{"status":"ok","message-type":"work","message-version":"1.0.0","message":{"indexed":{"date-parts":[[2025,11,7]],"date-time":"2025-11-07T09:31:47Z","timestamp":1762507907876,"version":"3.41.0"},"publisher-location":"New York, NY, USA","reference-count":84,"publisher":"ACM","license":[{"start":{"date-parts":[[2019,12,9]],"date-time":"2019-12-09T00:00:00Z","timestamp":1575849600000},"content-version":"vor","delay-in-days":0,"URL":"https:\/\/www.acm.org\/publications\/policies\/copyright_policy#Background"}],"funder":[{"name":"Division Of Computer and Network Systems","award":["CNS-1422206"],"award-info":[{"award-number":["CNS-1422206"]}]},{"name":"Informatization Project of Chinese Academy of Science","award":["No.XXH13507-01"],"award-info":[{"award-number":["No.XXH13507-01"]}]},{"name":"Key Project of Chinese National Programs for Fundamental Research and Development","award":["No.2014CB340603"],"award-info":[{"award-number":["No.2014CB340603"]}]},{"name":"Division Of Graduate Education","award":["DGE-1565570"],"award-info":[{"award-number":["DGE-1565570"]}]},{"name":"National Security Agency (NSA) Science of Security (SoS) initiative"}],"content-domain":{"domain":["dl.acm.org"],"crossmark-restriction":true},"short-container-title":[],"published-print":{"date-parts":[[2019,12,9]]},"DOI":"10.1145\/3359789.3359795","type":"proceedings-article","created":{"date-parts":[[2019,11,22]],"date-time":"2019-11-22T18:41:59Z","timestamp":1574448119000},"page":"57-69","update-policy":"https:\/\/doi.org\/10.1145\/crossmark-policy","source":"Crossref","is-referenced-by-count":4,"title":["TF-BIV"],"prefix":"10.1145","author":[{"given":"Fangjie","family":"Jiang","sequence":"first","affiliation":[{"name":"State Key Laboratory of Information Security, Institute of Information Engineering, Chinese Academy of Sciences and Data Assurance and Communication Security Center, Chinese Academy of Sciences and University of Chinese Academy of Sciences"}]},{"given":"Quanwei","family":"Cai","sequence":"additional","affiliation":[{"name":"State Key Laboratory of Information Security, Institute of Information Engineering, Chinese Academy of Sciences and Data Assurance and Communication Security Center, Chinese Academy of Sciences"}]},{"given":"Jingqiang","family":"Lin","sequence":"additional","affiliation":[{"name":"State Key Laboratory of Information Security, Institute of Information Engineering, Chinese Academy of Sciences and Data Assurance and Communication Security Center, Chinese Academy of Sciences and University of Chinese Academy of Sciences"}]},{"given":"Bo","family":"Luo","sequence":"additional","affiliation":[{"name":"the University of Kansas"}]},{"given":"Le","family":"Guan","sequence":"additional","affiliation":[{"name":"the University of Georgia"}]},{"given":"Ziqiang","family":"Ma","sequence":"additional","affiliation":[{"name":"State Key Laboratory of Information Security, Institute of Information Engineering, Chinese Academy of Sciences and Data Assurance and Communication Security Center, Chinese Academy of Sciences and University of Chinese Academy of Sciences"}]}],"member":"320","published-online":{"date-parts":[[2019,12,9]]},"reference":[{"volume-title":"Retrieved","year":"2018","key":"e_1_3_2_1_1_1","unstructured":"Amazon. 2018 . AMAZON AWS CloudHSM . Retrieved May 27, 2019 from https:\/\/amazonaws-china.com\/cloudhsm\/ Amazon. 2018. AMAZON AWS CloudHSM. Retrieved May 27, 2019 from https:\/\/amazonaws-china.com\/cloudhsm\/"},{"volume-title":"Retrieved","year":"2018","key":"e_1_3_2_1_2_1","unstructured":"Amazon. 2018 . AMAZON AWS Key Management Service KMS . Retrieved May 27, 2019 from https:\/\/amazonaws-china.com\/kms\/ Amazon. 2018. AMAZON AWS Key Management Service KMS. Retrieved May 27, 2019 from https:\/\/amazonaws-china.com\/kms\/"},{"key":"e_1_3_2_1_3_1","unstructured":"ARM 2009. ARM security technology: Building a secure system using TrustZone technology. ARM.  ARM 2009. ARM security technology: Building a secure system using TrustZone technology. ARM."},{"key":"e_1_3_2_1_4_1","volume-title":"SCONE: Secure Linux Containers with Intel SGX. In 12th USENIX Symposium on Operating Systems Design and Implementation, OSDI 2016","author":"Arnautov Sergei","year":"2016","unstructured":"Sergei Arnautov , Bohdan Trach , Franz Gregor , Thomas Knauth , Andr\u00e9 Martin , Christian Priebe , Joshua Lind , Divya Muthukumaran , Dan O'Keeffe , Mark Stillwell , David Goltzsche , David M. Eyers , R\u00fcdiger Kapitza , Peter R. Pietzuch , and Christof Fetzer . 2016 . SCONE: Secure Linux Containers with Intel SGX. In 12th USENIX Symposium on Operating Systems Design and Implementation, OSDI 2016 , Savannah, GA, USA, November 2--4 , 2016. 689--703. Sergei Arnautov, Bohdan Trach, Franz Gregor, Thomas Knauth, Andr\u00e9 Martin, Christian Priebe, Joshua Lind, Divya Muthukumaran, Dan O'Keeffe, Mark Stillwell, David Goltzsche, David M. Eyers, R\u00fcdiger Kapitza, Peter R. Pietzuch, and Christof Fetzer. 