{"status":"ok","message-type":"work","message-version":"1.0.0","message":{"indexed":{"date-parts":[[2026,1,29]],"date-time":"2026-01-29T21:13:35Z","timestamp":1769721215547,"version":"3.49.0"},"publisher-location":"New York, NY, USA","reference-count":75,"publisher":"ACM","license":[{"start":{"date-parts":[[2023,7,10]],"date-time":"2023-07-10T00:00:00Z","timestamp":1688947200000},"content-version":"vor","delay-in-days":0,"URL":"https:\/\/creativecommons.org\/licenses\/by\/4.0\/"}],"funder":[{"DOI":"10.13039\/100000185","name":"Defense Advanced Research Projects Agency","doi-asserted-by":"publisher","award":["HR001120C0191, HR001120C0155"],"award-info":[{"award-number":["HR001120C0191, HR001120C0155"]}],"id":[{"id":"10.13039\/100000185","id-type":"DOI","asserted-by":"publisher"}]},{"DOI":"10.13039\/100000001","name":"National Science Foundation","doi-asserted-by":"publisher","award":["CNS-2238467"],"award-info":[{"award-number":["CNS-2238467"]}],"id":[{"id":"10.13039\/100000001","id-type":"DOI","asserted-by":"publisher"}]},{"DOI":"10.13039\/100010661","name":"Horizon 2020 Framework Programme","doi-asserted-by":"publisher","award":["958478, 883540"],"award-info":[{"award-number":["958478, 883540"]}],"id":[{"id":"10.13039\/100010661","id-type":"DOI","asserted-by":"publisher"}]}],"content-domain":{"domain":["dl.acm.org"],"crossmark-restriction":true},"short-container-title":[],"published-print":{"date-parts":[[2023,7,10]]},"DOI":"10.1145\/3579856.3590330","type":"proceedings-article","created":{"date-parts":[[2023,7,5]],"date-time":"2023-07-05T14:52:13Z","timestamp":1688568733000},"page":"429-442","update-policy":"https:\/\/doi.org\/10.1145\/crossmark-policy","source":"Crossref","is-referenced-by-count":8,"title":["BinWrap: Hybrid Protection against Native Node.js Add-ons"],"prefix":"10.1145","author":[{"ORCID":"https:\/\/orcid.org\/0000-0002-3816-8728","authenticated-orcid":false,"given":"George","family":"Christou","sequence":"first","affiliation":[{"name":"FORTH-ICS, Greece"}]},{"ORCID":"https:\/\/orcid.org\/0000-0003-1158-3056","authenticated-orcid":false,"given":"Grigoris","family":"Ntousakis","sequence":"additional","affiliation":[{"name":"Brown University, United States of America and TU Crete, Greece"}]},{"ORCID":"https:\/\/orcid.org\/0009-0003-9792-7354","authenticated-orcid":false,"given":"Eric","family":"Lahtinen","sequence":"additional","affiliation":[{"name":"Aarno Labs, United States of America"}]},{"ORCID":"https:\/\/orcid.org\/0000-0001-9340-2241","authenticated-orcid":false,"given":"Sotiris","family":"Ioannidis","sequence":"additional","affiliation":[{"name":"TU Crete, Greece and FORTH-ICS, Greece"}]},{"ORCID":"https:\/\/orcid.org\/0000-0002-6528-437X","authenticated-orcid":false,"given":"Vasileios P.","family":"Kemerlis","sequence":"additional","affiliation":[{"name":"Brown University, United States of America"}]},{"ORCID":"https:\/\/orcid.org\/0000-0001-7347-298X","authenticated-orcid":false,"given":"Nikos","family":"Vasilakis","sequence":"additional","affiliation":[{"name":"Brown University, USA"}]}],"member":"320","published-online":{"date-parts":[[2023,7,10]]},"reference":[{"key":"e_1_3_2_1_1_1","doi-asserted-by":"publisher","DOI":"10.1145\/2420950.2420952"},{"key":"e_1_3_2_1_2_1","unstructured":"Apache. 2022. CouchDB. https:\/\/docs.couchdb.org\/en\/stable\/.  