{"status":"ok","message-type":"work","message-version":"1.0.0","message":{"indexed":{"date-parts":[[2026,2,14]],"date-time":"2026-02-14T04:33:39Z","timestamp":1771043619857,"version":"3.50.1"},"publisher-location":"New York, NY, USA","reference-count":54,"publisher":"ACM","license":[{"start":{"date-parts":[[2018,12,3]],"date-time":"2018-12-03T00:00:00Z","timestamp":1543795200000},"content-version":"vor","delay-in-days":0,"URL":"https:\/\/www.acm.org\/publications\/policies\/copyright_policy#Background"}],"content-domain":{"domain":["dl.acm.org"],"crossmark-restriction":true},"short-container-title":[],"published-print":{"date-parts":[[2018,12,3]]},"DOI":"10.1145\/3274694.3274739","type":"proceedings-article","created":{"date-parts":[[2018,12,4]],"date-time":"2018-12-04T13:07:01Z","timestamp":1543928821000},"page":"28-39","update-policy":"https:\/\/doi.org\/10.1145\/crossmark-policy","source":"Crossref","is-referenced-by-count":31,"title":["On the Effectiveness of Type-based Control Flow Integrity"],"prefix":"10.1145","author":[{"given":"Reza Mirzazade","family":"Farkhani","sequence":"first","affiliation":[{"name":"Northeastern University"}],"role":[{"role":"author","vocabulary":"crossref"}]},{"given":"Saman","family":"Jafari","sequence":"additional","affiliation":[{"name":"Northeastern University"}],"role":[{"role":"author","vocabulary":"crossref"}]},{"given":"Sajjad","family":"Arshad","sequence":"additional","affiliation":[{"name":"Northeastern University"}],"role":[{"role":"author","vocabulary":"crossref"}]},{"given":"William","family":"Robertson","sequence":"additional","affiliation":[{"name":"Northeastern University"}],"role":[{"role":"author","vocabulary":"crossref"}]},{"given":"Engin","family":"Kirda","sequence":"additional","affiliation":[{"name":"Northeastern University"}],"role":[{"role":"author","vocabulary":"crossref"}]},{"given":"Hamed","family":"Okhravi","sequence":"additional","affiliation":[{"name":"MIT Lincoln Laboratory"}],"role":[{"role":"author","vocabulary":"crossref"}]}],"member":"320","published-online":{"date-parts":[[2018,12,3]]},"reference":[{"key":"e_1_3_2_1_1_1","doi-asserted-by":"publisher","DOI":"10.1145\/1102120.1102165"},{"key":"e_1_3_2_1_2_1","doi-asserted-by":"publisher","DOI":"10.1109\/SP.2008.30"},{"key":"e_1_3_2_1_3_1","doi-asserted-by":"publisher","DOI":"10.1145\/2810103.2813691"},{"key":"e_1_3_2_1_4_1","doi-asserted-by":"publisher","DOI":"10.1109\/SP.2014.22"},{"key":"e_1_3_2_1_5_1","doi-asserted-by":"publisher","DOI":"10.1145\/2076732.2076783"},{"key":"e_1_3_2_1_6_1","doi-asserted-by":"publisher","DOI":"10.1145\/3054924"},{"key":"e_1_3_2_1_7_1","volume-title":"Control-Flow Bending: On the Effectiveness of Control-Flow Integrity. In USENIX Security Symposium.","author":"Carlini Nicolas","year":"2015","unstructured":"Nicolas Carlini , Antonio Barresi , Mathias Payer , and David Wagner . 2015 . Control-Flow Bending: On the Effectiveness of Control-Flow Integrity. In USENIX Security Symposium. Nicolas Carlini, Antonio Barresi, Mathias Payer, and David Wagner. 