2016. SCONE: Secure Linux Containers with Intel SGX. In 12th USENIX Symposium on Operating Systems Design and Implementation, OSDI 2016, Savannah, GA, USA, November 2--4, 2016. 689--703."},{"key":"e_1_3_2_1_5_1","volume-title":"HIMA: A Hypervisor-Based Integrity Measurement Agent. In Twenty-Fifth Annual Computer Security Applications Conference, ACSAC 2009","author":"Azab Ahmed M.","year":"2009","unstructured":"Ahmed M. Azab , Peng Ning , Emre Can Sezer , and Xiaolan Zhang . 2009 . HIMA: A Hypervisor-Based Integrity Measurement Agent. In Twenty-Fifth Annual Computer Security Applications Conference, ACSAC 2009 , Honolulu, Hawaii, USA, 7- -11 December 2009. 461--470. Ahmed M. Azab, Peng Ning, Emre Can Sezer, and Xiaolan Zhang. 2009. HIMA: A Hypervisor-Based Integrity Measurement Agent. In Twenty-Fifth Annual Computer Security Applications Conference, ACSAC 2009, Honolulu, Hawaii, USA, 7--11 December 2009. 461--470."},{"key":"e_1_3_2_1_6_1","volume-title":"Proceedings of the 17th ACM Conference on Computer and Communications Security, CCS 2010","author":"Azab Ahmed M.","year":"2010","unstructured":"Ahmed M. Azab , Peng Ning , Zhi Wang , Xuxian Jiang , Xiaolan Zhang , and Nathan C. Skalsky . 2010. HyperSentry: enabling stealthy in-context measurement of hypervisor integrity . In Proceedings of the 17th ACM Conference on Computer and Communications Security, CCS 2010 , Chicago, Illinois, USA, October 4--8 , 2010 . 38--49. Ahmed M. Azab, Peng Ning, Zhi Wang, Xuxian Jiang, Xiaolan Zhang, and Nathan C. Skalsky. 2010. HyperSentry: enabling stealthy in-context measurement of hypervisor integrity. In Proceedings of the 17th ACM Conference on Computer and Communications Security, CCS 2010, Chicago, Illinois, USA, October 4--8, 2010. 38--49."},{"key":"e_1_3_2_1_7_1","volume-title":"DKSM: Subverting Virtual Machine Introspection for Fun and Profit. In 29th IEEE Symposium on Reliable Distributed Systems (SRDS 2010","author":"Bahram Sina","year":"2010","unstructured":"Sina Bahram , Xuxian Jiang , Zhi Wang , Mike Grace , Jinku Li , Deepa Srinivasan , Junghwan Rhee , and Dongyan Xu . 2010 . DKSM: Subverting Virtual Machine Introspection for Fun and Profit. In 29th IEEE Symposium on Reliable Distributed Systems (SRDS 2010 ), New Delhi, Punjab, India, October 31 - November 3, 2010. 82--91. Sina Bahram, Xuxian Jiang, Zhi Wang, Mike Grace, Jinku Li, Deepa Srinivasan, Junghwan Rhee, and Dongyan Xu. 2010. DKSM: Subverting Virtual Machine Introspection for Fun and Profit. In 29th IEEE Symposium on Reliable Distributed Systems (SRDS 2010), New Delhi, Punjab, India, October 31 - November 3, 2010. 82--91."},{"key":"e_1_3_2_1_8_1","doi-asserted-by":"publisher","DOI":"10.1145\/2799647"},{"key":"e_1_3_2_1_9_1","volume-title":"Leveraging Virtual Machine Introspection for Hot-Hardening of Arbitrary Cloud-User Applications. In 6th USENIX Workshop on Hot Topics in Cloud Computing, HotCloud '14","author":"Biedermann Sebastian","year":"2014","unstructured":"Sebastian Biedermann , Stefan Katzenbeisser , and Jakub Szefer . 2014 . Leveraging Virtual Machine Introspection for Hot-Hardening of Arbitrary Cloud-User Applications. In 6th USENIX Workshop on Hot Topics in Cloud Computing, HotCloud '14 , Philadelphia, PA, USA, June 17--18 , 2014. Sebastian Biedermann, Stefan Katzenbeisser, and Jakub Szefer. 2014. Leveraging Virtual Machine Introspection for Hot-Hardening of Arbitrary Cloud-User Applications. In 6th USENIX Workshop on Hot Topics in Cloud Computing, HotCloud '14, Philadelphia, PA, USA, June 17--18, 2014."},{"key":"e_1_3_2_1_10_1","volume-title":"SEC 2018, Held at the 24th IFIP World Computer Congress, WCC 2018, Poznan, Poland, September 18--20, 2018, Proceedings. 293--306","author":"Bierbaumer Bruno","year":"2018","unstructured":"Bruno Bierbaumer , Julian Kirsch , Thomas Kittel , Aur\u00e9lien Francillon , and Apostolis Zarras . 2018 . Smashing the Stack Protector for Fun and Profit. In ICT Systems Security and Privacy Protection - 33rd IFIP TC 11 International Conference , SEC 2018, Held at the 24th IFIP World Computer Congress, WCC 2018, Poznan, Poland, September 18--20, 2018, Proceedings. 293--306 . Bruno Bierbaumer, Julian Kirsch, Thomas Kittel, Aur\u00e9lien Francillon, and Apostolis Zarras. 2018. Smashing the Stack Protector for Fun and Profit. In ICT Systems Security and Privacy Protection - 33rd IFIP TC 11 International Conference, SEC 2018, Held at the 24th IFIP World Computer Congress, WCC 2018, Poznan, Poland, September 18--20, 2018, Proceedings. 293--306."},{"key":"e_1_3_2_1_11_1","doi-asserted-by":"publisher","DOI":"10.1145\/1966913.1966919"},{"key":"e_1_3_2_1_12_1","doi-asserted-by":"publisher","DOI":"10.5555\/1267308.1267319"},{"key":"e_1_3_2_1_13_1","volume-title":"Cracking-Resistant Password Vaults Using Natural Language Encoders. In 2015 IEEE Symposium on Security and Privacy, SP 2015","author":"Chatterjee Rahul","year":"2015","unstructured":"Rahul Chatterjee , Joseph Bonneau , Ari Juels , and Thomas Ristenpart . 2015 . Cracking-Resistant Password Vaults Using Natural Language Encoders. In 2015 IEEE Symposium on Security and Privacy, SP 2015 , San Jose, CA, USA, May 17--21 , 2015. 