Apache. 2022. CouchDB. https:\/\/docs.couchdb.org\/en\/stable\/."},{"key":"e_1_3_2_1_3_1","unstructured":"ARM. 2018. Domains. https:\/\/developer.arm.com\/documentation\/ddi0406\/b\/System-Level-Architecture\/Virtual-Memory-System-Architecture\u2013VMSA-\/Memory-access-control\/Domains.  ARM. 2018. Domains. https:\/\/developer.arm.com\/documentation\/ddi0406\/b\/System-Level-Architecture\/Virtual-Memory-System-Architecture\u2013VMSA-\/Memory-access-control\/Domains."},{"key":"e_1_3_2_1_4_1","unstructured":"Steve Bannister. 2018. Memory Tagging Extension: Enhancing memory safety through architecture. https:\/\/community.arm.com\/arm-community-blogs\/b\/architectures-and-processors-blog\/posts\/enhancing-memory-safety.  Steve Bannister. 2018. Memory Tagging Extension: Enhancing memory safety through architecture. https:\/\/community.arm.com\/arm-community-blogs\/b\/architectures-and-processors-blog\/posts\/enhancing-memory-safety."},{"key":"e_1_3_2_1_5_1","volume-title":"Compiling Sandboxes: Formally Verified Software Fault Isolation. In European Symposium on Programming (ESOP). 499\u2013524","author":"Besson Fr\u00e9d\u00e9ric","year":"2019","unstructured":"Fr\u00e9d\u00e9ric Besson , Sandrine Blazy , Alexandre Dang , Thomas Jensen , and Pierre Wilke . 2019 . Compiling Sandboxes: Formally Verified Software Fault Isolation. In European Symposium on Programming (ESOP). 499\u2013524 . Fr\u00e9d\u00e9ric Besson, Sandrine Blazy, Alexandre Dang, Thomas Jensen, and Pierre Wilke. 2019. Compiling Sandboxes: Formally Verified Software Fault Isolation. In European Symposium on Programming (ESOP). 499\u2013524."},{"key":"e_1_3_2_1_6_1","volume-title":"Jump-Oriented Programming: A New Class of Code-Reuse Attack. In ACM Asia Symposium on Information, Computer and Communications Security (ASIACCS). 30\u201340","author":"Bletsch Tyler","year":"2011","unstructured":"Tyler Bletsch , Xuxian Jiang , Vince\u00a0 W Freeh , and Zhenkai Liang . 2011 . Jump-Oriented Programming: A New Class of Code-Reuse Attack. In ACM Asia Symposium on Information, Computer and Communications Security (ASIACCS). 30\u201340 . Tyler Bletsch, Xuxian Jiang, Vince\u00a0W Freeh, and Zhenkai Liang. 2011. Jump-Oriented Programming: A New Class of Code-Reuse Attack. In ACM Asia Symposium on Information, Computer and Communications Security (ASIACCS). 30\u201340."},{"key":"e_1_3_2_1_7_1","volume-title":"Proc. of USENIX Summer. 87\u201398","author":"Bonwick Jeff","year":"1994","unstructured":"Jeff Bonwick . 1994 . The Slab Allocator: An Object-Caching Kernel Memory Allocator . In Proc. of USENIX Summer. 87\u201398 . Jeff Bonwick. 1994. The Slab Allocator: An Object-Caching Kernel Memory Allocator. In Proc. of USENIX Summer. 87\u201398."},{"key":"e_1_3_2_1_8_1","volume-title":"IEEE Symposium on Security and Privacy (S&P). 243\u2013258","author":"Bosman Erik","year":"2014","unstructured":"Erik Bosman and Herbert Bos . 2014 . Framing Signals\u2014A Return to Portable Shellcode . In IEEE Symposium on Security and Privacy (S&P). 243\u2013258 . Erik Bosman and Herbert Bos. 2014. Framing Signals\u2014A Return to Portable Shellcode. In IEEE Symposium on Security and Privacy (S&P). 243\u2013258."