{"status":"ok","message-type":"work","message-version":"1.0.0","message":{"indexed":{"date-parts":[[2026,6,5]],"date-time":"2026-06-05T04:46:49Z","timestamp":1780634809689,"version":"3.54.1"},"publisher-location":"New York, NY, USA","reference-count":70,"publisher":"ACM","license":[{"start":{"date-parts":[[2022,6,11]],"date-time":"2022-06-11T00:00:00Z","timestamp":1654905600000},"content-version":"vor","delay-in-days":0,"URL":"https:\/\/creativecommons.org\/licenses\/by\/4.0\/"}],"funder":[{"DOI":"10.13039\/100000181","name":"Air Force Office of Scientific Research","doi-asserted-by":"publisher","award":["FA9550-20-1-0402"],"award-info":[{"award-number":["FA9550-20-1-0402"]}],"id":[{"id":"10.13039\/100000181","id-type":"DOI","asserted-by":"publisher"}]},{"name":"NSF","award":["CNS-2046359"],"award-info":[{"award-number":["CNS-2046359"]}]}],"content-domain":{"domain":["dl.acm.org"],"crossmark-restriction":true},"short-container-title":[],"published-print":{"date-parts":[[2022,6,18]]},"DOI":"10.1145\/3470496.3527429","type":"proceedings-article","created":{"date-parts":[[2022,5,31]],"date-time":"2022-05-31T19:06:01Z","timestamp":1654023961000},"page":"685-698","update-policy":"https:\/\/doi.org\/10.1145\/crossmark-policy","source":"Crossref","is-referenced-by-count":62,"title":["PACMAN"],"prefix":"10.1145","author":[{"given":"Joseph","family":"Ravichandran","sequence":"first","affiliation":[{"name":"MIT CSAIL"}],"role":[{"vocabulary":"crossref","role":"author"}]},{"given":"Weon Taek","family":"Na","sequence":"additional","affiliation":[{"name":"MIT CSAIL"}],"role":[{"vocabulary":"crossref","role":"author"}]},{"given":"Jay","family":"Lang","sequence":"additional","affiliation":[{"name":"MIT CSAIL"}],"role":[{"vocabulary":"crossref","role":"author"}]},{"given":"Mengjia","family":"Yan","sequence":"additional","affiliation":[{"name":"MIT CSAIL"}],"role":[{"vocabulary":"crossref","role":"author"}]}],"member":"320","published-online":{"date-parts":[[2022,6,11]]},"reference":[{"key":"e_1_3_2_1_1_1","unstructured":"2001. Address Space Layout Randomization. https:\/\/pax.grsecurity.net\/docs\/aslr.txt.  2001. Address Space Layout Randomization. https:\/\/pax.grsecurity.net\/docs\/aslr.txt."},{"key":"e_1_3_2_1_2_1","unstructured":"2021. Linux on Apple Silicon. https:\/\/asahilinux.org\/about\/.  2021. Linux on Apple Silicon. https:\/\/asahilinux.org\/about\/."},{"key":"e_1_3_2_1_3_1","volume-title":"Port Contention for Fun and Profit. In 2019 IEEE Symposium on Security and Privacy (SP). IEEE.","author":"Aldaya Alejandro Cabrera","year":"2019","unstructured":"Alejandro Cabrera Aldaya , Billy Bob Brumley , Sohaib ul Hassan , Cesar Pereida Garc\u00eda , and Nicola Tuveri . 2019 . Port Contention for Fun and Profit. In 2019 IEEE Symposium on Security and Privacy (SP). IEEE. Alejandro Cabrera Aldaya, Billy Bob Brumley, Sohaib ul Hassan, Cesar Pereida Garc\u00eda, and Nicola Tuveri. 2019. Port Contention for Fun and Profit. In 2019 IEEE Symposium on Security and Privacy (SP). IEEE."},{"key":"e_1_3_2_1_4_1","first-page":"49","article-title":"Smashing the Stack for Fun and Profit","volume":"7","author":"One Aleph","year":"1996","unstructured":"Aleph One . 