481--498. Rahul Chatterjee, Joseph Bonneau, Ari Juels, and Thomas Ristenpart. 2015. Cracking-Resistant Password Vaults Using Natural Language Encoders. In 2015 IEEE Symposium on Security and Privacy, SP 2015, San Jose, CA, USA, May 17--21, 2015. 481--498."},{"key":"e_1_3_2_1_14_1","doi-asserted-by":"publisher","DOI":"10.1145\/1866307.1866370"},{"key":"e_1_3_2_1_15_1","doi-asserted-by":"publisher","DOI":"10.1145\/2414456.2414485"},{"key":"e_1_3_2_1_16_1","doi-asserted-by":"publisher","DOI":"10.1145\/3052973.3053029"},{"key":"e_1_3_2_1_17_1","volume-title":"Proceedings of the 14th USENIX Security Symposium","author":"Chen Shuo","year":"2005","unstructured":"Shuo Chen , Jun Xu , and Emre Can Sezer . 2005 . Non-Control-Data Attacks Are Realistic Threats . In Proceedings of the 14th USENIX Security Symposium , Baltimore, MD, USA, July 31 - August 5, 2005. Shuo Chen, Jun Xu, and Emre Can Sezer. 2005. Non-Control-Data Attacks Are Realistic Threats. In Proceedings of the 14th USENIX Security Symposium, Baltimore, MD, USA, July 31 - August 5, 2005."},{"key":"e_1_3_2_1_18_1","volume-title":"Danfeng Yao, Trent Jaeger, and N. Asokan.","author":"Cheng Long","year":"2019","unstructured":"Long Cheng , Hans Liljestrand , Thomas Nyman , Yu Tsung Lee , Danfeng Yao, Trent Jaeger, and N. Asokan. 2019 . Exploitation Techniques and Defenses for Data-Oriented Attacks. CoRR ( 2019). Long Cheng, Hans Liljestrand, Thomas Nyman, Yu Tsung Lee, Danfeng Yao, Trent Jaeger, and N. Asokan. 2019. Exploitation Techniques and Defenses for Data-Oriented Attacks. CoRR (2019)."},{"key":"e_1_3_2_1_19_1","volume-title":"Proceedings of the 10th ACM Symposium on Information, Computer and Communications Security, ASIA CCS '15","author":"Cheng Yueqiang","year":"2015","unstructured":"Yueqiang Cheng , Xuhua Ding , and Robert H. Deng . 2015. Efficient Virtualization-Based Application Protection Against Untrusted Operating System . In Proceedings of the 10th ACM Symposium on Information, Computer and Communications Security, ASIA CCS '15 , Singapore, April 14--17 , 2015 . 345--356. Yueqiang Cheng, Xuhua Ding, and Robert H. Deng. 2015. Efficient Virtualization-Based Application Protection Against Untrusted Operating System. In Proceedings of the 10th ACM Symposium on Information, Computer and Communications Security, ASIA CCS '15, Singapore, April 14--17, 2015. 345--356."},{"key":"e_1_3_2_1_20_1","volume-title":"Retrieved","author":"Cloud Alibaba","year":"2019","unstructured":"Alibaba Cloud . 2019 . Aliyun cryption service . Retrieved May 27, 2019 from https:\/\/www.aliyun.com\/product\/kms Alibaba Cloud. 2019. Aliyun cryption service. Retrieved May 27, 2019 from https:\/\/www.aliyun.com\/product\/kms"},{"key":"e_1_3_2_1_21_1","volume-title":"Proceedings of the 7th USENIX Security Symposium","author":"Cowan Crispan","year":"1998","unstructured":"Crispan Cowan . 1998 . StackGuard: Automatic Adaptive Detection and Prevention of Buffer-Overflow Attacks . In Proceedings of the 7th USENIX Security Symposium , San Antonio, TX, USA, January 26--29 , 1998. Crispan Cowan. 1998. StackGuard: Automatic Adaptive Detection and Prevention of Buffer-Overflow Attacks. In Proceedings of the 7th USENIX Security Symposium, San Antonio, TX, USA, January 26--29, 1998."},{"key":"e_1_3_2_1_22_1","volume-title":"10th USENIX Security Symposium, August 13--17","author":"Cowan Crispin","year":"2001","unstructured":"Crispin Cowan , Matt Barringer , Steve Beattie , Greg Kroah-Hartman , Michael Frantzen , and Jamie Lokier . 2001 . FormatGuard: Automatic Protection From printf Format String Vulnerabilities . In 10th USENIX Security Symposium, August 13--17 , 2001, Washington, D.C., USA. Crispin Cowan, Matt Barringer, Steve Beattie, Greg Kroah-Hartman, Michael Frantzen, and Jamie Lokier. 2001. FormatGuard: Automatic Protection From printf Format String Vulnerabilities. In 10th USENIX Security Symposium, August 13--17, 2001, Washington, D.C., USA."},{"key":"e_1_3_2_1_23_1","unstructured":"CVE20188492 2019. Common Vulnerabilities and Exposures. http:\/\/cve.mitre.org\/cgi-bin\/cvename.cgi?name=CVE-2018-8492.  CVE20188492 2019. Common Vulnerabilities and Exposures. http:\/\/cve.mitre.org\/cgi-bin\/cvename.cgi?name=CVE-2018-8492."},{"key":"e_1_3_2_1_24_1","unstructured":"CVE20190247 2019. Common Vulnerabilities and Exposures. http:\/\/cve.mitre.org\/cgi-bin\/cvename.cgi?name=CVE-2019-0247.  CVE20190247 2019. Common Vulnerabilities and Exposures. http:\/\/cve.mitre.org\/cgi-bin\/cvename.cgi?name=CVE-2019-0247."},{"key":"e_1_3_2_1_25_1","unstructured":"CVE20196250 2019. Common Vulnerabilities and Exposures. http:\/\/cve.mitre.org\/cgi-bin\/cvename.cgi?name=CVE-2019-6250.  CVE20196250 2019. Common Vulnerabilities and Exposures. http:\/\/cve.mitre.org\/cgi-bin\/cvename.cgi?name=CVE-2019-6250."