},{"key":"e_1_3_2_1_9_1","volume-title":"Leakage-Resilient Layout Randomization for Mobile Devices. In Network and Distributed System Security Symposium (NDSS).","author":"Braden Kjell","year":"2016","unstructured":"Kjell Braden , Lucas Davi , Christopher Liebchen , Ahmad-Reza Sadeghi , Stephen Crane , Michael Franz , and Per Larsen . 2016 . Leakage-Resilient Layout Randomization for Mobile Devices. In Network and Distributed System Security Symposium (NDSS). Kjell Braden, Lucas Davi, Christopher Liebchen, Ahmad-Reza Sadeghi, Stephen Crane, Michael Franz, and Per Larsen. 2016. Leakage-Resilient Layout Randomization for Mobile Devices. In Network and Distributed System Security Symposium (NDSS)."},{"key":"e_1_3_2_1_10_1","unstructured":"Bugtraq. [n. d.]. Getting around non-executable stack (and fix). https:\/\/seclists.org\/bugtraq\/1997\/Aug\/63.  Bugtraq. [n. d.]. Getting around non-executable stack (and fix). https:\/\/seclists.org\/bugtraq\/1997\/Aug\/63."},{"key":"e_1_3_2_1_11_1","volume-title":"USENIX Security Symposium (SEC). 249\u2013266","author":"Canella Claudio","year":"2019","unstructured":"Claudio Canella , Jo Van\u00a0Bulck , Michael Schwarz , Moritz Lipp , Benjamin Von\u00a0Berg , Philipp Ortner , Frank Piessens , Dmitry Evtyushkin , and Daniel Gruss . 2019 . A Systematic Evaluation of Transient Execution Attacks and Defenses . In USENIX Security Symposium (SEC). 249\u2013266 . Claudio Canella, Jo Van\u00a0Bulck, Michael Schwarz, Moritz Lipp, Benjamin Von\u00a0Berg, Philipp Ortner, Frank Piessens, Dmitry Evtyushkin, and Daniel Gruss. 2019. A Systematic Evaluation of Transient Execution Attacks and Defenses. In USENIX Security Symposium (SEC). 249\u2013266."},{"key":"e_1_3_2_1_12_1","volume-title":"ACM Conference on Computer and Communications Security (CCS). 559\u2013572","author":"Checkoway Stephen","year":"2010","unstructured":"Stephen Checkoway , Lucas Davi , Alexandra Dmitrienko , Ahmad-Reza Sadeghi , Hovav Shacham , and Marcel Winandy . 2010 . Return-Oriented Programming without Returns . In ACM Conference on Computer and Communications Security (CCS). 559\u2013572 . Stephen Checkoway, Lucas Davi, Alexandra Dmitrienko, Ahmad-Reza Sadeghi, Hovav Shacham, and Marcel Winandy. 2010. Return-Oriented Programming without Returns. In ACM Conference on Computer and Communications Security (CCS). 559\u2013572."},{"key":"e_1_3_2_1_13_1","volume-title":"PKU Pitfalls: Attacks on PKU-based Memory Isolation Systems. In USENIX Security Symposium (SEC). 1409\u20131426","author":"Connor R\u00a0Joseph","year":"2020","unstructured":"R\u00a0Joseph Connor , Tyler McDaniel , Jared\u00a0 M Smith , and Max Schuchard . 2020 . PKU Pitfalls: Attacks on PKU-based Memory Isolation Systems. In USENIX Security Symposium (SEC). 1409\u20131426 . R\u00a0Joseph Connor, Tyler McDaniel, Jared\u00a0M Smith, and Max Schuchard. 2020. PKU Pitfalls: Attacks on PKU-based Memory Isolation Systems. In USENIX Security Symposium (SEC). 1409\u20131426."},{"key":"e_1_3_2_1_14_1","unstructured":"Intel Corporation. 2019. Control-flow Enforcement Technology Specification.  Intel Corporation. 2019. Control-flow Enforcement Technology Specification."},{"key":"e_1_3_2_1_15_1","volume-title":"StackGuard: Automatic Adaptive Detection and Prevention of Buffer-Overflow Attacks. In USENIX Security Symposium (SEC), Vol.