1996 . Smashing the Stack for Fun and Profit . Phrack 7 , 49 (November 1996). http:\/\/www.phrack.com\/issues.html?issue=49&id=14 Aleph One. 1996. Smashing the Stack for Fun and Profit. Phrack 7, 49 (November 1996). http:\/\/www.phrack.com\/issues.html?issue=49&id=14","journal-title":"Phrack"},{"key":"e_1_3_2_1_5_1","unstructured":"Apple Inc. 2020. Apple unleashes M1. https:\/\/www.apple.com\/newsroom\/2020\/11\/apple-unleashes-m1\/  Apple Inc. 2020. Apple unleashes M1. https:\/\/www.apple.com\/newsroom\/2020\/11\/apple-unleashes-m1\/"},{"key":"e_1_3_2_1_6_1","unstructured":"Apple Inc. 2020. ARMv8.3 Pointer Authentication in xnu. https:\/\/github.com\/apple\/darwin-xnu\/blob\/xnu-7195.50.7.100.1\/doc\/pac.md  Apple Inc. 2020. ARMv8.3 Pointer Authentication in xnu. https:\/\/github.com\/apple\/darwin-xnu\/blob\/xnu-7195.50.7.100.1\/doc\/pac.md"},{"key":"e_1_3_2_1_7_1","unstructured":"Apple Inc. 2021. Introducing M1 Pro and M1 Max: the most powerful chips Apple has ever built. https:\/\/www.apple.com\/newsroom\/2021\/10\/introducing-m1-pro-and-m1-max-the-most-powerful-chips-apple-has-ever-built\/  Apple Inc. 2021. Introducing M1 Pro and M1 Max: the most powerful chips Apple has ever built. https:\/\/www.apple.com\/newsroom\/2021\/10\/introducing-m1-pro-and-m1-max-the-most-powerful-chips-apple-has-ever-built\/"},{"key":"e_1_3_2_1_8_1","unstructured":"Apple Inc. 2021. The Darwin Kernel 7195.81.3. https:\/\/github.com\/apple-oss-distributions\/xnu\/tree\/xnu-7195.81.3  Apple Inc. 2021. The Darwin Kernel 7195.81.3. https:\/\/github.com\/apple-oss-distributions\/xnu\/tree\/xnu-7195.81.3"},{"key":"e_1_3_2_1_9_1","unstructured":"ARM Limited. 2021. ARM Architecture Reference Manual. https:\/\/developer.arm.com\/documentation\/ddi0487\/ga.  ARM Limited. 2021. ARM Architecture Reference Manual. https:\/\/developer.arm.com\/documentation\/ddi0487\/ga."},{"key":"e_1_3_2_1_10_1","unstructured":"ARM Limited. 2021. ARM big little. https:\/\/www.arm.com\/why-arm\/technologies\/big-little  ARM Limited. 2021. ARM big little. https:\/\/www.arm.com\/why-arm\/technologies\/big-little"},{"key":"e_1_3_2_1_11_1","unstructured":"ARM Limited. 2021. Jump-oriented programming. https:\/\/developer.arm.com\/documentation\/102433\/0100\/Jump-oriented-programming.  ARM Limited. 2021. Jump-oriented programming. https:\/\/developer.arm.com\/documentation\/102433\/0100\/Jump-oriented-programming."},{"key":"e_1_3_2_1_12_1","unstructured":"ARM Limited. 2021. Secure and Scalable Performance for Next-Generation On- The-Go Devices. https:\/\/www.arm.com\/products\/silicon-ip-cpu\/cortex-a\/cortex-a78c.  ARM Limited. 2021. Secure and Scalable Performance for Next-Generation On- The-Go Devices. https:\/\/www.arm.com\/products\/silicon-ip-cpu\/cortex-a\/cortex-a78c."},{"key":"e_1_3_2_1_13_1","unstructured":"Brandon Azad. 2019. Examining Pointer Authentication on the iPhone XS. https:\/\/googleprojectzero.blogspot.com\/2019\/02\/examining-pointer-authentication-on.html  Brandon Azad. 2019. Examining Pointer Authentication on the iPhone XS. https:\/\/googleprojectzero.blogspot.com\/2019\/02\/examining-pointer-authentication-on.html"},{"key":"e_1_3_2_1_14_1","doi-asserted-by":"publisher","DOI":"10.1145\/3445814.3446708"},{"key":"e_1_3_2_1_15_1","doi-asserted-by":"crossref","unstructured":"Atri Bhattacharyya Alexandra Sandulescu Matthias Neugschwandtner Alessandro Sorniotti Babak Falsafi Mathias Payer and Anil Kurmus. 2019. SMoTher-Spectre: Exploiting Speculative Execution through Port Contention. In CCS.  Atri Bhattacharyya Alexandra Sandulescu Matthias Neugschwandtner Alessandro Sorniotti Babak Falsafi Mathias Payer and Anil Kurmus. 