},{"key":"e_1_3_2_1_26_1","doi-asserted-by":"publisher","DOI":"10.14722\/ndss.2017.23421"},{"key":"e_1_3_2_1_27_1","doi-asserted-by":"publisher","DOI":"10.1145\/1346281.1346295"},{"key":"e_1_3_2_1_28_1","volume-title":"Efficient Protection of Path-Sensitive Control Security. In 26th USENIX Security Symposium, USENIX Security 2017","author":"Ding Ren","year":"2017","unstructured":"Ren Ding , Chenxiong Qian , Chengyu Song , William Harris , Taesoo Kim , and Wenke Lee . 2017 . Efficient Protection of Path-Sensitive Control Security. In 26th USENIX Security Symposium, USENIX Security 2017 , Vancouver, BC, Canada, August 16--18 , 2017. 131--148. Ren Ding, Chenxiong Qian, Chengyu Song, William Harris, Taesoo Kim, and Wenke Lee. 2017. Efficient Protection of Path-Sensitive Control Security. In 26th USENIX Security Symposium, USENIX Security 2017, Vancouver, BC, Canada, August 16--18, 2017. 131--148."},{"key":"e_1_3_2_1_29_1","volume-title":"Virtuoso: Narrowing the Semantic Gap in Virtual Machine Introspection. In 32nd IEEE Symposium on Security and Privacy, S&P 2011","author":"Dolan-Gavitt Brendan","year":"2011","unstructured":"Brendan Dolan-Gavitt , Tim Leek , Michael Zhivich , Jonathon T. Giffin , and Wenke Lee . 2011 . Virtuoso: Narrowing the Semantic Gap in Virtual Machine Introspection. In 32nd IEEE Symposium on Security and Privacy, S&P 2011 , 22--25 May 2011, Berkeley, California, USA. 297--312. Brendan Dolan-Gavitt, Tim Leek, Michael Zhivich, Jonathon T. Giffin, and Wenke Lee. 2011. Virtuoso: Narrowing the Semantic Gap in Virtual Machine Introspection. In 32nd IEEE Symposium on Security and Privacy, S&P 2011, 22--25 May 2011, Berkeley, California, USA. 297--312."},{"key":"e_1_3_2_1_30_1","unstructured":"FIPS-140-2 2019. Security Requirements for Cryptographic Modules. https:\/\/www.nist.gov\/publications\/.  FIPS-140-2 2019. Security Requirements for Cryptographic Modules. https:\/\/www.nist.gov\/publications\/."},{"key":"e_1_3_2_1_31_1","volume-title":"Proceedings of the Network and Distributed System Security Symposium, NDSS","author":"Garfinkel Tal","year":"2003","unstructured":"Tal Garfinkel and Mendel Rosenblum . 2003 . A Virtual Machine Introspection Based Architecture for Intrusion Detection . In Proceedings of the Network and Distributed System Security Symposium, NDSS 2003, San Diego, California, USA. San Diego, California. Tal Garfinkel and Mendel Rosenblum. 2003. A Virtual Machine Introspection Based Architecture for Intrusion Detection. In Proceedings of the Network and Distributed System Security Symposium, NDSS 2003, San Diego, California, USA. San Diego, California."},{"key":"e_1_3_2_1_32_1","volume-title":"Retrieved","author":"Inc. Gentoo Foundation.","year":"2019","unstructured":"Inc. Gentoo Foundation. 2019 . Boot Process Performance Visualization . Retrieved May 27, 2019 from http:\/\/www.bootchart.org\/ Inc. Gentoo Foundation. 2019. Boot Process Performance Visualization. Retrieved May 27, 2019 from http:\/\/www.bootchart.org\/"},{"volume-title":"Retrieved","year":"2018","key":"e_1_3_2_1_33_1","unstructured":"Google. 2018 . GOOGLE Cloud HSM . Retrieved May 27, 2019 from https:\/\/cloud.google.com\/hsm\/ Google. 2018. GOOGLE Cloud HSM. Retrieved May 27, 2019 from https:\/\/cloud.google.com\/hsm\/"},{"volume-title":"Retrieved","year":"2018","key":"e_1_3_2_1_34_1","unstructured":"Google. 2018 . GOOGLE CLOUD KEY MANAGEMENT SERVICE . Retrieved May 27, 2019 from https:\/\/cloud.google.com\/kms\/ Google. 2018. GOOGLE CLOUD KEY MANAGEMENT SERVICE. Retrieved May 27, 2019 from https:\/\/cloud.google.com\/kms\/"},{"key":"e_1_3_2_1_35_1","doi-asserted-by":"publisher","DOI":"10.1145\/1950365.1950398"},{"key":"e_1_3_2_1_36_1","doi-asserted-by":"publisher","DOI":"10.1145\/2451116.2451146"},{"key":"e_1_3_2_1_37_1","volume-title":"Automatic Generation of Data-Oriented Exploits. In 24th USENIX Security Symposium, USENIX Security 15","author":"Hu Hong","year":"2015","unstructured":"Hong Hu , Zheng Leong Chua , Sendroiu Adrian , Prateek Saxena , and Zhenkai Liang . 2015 . Automatic Generation of Data-Oriented Exploits. In 24th USENIX Security Symposium, USENIX Security 15 , Washington, D.C., USA, August 12--14 , 2015. 177--192. Hong Hu, Zheng Leong Chua, Sendroiu Adrian, Prateek Saxena, and Zhenkai Liang. 2015. Automatic Generation of Data-Oriented Exploits. In 24th USENIX Security Symposium, USENIX Security 15, Washington, D.C., USA, August 12--14, 2015. 177--192."},{"key":"e_1_3_2_1_38_1","doi-asserted-by":"publisher","DOI":"10.1145\/3243734.3243797"},{"key":"e_1_3_2_1_39_1","volume-title":"Data-Oriented Programming: On the Expressiveness of Non-control Data Attacks. In IEEE Symposium on Security and Privacy, SP 2016","author":"Hu Hong","year":"2016","unstructured":"Hong Hu , Shweta Shinde , Sendroiu Adrian , Zheng Leong Chua , Prateek Saxena , and Zhenkai Liang . 2016 . Data-Oriented Programming: On the Expressiveness of Non-control Data Attacks. In IEEE Symposium on Security and Privacy, SP 2016 , San Jose, CA, USA, May 22--26 , 2016. 969--986. Hong Hu, Shweta Shinde, Sendroiu Adrian, Zheng Leong Chua, Prateek Saxena, and Zhenkai Liang. 