{"status":"ok","message-type":"work","message-version":"1.0.0","message":{"indexed":{"date-parts":[[2026,4,6]],"date-time":"2026-04-06T10:16:48Z","timestamp":1775470608064,"version":"3.50.1"},"publisher-location":"New York, NY, USA","reference-count":68,"publisher":"ACM","license":[{"start":{"date-parts":[[2022,10,26]],"date-time":"2022-10-26T00:00:00Z","timestamp":1666742400000},"content-version":"vor","delay-in-days":0,"URL":"https:\/\/www.acm.org\/publications\/policies\/copyright_policy#Background"}],"content-domain":{"domain":["dl.acm.org"],"crossmark-restriction":true},"short-container-title":[],"published-print":{"date-parts":[[2022,10,26]]},"DOI":"10.1145\/3545948.3545961","type":"proceedings-article","created":{"date-parts":[[2022,10,17]],"date-time":"2022-10-17T11:21:49Z","timestamp":1666005709000},"page":"56-71","update-policy":"https:\/\/doi.org\/10.1145\/crossmark-policy","source":"Crossref","is-referenced-by-count":10,"title":["TrustedGateway: TEE-Assisted Routing and Firewall Enforcement Using ARM TrustZone"],"prefix":"10.1145","author":[{"given":"Fabian","family":"Schwarz","sequence":"first","affiliation":[{"name":"CISPA Helmholtz Center for Information Security, Germany"}]}],"member":"320","published-online":{"date-parts":[[2022,10,26]]},"reference":[{"key":"e_1_3_2_1_1_1","unstructured":"Devdatta Akhawe Joel Weinberger Frederik Braun and Francois Marier. 2016. Subresource Integrity. W3C Recommendation. W3C. https:\/\/www.w3.org\/TR\/2016\/REC-SRI-20160623\/.  Devdatta Akhawe Joel Weinberger Frederik Braun and Francois Marier. 2016. Subresource Integrity. W3C Recommendation. W3C. https:\/\/www.w3.org\/TR\/2016\/REC-SRI-20160623\/."},{"key":"e_1_3_2_1_2_1","volume-title":"Alcatraz: Data Exfiltration-Resilient Corporate Network Architecture. In 2018 IEEE 4th International Conference on Collaboration and Internet Computing (CIC). 176\u2013187","author":"Asoni Daniele\u00a0Enrico","year":"2018","unstructured":"Daniele\u00a0Enrico Asoni , Takayuki Sasaki , and Adrian Perrig . 2018 . Alcatraz: Data Exfiltration-Resilient Corporate Network Architecture. In 2018 IEEE 4th International Conference on Collaboration and Internet Computing (CIC). 176\u2013187 . https:\/\/doi.org\/10.1109\/CIC.2018.00033 10.1109\/CIC.2018.00033 Daniele\u00a0Enrico Asoni, Takayuki Sasaki, and Adrian Perrig. 2018. Alcatraz: Data Exfiltration-Resilient Corporate Network Architecture. In 2018 IEEE 4th International Conference on Collaboration and Internet Computing (CIC). 176\u2013187. https:\/\/doi.org\/10.1109\/CIC.2018.00033"},{"key":"e_1_3_2_1_3_1","doi-asserted-by":"publisher","DOI":"10.1145\/1455770.1455782"},{"key":"e_1_3_2_1_4_1","volume-title":"Retrieved","author":"Beesley Paul","year":"2020","unstructured":"Paul Beesley , Sumit Garg , and Sandrine Bailleux . 2020 . Trusted Board Boot . Retrieved June 29, 2022 from https:\/\/github.com\/ARM-software\/arm-trusted-firmware\/blob\/master\/docs\/design\/trusted-board-boot.rst Paul Beesley, Sumit Garg, and Sandrine Bailleux. 2020. Trusted Board Boot. Retrieved June 29, 2022 from https:\/\/github.com\/ARM-software\/arm-trusted-firmware\/blob\/master\/docs\/design\/trusted-board-boot.rst"},{"key":"e_1_3_2_1_5_1","unstructured":"Rich Brown. 2022. Welcome to the OpenWrt Project. https:\/\/openwrt.org\/  Rich Brown. 2022. Welcome to the OpenWrt Project. https:\/\/openwrt.org\/"},{"key":"e_1_3_2_1_6_1","doi-asserted-by":"publisher","DOI":"10.1145\/1030083.1030108"},{"key":"e_1_3_2_1_7_1","volume-title":"Retrieved","author":"Carlini Matteo","year":"2017","unstructured":"Matteo Carlini . 2017 . Secure Boot on Arm systems . Retrieved June 29, 2022 from https:\/\/www.slideshare.net\/linaroorg\/secure-boot-on-arm-systems-building-a-complete-chain-of-trust-upon-existing-industry-standards-using-opensource-firmware-sfo17201 Matteo Carlini. 2017. Secure Boot on Arm systems. Retrieved June 29, 2022 from https:\/\/www.slideshare.net\/linaroorg\/secure-boot-on-arm-systems-building-a-complete-chain-of-trust-upon-existing-industry-standards-using-opensource-firmware-sfo17201"},{"key":"e_1_3_2_1_8_1","volume-title":"Guardian: Hypervisor as Security Foothold for Personal Computers. In Trust and Trustworthy Computing, Michael Huth, N.