2019. SMoTher-Spectre: Exploiting Speculative Execution through Port Contention. In CCS.","DOI":"10.1145\/3319535.3363194"},{"key":"e_1_3_2_1_16_1","doi-asserted-by":"publisher","DOI":"10.1145\/1966913.1966919"},{"key":"e_1_3_2_1_17_1","doi-asserted-by":"publisher","DOI":"10.1145\/3320269.3384747"},{"key":"e_1_3_2_1_18_1","volume-title":"28th USENIX Security Symposium (USENIX Security 19)","author":"Canella Claudio","year":"2019","unstructured":"Claudio Canella , Jo Van Bulck , Michael Schwarz , Moritz Lipp , Benjamin Von Berg , Philipp Ortner , Frank Piessens , Dmitry Evtyushkin , and Daniel Gruss . 2019 . A systematic evaluation of transient execution attacks and defenses . In 28th USENIX Security Symposium (USENIX Security 19) . Claudio Canella, Jo Van Bulck, Michael Schwarz, Moritz Lipp, Benjamin Von Berg, Philipp Ortner, Frank Piessens, Dmitry Evtyushkin, and Daniel Gruss. 2019. A systematic evaluation of transient execution attacks and defenses. In 28th USENIX Security Symposium (USENIX Security 19)."},{"key":"e_1_3_2_1_19_1","volume-title":"StackGuard: Automatic adaptive detection and prevention of buffer-overflow attacks. 98 (01","author":"Cowan Crispin","year":"1998","unstructured":"Crispin Cowan , Calton Pu , Dave Maier , Heather Hintony , Jonathan Walpole , Peat Bakke , Steve Beattie , Aaron Grier , Perry Wagle , and Qian Zhang . 1998. StackGuard: Automatic adaptive detection and prevention of buffer-overflow attacks. 98 (01 1998 ). Crispin Cowan, Calton Pu, Dave Maier, Heather Hintony, Jonathan Walpole, Peat Bakke, Steve Beattie, Aaron Grier, Perry Wagle, and Qian Zhang. 1998. StackGuard: Automatic adaptive detection and prevention of buffer-overflow attacks. 98 (01 1998)."},{"key":"e_1_3_2_1_20_1","doi-asserted-by":"publisher","DOI":"10.1109\/ISCA52012.2021.00080"},{"key":"e_1_3_2_1_21_1","unstructured":"Jake Edge. 2013. Kernel address space layout randomization. https:\/\/lwn.net\/Articles\/569635\/.  Jake Edge. 2013. Kernel address space layout randomization. https:\/\/lwn.net\/Articles\/569635\/."},{"key":"e_1_3_2_1_22_1","volume-title":"Handbook of Information and Communication Security","author":"Erlingsson \u00dalfar","unstructured":"\u00dalfar Erlingsson , Yves Younan , and Frank Piessens . 2010. Low-level software security by example . In Handbook of Information and Communication Security . Springer . \u00dalfar Erlingsson, Yves Younan, and Frank Piessens. 2010. Low-level software security by example. In Handbook of Information and Communication Security. Springer."},{"key":"e_1_3_2_1_23_1","volume-title":"30th USENIX Security Symposium (USENIX Security 21)","author":"Farkhani Reza Mirzazade","year":"2021","unstructured":"Reza Mirzazade Farkhani , Mansour Ahmadi , and Long Lu . 2021 . PTAuth: Temporal Memory Safety via Robust Points-to Authentication . In 30th USENIX Security Symposium (USENIX Security 21) . Reza Mirzazade Farkhani, Mansour Ahmadi, and Long Lu. 2021. PTAuth: Temporal Memory Safety via Robust Points-to Authentication. In 30th USENIX Security Symposium (USENIX Security 21)."},{"key":"e_1_3_2_1_24_1","unstructured":"Andrei Frumusanu. 2020. The 2020 Mac Mini Unleashed: Putting Apple Silicon M1 To The Test. https:\/\/www.anandtech.com\/show\/16252\/mac-mini-apple-m1-tested.  Andrei Frumusanu. 