2016. Data-Oriented Programming: On the Expressiveness of Non-control Data Attacks. In IEEE Symposium on Security and Privacy, SP 2016, San Jose, CA, USA, May 22--26, 2016. 969--986."},{"key":"e_1_3_2_1_40_1","volume-title":"2018 USENIX Annual Technical Conference, USENIX ATC 2018","author":"Hua Zhichao","year":"2018","unstructured":"Zhichao Hua , Dong Du , Yubin Xia , Haibo Chen , and Binyu Zang . 2018 . EPTI: Efficient Defence against Meltdown Attack for Unpatched VMs . In 2018 USENIX Annual Technical Conference, USENIX ATC 2018 , Boston, MA, USA, July 11--13 , 2018. 255--266. Zhichao Hua, Dong Du, Yubin Xia, Haibo Chen, and Binyu Zang. 2018. EPTI: Efficient Defence against Meltdown Attack for Unpatched VMs. In 2018 USENIX Annual Technical Conference, USENIX ATC 2018, Boston, MA, USA, July 11--13, 2018. 255--266."},{"key":"e_1_3_2_1_41_1","first-page":"898","article-title":"Seriously, get off my cloud! Cross-VM RSA Key Recovery in a Public Cloud","volume":"2015","author":"Inci Mehmet Sinan","year":"2015","unstructured":"Mehmet Sinan Inci , Berk G\u00fclmezoglu , Gorka Irazoqui Apecechea , Thomas Eisenbarth , and Berk Sunar . 2015 . Seriously, get off my cloud! Cross-VM RSA Key Recovery in a Public Cloud . IACR Cryptology ePrint Archive 2015 (2015), 898 . Mehmet Sinan Inci, Berk G\u00fclmezoglu, Gorka Irazoqui Apecechea, Thomas Eisenbarth, and Berk Sunar. 2015. Seriously, get off my cloud! Cross-VM RSA Key Recovery in a Public Cloud. IACR Cryptology ePrint Archive 2015 (2015), 898.","journal-title":"IACR Cryptology ePrint Archive"},{"volume-title":"Intel 64 and IA-32 Architectures Software Developer's Manual","author":"Intel Corporation 2019.","key":"e_1_3_2_1_42_1","unstructured":"Intel Corporation 2019. Intel 64 and IA-32 Architectures Software Developer's Manual . Intel Corporation . Intel Corporation 2019. Intel 64 and IA-32 Architectures Software Developer's Manual. Intel Corporation."},{"volume-title":"UDP and SCTP. Retrieved","year":"2017","key":"e_1_3_2_1_43_1","unstructured":"iPerf 2017 . The ultimate speed test tool for TCP , UDP and SCTP. Retrieved May 27, 2019 from https:\/\/iperf.fr iPerf 2017. The ultimate speed test tool for TCP, UDP and SCTP. Retrieved May 27, 2019 from https:\/\/iperf.fr"},{"key":"e_1_3_2_1_44_1","doi-asserted-by":"publisher","DOI":"10.1145\/3243734.3243739"},{"key":"e_1_3_2_1_45_1","doi-asserted-by":"publisher","DOI":"10.1145\/1133058.1133063"},{"key":"e_1_3_2_1_46_1","doi-asserted-by":"publisher","DOI":"10.1145\/2976749.2978414"},{"key":"e_1_3_2_1_47_1","volume-title":"ISC 2018, Guildford, UK, September 9--12, 2018, Proceedings. 213--230","author":"Jiang Fangjie","year":"2018","unstructured":"Fangjie Jiang , Quanwei Cai , Le Guan , and Jingqiang Lin . 2018 . Enforcing Access Controls for the Cryptographic Cloud Service Invocation Based on Virtual Machine Introspection. In Information Security - 21st International Conference , ISC 2018, Guildford, UK, September 9--12, 2018, Proceedings. 213--230 . Fangjie Jiang, Quanwei Cai, Le Guan, and Jingqiang Lin. 2018. Enforcing Access Controls for the Cryptographic Cloud Service Invocation Based on Virtual Machine Introspection. In Information Security - 21st International Conference, ISC 2018, Guildford, UK, September 9--12, 2018, Proceedings. 213--230."},{"key":"e_1_3_2_1_48_1","unstructured":"Kaplan David 2016. AMD x86 Memory Encryption Technologies.  Kaplan David 2016. AMD x86 Memory Encryption Technologies."},{"key":"e_1_3_2_1_49_1","volume-title":"Code-Pointer Integrity. In 11th USENIX Symposium on Operating Systems Design and Implementation, OSDI '14","author":"Kuznetsov Volodymyr","year":"2014","unstructured":"Volodymyr Kuznetsov , Laszlo Szekeres , Mathias Payer , George Candea , R. Sekar , and Dawn Song . 2014 . Code-Pointer Integrity. In 11th USENIX Symposium on Operating Systems Design and Implementation, OSDI '14 , Broomfield, CO, USA, October 6--8 , 2014. 147--163. Volodymyr Kuznetsov, Laszlo Szekeres, Mathias Payer, George Candea, R. Sekar, and Dawn Song. 2014. Code-Pointer Integrity. In 11th USENIX Symposium on Operating Systems Design and Implementation, OSDI '14, Broomfield, CO, USA, October 6--8, 2014. 147--163."},{"key":"e_1_3_2_1_50_1","volume-title":"Proceedings of the 22th USENIX Security Symposium","author":"Lee Hojoon","year":"2013","unstructured":"Hojoon Lee , Hyungon Moon , DaeHee Jang , Kihwan Kim , Jihoon Lee , Yunheung Paek , and Brent ByungHoon Kang . 2013 . KI-Mon: A Hardware-assisted Event-triggered Monitoring Platform for Mutable Kernel Object . In Proceedings of the 22th USENIX Security Symposium , Washington, DC, USA, August 14--16 , 2013. 511--526. Hojoon Lee, Hyungon Moon, DaeHee Jang, Kihwan Kim, Jihoon Lee, Yunheung Paek, and Brent ByungHoon Kang. 2013. KI-Mon: A Hardware-assisted Event-triggered Monitoring Platform for Mutable Kernel Object. In Proceedings of the 22th USENIX Security Symposium, Washington, DC, USA, August 14--16, 2013. 511--526."