\u00a0Asokan, Srdjan \u010capkun, Ivan Flechais, and Lizzie Coles-Kemp (Eds.)","author":"Cheng Yueqiang","year":"2013","unstructured":"Yueqiang Cheng and Xuhua Ding . 2013 . Guardian: Hypervisor as Security Foothold for Personal Computers. In Trust and Trustworthy Computing, Michael Huth, N.\u00a0Asokan, Srdjan \u010capkun, Ivan Flechais, and Lizzie Coles-Kemp (Eds.) . Springer Berlin Heidelberg , Berlin, Heidelberg , 19\u201336. Yueqiang Cheng and Xuhua Ding. 2013. Guardian: Hypervisor as Security Foothold for Personal Computers. In Trust and Trustworthy Computing, Michael Huth, N.\u00a0Asokan, Srdjan \u010capkun, Ivan Flechais, and Lizzie Coles-Kemp (Eds.). Springer Berlin Heidelberg, Berlin, Heidelberg, 19\u201336."},{"key":"e_1_3_2_1_9_1","volume-title":"Cisco IOS XR Software Release 6.0 Operational Enhancements Data Sheet. Retrieved","author":"Inc. Cisco\u00a0Systems. 2015.","year":"2022","unstructured":"Inc. Cisco\u00a0Systems. 2015. Cisco IOS XR Software Release 6.0 Operational Enhancements Data Sheet. Retrieved March 2, 2022 from https:\/\/www.cisco.com\/c\/en\/us\/products\/collateral\/ios-nx-os-software\/ios-xr-software\/datasheet-c78-736154.html Inc. Cisco\u00a0Systems. 2015. Cisco IOS XR Software Release 6.0 Operational Enhancements Data Sheet. Retrieved March 2, 2022 from https:\/\/www.cisco.com\/c\/en\/us\/products\/collateral\/ios-nx-os-software\/ios-xr-software\/datasheet-c78-736154.html"},{"key":"e_1_3_2_1_10_1","volume-title":"Retrieved","author":"Inc. Cisco\u00a0Systems.","year":"2020","unstructured":"Inc. Cisco\u00a0Systems. 2020 . KVM App Hosting on a Cisco Router . Retrieved June 27, 2022 from https:\/\/www.cisco.com\/c\/en\/us\/products\/collateral\/routers\/4000-series-integrated-services-routers-isr\/at-a-glance-c45-737753.html Inc. Cisco\u00a0Systems. 2020. KVM App Hosting on a Cisco Router. Retrieved June 27, 2022 from https:\/\/www.cisco.com\/c\/en\/us\/products\/collateral\/routers\/4000-series-integrated-services-routers-isr\/at-a-glance-c45-737753.html"},{"key":"e_1_3_2_1_11_1","volume-title":"Troubleshoot High CPU Usage in Catalyst Switch Platforms Running IOS-XE 16.x. Retrieved","author":"Inc. Cisco\u00a0Systems. 2021.","year":"2022","unstructured":"Inc. Cisco\u00a0Systems. 2021. Troubleshoot High CPU Usage in Catalyst Switch Platforms Running IOS-XE 16.x. Retrieved March 2, 2022 from https:\/\/www.cisco.com\/c\/en\/us\/support\/docs\/ios-nx-os-software\/ios-xe-16\/213549-troubleshoot-high-cpu-usage-in-catalyst.html Inc. Cisco\u00a0Systems. 2021. Troubleshoot High CPU Usage in Catalyst Switch Platforms Running IOS-XE 16.x. Retrieved March 2, 2022 from https:\/\/www.cisco.com\/c\/en\/us\/support\/docs\/ios-nx-os-software\/ios-xe-16\/213549-troubleshoot-high-cpu-usage-in-catalyst.html"},{"key":"e_1_3_2_1_12_1","unstructured":"Emscripten Contributors. 2022. Emscripten documentation. https:\/\/emscripten.org  Emscripten Contributors. 2022. Emscripten documentation. https:\/\/emscripten.org"},{"key":"e_1_3_2_1_13_1","volume-title":"Linux Device Drivers","author":"Corbet Jonathan","unstructured":"Jonathan Corbet , Alessandro Rubini , and Greg Kroah-Hartman . 2005. Linux Device Drivers , 3 rd Edition. O\u2019Reilly Media, Inc. Jonathan Corbet, Alessandro Rubini, and Greg Kroah-Hartman. 2005. Linux Device Drivers, 3rd Edition. O\u2019Reilly Media, Inc.","edition":"3"},{"key":"e_1_3_2_1_14_1","unstructured":"Victor Costan and Srinivas Devadas. 2016. Intel SGX Explained. Cryptology ePrint Archive Paper 2016\/086. https:\/\/eprint.iacr.org\/2016\/086  Victor Costan and Srinivas Devadas. 2016. Intel SGX Explained. Cryptology ePrint Archive Paper 2016\/086. https:\/\/eprint.iacr.org\/2016\/086"},{"key":"e_1_3_2_1_15_1","unstructured":"Al Danial. 2022. cloc: Count Lines of Code. https:\/\/github.com\/AlDanial\/cloc  Al Danial. 2022. cloc: Count Lines of Code. https:\/\/github.com\/AlDanial\/cloc"},{"key":"e_1_3_2_1_16_1","volume-title":"Retrieved","author":"Devices Boundary","year":"2022","unstructured":"Boundary Devices . 