2015. Control-Flow Bending: On the Effectiveness of Control-Flow Integrity. In USENIX Security Symposium."},{"key":"e_1_3_2_1_8_1","doi-asserted-by":"publisher","DOI":"10.1145\/1866307.1866370"},{"key":"e_1_3_2_1_9_1","doi-asserted-by":"publisher","DOI":"10.1109\/SP.2015.52"},{"key":"e_1_3_2_1_10_1","doi-asserted-by":"publisher","DOI":"10.1145\/2810103.2813682"},{"key":"e_1_3_2_1_11_1","doi-asserted-by":"publisher","DOI":"10.14722\/ndss.2015.23262"},{"key":"e_1_3_2_1_12_1","volume-title":"Stitching the Gadgets: On the Ineffectiveness of Coarse-Grained Control-Flow Integrity Protection. In USENIX Security Symposium.","author":"Davi Lucas","year":"2014","unstructured":"Lucas Davi , Ahmad-Reza Sadeghi , Daniel Lehmann , and Fabian Monrose . 2014 . Stitching the Gadgets: On the Ineffectiveness of Coarse-Grained Control-Flow Integrity Protection. In USENIX Security Symposium. Lucas Davi, Ahmad-Reza Sadeghi, Daniel Lehmann, and Fabian Monrose. 2014. Stitching the Gadgets: On the Ineffectiveness of Coarse-Grained Control-Flow Integrity Protection. In USENIX Security Symposium."},{"key":"e_1_3_2_1_13_1","volume-title":"26th USENIX Security Symposium (USENIX Security 17)","author":"Ding Ren","year":"2017","unstructured":"Ren Ding , Chenxiong Qian , Chengyu Song , Bill Harris , Taesoo Kim , and Wenke Lee . 2017 . Efficient protection of path-sensitive control security . In 26th USENIX Security Symposium (USENIX Security 17) . Vancouver, BC: USENIX Association. 131--148. Ren Ding, Chenxiong Qian, Chengyu Song, Bill Harris, Taesoo Kim, and Wenke Lee. 2017. Efficient protection of path-sensitive control security. In 26th USENIX Security Symposium (USENIX Security 17). Vancouver, BC: USENIX Association. 131--148."},{"key":"e_1_3_2_1_14_1","doi-asserted-by":"publisher","DOI":"10.1145\/2810103.2813646"},{"key":"e_1_3_2_1_15_1","unstructured":"gera and riq. 2002. Advances in Format String Exploitation. http:\/\/phrack.org\/issues\/59\/7.html. (2002).  gera and riq. 2002. Advances in Format String Exploitation. http:\/\/phrack.org\/issues\/59\/7.html. (2002)."},{"key":"e_1_3_2_1_16_1","doi-asserted-by":"publisher","DOI":"10.1109\/SP.2014.43"},{"key":"e_1_3_2_1_17_1","volume-title":"Data-Oriented Programming: On the Expressiveness of Non-Control Data Attacks. In IEEE Symposium on Security and Privacy (S&P).","author":"Hu Hong","year":"2016","unstructured":"Hong Hu , Shweta Shinde , Sendroiu Adrian , Zheng Leong Chua , Prateek Saxena , and Zhenkai Liang . 2016 . Data-Oriented Programming: On the Expressiveness of Non-Control Data Attacks. In IEEE Symposium on Security and Privacy (S&P). Hong Hu, Shweta Shinde, Sendroiu Adrian, Zheng Leong Chua, Prateek Saxena, and Zhenkai Liang. 2016. Data-Oriented Programming: On the Expressiveness of Non-Control Data Attacks. In IEEE Symposium on Security and Privacy (S&P)."},{"key":"e_1_3_2_1_18_1","doi-asserted-by":"publisher","DOI":"10.1109\/SP.2014.25"},{"key":"e_1_3_2_1_19_1","doi-asserted-by":"publisher","DOI":"10.1145\/1250734.1250766"},{"key":"e_1_3_2_1_20_1","doi-asserted-by":"publisher","DOI":"10.1145\/2810103.2813671"},{"key":"e_1_3_2_1_21_1","unstructured":"LLVM Developer Group. 