\u00a098","author":"Cowan Crispan","year":"1998","unstructured":"Crispan Cowan , Calton Pu , Dave Maier , Jonathan Walpole , Peat Bakke , Steve Beattie , Aaron Grier , Perry Wagle , Qian Zhang , and Heather Hinton . 1998 . StackGuard: Automatic Adaptive Detection and Prevention of Buffer-Overflow Attacks. In USENIX Security Symposium (SEC), Vol.\u00a098 . 63\u201378. Crispan Cowan, Calton Pu, Dave Maier, Jonathan Walpole, Peat Bakke, Steve Beattie, Aaron Grier, Perry Wagle, Qian Zhang, and Heather Hinton. 1998. StackGuard: Automatic Adaptive Detection and Prevention of Buffer-Overflow Attacks. In USENIX Security Symposium (SEC), Vol.\u00a098. 63\u201378."},{"key":"e_1_3_2_1_16_1","volume-title":"IEEE Symposium on Security and Privacy (S&P). 763\u2013780","author":"Crane Stephen","year":"2015","unstructured":"Stephen Crane , Christopher Liebchen , Andrei Homescu , Lucas Davi , Per Larsen , Ahmad-Reza Sadeghi , Stefan Brunthaler , and Michael Franz . 2015 . Readactor: Practical Code Randomization Resilient to Memory Disclosure . In IEEE Symposium on Security and Privacy (S&P). 763\u2013780 . Stephen Crane, Christopher Liebchen, Andrei Homescu, Lucas Davi, Per Larsen, Ahmad-Reza Sadeghi, Stefan Brunthaler, and Michael Franz. 2015. Readactor: Practical Code Randomization Resilient to Memory Disclosure. In IEEE Symposium on Security and Privacy (S&P). 763\u2013780."},{"key":"e_1_3_2_1_17_1","volume-title":"NodeSentry: Least-privilege Library Integration for Server-Side JavaScript. In Annual Computer Security Applications Conference (ACSAC). 446\u2013455","author":"De\u00a0Groef Willem","year":"2014","unstructured":"Willem De\u00a0Groef , Fabio Massacci , and Frank Piessens . 2014 . NodeSentry: Least-privilege Library Integration for Server-Side JavaScript. In Annual Computer Security Applications Conference (ACSAC). 446\u2013455 . Willem De\u00a0Groef, Fabio Massacci, and Frank Piessens. 2014. NodeSentry: Least-privilege Library Integration for Server-Side JavaScript. In Annual Computer Security Applications Conference (ACSAC). 446\u2013455."},{"key":"e_1_3_2_1_18_1","volume-title":"International Symposium on Research in Attacks, Intrusions and Defenses (RAID). 459\u2013474","author":"DeMarinis Nicholas","year":"2020","unstructured":"Nicholas DeMarinis , Kent Williams-King , Di Jin , Rodrigo Fonseca , and Vasileios\u00a0 P. Kemerlis . 2020 . sysfilter: Automated System Call Filtering for Commodity Software . In International Symposium on Research in Attacks, Intrusions and Defenses (RAID). 459\u2013474 . Nicholas DeMarinis, Kent Williams-King, Di Jin, Rodrigo Fonseca, and Vasileios\u00a0P. Kemerlis. 2020. sysfilter: Automated System Call Filtering for Commodity Software. In International Symposium on Research in Attacks, Intrusions and Defenses (RAID). 459\u2013474."},{"key":"e_1_3_2_1_19_1","unstructured":"ExploitDB. 2000. cURL 6.1 < 7.4 \u2013 Remote Buffer Overflow. https:\/\/www.exploit-db.com\/exploits\/20293.  ExploitDB. 2000. cURL 6.1 < 7.4 \u2013 Remote Buffer Overflow. https:\/\/www.exploit-db.com\/exploits\/20293."},{"key":"e_1_3_2_1_20_1","unstructured":"ExploitDB. 2004. LibPNG Graphics Library \u2013 Remote Buffer Overflow. https:\/\/www.exploit-db.com\/exploits\/389.  ExploitDB. 2004. LibPNG Graphics Library \u2013 Remote Buffer Overflow. https:\/\/www.exploit-db.com\/exploits\/389."},{"key":"e_1_3_2_1_21_1","unstructured":"ExploitDB. 