{"status":"ok","message-type":"work","message-version":"1.0.0","message":{"indexed":{"date-parts":[[2025,11,16]],"date-time":"2025-11-16T02:19:27Z","timestamp":1763259567173,"version":"3.41.0"},"publisher-location":"New York, NY, USA","reference-count":47,"publisher":"ACM","license":[{"start":{"date-parts":[[2020,3,16]],"date-time":"2020-03-16T00:00:00Z","timestamp":1584316800000},"content-version":"vor","delay-in-days":0,"URL":"https:\/\/www.acm.org\/publications\/policies\/copyright_policy#Background"}],"funder":[{"name":"Zhejiang Key R&D Plan","award":["2019C03133"],"award-info":[{"award-number":["2019C03133"]}]},{"name":"the National Natural Science Foundation of China","award":["61772236"],"award-info":[{"award-number":["61772236"]}]}],"content-domain":{"domain":["dl.acm.org"],"crossmark-restriction":true},"short-container-title":[],"published-print":{"date-parts":[[2020,3,16]]},"DOI":"10.1145\/3374664.3375734","type":"proceedings-article","created":{"date-parts":[[2020,3,13]],"date-time":"2020-03-13T17:06:53Z","timestamp":1584119213000},"page":"365-375","update-policy":"https:\/\/doi.org\/10.1145\/crossmark-policy","source":"Crossref","is-referenced-by-count":6,"title":["PESC"],"prefix":"10.1145","author":[{"given":"Jiadong","family":"Sun","sequence":"first","affiliation":[{"name":"Zhejiang University, Hangzhou, China"}]},{"given":"Xia","family":"Zhou","sequence":"additional","affiliation":[{"name":"Zhejiang University, Hangzhou, China"}]},{"given":"Wenbo","family":"Shen","sequence":"additional","affiliation":[{"name":"Zhejiang University, Hangzhou, China"}]},{"given":"Yajin","family":"Zhou","sequence":"additional","affiliation":[{"name":"Zhejiang University, Hangzhou, China"}]},{"given":"Kui","family":"Ren","sequence":"additional","affiliation":[{"name":"Zhejiang University, Hangzhou, China"}]}],"member":"320","published-online":{"date-parts":[[2020,3,16]]},"reference":[{"key":"e_1_3_2_1_1_1","unstructured":"2011. Approximate Overhead of System Calls. https:\/\/www.ibm.com\/ developerworks\/community\/blogs\/kevgrig\/entry\/approximate_overhead_of_ system_calls9?lang=en. (2011)."},{"key":"e_1_3_2_1_2_1","unstructured":"2017. byte-unixbenchs. https:\/\/github.com\/kdlucas\/byte-unixbench. (2017)."},{"key":"e_1_3_2_1_3_1","unstructured":"2018. Exploit Mitigation Techniques - Stack Canaries. https:\/\/0x00sec.org\/t\/ exploit-mitigation-techniques-stack-canaries\/5085. (2018)."},{"key":"e_1_3_2_1_4_1","unstructured":"2018. Intel Digital Random Number Generator (DRNG) Software Implementation Guide. https:\/\/software.intel.com\/en-us\/articles\/intel-digital-random-numbergenerator- drng-software-implementation-guide. (2018)."},{"key":"e_1_3_2_1_5_1","unstructured":"2018. Issue 1657: Linux: semi-arbitrary task stack read on ARM64 (and x86) via \/proc\/pid\/stack. https:\/\/bugs.chromium.org\/p\/project-zero\/issues\/detail?id=1657. (2018)."},{"volume-title":"2PAC 2Furious: Envisioning an iOS Compromise","year":"2019","key":"e_1_3_2_1_6_1","unstructured":"2019. 2PAC 2Furious: Envisioning an iOS Compromise in 2019. https:\/\/downloads.immunityinc.com\/infiltrate2019-slidepacks\/marco-grassiliang- chen-2pac-2furious\/infiltrate19_final.pdf. (2019)."},{"volume-title":"Issue E.a. https:\/\/developer.arm.com\/ docs\/ddi0487\/latest\/arm-architecture-reference-manual-armv8-for-armv8-aarchitecture- profile.","year":"2019","key":"e_1_3_2_1_7_1","unstructured":"2019. Arm Architecture Reference Manual, Issue E.a. https:\/\/developer.arm.com\/ docs\/ddi0487\/latest\/arm-architecture-reference-manual-armv8-for-armv8-aarchitecture- profile. (2019)."