2022 . i.MX6 Embedded Single Board Computer (Nitrogen6X) . Retrieved June 29, 2022 from https:\/\/boundarydevices.com\/product\/nitrogen6x\/ Boundary Devices. 2022. i.MX6 Embedded Single Board Computer (Nitrogen6X). Retrieved June 29, 2022 from https:\/\/boundarydevices.com\/product\/nitrogen6x\/"},{"key":"e_1_3_2_1_17_1","doi-asserted-by":"publisher","DOI":"10.1145\/3319535.3339814"},{"key":"e_1_3_2_1_18_1","unstructured":"embeDD GmbH. 2022. DD-WRT. https:\/\/dd-wrt.com\/  embeDD GmbH. 2022. DD-WRT. https:\/\/dd-wrt.com\/"},{"key":"e_1_3_2_1_19_1","doi-asserted-by":"publisher","DOI":"10.1109\/SP.2019.00036"},{"key":"e_1_3_2_1_20_1","unstructured":"The\u00a0Linux Foundation. 2022. Xen Project. https:\/\/xenproject.org\/  The\u00a0Linux Foundation. 2022. Xen Project. https:\/\/xenproject.org\/"},{"key":"e_1_3_2_1_21_1","doi-asserted-by":"publisher","DOI":"10.1109\/SP40000.2020.00047"},{"key":"e_1_3_2_1_22_1","unstructured":"Vivien Gueant. 2022. iPerf - The TCP UDP and SCTP network bandwidth measurement tool. https:\/\/iperf.fr\/  Vivien Gueant. 2022. iPerf - The TCP UDP and SCTP network bandwidth measurement tool. https:\/\/iperf.fr\/"},{"key":"e_1_3_2_1_23_1","volume-title":"Retrieved","author":"Global\u00a0Platform Inc.","year":"2022","unstructured":"Global\u00a0Platform Inc. 2010. TEE Client API Specification v1.0 . Retrieved June 29, 2022 from https:\/\/globalplatform.org\/specs-library\/tee-client-api-specification\/ Global\u00a0Platform Inc.2010. TEE Client API Specification v1.0. Retrieved June 29, 2022 from https:\/\/globalplatform.org\/specs-library\/tee-client-api-specification\/"},{"key":"e_1_3_2_1_25_1","volume-title":"Retrieved","author":"Inc. Juniper\u00a0Networks.","year":"2022","unstructured":"Inc. Juniper\u00a0Networks. 2022 . Junos OS Evolved Overview . Retrieved June 27, 2022 from https:\/\/www.juniper.net\/documentation\/us\/en\/software\/junos\/overview-evo\/topics\/concept\/evo-overview.html Inc. Juniper\u00a0Networks. 2022. Junos OS Evolved Overview. Retrieved June 27, 2022 from https:\/\/www.juniper.net\/documentation\/us\/en\/software\/junos\/overview-evo\/topics\/concept\/evo-overview.html"},{"key":"e_1_3_2_1_26_1","volume-title":"Retrieved","author":"Inc. Juniper\u00a0Networks.","year":"2022","unstructured":"Inc. Juniper\u00a0Networks. 2022 . Junos OS Overview . Retrieved June 27, 2022 from https:\/\/www.juniper.net\/documentation\/us\/en\/software\/junos\/junos-install-upgrade\/topics\/topic-map\/junos-os-overview.html Inc. Juniper\u00a0Networks. 2022. Junos OS Overview. Retrieved June 27, 2022 from https:\/\/www.juniper.net\/documentation\/us\/en\/software\/junos\/junos-install-upgrade\/topics\/topic-map\/junos-os-overview.html"},{"key":"e_1_3_2_1_27_1","volume-title":"Retrieved","author":"Inc. Juniper\u00a0Networks.","year":"2022","unstructured":"Inc. Juniper\u00a0Networks. 2022 . VM Host Overview (Junos OS) . Retrieved June 27, 2022 from https:\/\/www.juniper.net\/documentation\/us\/en\/software\/junos\/junos-install-upgrade\/topics\/topic-map\/vm-host-overview.html Inc. Juniper\u00a0Networks. 2022. VM Host Overview (Junos OS). Retrieved June 27, 2022 from https:\/\/www.juniper.net\/documentation\/us\/en\/software\/junos\/junos-install-upgrade\/topics\/topic-map\/vm-host-overview.html"},{"key":"e_1_3_2_1_28_1","volume-title":"Programmable In-Network Security for Context-aware BYOD Policies. In 29th USENIX Security Symposium (USENIX Security 20)","author":"Kang Qiao","year":"2020","unstructured":"Qiao Kang , Lei Xue , Adam Morrison , Yuxin Tang , Ang Chen , and Xiapu Luo . 2020 . Programmable In-Network Security for Context-aware BYOD Policies. In 29th USENIX Security Symposium (USENIX Security 20) . USENIX Association, 595\u2013612. https:\/\/www.usenix.org\/conference\/usenixsecurity20\/presentation\/kang Qiao Kang, Lei Xue, Adam Morrison, Yuxin Tang, Ang Chen, and Xiapu Luo. 2020. Programmable In-Network Security for Context-aware BYOD Policies. In 29th USENIX Security Symposium (USENIX Security 20). USENIX Association, 595\u2013612. https:\/\/www.usenix.org\/conference\/usenixsecurity20\/presentation\/kang"},{"key":"e_1_3_2_1_29_1","volume-title":"Interrupts \u2013 The Linux Kernel documentation. Retrieved","author":"The","year":"2022","unstructured":"The kernel\u00a0development community. 