2020. The 2020 Mac Mini Unleashed: Putting Apple Silicon M1 To The Test. https:\/\/www.anandtech.com\/show\/16252\/mac-mini-apple-m1-tested."},{"key":"e_1_3_2_1_25_1","volume-title":"A Survey of Microarchitectural Timing Attacks and Countermeasures on Contemporary Hardware. JCEN 8, 1","author":"Ge Qian","year":"2018","unstructured":"Qian Ge , Yuval Yarom , David Cock , and Gernot Heiser . 2018. A Survey of Microarchitectural Timing Attacks and Countermeasures on Contemporary Hardware. JCEN 8, 1 ( 2018 ). Qian Ge, Yuval Yarom, David Cock, and Gernot Heiser. 2018. A Survey of Microarchitectural Timing Attacks and Countermeasures on Contemporary Hardware. JCEN 8, 1 (2018)."},{"key":"e_1_3_2_1_26_1","volume-title":"25th USENIX Security Symposium (USENIX Security 16)","author":"G\u00f6kta\u015f Enes","year":"2016","unstructured":"Enes G\u00f6kta\u015f , Robert Gawlik , Benjamin Kollenda , Elias Athanasopoulos , Georgios Portokalidis , Cristiano Giuffrida , and Herbert Bos . 2016 . Undermining Information Hiding (and What to Do about It) . In 25th USENIX Security Symposium (USENIX Security 16) . USENIX Association, Austin, TX. https:\/\/www.usenix.org\/conference\/usenixsecurity16\/technical-sessions\/presentation\/goktas Enes G\u00f6kta\u015f, Robert Gawlik, Benjamin Kollenda, Elias Athanasopoulos, Georgios Portokalidis, Cristiano Giuffrida, and Herbert Bos. 2016. Undermining Information Hiding (and What to Do about It). In 25th USENIX Security Symposium (USENIX Security 16). USENIX Association, Austin, TX. https:\/\/www.usenix.org\/conference\/usenixsecurity16\/technical-sessions\/presentation\/goktas"},{"key":"e_1_3_2_1_27_1","doi-asserted-by":"publisher","DOI":"10.1145\/3372297.3417289"},{"key":"e_1_3_2_1_28_1","unstructured":"Ben Gras Kaveh Razavi Herbert Bos and Cristiano Giuffrida. 2018. Translation Leak-aside Buffer: Defeating Cache Side-channel Protections with TLB Attacks. In USENIX Security.  Ben Gras Kaveh Razavi Herbert Bos and Cristiano Giuffrida. 2018. Translation Leak-aside Buffer: Defeating Cache Side-channel Protections with TLB Attacks. In USENIX Security."},{"key":"e_1_3_2_1_29_1","volume-title":"KASLR is Dead: Long Live KASLR","author":"Gruss Daniel","unstructured":"Daniel Gruss , Moritz Lipp , Michael Schwarz , Richard Fellner , Cl\u00e9mentine Maurice , and Stefan Mangard . 2017. KASLR is Dead: Long Live KASLR . In Engineering Secure Software and Systems, Eric Bodden, Mathias Payer, and Elias Athanasopoulos (Eds.). Springer International Publishing , Cham . Daniel Gruss, Moritz Lipp, Michael Schwarz, Richard Fellner, Cl\u00e9mentine Maurice, and Stefan Mangard. 2017. KASLR is Dead: Long Live KASLR. In Engineering Secure Software and Systems, Eric Bodden, Mathias Payer, and Elias Athanasopoulos (Eds.). Springer International Publishing, Cham."},{"key":"e_1_3_2_1_30_1","unstructured":"Daniel Gruss Raphael Spreitzer and Stefan Mangard. 2015. Cache Template Attacks: Automating Attacks on Inclusive Last-Level Caches. In USENIX Security.  Daniel Gruss Raphael Spreitzer and Stefan Mangard. 2015. Cache Template Attacks: Automating Attacks on Inclusive Last-Level Caches. In USENIX Security."},{"key":"e_1_3_2_1_31_1","doi-asserted-by":"publisher","DOI":"10.1109\/SP.2014.43"},{"key":"e_1_3_2_1_32_1","unstructured":"Jann Horn. 2018. Speculative execution variant 4: speculative store bypass. https:\/\/bugs.chromium.org\/p\/project-zero\/issues\/detail?id=1528.  