2018. LLVM CFI. https:\/\/clang.llvm.org\/docs\/ControlFlowIntegrity.html. (2018).  LLVM Developer Group. 2018. LLVM CFI. https:\/\/clang.llvm.org\/docs\/ControlFlowIntegrity.html. (2018)."},{"key":"e_1_3_2_1_22_1","doi-asserted-by":"publisher","DOI":"10.1145\/2810103.2813694"},{"key":"e_1_3_2_1_23_1","volume-title":"DROP THE ROP: Fine-grained Control-Flow Integrity for the Linux Kernel.","author":"Moreira Jo\u00e3o","year":"2017","unstructured":"Jo\u00e3o Moreira , Sandro Rigo , Michalis Polychronakis , and Vasileios Kemerlis . 2017 . DROP THE ROP: Fine-grained Control-Flow Integrity for the Linux Kernel. (2017). Jo\u00e3o Moreira, Sandro Rigo, Michalis Polychronakis, and Vasileios Kemerlis. 2017. DROP THE ROP: Fine-grained Control-Flow Integrity for the Linux Kernel. (2017)."},{"key":"e_1_3_2_1_24_1","doi-asserted-by":"publisher","DOI":"10.1145\/1806651.1806657"},{"key":"e_1_3_2_1_25_1","doi-asserted-by":"publisher","DOI":"10.1145\/1542476.1542504"},{"key":"e_1_3_2_1_26_1","doi-asserted-by":"publisher","DOI":"10.1145\/2508859.2516649"},{"key":"e_1_3_2_1_27_1","doi-asserted-by":"publisher","DOI":"10.1145\/2810103.2813644"},{"key":"e_1_3_2_1_28_1","unstructured":"Aleph One. 1996. Smashing The Stack For Fun And Profit. http:\/\/phrack.org\/issues\/49\/14.html. (1996).  Aleph One. 1996. Smashing The Stack For Fun And Profit. http:\/\/phrack.org\/issues\/49\/14.html. (1996)."},{"key":"e_1_3_2_1_29_1","unstructured":"PaX Team. 2003. Non-Executable Pages Design. https:\/\/pax.grsecurity.net\/docs\/pax.txt. (2003).  PaX Team. 2003. Non-Executable Pages Design. https:\/\/pax.grsecurity.net\/docs\/pax.txt. (2003)."},{"key":"e_1_3_2_1_30_1","doi-asserted-by":"publisher","DOI":"10.1007\/978-3-319-20550-2_8"},{"key":"e_1_3_2_1_31_1","unstructured":"The Chromium Projects. 2015. Control Flow Integrity in Chromium. https:\/\/www.chromium.org\/developers\/testing\/control-flow-integrity. (2015).  The Chromium Projects. 2015. Control Flow Integrity in Chromium. https:\/\/www.chromium.org\/developers\/testing\/control-flow-integrity. (2015)."},{"key":"e_1_3_2_1_32_1","doi-asserted-by":"publisher","DOI":"10.1145\/186025.186041"},{"key":"e_1_3_2_1_33_1","volume-title":"Address-Oblivious Code Reuse: On the Effectiveness of Leakage-Resilient Diversity. In Network and Distributed System Security Symposium (NDSS).","author":"Rudd Robert","year":"2017","unstructured":"Robert Rudd , Richard Skowyra , David Bigelow , Veer Dedhia , Thomas Hobson , Stephen Crane , Christopher Liebchen , Per Larsen , Lucas Davi , Michael Franz , Ahmad-Reza Sadeghi , and Hamed Okhravi . 2017 . Address-Oblivious Code Reuse: On the Effectiveness of Leakage-Resilient Diversity. In Network and Distributed System Security Symposium (NDSS). Robert Rudd, Richard Skowyra, David Bigelow, Veer Dedhia, Thomas Hobson, Stephen Crane, Christopher Liebchen, Per Larsen, Lucas Davi, Michael Franz, Ahmad-Reza Sadeghi, and Hamed Okhravi. 2017. Address-Oblivious Code Reuse: On the Effectiveness of Leakage-Resilient Diversity. In Network and Distributed System Security Symposium (NDSS)."