2021. Interrupts \u2013 The Linux Kernel documentation. Retrieved April 4, 2022 from https:\/\/linux-kernel-labs.github.io\/refs\/heads\/master\/lectures\/interrupts.html#interrupt-context The kernel\u00a0development community. 2021. Interrupts \u2013 The Linux Kernel documentation. Retrieved April 4, 2022 from https:\/\/linux-kernel-labs.github.io\/refs\/heads\/master\/lectures\/interrupts.html#interrupt-context"},{"key":"e_1_3_2_1_30_1","unstructured":"Michael Kerrisk. 2012. ip-route(8) - Linux manual page. https:\/\/man7.org\/linux\/man-pages\/man8\/ip-route.8.html  Michael Kerrisk. 2012. ip-route(8) - Linux manual page. https:\/\/man7.org\/linux\/man-pages\/man8\/ip-route.8.html"},{"key":"e_1_3_2_1_31_1","doi-asserted-by":"publisher","DOI":"10.1109\/ICCVE.2013.6799789"},{"key":"e_1_3_2_1_32_1","doi-asserted-by":"publisher","DOI":"10.14722\/ndss.2019.23386"},{"key":"e_1_3_2_1_33_1","doi-asserted-by":"publisher","DOI":"10.1145\/3210240.3210334"},{"key":"e_1_3_2_1_34_1","volume-title":"Retrieved","author":"Leonard Thomas","year":"2022","unstructured":"Thomas Leonard . 2022 . QubesOS Mirage Firewall . Retrieved June 29, 2022 from https:\/\/github.com\/mirage\/qubes-mirage-firewall\/ Thomas Leonard. 2022. QubesOS Mirage Firewall. Retrieved June 29, 2022 from https:\/\/github.com\/mirage\/qubes-mirage-firewall\/"},{"key":"e_1_3_2_1_35_1","doi-asserted-by":"publisher","DOI":"10.1145\/2637166.2637225"},{"key":"e_1_3_2_1_36_1","unstructured":"Team libtom. 2022. LibTomCrypt. https:\/\/github.com\/libtom\/libtomcrypt  Team libtom. 2022. LibTomCrypt. https:\/\/github.com\/libtom\/libtomcrypt"},{"key":"e_1_3_2_1_37_1","volume-title":"Trusted Board Boot Requirements CLIENT (TBBR-CLIENT) Armv8-A. Retrieved","author":"Limited Arm","year":"2022","unstructured":"Arm Limited . 2018. Trusted Board Boot Requirements CLIENT (TBBR-CLIENT) Armv8-A. Retrieved April 4, 2022 from https:\/\/developer.arm.com\/documentation\/den0006\/latest Arm Limited. 2018. Trusted Board Boot Requirements CLIENT (TBBR-CLIENT) Armv8-A. Retrieved April 4, 2022 from https:\/\/developer.arm.com\/documentation\/den0006\/latest"},{"key":"e_1_3_2_1_38_1","volume-title":"Retrieved","author":"Limited Arm","year":"2019","unstructured":"Arm Limited . 2019 . Arm Platform Security Architecture Trusted Boot and Firmware Update 1.0 . Retrieved June 29, 2022 from https:\/\/developer.arm.com\/-\/media\/Arm%20Developer%20Community\/PDF\/PSA\/DEN0072-PSA_TBFU_1-0-REL.pdf Arm Limited. 2019. Arm Platform Security Architecture Trusted Boot and Firmware Update 1.0. Retrieved June 29, 2022 from https:\/\/developer.arm.com\/-\/media\/Arm%20Developer%20Community\/PDF\/PSA\/DEN0072-PSA_TBFU_1-0-REL.pdf"},{"key":"e_1_3_2_1_39_1","unstructured":"Linaro Limited. 2022. DeviceTree. https:\/\/www.devicetree.org  Linaro Limited. 2022. DeviceTree. https:\/\/www.devicetree.org"},{"key":"e_1_3_2_1_40_1","unstructured":"Linaro Limited. 2022. Open Portable Trusted Execution Environment - OP-TEE. https:\/\/www.op-tee.org\/  Linaro Limited. 2022. Open Portable Trusted Execution Environment - OP-TEE. https:\/\/www.op-tee.org\/"},{"key":"e_1_3_2_1_41_1","volume-title":"ARM TrustZone. In Proceedings of the 3rd Workshop on Micro Aerial Vehicle Networks, Systems, and Applications","author":"Liu Renju","year":"2017","unstructured":"Renju Liu and Mani Srivastava . 2017 . PROTC: PROTeCting Drone\u2019s Peripherals through ARM TrustZone. In Proceedings of the 3rd Workshop on Micro Aerial Vehicle Networks, Systems, and Applications ( Niagara Falls, New York, USA) (DroNet \u201917). Association for Computing Machinery, New York, NY, USA, 1\u20136. https:\/\/doi.org\/10.1145\/3086439.3086443 10.1145\/3086439.3086443 Renju Liu and Mani Srivastava. 