Jann Horn. 2018. Speculative execution variant 4: speculative store bypass. https:\/\/bugs.chromium.org\/p\/project-zero\/issues\/detail?id=1528."},{"key":"e_1_3_2_1_33_1","unstructured":"Apple Inc. May 2021. Apple Platform Security Guide. https:\/\/manuals.info.apple.com\/MANUALS\/1000\/MA1902\/en_US\/apple-platform-security-guide.pdf.  Apple Inc. May 2021. Apple Platform Security Guide. https:\/\/manuals.info.apple.com\/MANUALS\/1000\/MA1902\/en_US\/apple-platform-security-guide.pdf."},{"key":"e_1_3_2_1_34_1","unstructured":"Dougall Johnson. 2021. Apple M1 Microarchitecture Research. https:\/\/dougallj.github.io\/applecpu\/firestorm.html. Accessed on 24.11.2021.  Dougall Johnson. 2021. Apple M1 Microarchitecture Research. https:\/\/dougallj.github.io\/applecpu\/firestorm.html. Accessed on 24.11.2021."},{"key":"e_1_3_2_1_35_1","doi-asserted-by":"publisher","DOI":"10.1145\/3316781.3317903"},{"key":"e_1_3_2_1_36_1","doi-asserted-by":"publisher","DOI":"10.1109\/MICRO50266.2020.00095"},{"key":"e_1_3_2_1_37_1","volume-title":"Spectre Attacks: Exploiting Speculative Execution. In S&P.","author":"Kocher Paul","year":"2019","unstructured":"Paul Kocher , Jann Horn , Anders Fogh , Daniel Genkin , Daniel Gruss , Werner Haas , Mike Hamburg , Moritz Lipp , Stefan Mangard , Thomas Prescher , Michael Schwarz , and Yuval Yarom . 2019 . Spectre Attacks: Exploiting Speculative Execution. In S&P. Paul Kocher, Jann Horn, Anders Fogh, Daniel Genkin, Daniel Gruss, Werner Haas, Mike Hamburg, Moritz Lipp, Stefan Mangard, Thomas Prescher, Michael Schwarz, and Yuval Yarom. 2019. Spectre Attacks: Exploiting Speculative Execution. In S&P."},{"key":"e_1_3_2_1_38_1","volume-title":"12th USENIX Workshop on Offensive Technologies (WOOT 18)","author":"Koruyeh Esmaeil Mohammadian","year":"2018","unstructured":"Esmaeil Mohammadian Koruyeh , Khaled N Khasawneh , Chengyu Song , and Nael Abu-Ghazaleh . 2018 . Spectre returns! speculation attacks using the return stack buffer . In 12th USENIX Workshop on Offensive Technologies (WOOT 18) . Esmaeil Mohammadian Koruyeh, Khaled N Khasawneh, Chengyu Song, and Nael Abu-Ghazaleh. 2018. Spectre returns! speculation attacks using the return stack buffer. In 12th USENIX Workshop on Offensive Technologies (WOOT 18)."},{"key":"e_1_3_2_1_39_1","unstructured":"Daniel Lemire. 2021. Memory access on the Apple M1 processor. https:\/\/lemire.me\/blog\/2021\/01\/06\/memory-access-on-the-apple-m1-processor\/.  Daniel Lemire. 2021. Memory access on the Apple M1 processor. https:\/\/lemire.me\/blog\/2021\/01\/06\/memory-access-on-the-apple-m1-processor\/."},{"key":"e_1_3_2_1_40_1","volume-title":"30th USENIX Security Symposium (USENIX Security 21)","author":"Liljestrand Hans","year":"2021","unstructured":"Hans Liljestrand , Thomas Nyman , Lachlan J Gunn , Jan-Erik Ekberg , and N Asokan . 2021 . PACStack: an Authenticated Call Stack . In 30th USENIX Security Symposium (USENIX Security 21) . Hans Liljestrand, Thomas Nyman, Lachlan J Gunn, Jan-Erik Ekberg, and N Asokan. 2021. PACStack: an Authenticated Call Stack. In 30th USENIX Security Symposium (USENIX Security 21)."},{"key":"e_1_3_2_1_41_1","volume-title":"28th USENIX Security Symposium (USENIX Security 19)","author":"Liljestrand Hans","year":"2019","unstructured":"Hans Liljestrand , Thomas Nyman , Kui Wang , Carlos Chinea Perez , Jan-Erik Ekberg , and N Asokan . 