},{"key":"e_1_3_2_1_51_1","doi-asserted-by":"publisher","DOI":"10.1002\/spe.515"},{"key":"e_1_3_2_1_52_1","doi-asserted-by":"publisher","DOI":"10.1109\/TIFS.2011.2159712"},{"key":"e_1_3_2_1_53_1","volume-title":"My Bitcoin. In Blockchain - ICBC 2018 - First International Conference, Held as Part of the Services Conference Federation, SCF 2018, Seattle, WA, USA, June 25--30, 2018, Proceedings. 285--292","author":"Li Song","year":"2018","unstructured":"Song Li and Scott Wu . 2018 . Your Device and Your Power , My Bitcoin. In Blockchain - ICBC 2018 - First International Conference, Held as Part of the Services Conference Federation, SCF 2018, Seattle, WA, USA, June 25--30, 2018, Proceedings. 285--292 . Song Li and Scott Wu. 2018. Your Device and Your Power, My Bitcoin. In Blockchain - ICBC 2018 - First International Conference, Held as Part of the Services Conference Federation, SCF 2018, Seattle, WA, USA, June 25--30, 2018, Proceedings. 285--292."},{"key":"e_1_3_2_1_54_1","volume-title":"Proceedings of the 17th USENIX Security Symposium","author":"Litty Lionel","year":"2008","unstructured":"Lionel Litty , H. Andr\u00e9s Lagar-Cavilla , and David Lie . 2008 . Hypervisor Support for Identifying Covertly Executing Binaries . In Proceedings of the 17th USENIX Security Symposium , July 28-August 1, 2008, San Jose, CA, USA. 243--258. Lionel Litty, H. Andr\u00e9s Lagar-Cavilla, and David Lie. 2008. Hypervisor Support for Identifying Covertly Executing Binaries. In Proceedings of the 17th USENIX Security Symposium, July 28-August 1, 2008, San Jose, CA, USA. 243--258."},{"volume-title":"Retrieved","year":"2018","key":"e_1_3_2_1_55_1","unstructured":"Microsoft. 2018 . Microsoft Key Vault . Retrieved May 27, 2019 from https:\/\/www.azure.cn\/home\/features\/key-vault\/ Microsoft. 2018. Microsoft Key Vault. Retrieved May 27, 2019 from https:\/\/www.azure.cn\/home\/features\/key-vault\/"},{"key":"e_1_3_2_1_56_1","volume-title":"Security Risks in Asynchronous Web Servers: When Performance Optimizations Amplify the Impact of Data-Oriented Attacks. In 2018 IEEE European Symposium on Security and Privacy, EuroS&P 2018","author":"Morton Micah","year":"2018","unstructured":"Micah Morton , Jan Werner , Panagiotis Kintis , Kevin Z. Snow , Manos Antonakakis , Michalis Polychronakis , and Fabian Monrose . 2018 . Security Risks in Asynchronous Web Servers: When Performance Optimizations Amplify the Impact of Data-Oriented Attacks. In 2018 IEEE European Symposium on Security and Privacy, EuroS&P 2018 , London, United Kingdom, April 24--26 , 2018. 167--182. Micah Morton, Jan Werner, Panagiotis Kintis, Kevin Z. Snow, Manos Antonakakis, Michalis Polychronakis, and Fabian Monrose. 2018. Security Risks in Asynchronous Web Servers: When Performance Optimizations Amplify the Impact of Data-Oriented Attacks. In 2018 IEEE European Symposium on Security and Privacy, EuroS&P 2018, London, United Kingdom, April 24--26, 2018. 167--182."},{"key":"e_1_3_2_1_57_1","doi-asserted-by":"publisher","DOI":"10.1145\/1542476.1542504"},{"key":"e_1_3_2_1_58_1","volume-title":"HardScope: Thwarting DOP with Hardware-assisted Run-time Scope Enforcement. CoRR","author":"Nyman Thomas","year":"2017","unstructured":"Thomas Nyman , Ghada Dessouky , Shaza Zeitouni , Aaro Lehikoinen , Andrew Paverd , N. Asokan , and Ahmad-Reza Sadeghi . 2017. HardScope: Thwarting DOP with Hardware-assisted Run-time Scope Enforcement. CoRR ( 2017 ). Thomas Nyman, Ghada Dessouky, Shaza Zeitouni, Aaro Lehikoinen, Andrew Paverd, N. Asokan, and Ahmad-Reza Sadeghi. 2017. HardScope: Thwarting DOP with Hardware-assisted Run-time Scope Enforcement. CoRR (2017)."},{"key":"e_1_3_2_1_59_1","doi-asserted-by":"publisher","DOI":"10.1145\/2731186.2731199"},{"key":"e_1_3_2_1_60_1","unstructured":"ISEC Security Research. [n.d.]. knox-implementation of non-executable page protection mechanism. http:\/\/isec.pl\/projects\/knox\/knox.html  ISEC Security Research. [n.d.]. knox-implementation of non-executable page protection mechanism. http:\/\/isec.pl\/projects\/knox\/knox.html"},{"key":"e_1_3_2_1_61_1","volume-title":"11th International Symposium, RAID 2008, Cambridge, MA, USA, September 15--17, 2008. Proceedings. 1--20","author":"Riley Ryan","year":"2008","unstructured":"Ryan Riley , Xuxian Jiang , and Dongyan Xu . 2008 . Guest-Transparent Prevention of Kernel Rootkits with VMM-Based Memory Shadowing. In Recent Advances in Intrusion Detection , 11th International Symposium, RAID 2008, Cambridge, MA, USA, September 15--17, 2008. Proceedings. 1--20 . Ryan Riley, Xuxian Jiang, and Dongyan Xu. 2008. Guest-Transparent Prevention of Kernel Rootkits with VMM-Based Memory Shadowing. In Recent Advances in Intrusion Detection, 11th International Symposium, RAID 2008, Cambridge, MA, USA, September 15--17, 2008. Proceedings. 1--20."},{"key":"e_1_3_2_1_62_1","doi-asserted-by":"publisher","DOI":"10.1145\/1653662.1653687"},{"key":"e_1_3_2_1_63_1","doi-asserted-by":"publisher","DOI":"10.1145\/2133375.2133377"},{"key":"e_1_3_2_1_64_1","volume-title":"Revisiting Browser Security in the Modern Era: New Data-Only Attacks and Defenses. In 2017 IEEE European Symposium on Security and Privacy, EuroS&P 2017","author":"Rogowski Roman","year":"2017","unstructured":"Roman Rogowski , Micah Morton , Forrest Li , Fabian Monrose , Kevin Z. Snow , and Michalis Polychronakis . 