2017. PROTC: PROTeCting Drone\u2019s Peripherals through ARM TrustZone. In Proceedings of the 3rd Workshop on Micro Aerial Vehicle Networks, Systems, and Applications (Niagara Falls, New York, USA) (DroNet \u201917). Association for Computing Machinery, New York, NY, USA, 1\u20136. https:\/\/doi.org\/10.1145\/3086439.3086443"},{"key":"e_1_3_2_1_42_1","volume-title":"Retrieved","author":"Google","year":"2020","unstructured":"Google LLC. 2020 . Trusty TEE | Android Open Source Project . Retrieved June 29, 2022 from https:\/\/source.android.com\/security\/trusty Google LLC. 2020. Trusty TEE | Android Open Source Project. Retrieved June 29, 2022 from https:\/\/source.android.com\/security\/trusty"},{"key":"e_1_3_2_1_43_1","volume-title":"Retrieved","author":"Google","year":"2022","unstructured":"Google LLC. 2022 . chrome.enterprise.platformKeys \u2013 Chrome Developers . Retrieved June 29, 2022 from https:\/\/developer.chrome.com\/docs\/extensions\/reference\/enterprise_platformKeys\/ Google LLC. 2022. chrome.enterprise.platformKeys \u2013 Chrome Developers. Retrieved June 29, 2022 from https:\/\/developer.chrome.com\/docs\/extensions\/reference\/enterprise_platformKeys\/"},{"key":"e_1_3_2_1_44_1","volume-title":"Retrieved","author":"Google","year":"2022","unstructured":"Google LLC. 2022 . Hardware-backed Keystore | Android Open Source Project . Retrieved June 29, 2022 from https:\/\/source.android.com\/security\/keystore Google LLC. 2022. Hardware-backed Keystore | Android Open Source Project. Retrieved June 29, 2022 from https:\/\/source.android.com\/security\/keystore"},{"key":"e_1_3_2_1_45_1","volume-title":"3rd USENIX Workshop on Hot Topics in Edge Computing (HotEdge 20)","author":"McCormack Matt","year":"2020","unstructured":"Matt McCormack , Amit Vasudevan , Guyue Liu , Sebasti\u00e1n Echeverr\u00eda , Kyle O\u2019Meara , Grace Lewis , and Vyas Sekar . 2020 . Towards an Architecture for Trusted Edge IoT Security Gateways . In 3rd USENIX Workshop on Hot Topics in Edge Computing (HotEdge 20) . USENIX Association. https:\/\/www.usenix.org\/conference\/hotedge20\/presentation\/mccormack Matt McCormack, Amit Vasudevan, Guyue Liu, Sebasti\u00e1n Echeverr\u00eda, Kyle O\u2019Meara, Grace Lewis, and Vyas Sekar. 2020. Towards an Architecture for Trusted Edge IoT Security Gateways. In 3rd USENIX Workshop on Hot Topics in Edge Computing (HotEdge 20). USENIX Association. https:\/\/www.usenix.org\/conference\/hotedge20\/presentation\/mccormack"},{"key":"e_1_3_2_1_46_1","unstructured":"Kazuho Oku Tokuhiro Matsuno Daisuke Murase and Shigeo Mitsunari. 2021. PicoHTTPParser. https:\/\/github.com\/h2o\/picohttpparser  Kazuho Oku Tokuhiro Matsuno Daisuke Murase and Shigeo Mitsunari. 2021. PicoHTTPParser. https:\/\/github.com\/h2o\/picohttpparser"},{"key":"e_1_3_2_1_47_1","volume-title":"OASIS Committee. Retrieved","author":"Open OASIS","year":"2019","unstructured":"OASIS Open . 2019 . Virtual I\/O Device (VIRTIO) Version 1.1, Michael\u00a0S. Tsirkin and Cornelia Huck (Eds.) . OASIS Committee. Retrieved June 29, 2022 from https:\/\/docs.oasis-open.org\/virtio\/virtio\/v1.1\/virtio-v1.1.html OASIS Open. 2019. Virtual I\/O Device (VIRTIO) Version 1.1, Michael\u00a0S. Tsirkin and Cornelia Huck (Eds.). OASIS Committee. Retrieved June 29, 2022 from https:\/\/docs.oasis-open.org\/virtio\/virtio\/v1.1\/virtio-v1.1.html"},{"key":"e_1_3_2_1_48_1","volume-title":"2019 USENIX Annual Technical Conference (USENIX ATC 19)","author":"Park Heejin","year":"2019","unstructured":"Heejin Park , Shuang Zhai , Long Lu , and Felix\u00a0Xiaozhu Lin . 2019 . StreamBox-TZ: Secure Stream Analytics at the Edge with TrustZone . In 2019 USENIX Annual Technical Conference (USENIX ATC 19) . USENIX Association, Renton, WA, 537\u2013554. https:\/\/www.usenix.org\/conference\/atc19\/presentation\/park-heejin Heejin Park, Shuang Zhai, Long Lu, and Felix\u00a0Xiaozhu Lin. 2019. StreamBox-TZ: Secure Stream Analytics at the Edge with TrustZone. In 2019 USENIX Annual Technical Conference (USENIX ATC 19). USENIX Association, Renton, WA, 537\u2013554. https:\/\/www.usenix.org\/conference\/atc19\/presentation\/park-heejin"},{"key":"e_1_3_2_1_49_1","volume-title":"Article 130 (jan","author":"Pinto Sandro","year":"2019","unstructured":"Sandro Pinto and Nuno Santos . 2019. Demystifying Arm TrustZone: A Comprehensive Survey. ACM Comput. Surv. 51, 6 , Article 130 (jan 2019 ), 36\u00a0pages. https:\/\/doi.org\/10.1145\/3291047 10.1145\/3291047 Sandro Pinto and Nuno Santos. 