2019 . PAC it up: Towards Pointer Integrity using ARM Pointer Authentication . In 28th USENIX Security Symposium (USENIX Security 19) . Hans Liljestrand, Thomas Nyman, Kui Wang, Carlos Chinea Perez, Jan-Erik Ekberg, and N Asokan. 2019. PAC it up: Towards Pointer Integrity using ARM Pointer Authentication. In 28th USENIX Security Symposium (USENIX Security 19)."},{"key":"e_1_3_2_1_42_1","unstructured":"Moritz Lipp Daniel Gruss Raphael Spreitzer Cl\u00e9mentine Maurice and Stefan Mangard. 2016. ARMageddon: Cache Attacks on Mobile Devices. In USENIX Security.  Moritz Lipp Daniel Gruss Raphael Spreitzer Cl\u00e9mentine Maurice and Stefan Mangard. 2016. ARMageddon: Cache Attacks on Mobile Devices. In USENIX Security."},{"key":"e_1_3_2_1_43_1","volume-title":"Meltdown: Reading Kernel Memory from User Space. In USENIX Security.","author":"Lipp Moritz","year":"2018","unstructured":"Moritz Lipp , Michael Schwarz , Daniel Gruss , Thomas Prescher , Werner Haas , Anders Fogh , Jann Horn , Stefan Mangard , Paul Kocher , Daniel Genkin , Yuval Yarom , and Mike Hamburg . 2018 . Meltdown: Reading Kernel Memory from User Space. In USENIX Security. Moritz Lipp, Michael Schwarz, Daniel Gruss, Thomas Prescher, Werner Haas, Anders Fogh, Jann Horn, Stefan Mangard, Paul Kocher, Daniel Genkin, Yuval Yarom, and Mike Hamburg. 2018. Meltdown: Reading Kernel Memory from User Space. In USENIX Security."},{"key":"e_1_3_2_1_44_1","unstructured":"Fangfei Liu Yuval Yarom Qian Ge Gernot Heiser and Ruby B Lee. 2015. Last-Level Cache Side-Channel Attacks are Practical. In S&P.  Fangfei Liu Yuval Yarom Qian Ge Gernot Heiser and Ruby B Lee. 2015. Last-Level Cache Side-Channel Attacks are Practical. In S&P."},{"key":"e_1_3_2_1_45_1","volume-title":"DOLMA: Securing Speculation with the Principle of Transient Non-Observability. In 30th USENIX Security Symposium (USENIX Security 21)","author":"Loughlin Kevin","year":"2021","unstructured":"Kevin Loughlin , Ian Neal , Jiacheng Ma , Elisa Tsai , Ofir Weisse , Satish Narayanasamy , and Baris Kasikci . 2021 . DOLMA: Securing Speculation with the Principle of Transient Non-Observability. In 30th USENIX Security Symposium (USENIX Security 21) . Kevin Loughlin, Ian Neal, Jiacheng Ma, Elisa Tsai, Ofir Weisse, Satish Narayanasamy, and Baris Kasikci. 2021. DOLMA: Securing Speculation with the Principle of Transient Non-Observability. In 30th USENIX Security Symposium (USENIX Security 21)."},{"key":"e_1_3_2_1_46_1","doi-asserted-by":"publisher","DOI":"10.1145\/3243734.3243761"},{"key":"e_1_3_2_1_47_1","doi-asserted-by":"publisher","DOI":"10.3390\/app9142928"},{"key":"e_1_3_2_1_48_1","unstructured":"MITRE. 2021. 2021 CWE Top 25 Most Dangerous Software Weaknesses. http:\/\/cwe.mitre.org\/top25\/archive\/2021\/2021_cwe_top25.html.  MITRE. 2021. 2021 CWE Top 25 Most Dangerous Software Weaknesses. http:\/\/cwe.mitre.org\/top25\/archive\/2021\/2021_cwe_top25.html."},{"key":"e_1_3_2_1_49_1","doi-asserted-by":"publisher","DOI":"10.1109\/HOST49136.2021.9702268"},{"key":"e_1_3_2_1_50_1","unstructured":"National Security Agency. 2022. Ghidra Software Reverse Engineering Framework. https:\/\/github.com\/NationalSecurityAgency\/ghidra  National Security Agency. 2022. Ghidra Software Reverse Engineering Framework. https:\/\/github.com\/NationalSecurityAgency\/ghidra"},{"key":"e_1_3_2_1_51_1","doi-asserted-by":"crossref","unstructured":"Dag Arne Osvik Adi Shamir and Eran Tromer. 