},{"key":"e_1_3_2_1_34_1","doi-asserted-by":"publisher","DOI":"10.1109\/SP.2015.51"},{"key":"e_1_3_2_1_35_1","unstructured":"Security Focus. 1988. BSD Fingerd Buffer Overflow Vulnerability. http:\/\/www.securityfocus.com\/bid\/2\/info. (1988).  Security Focus. 1988. BSD Fingerd Buffer Overflow Vulnerability. http:\/\/www.securityfocus.com\/bid\/2\/info. (1988)."},{"key":"e_1_3_2_1_36_1","doi-asserted-by":"publisher","DOI":"10.1145\/2660267.2660309"},{"key":"e_1_3_2_1_37_1","doi-asserted-by":"publisher","DOI":"10.1145\/1315245.1315313"},{"key":"e_1_3_2_1_38_1","doi-asserted-by":"publisher","DOI":"10.1109\/SP.2013.45"},{"key":"e_1_3_2_1_39_1","doi-asserted-by":"publisher","DOI":"10.1109\/SP.2016.61"},{"key":"e_1_3_2_1_40_1","doi-asserted-by":"publisher","DOI":"10.1145\/1519144.1519145"},{"key":"e_1_3_2_1_41_1","unstructured":"Subgraph Team. 2014. Subgraph OS. https:\/\/subgraph.com\/. (2014).  Subgraph Team. 2014. Subgraph OS. https:\/\/subgraph.com\/. (2014)."},{"key":"e_1_3_2_1_42_1","doi-asserted-by":"publisher","DOI":"10.1145\/2892208.2892235"},{"key":"e_1_3_2_1_43_1","doi-asserted-by":"publisher","DOI":"10.1109\/SP.2013.13"},{"key":"e_1_3_2_1_44_1","doi-asserted-by":"publisher","DOI":"10.1145\/2594291.2594295"},{"key":"e_1_3_2_1_45_1","unstructured":"Jack Tang. 2015. Exploring Control Flow Guard in Windows 10. http:\/\/blog.trendmicro.com\/trendlabs-security-intelligence\/exploring-control-flow-guard-in-windows-10. (2015).  Jack Tang. 2015. Exploring Control Flow Guard in Windows 10. http:\/\/blog.trendmicro.com\/trendlabs-security-intelligence\/exploring-control-flow-guard-in-windows-10. (2015)."},{"key":"e_1_3_2_1_46_1","volume-title":"RAP: RIP ROP. https:\/\/pax.grsecurity.net\/docs\/PaXTeam-H2HC15-RAP-RIP-ROP.pdf.","author":"Team Pax","year":"2015","unstructured":"Pax Team . 2015 . RAP: RIP ROP. https:\/\/pax.grsecurity.net\/docs\/PaXTeam-H2HC15-RAP-RIP-ROP.pdf. (2015). Pax Team. 2015. RAP: RIP ROP. https:\/\/pax.grsecurity.net\/docs\/PaXTeam-H2HC15-RAP-RIP-ROP.pdf. (2015)."},{"key":"e_1_3_2_1_47_1","volume-title":"Enforcing Forward-Edge Control- Flow Integrity in GCC & LLVM. In USENIX Security Symposium.","author":"Tice Caroline","year":"2014","unstructured":"Caroline Tice , Tom Roeder , Peter Collingbourne , Stephen Checkoway , \u00c3\u017dlfar Erlingsson , Luis Lozano , and Geoff Pike . 2014 . Enforcing Forward-Edge Control- Flow Integrity in GCC & LLVM. In USENIX Security Symposium. Caroline Tice, Tom Roeder, Peter Collingbourne, Stephen Checkoway, \u00c3\u017dlfar Erlingsson, Luis Lozano, and Geoff Pike. 2014. Enforcing Forward-Edge Control- Flow Integrity in GCC & LLVM. In USENIX Security Symposium."},{"key":"e_1_3_2_1_48_1","unstructured":"Ubuntu. 2017. Ubuntu Popularity Contest. http:\/\/popcon.ubuntu.com\/by_inst. (2017).  Ubuntu. 2017. Ubuntu Popularity Contest. http:\/\/popcon.ubuntu.com\/by_inst. (2017)."},{"key":"e_1_3_2_1_49_1","volume-title":"IEEE Symposium on Security and Privacy (S&P).","author":"van der Veen Victor","year":"2016","unstructured":"Victor van der Veen , Enes G\u00f6ktas , Moritz Contag , Andre Pawlowski , Xi Chen\u00e2\u0102\u0103 , Sanjay Rawat , Herbert Bos , Thorsten Holz , Elias Athanasopoulos , and Cristiano Giuffrida . 