2010. LibTIFF Buffer Overflow (Metasploit). https:\/\/www.exploit-db.com\/exploits\/16869.  ExploitDB. 2010. LibTIFF Buffer Overflow (Metasploit). https:\/\/www.exploit-db.com\/exploits\/16869."},{"key":"e_1_3_2_1_22_1","volume-title":"Building Diverse Computer Systems. In Workshop on Hot Topics in Operating Systems (HotOS). 67\u201372","author":"Forrest Stephanie","year":"1997","unstructured":"Stephanie Forrest , Anil Somayaji , and David\u00a0 H. Ackley . 1997 . Building Diverse Computer Systems. In Workshop on Hot Topics in Operating Systems (HotOS). 67\u201372 . Stephanie Forrest, Anil Somayaji, and David\u00a0H. Ackley. 1997. Building Diverse Computer Systems. In Workshop on Hot Topics in Operating Systems (HotOS). 67\u201372."},{"key":"e_1_3_2_1_23_1","unstructured":"Google. 2017. Orinoco: young generation garbage collection. https:\/\/v8.dev\/blog\/orinoco-parallel-scavenger.  Google. 2017. Orinoco: young generation garbage collection. https:\/\/v8.dev\/blog\/orinoco-parallel-scavenger."},{"key":"e_1_3_2_1_24_1","unstructured":"Google. 2018. V8 Garbage Collector. https:\/\/github.com\/thlorenz\/v8-perf\/blob\/master\/gc.md.  Google. 2018. V8 Garbage Collector. https:\/\/github.com\/thlorenz\/v8-perf\/blob\/master\/gc.md."},{"key":"e_1_3_2_1_25_1","unstructured":"Google. 2022. Ignition. https:\/\/v8.dev\/docs\/ignition.  Google. 2022. Ignition. https:\/\/v8.dev\/docs\/ignition."},{"key":"e_1_3_2_1_26_1","unstructured":"Google. 2022. Sparkplug \u2013 a non-optimizing JavaScript compiler. https:\/\/v8.dev\/blog\/sparkplug.  Google. 2022. Sparkplug \u2013 a non-optimizing JavaScript compiler. https:\/\/v8.dev\/blog\/sparkplug."},{"key":"e_1_3_2_1_27_1","unstructured":"Google. 2022. V8\u2019s public API. https:\/\/v8.dev\/docs\/api.  Google. 2022. V8\u2019s public API. https:\/\/v8.dev\/docs\/api."},{"key":"e_1_3_2_1_28_1","unstructured":"Google. 2022. What is V8?https:\/\/v8.dev.  Google. 2022. What is V8?https:\/\/v8.dev."},{"key":"e_1_3_2_1_29_1","volume-title":"Hodor: Intra-Process Isolation for High-Throughput Data Plane Libraries. In USENIX Annual Technical Conference (ATC). 489\u2013504","author":"Hedayati Mohammad","year":"2019","unstructured":"Mohammad Hedayati , Spyridoula Gravani , Ethan Johnson , John Criswell , Michael\u00a0 L Scott , Kai Shen , and Mike Marty . 2019 . Hodor: Intra-Process Isolation for High-Throughput Data Plane Libraries. In USENIX Annual Technical Conference (ATC). 489\u2013504 . Mohammad Hedayati, Spyridoula Gravani, Ethan Johnson, John Criswell, Michael\u00a0L Scott, Kai Shen, and Mike Marty. 2019. Hodor: Intra-Process Isolation for High-Throughput Data Plane Libraries. In USENIX Annual Technical Conference (ATC). 489\u2013504."},{"key":"e_1_3_2_1_30_1","unstructured":"IBM. 2022. Kernel Storage-Protection Keys. https:\/\/www.ibm.com\/docs\/en\/aix\/7.1?topic=concepts-kernel-storage-protection-keys.  IBM. 2022. Kernel Storage-Protection Keys. https:\/\/www.ibm.com\/docs\/en\/aix\/7.1?topic=concepts-kernel-storage-protection-keys."},{"key":"e_1_3_2_1_31_1","unstructured":"Intel. 2000. Intel IA-64 Architecture Software Developer\u2019s Manual. http:\/\/refspecs.linux-foundation.org\/IA64-softdevman-vol2.pdf.  Intel. 2000. Intel IA-64 Architecture Software Developer\u2019s Manual. http:\/\/refspecs.linux-foundation.org\/IA64-softdevman-vol2.pdf."