2019. Demystifying Arm TrustZone: A Comprehensive Survey. ACM Comput. Surv. 51, 6, Article 130 (jan 2019), 36\u00a0pages. https:\/\/doi.org\/10.1145\/3291047"},{"key":"e_1_3_2_1_50_1","volume-title":"SafeBricks: Shielding Network Functions in the Cloud. In 15th USENIX Symposium on Networked Systems Design and Implementation (NSDI 18)","author":"Poddar Rishabh","year":"2018","unstructured":"Rishabh Poddar , Chang Lan , Raluca\u00a0Ada Popa , and Sylvia Ratnasamy . 2018 . SafeBricks: Shielding Network Functions in the Cloud. In 15th USENIX Symposium on Networked Systems Design and Implementation (NSDI 18) . USENIX Association, Renton, WA, 201\u2013216. https:\/\/www.usenix.org\/conference\/nsdi18\/presentation\/poddar Rishabh Poddar, Chang Lan, Raluca\u00a0Ada Popa, and Sylvia Ratnasamy. 2018. SafeBricks: Shielding Network Functions in the Cloud. In 15th USENIX Symposium on Networked Systems Design and Implementation (NSDI 18). USENIX Association, Renton, WA, 201\u2013216. https:\/\/www.usenix.org\/conference\/nsdi18\/presentation\/poddar"},{"key":"e_1_3_2_1_51_1","volume-title":"FlowBlaze: Stateful Packet Processing in Hardware. In 16th USENIX Symposium on Networked Systems Design and Implementation (NSDI 19)","author":"Pontarelli Salvatore","year":"2019","unstructured":"Salvatore Pontarelli , Roberto Bifulco , Marco Bonola , Carmelo Cascone , Marco Spaziani , Valerio Bruschi , Davide Sanvito , Giuseppe Siracusano , Antonio Capone , Michio Honda , Felipe Huici , and Giuseppe Siracusano . 2019 . FlowBlaze: Stateful Packet Processing in Hardware. In 16th USENIX Symposium on Networked Systems Design and Implementation (NSDI 19) . USENIX Association, Boston, MA, 531\u2013548. https:\/\/www.usenix.org\/conference\/nsdi19\/presentation\/pontarelli Salvatore Pontarelli, Roberto Bifulco, Marco Bonola, Carmelo Cascone, Marco Spaziani, Valerio Bruschi, Davide Sanvito, Giuseppe Siracusano, Antonio Capone, Michio Honda, Felipe Huici, and Giuseppe Siracusano. 2019. FlowBlaze: Stateful Packet Processing in Hardware. In 16th USENIX Symposium on Networked Systems Design and Implementation (NSDI 19). USENIX Association, Boston, MA, 531\u2013548. https:\/\/www.usenix.org\/conference\/nsdi19\/presentation\/pontarelli"},{"key":"e_1_3_2_1_52_1","volume-title":"Retrieved","author":"Project The","year":"2022","unstructured":"The Qubes\u00a0OS Project 2022 . Firewall | Qubes OS . Retrieved June 29, 2022 from https:\/\/www.qubes-os.org\/doc\/firewall\/ The Qubes\u00a0OS Project 2022. Firewall | Qubes OS. Retrieved June 29, 2022 from https:\/\/www.qubes-os.org\/doc\/firewall\/"},{"key":"e_1_3_2_1_53_1","unstructured":"Mindaugas Rasiukevicius. 2021. NPF-Router: a demo NPF+DPDK application. https:\/\/github.com\/rmind\/npf\/tree\/master\/app  Mindaugas Rasiukevicius. 2021. NPF-Router: a demo NPF+DPDK application. https:\/\/github.com\/rmind\/npf\/tree\/master\/app"},{"key":"e_1_3_2_1_54_1","unstructured":"Mindaugas Rasiukevicius. 2021. NPF: stateful packet filter supporting NAT IP sets etc. https:\/\/github.com\/rmind\/npf  Mindaugas Rasiukevicius. 2021. NPF: stateful packet filter supporting NAT IP sets etc. https:\/\/github.com\/rmind\/npf"},{"key":"e_1_3_2_1_55_1","volume-title":"30th USENIX Security Symposium (USENIX Security 21)","author":"Schumilo Sergej","year":"2021","unstructured":"Sergej Schumilo , Cornelius Aschermann , Ali Abbasi , Simon W\u00f6r-ner, and Thorsten Holz . 2021 . Nyx: Greybox Hypervisor Fuzzing using Fast Snapshots and Affine Types . In 30th USENIX Security Symposium (USENIX Security 21) . USENIX Association, 2597\u20132614. https:\/\/www.usenix.org\/conference\/usenixsecurity21\/presentation\/schumilo Sergej Schumilo, Cornelius Aschermann, Ali Abbasi, Simon W\u00f6r-ner, and Thorsten Holz. 2021. Nyx: Greybox Hypervisor Fuzzing using Fast Snapshots and Affine Types. In 30th USENIX Security Symposium (USENIX Security 21). USENIX Association, 2597\u20132614. https:\/\/www.usenix.org\/conference\/usenixsecurity21\/presentation\/schumilo"},{"key":"e_1_3_2_1_56_1","volume-title":"26th USENIX Security Symposium (USENIX Security 17)","author":"Schumilo Sergej","year":"2017","unstructured":"Sergej Schumilo , Cornelius Aschermann , Robert Gawlik , Sebastian Schinzel , and Thorsten Holz . 