2016 . A Tough Call: Mitigating Advanced Code-Reuse Attacks at the Binary Level . In IEEE Symposium on Security and Privacy (S&P). Victor van der Veen, Enes G\u00f6ktas, Moritz Contag, Andre Pawlowski, Xi Chen\u00e2\u0102\u0103, Sanjay Rawat, Herbert Bos, Thorsten Holz, Elias Athanasopoulos, and Cristiano Giuffrida. 2016. A Tough Call: Mitigating Advanced Code-Reuse Attacks at the Binary Level. In IEEE Symposium on Security and Privacy (S&P)."},{"key":"e_1_3_2_1_50_1","doi-asserted-by":"publisher","DOI":"10.1109\/SP.2010.30"},{"key":"e_1_3_2_1_51_1","unstructured":"Fedora Wiki. 2018. Security Features Matrix. (2018). https:\/\/fedoraproject.org\/wiki\/Security_Features_Matrix  Fedora Wiki. 2018. Security Features Matrix. (2018). https:\/\/fedoraproject.org\/wiki\/Security_Features_Matrix"},{"key":"e_1_3_2_1_52_1","volume-title":"Region-Based Selective Flow-Sensitive Pointer Analysis. In International Static Analysis Symposium.","author":"Ye Sen","year":"2014","unstructured":"Sen Ye , Yulei Sui , and Jingling Xue . 2014 . Region-Based Selective Flow-Sensitive Pointer Analysis. In International Static Analysis Symposium. Sen Ye, Yulei Sui, and Jingling Xue. 2014. Region-Based Selective Flow-Sensitive Pointer Analysis. In International Static Analysis Symposium."},{"key":"e_1_3_2_1_53_1","doi-asserted-by":"publisher","DOI":"10.1109\/SP.2013.44"},{"key":"e_1_3_2_1_54_1","volume-title":"Control Flow Integrity for COTS Binaries. In USENIX Security Symposium.","author":"Zhang Mingwei","unstructured":"Mingwei Zhang and R. Sekar . 2013 . Control Flow Integrity for COTS Binaries. In USENIX Security Symposium. Mingwei Zhang and R. Sekar. 2013. Control Flow Integrity for COTS Binaries. In USENIX Security Symposium."}],"event":{"name":"ACSAC '18: 2018 Annual Computer Security Applications Conference","location":"San Juan PR USA","acronym":"ACSAC '18","sponsor":["ACSA Applied Computing Security Assoc"]},"container-title":["Proceedings of the 34th Annual Computer Security Applications Conference"],"original-title":[],"link":[{"URL":"https:\/\/dl.acm.org\/doi\/10.1145\/3274694.3274739","content-type":"unspecified","content-version":"vor","intended-application":"text-mining"},{"URL":"https:\/\/dl.acm.org\/doi\/pdf\/10.1145\/3274694.3274739","content-type":"unspecified","content-version":"vor","intended-application":"similarity-checking"}],"deposited":{"date-parts":[[2025,6,18]],"date-time":"2025-06-18T00:57:56Z","timestamp":1750208276000},"score":1,"resource":{"primary":{"URL":"https:\/\/dl.acm.org\/doi\/10.1145\/3274694.3274739"}},"subtitle":[],"short-title":[],"issued":{"date-parts":[[2018,12,3]]},"references-count":54,"alternative-id":["10.1145\/3274694.3274739","10.1145\/3274694"],"URL":"https:\/\/doi.org\/10.1145\/3274694.3274739","relation":{},"subject":[],"published":{"date-parts":[[2018,12,3]]},"assertion":[{"value":"2018-12-03","order":2,"name":"published","label":"Published","group":{"name":"publication_history","label":"Publication History"}}]}}