},{"key":"e_1_3_2_1_8_1","unstructured":"2019. Cycle Count Register. https:\/\/developer.arm.com\/docs\/ddi0433\/ a\/performance-monitoring-unit\/performance-monitoring-registerdescriptions\/ performance-monitor-control-register. (2019)."},{"key":"e_1_3_2_1_9_1","unstructured":"2019. Function prologue. https:\/\/en.wikipedia.org\/wiki\/Function_prologue. (2019)."},{"key":"e_1_3_2_1_10_1","unstructured":"2019. HiKey960 board. https:\/\/source.android.com\/setup\/build\/devices. (2019)."},{"key":"e_1_3_2_1_11_1","unstructured":"2019. Intel\u00c2 64 and IA-32 Architectures Software Developer\u00e2's Manual. https:\/\/software.intel.com\/sites\/default\/files\/managed\/39\/c5\/325462-sdmvol- 1--2abcd-3abcd.pdf. (2019)."},{"key":"e_1_3_2_1_12_1","unstructured":"2019. Issue 1759: KVM: uninitialized memory leak in kvm_inject_page_fault. https:\/\/bugs.chromium.org\/p\/project-zero\/issues\/detail?id=1759. (2019)."},{"key":"e_1_3_2_1_13_1","unstructured":"2019. Issues - project zero. https:\/\/bugs.chromium.org\/p\/projectzero\/ issues\/list?can=1&q=stack+overflow&colspec=ID+Status+Restrict+ Reported+Vendor+Product+Finder+Summary&num=100. (2019)."},{"volume-title":"AMD, and VIA CPUs. https:\/\/www.agner.org\/optimize\/instruction_ tables.pdf.","year":"2019","key":"e_1_3_2_1_14_1","unstructured":"2019. Lists of instruction latencies, throughputs and micro-operation breakdowns for Intel, AMD, and VIA CPUs. https:\/\/www.agner.org\/optimize\/instruction_ tables.pdf. (2019)."},{"key":"e_1_3_2_1_15_1","unstructured":"2019. Microsoft \/GS(Buffer Security Check). https:\/\/docs.microsoft.com\/enus\/ cpp\/build\/reference\/gs-buffer-security-check?redirectedfrom=MSDN& view=vs-2019. (2019)."},{"key":"e_1_3_2_1_16_1","unstructured":"2019. Morris Worm. https:\/\/en.wikipedia.org\/wiki\/Morris_worm. (2019)."},{"key":"e_1_3_2_1_17_1","unstructured":"2019. Performance monitoring register descriptions. https:\/\/developer.arm. com\/docs\/ddi0433\/a\/performance-monitoring-unit\/performance-monitoringregister- descriptions. (2019)."},{"key":"e_1_3_2_1_18_1","unstructured":"2019. Return-oriented programming - Wikipedia. https:\/\/en.wikipedia.org\/wiki\/ Return-oriented_programming. (2019)."},{"volume-title":"SPEC CPU 2006","year":"2006","key":"e_1_3_2_1_19_1","unstructured":"2019. SPEC CPU 2006. http:\/\/www.spec.org\/cpu2006\/. (2019)."},{"key":"e_1_3_2_1_20_1","unstructured":"2019. STACKPROTECTOR_STRONG. https:\/\/elixir.bootlin.com\/linux\/v5.0\/ source\/arch\/Kconfig#L473. (2019)."},{"key":"e_1_3_2_1_21_1","volume-title":"Defeating compiler-level buffer overflow protection. The USENIX Magazine","author":"Alexander Steven","year":"2005","unstructured":"Steven Alexander. 2005. Defeating compiler-level buffer overflow protection. The USENIX Magazine; login (2005)."},{"key":"e_1_3_2_1_22_1","doi-asserted-by":"publisher","DOI":"10.1145\/2660267.2660350"},{"key":"e_1_3_2_1_23_1","volume-title":"KALD: Detecting Direct Pointer Disclosure Vulnerabilities","author":"Belleville Brian","year":"2019","unstructured":"Brian Belleville, Wenbo Shen, Stijn Volckaert, Ahmed M Azab, and Michael Franz. 2019. KALD: Detecting Direct Pointer Disclosure Vulnerabilities. IEEE Transactions on Dependable and Secure Computing (2019)."},{"key":"e_1_3_2_1_24_1","volume-title":"Smashing the Stack Protector for Fun and Profit. In IFIP International Conference on ICT Systems Security and Privacy Protection. Springer, 293--306","author":"Bierbaumer Bruno","year":"2018","unstructured":"Bruno Bierbaumer, Julian Kirsch, Thomas Kittel, Aur\u00e9lien Francillon, and Apostolis Zarras. 