2017 . Revisiting Browser Security in the Modern Era: New Data-Only Attacks and Defenses. In 2017 IEEE European Symposium on Security and Privacy, EuroS&P 2017 , Paris, France, April 26--28 , 2017. 366--381. Roman Rogowski, Micah Morton, Forrest Li, Fabian Monrose, Kevin Z. Snow, and Michalis Polychronakis. 2017. Revisiting Browser Security in the Modern Era: New Data-Only Attacks and Defenses. In 2017 IEEE European Symposium on Security and Privacy, EuroS&P 2017, Paris, France, April 26--28, 2017. 366--381."},{"key":"e_1_3_2_1_65_1","doi-asserted-by":"publisher","DOI":"10.5555\/1251375.1251391"},{"key":"e_1_3_2_1_66_1","doi-asserted-by":"publisher","DOI":"10.1109\/CSF.2011.16"},{"key":"e_1_3_2_1_67_1","volume-title":"26th USENIX Security Symposium, USENIX Security 2017","author":"Schumilo Sergej","year":"2017","unstructured":"Sergej Schumilo , Cornelius Aschermann , Robert Gawlik , Sebastian Schinzel , and Thorsten Holz . 2017 . kAFL: Hardware-Assisted Feedback Fuzzing for OS Kernels . In 26th USENIX Security Symposium, USENIX Security 2017 , Vancouver, BC, Canada, August 16--18 , 2017. 167--182. Sergej Schumilo, Cornelius Aschermann, Robert Gawlik, Sebastian Schinzel, and Thorsten Holz. 2017. kAFL: Hardware-Assisted Feedback Fuzzing for OS Kernels. In 26th USENIX Security Symposium, USENIX Security 2017, Vancouver, BC, Canada, August 16--18, 2017. 167--182."},{"key":"e_1_3_2_1_68_1","doi-asserted-by":"publisher","DOI":"10.1109\/SP.2015.10"},{"key":"e_1_3_2_1_69_1","doi-asserted-by":"publisher","DOI":"10.1145\/1294261.1294294"},{"key":"e_1_3_2_1_70_1","doi-asserted-by":"publisher","DOI":"10.1145\/1315245.1315313"},{"key":"e_1_3_2_1_71_1","doi-asserted-by":"publisher","DOI":"10.1145\/1030083.1030124"},{"key":"e_1_3_2_1_72_1","volume-title":"HDFI: Hardware-Assisted Data-Flow Isolation. In IEEE Symposium on Security and Privacy, SP 2016","author":"Song Chengyu","year":"2016","unstructured":"Chengyu Song , Hyungon Moon , Monjur Alam , Insu Yun , Byoungyoung Lee , Taesoo Kim , Wenke Lee , and Yunheung Paek . 2016 . HDFI: Hardware-Assisted Data-Flow Isolation. In IEEE Symposium on Security and Privacy, SP 2016 , San Jose, CA, USA, May 22--26 , 2016. 1--17. Chengyu Song, Hyungon Moon, Monjur Alam, Insu Yun, Byoungyoung Lee, Taesoo Kim, Wenke Lee, and Yunheung Paek. 2016. HDFI: Hardware-Assisted Data-Flow Isolation. In IEEE Symposium on Security and Privacy, SP 2016, San Jose, CA, USA, May 22--26, 2016. 1--17."},{"key":"e_1_3_2_1_73_1","unstructured":"Starzetz. [n.d.]. RSX. Retrieved May 27 2019 from http:\/\/www.starzetz.com\/software\/rsx\/  Starzetz. [n.d.]. RSX. Retrieved May 27 2019 from http:\/\/www.starzetz.com\/software\/rsx\/"},{"key":"e_1_3_2_1_74_1","volume-title":"Proceedings of the 22nd ACM SIGSAC Conference on Computer and Communications Security","author":"Tang Adrian","year":"2015","unstructured":"Adrian Tang , Simha Sethumadhavan , and Salvatore J. Stolfo . 2015. Heisenbyte: Thwarting Memory Disclosure Attacks using Destructive Code Reads . In Proceedings of the 22nd ACM SIGSAC Conference on Computer and Communications Security , Denver, CO, USA, October 12--16 , 2015 . 256--267. Adrian Tang, Simha Sethumadhavan, and Salvatore J. Stolfo. 2015. Heisenbyte: Thwarting Memory Disclosure Attacks using Destructive Code Reads. In Proceedings of the 22nd ACM SIGSAC Conference on Computer and Communications Security, Denver, CO, USA, October 12--16, 2015. 256--267."},{"key":"e_1_3_2_1_75_1","volume-title":"CleanOS: Limiting Mobile Data Exposure with Idle Eviction. In 10th USENIX Symposium on Operating Systems Design and Implementation, OSDI 2012","author":"Tang Yang","year":"2012","unstructured":"Yang Tang , Phillip Ames , Sravan Bhamidipati , Ashish Bijlani , Roxana Geambasu , and Nikhil Sarda . 2012 . CleanOS: Limiting Mobile Data Exposure with Idle Eviction. In 10th USENIX Symposium on Operating Systems Design and Implementation, OSDI 2012 , Hollywood, CA, USA, October 8--10 , 2012. 77--91. Yang Tang, Phillip Ames, Sravan Bhamidipati, Ashish Bijlani, Roxana Geambasu, and Nikhil Sarda. 2012. CleanOS: Limiting Mobile Data Exposure with Idle Eviction. In 10th USENIX Symposium on Operating Systems Design and Implementation, OSDI 2012, Hollywood, CA, USA, October 8--10, 2012. 77--91."},{"key":"e_1_3_2_1_76_1","volume-title":"Retrieved","author":"Team The","year":"2013","unstructured":"The PaX Team . 2013 . PaX . Retrieved May 27, 2019 from https:\/\/pax.grsecurity.net\/ The PaX Team. 2013. PaX. Retrieved May 27, 2019 from https:\/\/pax.grsecurity.net\/"},{"key":"e_1_3_2_1_77_1","volume-title":"RAID 2011, Menlo Park, CA, USA, September 20--21, 2011. Proceedings. 121--141","author":"Tran Minh","year":"2011","unstructured":"Minh Tran , Mark Etheridge , Tyler K. Bletsch , Xuxian Jiang , Vincent W. Freeh , and Peng Ning . 