{"status":"ok","message-type":"work","message-version":"1.0.0","message":{"indexed":{"date-parts":[[2026,1,23]],"date-time":"2026-01-23T09:41:25Z","timestamp":1769161285439,"version":"3.49.0"},"publisher-location":"New York, NY, USA","reference-count":24,"publisher":"ACM","license":[{"start":{"date-parts":[[2022,11,7]],"date-time":"2022-11-07T00:00:00Z","timestamp":1667779200000},"content-version":"vor","delay-in-days":0,"URL":"https:\/\/www.acm.org\/publications\/policies\/copyright_policy#Background"}],"content-domain":{"domain":["dl.acm.org"],"crossmark-restriction":true},"short-container-title":[],"published-print":{"date-parts":[[2022,11,11]]},"DOI":"10.1145\/3560834.3563823","type":"proceedings-article","created":{"date-parts":[[2022,11,4]],"date-time":"2022-11-04T04:06:51Z","timestamp":1667534811000},"page":"45-54","update-policy":"https:\/\/doi.org\/10.1145\/crossmark-policy","source":"Crossref","is-referenced-by-count":1,"title":["Breaking KASLR on Mobile Devices without Any Use of Cache Memory"],"prefix":"10.1145","author":[{"given":"Milad","family":"Seddigh","sequence":"first","affiliation":[{"name":"Shahid Beheshti University, Tehran, Iran"}]},{"given":"Mahdi","family":"Esfahani","sequence":"additional","affiliation":[{"name":"Sharif University of Technology, Tehran, Iran"}]},{"given":"Sarani","family":"Bhattacharya","sequence":"additional","affiliation":[{"name":"Imec, Leuven, Belgium"}]},{"given":"Mohammad Reza","family":"Aref","sequence":"additional","affiliation":[{"name":"Sharif University of Technology, Tehran, Iran"}]},{"given":"Hadi","family":"Soleimany","sequence":"additional","affiliation":[{"name":"Shahid Beheshti University, Tehran, Iran"}]}],"member":"320","published-online":{"date-parts":[[2022,11,7]]},"reference":[{"key":"e_1_3_2_2_1_1","unstructured":"2017. ARM LIMITED. Cortex-A57 MPCore Processor Revision: r1p3 Technical Reference Manual. http:\/\/infocenter.arm.com\/help\/topic\/com.  2017. ARM LIMITED. Cortex-A57 MPCore Processor Revision: r1p3 Technical Reference Manual. http:\/\/infocenter.arm.com\/help\/topic\/com."},{"key":"e_1_3_2_2_2_1","unstructured":"2019. Linux. Complete virtual memory map with 4-level page tables. https:\/\/www.kernel.org\/doc\/Documentation\/x86\/x86_64\/mm.txt.  2019. Linux. Complete virtual memory map with 4-level page tables. https:\/\/www.kernel.org\/doc\/Documentation\/x86\/x86_64\/mm.txt."},{"key":"e_1_3_2_2_3_1","unstructured":"2021. Arm Architecture Reference Manual Armv8 for A-profile architecture. https:\/\/developer.arm.com\/documentation\/ddi0487\/gb\/.  2021. Arm Architecture Reference Manual Armv8 for A-profile architecture. https:\/\/developer.arm.com\/documentation\/ddi0487\/gb\/."},{"key":"e_1_3_2_2_4_1","unstructured":"2021. Armv8.5-A CPU Updates - Arm Developer. https:\/\/developer.arm.com.  2021. Armv8.5-A CPU Updates - Arm Developer. https:\/\/developer.arm.com."},{"key":"e_1_3_2_2_5_1","unstructured":"2021. Vulnerability of Speculative Processors to Cache Timing Side-Channel Mechanism. https:\/\/developer.arm.com\/support\/arm-securityupdates\/speculative-processor vulnerability.  2021. Vulnerability of Speculative Processors to Cache Timing Side-Channel Mechanism. https:\/\/developer.arm.com\/support\/arm-securityupdates\/speculative-processor vulnerability."},{"key":"e_1_3_2_2_6_1","doi-asserted-by":"publisher","DOI":"10.1145\/3320269.3384747"},{"key":"e_1_3_2_2_7_1","doi-asserted-by":"publisher","DOI":"10.1109\/MICRO.2016.7783743"},{"key":"e_1_3_2_2_8_1","first-page":"26","article-title":"ASLR on the Line: Practical Cache Attacks on the MMU","volume":"17","author":"Gras Ben","year":"2017","unstructured":"Ben Gras , Kaveh Razavi , Erik Bosman , Herbert Bos , and Cristiano Giuffrida . 2017 . ASLR on the Line: Practical Cache Attacks on the MMU .. In NDSS , Vol. 17. 26 . Ben Gras, Kaveh Razavi, Erik Bosman, Herbert Bos, and Cristiano Giuffrida. 