2018. Smashing the Stack Protector for Fun and Profit. In IFIP International Conference on ICT Systems Security and Privacy Protection. Springer, 293--306."},{"key":"e_1_3_2_1_25_1","doi-asserted-by":"publisher","DOI":"10.1109\/SP.2014.22"},{"key":"e_1_3_2_1_26_1","volume-title":"Linux Expo.","author":"Cowan Crispin","year":"1999","unstructured":"Crispin Cowan, Steve Beattie, Ryan Finnin Day, Calton Pu, Perry Wagle, and Erik Walthinsen. 1999. Protecting systems from stack smashing attacks with StackGuard. In Linux Expo."},{"key":"e_1_3_2_1_27_1","volume-title":"USENIX Security Symposium","volume":"98","author":"Cowan Crispan","year":"1998","unstructured":"Crispan Cowan, Calton Pu, Dave Maier, Jonathan Walpole, Peat Bakke, Steve Beattie, Aaron Grier, Perry Wagle, Qian Zhang, and Heather Hinton. 1998. Stackguard: Automatic adaptive detection and prevention of buffer-overflow attacks.. In USENIX Security Symposium, Vol. 98. San Antonio, TX, 63--78."},{"key":"e_1_3_2_1_28_1","volume-title":"Proceedings DARPA Information Survivability Conference and Exposition. DISCEX'00","volume":"2","author":"Cowan Crispin","year":"2000","unstructured":"Crispin Cowan, F Wagle, Calton Pu, Steve Beattie, and Jonathan Walpole. 2000. Buffer overflows: Attacks and defenses for the vulnerability of the decade. In Proceedings DARPA Information Survivability Conference and Exposition. DISCEX'00, Vol. 2. IEEE, 119--129."},{"key":"e_1_3_2_1_29_1","doi-asserted-by":"publisher","DOI":"10.1109\/ICC.2014.6883394"},{"key":"e_1_3_2_1_30_1","volume-title":"GCC extension for protecting applications from stack-smashing attacks (ProPolice)(2003). URL http:\/\/www. trl. ibm. com\/projects\/security\/ssp","author":"Etoh Hiroaki","year":"2019","unstructured":"Hiroaki Etoh. 2019. GCC extension for protecting applications from stack-smashing attacks (ProPolice)(2003). URL http:\/\/www. trl. ibm. com\/projects\/security\/ssp (2019)."},{"key":"e_1_3_2_1_31_1","doi-asserted-by":"publisher","DOI":"10.1145\/2897795.2897803"},{"key":"e_1_3_2_1_32_1","volume-title":"Spectre Attacks: Exploiting Speculative Execution. In 40th IEEE Symposium on Security and Privacy (S&P'19)","author":"Kocher Paul","year":"2019","unstructured":"Paul Kocher, Jann Horn, Anders Fogh, , Daniel Genkin, Daniel Gruss, Werner Haas, Mike Hamburg, Moritz Lipp, Stefan Mangard, Thomas Prescher, Michael Schwarz, and Yuval Yarom. 2019. Spectre Attacks: Exploiting Speculative Execution. In 40th IEEE Symposium on Security and Privacy (S&P'19)."},{"key":"e_1_3_2_1_33_1","volume-title":"27th USENIX Security Symposium (USENIX Security 18)","author":"Lipp Moritz","year":"2018","unstructured":"Moritz Lipp, Michael Schwarz, Daniel Gruss, Thomas Prescher, Werner Haas, Anders Fogh, Jann Horn, Stefan Mangard, Paul Kocher, Daniel Genkin, Yuval Yarom, and Mike Hamburg. 2018. Meltdown: Reading Kernel Memory from User Space. In 27th USENIX Security Symposium (USENIX Security 18)."},{"key":"e_1_3_2_1_34_1","volume-title":"Vijay Janapa Reddi, and Kim Hazelwood","author":"Luk Chi-Keung","year":"2005","unstructured":"Chi-Keung Luk, Robert Cohn, Robert Muth, Harish Patil, Artur Klauser, Geoff Lowney, Steven Wallace, Vijay Janapa Reddi, and Kim Hazelwood. 2005. Pin: building customized program analysis tools with dynamic instrumentation. In Acm sigplan notices, Vol. 40. ACM, 190--200."},{"key":"e_1_3_2_1_35_1","doi-asserted-by":"publisher","DOI":"10.1109\/NCA.2013.12"},{"key":"e_1_3_2_1_36_1","doi-asserted-by":"publisher","DOI":"10.1007\/s10207-018-00425-8"},{"key":"e_1_3_2_1_37_1","volume-title":"Smashing the stack for fun and profit. Phrack magazine 7, 49","author":"One Aleph","year":"1996","unstructured":"Aleph One. 1996. Smashing the stack for fun and profit. Phrack magazine 7, 49 (1996), 14--16."