2017 . kAFL: Hardware-Assisted Feedback Fuzzing for OS Kernels . In 26th USENIX Security Symposium (USENIX Security 17) . USENIX Association, Vancouver, BC, 167\u2013182. https:\/\/www.usenix.org\/conference\/usenixsecurity17\/technical-sessions\/presentation\/schumilo Sergej Schumilo, Cornelius Aschermann, Robert Gawlik, Sebastian Schinzel, and Thorsten Holz. 2017. kAFL: Hardware-Assisted Feedback Fuzzing for OS Kernels. In 26th USENIX Security Symposium (USENIX Security 17). USENIX Association, Vancouver, BC, 167\u2013182. https:\/\/www.usenix.org\/conference\/usenixsecurity17\/technical-sessions\/presentation\/schumilo"},{"key":"e_1_3_2_1_57_1","volume-title":"29th USENIX Security Symposium (USENIX Security 20)","author":"Schwarz Fabian","year":"2020","unstructured":"Fabian Schwarz and Christian Rossow . 2020 . SENG, the SGX-Enforcing Network Gateway: Authorizing Communication from Shielded Clients . In 29th USENIX Security Symposium (USENIX Security 20) . USENIX Association, 753\u2013770. https:\/\/www.usenix.org\/conference\/usenixsecurity20\/presentation\/schwarz Fabian Schwarz and Christian Rossow. 2020. SENG, the SGX-Enforcing Network Gateway: Authorizing Communication from Shielded Clients. In 29th USENIX Security Symposium (USENIX Security 20). USENIX Association, 753\u2013770. https:\/\/www.usenix.org\/conference\/usenixsecurity20\/presentation\/schwarz"},{"key":"e_1_3_2_1_58_1","volume-title":"i.MX 6Dual\/6Quad Applications Processors for Consumer Products. Retrieved","author":"Semiconductors NXP","year":"2022","unstructured":"NXP Semiconductors . 2018. i.MX 6Dual\/6Quad Applications Processors for Consumer Products. Retrieved July 4, 2022 from https:\/\/www.nxp.com\/docs\/en\/data-sheet\/IMX6DQCEC.pdf NXP Semiconductors. 2018. i.MX 6Dual\/6Quad Applications Processors for Consumer Products. Retrieved July 4, 2022 from https:\/\/www.nxp.com\/docs\/en\/data-sheet\/IMX6DQCEC.pdf"},{"key":"e_1_3_2_1_59_1","volume-title":"Recent Advances in Intrusion Detection","author":"Srivastava Abhinav","unstructured":"Abhinav Srivastava and Jonathon Giffin . 2008. Tamper-Resistant , Application-Aware Blocking of Malicious Network Connections . In Recent Advances in Intrusion Detection , Richard Lippmann, Engin Kirda, and Ari Trachtenberg (Eds.). Springer Berlin Heidelberg , Berlin, Heidelberg , 39\u201358. Abhinav Srivastava and Jonathon Giffin. 2008. Tamper-Resistant, Application-Aware Blocking of Malicious Network Connections. In Recent Advances in Intrusion Detection, Richard Lippmann, Engin Kirda, and Ari Trachtenberg (Eds.). Springer Berlin Heidelberg, Berlin, Heidelberg, 39\u201358."},{"key":"e_1_3_2_1_60_1","volume-title":"Was ist eine Fritzbox?Retrieved","author":"Luber Stefan","year":"2022","unstructured":"Stefan Luber and Andreas Donner . 2019. Was ist eine Fritzbox?Retrieved March 2, 2022 from https:\/\/www.ip-insider.de\/was-ist-eine-fritzbox-a-883753\/ Stefan Luber and Andreas Donner. 2019. Was ist eine Fritzbox?Retrieved March 2, 2022 from https:\/\/www.ip-insider.de\/was-ist-eine-fritzbox-a-883753\/"},{"key":"e_1_3_2_1_61_1","unstructured":"SEG \/\u00a0DrayTek UK. 2015. O\/S versions on Vigor 2760 Series Routers (DrayOS\/Linux). Retrieved March 2 2022 from https:\/\/www.draytek.co.uk\/support\/guides\/os-versions-on-vigor-2760-series-routers  SEG \/\u00a0DrayTek UK. 2015. O\/S versions on Vigor 2760 Series Routers (DrayOS\/Linux). Retrieved March 2 2022 from https:\/\/www.draytek.co.uk\/support\/guides\/os-versions-on-vigor-2760-series-routers"},{"key":"e_1_3_2_1_62_1","unstructured":"Alexander Vykhodtsev. 2021. page-load-time. https:\/\/github.com\/alex-vv\/page-load-time  Alexander Vykhodtsev. 2021. page-load-time. https:\/\/github.com\/alex-vv\/page-load-time"},{"key":"e_1_3_2_1_63_1","volume-title":"Retrieved","author":"Wilson Anna","year":"2020","unstructured":"Anna Wilson . 2020 . Website Load Time Statistics . Retrieved June 27, 2022 from https:\/\/www.top10-websitehosting.co.uk\/website-load-time-statistics\/ Anna Wilson. 