2017. ASLR on the Line: Practical Cache Attacks on the MMU.. In NDSS, Vol. 17. 26.","journal-title":"NDSS"},{"key":"e_1_3_2_2_9_1","volume-title":"Kernel isolation: From an academic idea to an efficient patch for every computer","author":"Gruss Daniel","year":"2018","unstructured":"Daniel Gruss , Dave Hansen , and Brendan Gregg . 2018. Kernel isolation: From an academic idea to an efficient patch for every computer . ; login: the USENIX Magazine 43, 4 ( 2018 ), 10--14. Daniel Gruss, Dave Hansen, and Brendan Gregg. 2018. Kernel isolation: From an academic idea to an efficient patch for every computer. ; login: the USENIX Magazine 43, 4 (2018), 10--14."},{"key":"e_1_3_2_2_10_1","doi-asserted-by":"publisher","DOI":"10.1145\/2976749.2978356"},{"key":"e_1_3_2_2_11_1","volume-title":"KAISER: unmap most of the kernel from userspace page table. Linux Kernel Mailing List","author":"Hansen D","year":"2017","unstructured":"D Hansen . 2017. KAISER: unmap most of the kernel from userspace page table. Linux Kernel Mailing List ( 2017 ). D Hansen. 2017. KAISER: unmap most of the kernel from userspace page table. Linux Kernel Mailing List (2017)."},{"key":"e_1_3_2_2_12_1","doi-asserted-by":"publisher","DOI":"10.1109\/SP.2013.23"},{"key":"e_1_3_2_2_13_1","doi-asserted-by":"publisher","DOI":"10.1145\/2976749.2978321"},{"key":"e_1_3_2_2_14_1","unstructured":"K Johnson. 2018. KVA Shadow: Mitigating Meltdown on Windows.  K Johnson. 2018. KVA Shadow: Mitigating Meltdown on Windows."},{"key":"e_1_3_2_2_15_1","volume-title":"Spectre Attacks: Exploiting Speculative Execution. In 2019 IEEE Symposium on Security and Privacy, SP 2019","author":"Kocher Paul","year":"2019","unstructured":"Paul Kocher , Jann Horn , Anders Fogh , Daniel Genkin , Daniel Gruss , Werner Haas , Mike Hamburg , Moritz Lipp , Stefan Mangard , Thomas Prescher , Michael Schwarz , and Yuval Yarom . 2019 . Spectre Attacks: Exploiting Speculative Execution. In 2019 IEEE Symposium on Security and Privacy, SP 2019 , San Francisco, CA, USA, May 19--23 , 2019. IEEE, 1--19. https:\/\/doi.org\/10.1109\/SP.2019.00002 10.1109\/SP.2019.00002 Paul Kocher, Jann Horn, Anders Fogh, Daniel Genkin, Daniel Gruss, Werner Haas, Mike Hamburg, Moritz Lipp, Stefan Mangard, Thomas Prescher, Michael Schwarz, and Yuval Yarom. 2019. Spectre Attacks: Exploiting Speculative Execution. In 2019 IEEE Symposium on Security and Privacy, SP 2019, San Francisco, CA, USA, May 19--23, 2019. IEEE, 1--19. https:\/\/doi.org\/10.1109\/SP.2019.00002"},{"key":"e_1_3_2_2_16_1","volume-title":"ARMageddon: Cache Attacks on Mobile Devices. In 25th USENIX Security Symposium, USENIX Security 16","author":"Lipp Moritz","year":"2016","unstructured":"Moritz Lipp , Daniel Gruss , Raphael Spreitzer , Cl\u00e9mentine Maurice , and Stefan Mangard . 2016 . ARMageddon: Cache Attacks on Mobile Devices. In 25th USENIX Security Symposium, USENIX Security 16 , Austin, TX, USA, August 10--12 , 2016, Thorsten Holz and Stefan Savage (Eds.). USENIX Association, 549--564. https:\/\/www.usenix.org\/conference\/usenixsecurity16\/technical-sessions\/presentation\/lipp Moritz Lipp, Daniel Gruss, Raphael Spreitzer, Cl\u00e9mentine Maurice, and Stefan Mangard. 2016. ARMageddon: Cache Attacks on Mobile Devices. In 25th USENIX Security Symposium, USENIX Security 16, Austin, TX, USA, August 10--12, 2016, Thorsten Holz and Stefan Savage (Eds.). USENIX Association, 549--564. https:\/\/www.usenix.org\/conference\/usenixsecurity16\/technical-sessions\/presentation\/lipp"},{"key":"e_1_3_2_2_17_1","doi-asserted-by":"publisher","DOI":"10.1145\/3357033"},{"key":"e_1_3_2_2_18_1","volume-title":"Daniel Genkin, Daniel Gruss, Frank Piessens, Berk Sunar, and Yuval Yarom.","author":"Minkin Marina","year":"2019","unstructured":"Marina Minkin , Daniel Moghimi , Moritz Lipp , Michael Schwarz , Jo Van Bulck , Daniel Genkin, Daniel Gruss, Frank Piessens, Berk Sunar, and Yuval Yarom. 