},{"key":"e_1_3_2_1_38_1","doi-asserted-by":"publisher","DOI":"10.1145\/2818000.2818031"},{"key":"e_1_3_2_1_39_1","doi-asserted-by":"publisher","DOI":"10.1145\/1519144.1519145"},{"key":"e_1_3_2_1_40_1","doi-asserted-by":"publisher","DOI":"10.1109\/MSP.2014.44"},{"key":"e_1_3_2_1_41_1","doi-asserted-by":"publisher","DOI":"10.1109\/SP.2013.13"},{"key":"e_1_3_2_1_42_1","volume-title":"Proceedings of the GCC Developers Summit. Citeseer, 243--255","author":"Wagle Perry","year":"2003","unstructured":"Perry Wagle, Crispin Cowan, et al. 2003. Stackguard: Simple stack smash protection for gcc. In Proceedings of the GCC Developers Summit. Citeseer, 243--255."},{"key":"e_1_3_2_1_43_1","doi-asserted-by":"publisher","DOI":"10.1109\/DSN.2018.00035"},{"volume-title":"28th {USENIX} Security Symposium ({USENIX} Security 19). 1187--1204.","author":"Wu Wei","key":"e_1_3_2_1_44_1","unstructured":"Wei Wu, Yueqi Chen, Xinyu Xing, and Wei Zou. 2019. {KEPLER}: Facilitating Control-flow Hijacking Primitive Evaluation for Linux Kernel Vulnerabilities. In 28th {USENIX} Security Symposium ({USENIX} Security 19). 1187--1204."},{"key":"e_1_3_2_1_45_1","volume-title":"Scraps of notes on remote stack overflow exploitation. Phrack 63, 15","author":"Zabrocki A","year":"2010","unstructured":"A Zabrocki. 2010. Scraps of notes on remote stack overflow exploitation. Phrack 63, 15 (2010)."},{"key":"e_1_3_2_1_46_1","volume-title":"PeX: A Permission Check Analysis Framework for Linux Kernel. In 28th USENIX Security Symposium","author":"Zhang Tong","year":"2019","unstructured":"Tong Zhang, Wenbo Shen, Dongyoon Lee, Changhee Jung, Ahmed M Azab, and Ruowen Wang. 2019. PeX: A Permission Check Analysis Framework for Linux Kernel. In 28th USENIX Security Symposium 2019. 1205--1220."},{"key":"e_1_3_2_1_47_1","volume-title":"International Conference on Security and Privacy in Communication Systems. Springer, 738--751","author":"Zhu Jun","year":"2017","unstructured":"Jun Zhu, Weiping Zhou, Zhilong Wang, Dongliang Mu, and Bing Mao. 2017. Diffguard: Obscuring sensitive information in canary based protections. In International Conference on Security and Privacy in Communication Systems. Springer, 738--751."}],"event":{"name":"CODASPY '20: Tenth ACM Conference on Data and Application Security and Privacy","sponsor":["SIGSAC ACM Special Interest Group on Security, Audit, and Control"],"location":"New Orleans LA USA","acronym":"CODASPY '20"},"container-title":["Proceedings of the Tenth ACM Conference on Data and Application Security and Privacy"],"original-title":[],"link":[{"URL":"https:\/\/dl.acm.org\/doi\/10.1145\/3374664.3375734","content-type":"unspecified","content-version":"vor","intended-application":"text-mining"},{"URL":"https:\/\/dl.acm.org\/doi\/pdf\/10.1145\/3374664.3375734","content-type":"unspecified","content-version":"vor","intended-application":"similarity-checking"}],"deposited":{"date-parts":[[2025,6,17]],"date-time":"2025-06-17T22:33:08Z","timestamp":1750199588000},"score":1,"resource":{"primary":{"URL":"https:\/\/dl.acm.org\/doi\/10.1145\/3374664.3375734"}},"subtitle":["A Per System-Call Stack Canary Design for Linux Kernel"],"short-title":[],"issued":{"date-parts":[[2020,3,16]]},"references-count":47,"alternative-id":["10.1145\/3374664.3375734","10.1145\/3374664"],"URL":"https:\/\/doi.org\/10.1145\/3374664.3375734","relation":{},"subject":[],"published":{"date-parts":[[2020,3,16]]},"assertion":[{"value":"2020-03-16","order":2,"name":"published","label":"Published","group":{"name":"publication_history","label":"Publication History"}}]}}