2020. Website Load Time Statistics. Retrieved June 27, 2022 from https:\/\/www.top10-websitehosting.co.uk\/website-load-time-statistics\/"},{"key":"e_1_3_2_1_64_1","volume-title":"KEPLER: Facilitating Control-flow Hijacking Primitive Evaluation for Linux Kernel Vulnerabilities. In 28th USENIX Security Symposium (USENIX Security 19)","author":"Wu Wei","year":"2019","unstructured":"Wei Wu , Yueqi Chen , Xinyu Xing , and Wei Zou . 2019 . KEPLER: Facilitating Control-flow Hijacking Primitive Evaluation for Linux Kernel Vulnerabilities. In 28th USENIX Security Symposium (USENIX Security 19) . USENIX Association, Santa Clara, CA, 1187\u20131204. https:\/\/www.usenix.org\/conference\/usenixsecurity19\/presentation\/wu-wei Wei Wu, Yueqi Chen, Xinyu Xing, and Wei Zou. 2019. KEPLER: Facilitating Control-flow Hijacking Primitive Evaluation for Linux Kernel Vulnerabilities. In 28th USENIX Security Symposium (USENIX Security 19). USENIX Association, Santa Clara, CA, 1187\u20131204. https:\/\/www.usenix.org\/conference\/usenixsecurity19\/presentation\/wu-wei"},{"key":"e_1_3_2_1_65_1","volume-title":"29th USENIX Security Symposium (USENIX Security 20)","author":"Xing Jiarong","year":"2020","unstructured":"Jiarong Xing , Qiao Kang , and Ang Chen . 2020 . NetWarden: Mitigating Network Covert Channels while Preserving Performance . In 29th USENIX Security Symposium (USENIX Security 20) . USENIX Association , 2039\u20132056. https:\/\/www.usenix.org\/conference\/usenixsecurity20\/presentation\/xing Jiarong Xing, Qiao Kang, and Ang Chen. 2020. NetWarden: Mitigating Network Covert Channels while Preserving Performance. In 29th USENIX Security Symposium (USENIX Security 20). USENIX Association, 2039\u20132056. https:\/\/www.usenix.org\/conference\/usenixsecurity20\/presentation\/xing"},{"key":"e_1_3_2_1_66_1","doi-asserted-by":"publisher","DOI":"10.1145\/3210240.3210338"},{"key":"e_1_3_2_1_67_1","doi-asserted-by":"publisher","DOI":"10.1109\/SP.2012.42"},{"key":"e_1_3_2_1_68_1","doi-asserted-by":"publisher","DOI":"10.1109\/SP.2014.27"},{"key":"e_1_3_2_1_69_1","volume-title":"TCP-Fuzz: Detecting Memory and Semantic Bugs in TCP Stacks with Fuzzing. In 2021 USENIX Annual Technical Conference (USENIX ATC 21)","author":"Zou Yong-Hao","year":"2021","unstructured":"Yong-Hao Zou , Jia-Ju Bai , Jielong Zhou , Jianfeng Tan , Chenggang Qin , and Shi-Min Hu . 2021 . TCP-Fuzz: Detecting Memory and Semantic Bugs in TCP Stacks with Fuzzing. In 2021 USENIX Annual Technical Conference (USENIX ATC 21) . USENIX Association, 489\u2013502. https:\/\/www.usenix.org\/conference\/atc21\/presentation\/zou Yong-Hao Zou, Jia-Ju Bai, Jielong Zhou, Jianfeng Tan, Chenggang Qin, and Shi-Min Hu. 2021. TCP-Fuzz: Detecting Memory and Semantic Bugs in TCP Stacks with Fuzzing. In 2021 USENIX Annual Technical Conference (USENIX ATC 21). USENIX Association, 489\u2013502. https:\/\/www.usenix.org\/conference\/atc21\/presentation\/zou"}],"event":{"name":"RAID 2022: 25th International Symposium on Research in Attacks, Intrusions and Defenses","location":"Limassol Cyprus","acronym":"RAID 2022"},"container-title":["Proceedings of the 25th International Symposium on Research in Attacks, Intrusions and Defenses"],"original-title":[],"link":[{"URL":"https:\/\/dl.acm.org\/doi\/10.1145\/3545948.3545961","content-type":"unspecified","content-version":"vor","intended-application":"text-mining"},{"URL":"https:\/\/dl.acm.org\/doi\/pdf\/10.1145\/3545948.3545961","content-type":"unspecified","content-version":"vor","intended-application":"similarity-checking"}],"deposited":{"date-parts":[[2025,6,17]],"date-time":"2025-06-17T19:30:27Z","timestamp":1750188627000},"score":1,"resource":{"primary":{"URL":"https:\/\/dl.acm.org\/doi\/10.1145\/3545948.3545961"}},"subtitle":[],"short-title":[],"issued":{"date-parts":[[2022,10,26]]},"references-count":68,"alternative-id":["10.1145\/3545948.3545961","10.1145\/3545948"],"URL":"https:\/\/doi.org\/10.1145\/3545948.3545961","relation":{},"subject":[],"published":{"date-parts":[[2022,10,26]]},"assertion":[{"value":"2022-10-26","order":2,"name":"published","label":"Published","group":{"name":"publication_history","label":"Publication History"}}]}}