2011 . On the Expressiveness of Return-into-libc Attacks. In Recent Advances in Intrusion Detection - 14th International Symposium , RAID 2011, Menlo Park, CA, USA, September 20--21, 2011. Proceedings. 121--141 . Minh Tran, Mark Etheridge, Tyler K. Bletsch, Xuxian Jiang, Vincent W. Freeh, and Peng Ning. 2011. On the Expressiveness of Return-into-libc Attacks. In Recent Advances in Intrusion Detection - 14th International Symposium, RAID 2011, Menlo Park, CA, USA, September 20--21, 2011. Proceedings. 121--141."},{"key":"e_1_3_2_1_78_1","doi-asserted-by":"publisher","DOI":"10.1109\/SP.2013.36"},{"key":"e_1_3_2_1_79_1","volume-title":"Retrieved","author":"Shield Stack","year":"2019","unstructured":"Vendicator. [n.d.]. Stack Shield : A Stack Smashing Tecnique protection tool for Linux . Retrieved May 27, 2019 from http:\/\/www.angel?re.com\/sk\/stackshield Vendicator. [n.d.]. Stack Shield: A Stack Smashing Tecnique protection tool for Linux. Retrieved May 27, 2019 from http:\/\/www.angel?re.com\/sk\/stackshield"},{"key":"e_1_3_2_1_80_1","unstructured":"Volatility 2015. The Volatility Framework. https:\/\/code.google.com\/archive\/p\/volatility\/.  Volatility 2015. The Volatility Framework. https:\/\/code.google.com\/archive\/p\/volatility\/."},{"volume-title":"13th International Symposium, RAID 2010, Ottawa, Ontario, Canada, September 15--17, 2010. Proceedings. 158--177","author":"Wang Jiang","key":"e_1_3_2_1_81_1","unstructured":"Jiang Wang , Angelos Stavrou , and Anup K. Ghosh . 2010. HyperCheck: A Hardware-Assisted Integrity Monitor. In Recent Advances in Intrusion Detection , 13th International Symposium, RAID 2010, Ottawa, Ontario, Canada, September 15--17, 2010. Proceedings. 158--177 . Jiang Wang, Angelos Stavrou, and Anup K. Ghosh. 2010. HyperCheck: A Hardware-Assisted Integrity Monitor. In Recent Advances in Intrusion Detection, 13th International Symposium, RAID 2010, Ottawa, Ontario, Canada, September 15--17, 2010. Proceedings. 158--177."},{"key":"e_1_3_2_1_82_1","doi-asserted-by":"publisher","DOI":"10.1109\/SP.2010.30"},{"key":"e_1_3_2_1_83_1","volume-title":"KEPLER: Facilitating Control-flow Hijacking Primitive Evaluation for Linux Kernel Vulnerabilities. In 28th USENIX Security Symposium (USENIX Security 19)","author":"Wu Wei","year":"2019","unstructured":"Wei Wu , Yueqi Chen , Xinyu Xing , and Wei Zou . 2019 . KEPLER: Facilitating Control-flow Hijacking Primitive Evaluation for Linux Kernel Vulnerabilities. In 28th USENIX Security Symposium (USENIX Security 19) . USENIX Association, Santa Clara, CA. https:\/\/www.usenix.org\/conference\/usenixsecurity19\/presentation\/wu-wei Wei Wu, Yueqi Chen, Xinyu Xing, and Wei Zou. 2019. KEPLER: Facilitating Control-flow Hijacking Primitive Evaluation for Linux Kernel Vulnerabilities. In 28th USENIX Security Symposium (USENIX Security 19). USENIX Association, Santa Clara, CA. https:\/\/www.usenix.org\/conference\/usenixsecurity19\/presentation\/wu-wei"},{"key":"e_1_3_2_1_85_1","volume-title":"Secure Virtualization Environment Based on Advanced Memory Introspection. Security and Communication Networks 2018","author":"Zhang Shuhui","year":"2018","unstructured":"Shuhui Zhang , Xiangxu Meng , Lianhai Wang , Lijuan Xu , and Xiaohui Han . 2018. Secure Virtualization Environment Based on Advanced Memory Introspection. Security and Communication Networks 2018 ( 2018 ), 9410278:1--9410278:16. Shuhui Zhang, Xiangxu Meng, Lianhai Wang, Lijuan Xu, and Xiaohui Han. 2018. Secure Virtualization Environment Based on Advanced Memory Introspection. Security and Communication Networks 2018 (2018), 9410278:1--9410278:16."}],"event":{"name":"ACSAC '19: 2019 Annual Computer Security Applications Conference","acronym":"ACSAC '19","location":"San Juan Puerto Rico USA"},"container-title":["Proceedings of the 35th Annual Computer Security Applications Conference"],"original-title":[],"link":[{"URL":"https:\/\/dl.acm.org\/doi\/10.1145\/3359789.3359795","content-type":"unspecified","content-version":"vor","intended-application":"text-mining"},{"URL":"https:\/\/dl.acm.org\/doi\/pdf\/10.1145\/3359789.3359795","content-type":"application\/pdf","content-version":"vor","intended-application":"syndication"},{"URL":"https:\/\/dl.acm.org\/doi\/pdf\/10.1145\/3359789.3359795","content-type":"unspecified","content-version":"vor","intended-application":"similarity-checking"}],"deposited":{"date-parts":[[2025,6,17]],"date-time":"2025-06-17T23:23:07Z","timestamp":1750202587000},"score":1,"resource":{"primary":{"URL":"https:\/\/dl.acm.org\/doi\/10.1145\/3359789.3359795"}},"subtitle":["transparent and fine-grained binary integrity verification in the cloud"],"short-title":[],"issued":{"date-parts":[[2019,12,9]]},"references-count":84,"alternative-id":["10.1145\/3359789.3359795","10.1145\/3359789"],"URL":"https:\/\/doi.org\/10.1145\/3359789.3359795","relation":{},"subject":[],"published":{"date-parts":[[2019,12,9]]},"assertion":[{"value":"2019-12-09","order":2,"name":"published","label":"Published","group":{"name":"publication_history","label":"Publication History"}}]}}