2006. Cache Attacks and Countermeasures: the Case of AES. In CT-RSA.  Dag Arne Osvik Adi Shamir and Eran Tromer. 2006. Cache Attacks and Countermeasures: the Case of AES. In CT-RSA.","DOI":"10.1007\/11605805_1"},{"key":"e_1_3_2_1_52_1","volume-title":"Fletcher","author":"Paccagnella Riccardo","year":"2021","unstructured":"Riccardo Paccagnella , Licheng Luo , and Christopher W . Fletcher . 2021 . Lord of the Ring(s): Side Channel Attacks on the CPU On-Chip Ring Interconnect Are Practical. In USENIX Security . Riccardo Paccagnella, Licheng Luo, and Christopher W. Fletcher. 2021. Lord of the Ring(s): Side Channel Attacks on the CPU On-Chip Ring Interconnect Are Practical. In USENIX Security."},{"key":"e_1_3_2_1_53_1","unstructured":"Colin Percival. 2005. Cache Missing For Fun And Profit. In BSDCan.  Colin Percival. 2005. Cache Missing For Fun And Profit. In BSDCan."},{"key":"e_1_3_2_1_54_1","volume-title":"DRAMA: Exploiting DRAM Addressing for Cross-CPU Attacks. In USENIX Security.","author":"Pessl Peter","year":"2016","unstructured":"Peter Pessl , Daniel Gruss , Cl\u00e9mentine Maurice , Michael Schwarz , and Stefan Mangard . 2016 . DRAMA: Exploiting DRAM Addressing for Cross-CPU Attacks. In USENIX Security. Peter Pessl, Daniel Gruss, Cl\u00e9mentine Maurice, Michael Schwarz, and Stefan Mangard. 2016. DRAMA: Exploiting DRAM Addressing for Cross-CPU Attacks. In USENIX Security."},{"key":"e_1_3_2_1_55_1","volume-title":"Qualcomm Technologies","author":"Inc.","year":"2017","unstructured":"Inc. Qualcomm Technologies . 2017 . Pointer Authentication on ARMv8.3: Design and Analysis of the New Software Security Instructions . https:\/\/www.qualcomm.com\/media\/documents\/files\/whitepaper-pointer-authentication-on-armv8-3.pdf. Inc. Qualcomm Technologies. 2017. Pointer Authentication on ARMv8.3: Design and Analysis of the New Software Security Instructions. https:\/\/www.qualcomm.com\/media\/documents\/files\/whitepaper-pointer-authentication-on-armv8-3.pdf."},{"key":"e_1_3_2_1_56_1","doi-asserted-by":"publisher","DOI":"10.1145\/2133375.2133377"},{"key":"e_1_3_2_1_57_1","doi-asserted-by":"publisher","DOI":"10.1109\/TC.2020.3014456"},{"key":"e_1_3_2_1_58_1","doi-asserted-by":"crossref","unstructured":"Dimitrios Skarlatos Mengjia Yan Bhargava Gopireddy Read Sprabery Josep Torrellas and Christopher W Fletcher. 2019. MicroScope: Enabling Microarchitectural Replay Attacks. In ISCA.  Dimitrios Skarlatos Mengjia Yan Bhargava Gopireddy Read Sprabery Josep Torrellas and Christopher W Fletcher. 2019. MicroScope: Enabling Microarchitectural Replay Attacks. In ISCA.","DOI":"10.1145\/3307650.3322228"},{"key":"e_1_3_2_1_59_1","doi-asserted-by":"publisher","DOI":"10.1145\/1519144.1519145"},{"key":"e_1_3_2_1_60_1","volume-title":"Secure program execution via dynamic information flow tracking. ACM Sigplan Notices 39, 11","author":"Suh G Edward","year":"2004","unstructured":"G Edward Suh , Jae W Lee , David Zhang , and Srinivas Devadas . 2004. Secure program execution via dynamic information flow tracking. ACM Sigplan Notices 39, 11 ( 2004 ). G Edward Suh, Jae W Lee, David Zhang, and Srinivas Devadas. 2004. Secure program execution via dynamic information flow tracking. ACM Sigplan Notices 39, 11 (2004)."