. Kleen. Lock elision in the GNU C library, 2013. https:\/\/lwn.net\/Articles\/534758\/."},{"key":"e_1_3_2_1_35_1","doi-asserted-by":"publisher","DOI":"10.5555\/2685048.2685061"},{"key":"e_1_3_2_1_36_1","doi-asserted-by":"publisher","DOI":"10.1109\/ICDE.2014.6816683"},{"key":"e_1_3_2_1_37_1","doi-asserted-by":"publisher","DOI":"10.1109\/HPCA.2014.6835951"},{"key":"e_1_3_2_1_38_1","doi-asserted-by":"publisher","DOI":"10.14722\/ndss.2016.23173"},{"key":"e_1_3_2_1_39_1","doi-asserted-by":"publisher","DOI":"10.1145\/2810103.2813694"},{"key":"e_1_3_2_1_40_1","unstructured":"MITRE Corporation. CVE-2015-1097. https:\/\/cve.mitre.org\/cgi-bin\/cvename.cgi?name=CVE-2015-1097."},{"key":"e_1_3_2_1_41_1","unstructured":"MITRE Corporation. CVE-2015-1674. http:\/\/www.cve.mitre.org\/cgi-bin\/cvename.cgi?name=CVE-2015-1674."},{"key":"e_1_3_2_1_42_1","unstructured":"MITRE Corporation. CVE-2015-8569. https:\/\/cve.mitre.org\/cgi-bin\/cvename.cgi?name=CVE-2015-8569."},{"key":"e_1_3_2_1_43_1","unstructured":"MITRE Corporation. CVE-2016-0175. http:\/\/www.cve.mitre.org\/cgi-bin\/cvename.cgi?name=CVE-2016-0175."},{"key":"e_1_3_2_1_44_1","unstructured":"NES CONSEIL. Bypassing Windows 7 Kernel ASLR. https:\/\/dl.packetstormsecurity.net\/papers\/bypass\/NES-BypassWin7KernelAslr.pdf."},{"key":"e_1_3_2_1_45_1","unstructured":"Oracle. Java Platform Standard Edition Tools Reference. https:\/\/docs.oracle.com\/javase\/8\/docs\/technotes\/tools\/unix\/java.html."},{"key":"e_1_3_2_1_46_1","unstructured":"Oracle. Oracle VM Performance and Tuning - Part 5. https:\/\/blogs.oracle.com\/jsavit\/entry\/oracle_vm_performance_and_tuning4."},{"key":"e_1_3_2_1_47_1","doi-asserted-by":"publisher","DOI":"10.1109\/SP.2012.41"},{"key":"e_1_3_2_1_48_1","volume-title":"PaX address space layout randomization (ASLR)","author":"Team X","year":"2003","unstructured":"PaX Team. PaX address space layout randomization (ASLR), 2003. https:\/\/pax.grsecurity.net\/docs\/aslr.txt."},{"key":"e_1_3_2_1_49_1","volume-title":"June","author":"Rappoport L.","year":"2010","unstructured":"L. Rappoport, C. Koren, F. Sala, O. Lempel, I. Ouziel, I. Kim, R. Gabor, L. Libis, and G. Pribush. Method and Apparatus for Pipeline Inclusion and Instruction Restarts in a Micro-op Cache of a Processor, June 2010. US Patent App. 12\/317,959."},{"key":"e_1_3_2_1_50_1","volume-title":"Blackhat USA","author":"Serna F. J.","year":"2012","unstructured":"F. J. Serna. The info leak era on software exploitation. In Blackhat USA, 2012."},{"key":"e_1_3_2_1_51_1","doi-asserted-by":"publisher","DOI":"10.1145\/1315245.1315313"},{"key":"e_1_3_2_1_52_1","doi-asserted-by":"publisher","DOI":"10.1145\/1030083.1030124"},{"key":"e_1_3_2_1_53_1","doi-asserted-by":"publisher","DOI":"10.1109\/SP.2013.45"},{"key":"e_1_3_2_1_54_1","doi-asserted-by":"publisher","DOI":"10.14722\/ndss.2016.23218"},{"key":"e_1_3_2_1_55_1","doi-asserted-by":"publisher","DOI":"10.1145\/1519144.1519145"},{"key":"e_1_3_2_1_56_1","doi-asserted-by":"publisher","DOI":"10.1145\/2810103.2813685"},{"key":"e_1_3_2_1_57_1","unstructured":"The Linux Kernel Archives. Huge Pages. https:\/\/www.kernel.org\/doc\/Documentation\/vm\/hugetlbpage.txt."},{"key":"e_1_3_2_1_58_1","doi-asserted-by":"publisher","DOI":"10.1145\/2592798.2592815"},{"key":"e_1_3_2_1_59_1","doi-asserted-by":"publisher","DOI":"10.1145\/2382196.2382216"},{"key":"e_1_3_2_1_60_1","unstructured":"V. Weaver. Linux perf event Features and Overhead 2013. http:\/\/researcher.watson.ibm.com\/researcher\/files\/us-ajvega\/FastPath_Weaver_Talk.pdf."},{"key":"e_1_3_2_1_61_1","doi-asserted-by":"publisher","DOI":"10.1145\/2815400.2815419"},{"key":"e_1_3_2_1_62_1","unstructured":"Wikiwand. Address space layout randomization. http:\/\/www.wikiwand.com\/en\/Address_space_layout_randomization."},{"key":"e_1_3_2_1_63_1","unstructured":"Windows Dev Center. Creating a File Mapping Using Large Pages. https:\/\/msdn.microsoft.com\/en-us\/library\/windows\/desktop\/aa366543(v=vs.85).aspx."},{"key":"e_1_3_2_1_64_1","unstructured":"R. Wojtczuk. TSX Improves Timing Attacks Against KASLR. https:\/\/labs.bromium.com\/2014\/10\/27\/tsx-improves-timing-attacks-against-kaslr\/."}],"event":{"name":"CCS'16: 2016 ACM SIGSAC Conference on Computer and Communications Security","sponsor":["SIGSAC ACM Special Interest Group on Security, Audit, and Control"],"location":"Vienna Austria","acronym":"CCS'16"},"container-title":["Proceedings of the 2016 ACM SIGSAC Conference on Computer and Communications Security"],"original-title":[],"link":[{"URL":"https:\/\/dl.acm.org\/doi\/10.1145\/2976749.2978321","content-type":"unspecified","content-version":"vor","intended-application":"text-mining"},{"URL":"https:\/\/dl.acm.org\/doi\/pdf\/10.1145\/2976749.2978321","content-type":"application\/pdf","content-version":"vor","intended-application":"syndication"},{"URL":"https:\/\/dl.acm.org\/doi\/pdf\/10.1145\/2976749.2978321","content-type":"unspecified","content-version":"vor","intended-application":"similarity-checking"}],"deposited":{"date-parts":[[2025,11,18]],"date-time":"2025-11-18T09:23:35Z","timestamp":1763457815000},"score":1,"resource":{"primary":{"URL":"https:\/\/dl.acm.org\/doi\/10.1145\/2976749.2978321"}},"subtitle":[],"short-title":[],"issued":{"date-parts":[[2016,10,24]]},"references-count":64,"alternative-id":["10.1145\/2976749.2978321","10.1145\/2976749"],"URL":"https:\/\/doi.org\/10.1145\/2976749.2978321","relation":{},"subject":[],"published":{"date-parts":[[2016,10,24]]},"assertion":[{"value":"2016-10-24","order":3,"name":"published","label":"Published","group":{"name":"publication_history","label":"Publication History"}}]}}