2019 . Fallout : Reading Kernel Writes From User Space. CoRR abs\/1905.12701 (2019). arXiv:1905.12701 http:\/\/arxiv.org\/abs\/1905.12701 Marina Minkin, Daniel Moghimi, Moritz Lipp, Michael Schwarz, Jo Van Bulck, Daniel Genkin, Daniel Gruss, Frank Piessens, Berk Sunar, and Yuval Yarom. 2019. Fallout: Reading Kernel Writes From User Space. CoRR abs\/1905.12701 (2019). arXiv:1905.12701 http:\/\/arxiv.org\/abs\/1905.12701"},{"key":"e_1_3_2_2_19_1","doi-asserted-by":"publisher","DOI":"10.1145\/2810103.2813708"},{"key":"e_1_3_2_2_20_1","volume-title":"Store-to-Leak Forwarding: Leaking Data on Meltdown-resistant CPUs. CoRR abs\/1905.05725","author":"Schwarz Michael","year":"2019","unstructured":"Michael Schwarz , Claudio Canella , Lukas Giner , and Daniel Gruss . 2019. Store-to-Leak Forwarding: Leaking Data on Meltdown-resistant CPUs. CoRR abs\/1905.05725 ( 2019 ). arXiv:1905.05725 http:\/\/arxiv.org\/abs\/1905.05725 Michael Schwarz, Claudio Canella, Lukas Giner, and Daniel Gruss. 2019. Store-to-Leak Forwarding: Leaking Data on Meltdown-resistant CPUs. CoRR abs\/1905.05725 (2019). arXiv:1905.05725 http:\/\/arxiv.org\/abs\/1905.05725"},{"key":"e_1_3_2_2_21_1","doi-asserted-by":"publisher","DOI":"10.1145\/3319535.3354252"},{"key":"e_1_3_2_2_22_1","doi-asserted-by":"publisher","DOI":"10.1007\/978-3-319-70972-7_13"},{"key":"e_1_3_2_2_23_1","volume-title":"RIDL: Rogue In-Flight Data Load.","author":"van Schaik Stephan","year":"2019","unstructured":"Stephan van Schaik , Alyssa Milburn , Sebastian \u00d6sterlund , Pietro Frigo , Giorgi Maisuradze , Kaveh Razavi , Herbert Bos , and Cristiano Giuffrida . 2019 . RIDL: Rogue In-Flight Data Load. (2019), 88--105. https:\/\/doi.org\/10.1109\/SP.2019.00087 10.1109\/SP.2019.00087 Stephan van Schaik, Alyssa Milburn, Sebastian \u00d6sterlund, Pietro Frigo, Giorgi Maisuradze, Kaveh Razavi, Herbert Bos, and Cristiano Giuffrida. 2019. RIDL: Rogue In-Flight Data Load. (2019), 88--105. https:\/\/doi.org\/10.1109\/SP.2019.00087"},{"key":"e_1_3_2_2_24_1","volume-title":"ARM Limited. In 26th USENIX Security Symposium, USENIX Security 2017","author":"WILLIAMSON.","year":"2012","unstructured":"WILLIAMSON. 2012 . Line allocation in multi-level hierarchical data stores. Patent US8271733 B2 , ARM Limited. In 26th USENIX Security Symposium, USENIX Security 2017 , Vancouver, BC, Canada, August 16--18 , 2017. USENIX Association, 1075--1091. WILLIAMSON. 2012. Line allocation in multi-level hierarchical data stores. Patent US8271733 B2, ARM Limited. In 26th USENIX Security Symposium, USENIX Security 2017, Vancouver, BC, Canada, August 16--18, 2017. USENIX Association, 1075--1091."}],"event":{"name":"CCS '22: 2022 ACM SIGSAC Conference on Computer and Communications Security","location":"Los Angeles CA USA","acronym":"CCS '22","sponsor":["SIGSAC ACM Special Interest Group on Security, Audit, and Control"]},"container-title":["Proceedings of the 2022 Workshop on Attacks and Solutions in Hardware Security"],"original-title":[],"link":[{"URL":"https:\/\/dl.acm.org\/doi\/10.1145\/3560834.3563823","content-type":"unspecified","content-version":"vor","intended-application":"text-mining"},{"URL":"https:\/\/dl.acm.org\/doi\/pdf\/10.1145\/3560834.3563823","content-type":"unspecified","content-version":"vor","intended-application":"similarity-checking"}],"deposited":{"date-parts":[[2025,6,17]],"date-time":"2025-06-17T17:49:09Z","timestamp":1750182549000},"score":1,"resource":{"primary":{"URL":"https:\/\/dl.acm.org\/doi\/10.1145\/3560834.3563823"}},"subtitle":[],"short-title":[],"issued":{"date-parts":[[2022,11,7]]},"references-count":24,"alternative-id":["10.1145\/3560834.3563823","10.1145\/3560834"],"URL":"https:\/\/doi.org\/10.1145\/3560834.3563823","relation":{},"subject":[],"published":{"date-parts":[[2022,11,7]]},"assertion":[{"value":"2022-11-07","order":2,"name":"published","label":"Published","group":{"name":"publication_history","label":"Publication History"}}]}}