},{"key":"e_1_3_2_1_61_1","doi-asserted-by":"publisher","DOI":"10.1109\/SP.2013.13"},{"key":"e_1_3_2_1_62_1","doi-asserted-by":"publisher","DOI":"10.1145\/1508244.1508258"},{"key":"e_1_3_2_1_63_1","volume-title":"Foreshadow: Extracting the Keys to the Intel SGX Kingdom with Transient Out-of-Order Execution. In USENIX Security.","author":"Bulck Jo Van","year":"2018","unstructured":"Jo Van Bulck , Marina Minkin , Ofir Weisse , Daniel Genkin , Baris Kasikci , Frank Piessens , Mark Silberstein , Thomas F. Wenisch , Yuval Yarom , and Raoul Strackx . 2018 . Foreshadow: Extracting the Keys to the Intel SGX Kingdom with Transient Out-of-Order Execution. In USENIX Security. Jo Van Bulck, Marina Minkin, Ofir Weisse, Daniel Genkin, Baris Kasikci, Frank Piessens, Mark Silberstein, Thomas F. Wenisch, Yuval Yarom, and Raoul Strackx. 2018. Foreshadow: Extracting the Keys to the Intel SGX Kingdom with Transient Out-of-Order Execution. In USENIX Security."},{"key":"e_1_3_2_1_64_1","unstructured":"Arjan van de Ven. 2004. Exec shield. https:\/\/static.redhat.com\/legacy\/f\/pdf\/rhel\/WHP0006US_Execshield.pdf.  Arjan van de Ven. 2004. Exec shield. https:\/\/static.redhat.com\/legacy\/f\/pdf\/rhel\/WHP0006US_Execshield.pdf."},{"key":"e_1_3_2_1_65_1","doi-asserted-by":"publisher","DOI":"10.1007\/978-3-642-33338-5_5"},{"key":"e_1_3_2_1_66_1","doi-asserted-by":"publisher","DOI":"10.1109\/ACCESS.2019.2937585"},{"key":"e_1_3_2_1_67_1","doi-asserted-by":"publisher","DOI":"10.1145\/3352460.3358306"},{"key":"e_1_3_2_1_68_1","doi-asserted-by":"publisher","DOI":"10.1109\/MICRO.2018.00042"},{"key":"e_1_3_2_1_69_1","unstructured":"Yuval Yarom and Katrina Falkner. 2014. Flush+Reload: a High Resolution Low Noise L3 Cache Side-Channel Attack. In USENIX Security.  Yuval Yarom and Katrina Falkner. 2014. Flush+Reload: a High Resolution Low Noise L3 Cache Side-Channel Attack. In USENIX Security."},{"key":"e_1_3_2_1_70_1","doi-asserted-by":"publisher","DOI":"10.1145\/3352460.3358274"}],"event":{"name":"ISCA '22: The 49th Annual International Symposium on Computer Architecture","location":"New York New York","acronym":"ISCA '22","sponsor":["SIGARCH ACM Special Interest Group on Computer Architecture","IEEE CS TCAA IEEE CS technical committee on architectural acoustics"]},"container-title":["Proceedings of the 49th Annual International Symposium on Computer Architecture"],"original-title":[],"link":[{"URL":"https:\/\/dl.acm.org\/doi\/10.1145\/3470496.3527429","content-type":"unspecified","content-version":"vor","intended-application":"text-mining"},{"URL":"https:\/\/dl.acm.org\/doi\/pdf\/10.1145\/3470496.3527429","content-type":"application\/pdf","content-version":"vor","intended-application":"syndication"},{"URL":"https:\/\/dl.acm.org\/doi\/pdf\/10.1145\/3470496.3527429","content-type":"unspecified","content-version":"vor","intended-application":"similarity-checking"}],"deposited":{"date-parts":[[2025,6,17]],"date-time":"2025-06-17T20:18:53Z","timestamp":1750191533000},"score":1,"resource":{"primary":{"URL":"https:\/\/dl.acm.org\/doi\/10.1145\/3470496.3527429"}},"subtitle":["attacking ARM pointer authentication with speculative execution"],"short-title":[],"issued":{"date-parts":[[2022,6,11]]},"references-count":70,"alternative-id":["10.1145\/3470496.3527429","10.1145\/3470496"],"URL":"https:\/\/doi.org\/10.1145\/3470496.3527429","relation":{},"subject":[],"published":{"date-parts":[[2022,6,11]]},"assertion":[{"value":"2022-06-11","order":2,"name":"published","label":"Published","group":{"name":"publication_history","label":"Publication History"}}]}}