},{"key":"e_1_3_2_1_32_1","unstructured":"Intel. 2022. Memory Protection Keys. https:\/\/www.kernel.org\/doc\/html\/latest\/core-api\/protection-keys.html.  Intel. 2022. Memory Protection Keys. https:\/\/www.kernel.org\/doc\/html\/latest\/core-api\/protection-keys.html."},{"key":"e_1_3_2_1_33_1","unstructured":"kashif. 2022. node-cuda provides NVIDIA CUDA bindings for Node.js. https:\/\/github.com\/kashif\/node-cuda.  kashif. 2022. node-cuda provides NVIDIA CUDA bindings for Node.js. https:\/\/github.com\/kashif\/node-cuda."},{"key":"e_1_3_2_1_34_1","unstructured":"The\u00a0Linux Kernel. 2023. Seccomp BPF (SECure COMPuting with filters). https:\/\/www.kernel.org\/doc\/html\/latest\/userspace-api\/seccomp_filter.html.  The\u00a0Linux Kernel. 2023. Seccomp BPF (SECure COMPuting with filters). https:\/\/www.kernel.org\/doc\/html\/latest\/userspace-api\/seccomp_filter.html."},{"key":"e_1_3_2_1_35_1","unstructured":"keyhash. 2022. Cryptonight hashing functions for Node.js. https:\/\/github.com\/keyhash\/node-cryptonight-old-hardware.  keyhash. 2022. Cryptonight hashing functions for Node.js. https:\/\/github.com\/keyhash\/node-cryptonight-old-hardware."},{"key":"e_1_3_2_1_36_1","volume-title":"PKRU-Safe: Automatically Locking Down the Heap Between Safe and Unsafe Languages. In European Conference on Computer Systems (EuroSys). 132\u2013148","author":"Kirth Paul","year":"2022","unstructured":"Paul Kirth , Mitchel Dickerson , Stephen Crane , Per Larsen , Adrian Dabrowski , David Gens , Yeoul Na , Stijn Volckaert , and Michael Franz . 2022 . PKRU-Safe: Automatically Locking Down the Heap Between Safe and Unsafe Languages. In European Conference on Computer Systems (EuroSys). 132\u2013148 . Paul Kirth, Mitchel Dickerson, Stephen Crane, Per Larsen, Adrian Dabrowski, David Gens, Yeoul Na, Stijn Volckaert, and Michael Franz. 2022. PKRU-Safe: Automatically Locking Down the Heap Between Safe and Unsafe Languages. In European Conference on Computer Systems (EuroSys). 132\u2013148."},{"key":"e_1_3_2_1_37_1","volume-title":"Code-Pointer Integrity. In USENIX Symposium on Operating Systems Design and Implementation (OSDI). 147\u2013163","author":"Kuznetsov Volodymyr","year":"2014","unstructured":"Volodymyr Kuznetsov , Laszlo Szekeres , Mathias Payer , George\u00a0Candea nd R.\u00a0 Sekar , and Dawn Song . 2014 . Code-Pointer Integrity. In USENIX Symposium on Operating Systems Design and Implementation (OSDI). 147\u2013163 . Volodymyr Kuznetsov, Laszlo Szekeres, Mathias Payer, George\u00a0Candea nd R.\u00a0Sekar, and Dawn Song. 2014. Code-Pointer Integrity. In USENIX Symposium on Operating Systems Design and Implementation (OSDI). 147\u2013163."},{"key":"e_1_3_2_1_38_1","doi-asserted-by":"publisher","DOI":"10.1145\/3456629"},{"key":"e_1_3_2_1_39_1","volume-title":"ASLR-Guard: Stopping Address Space Leakage for Code Reuse Attacks. In ACM Conference on Computer and Communications Security (CCS). 280\u2013291","author":"Lu Kangjie","year":"2015","unstructured":"Kangjie Lu , Chengyu Song , Byoungyoung Lee , Simon\u00a0 P Chung , Taesoo Kim , and Wenke Lee . 2015 . ASLR-Guard: Stopping Address Space Leakage for Code Reuse Attacks. In ACM Conference on Computer and Communications Security (CCS). 280\u2013291 . Kangjie Lu, Chengyu Song, Byoungyoung Lee, Simon\u00a0P Chung, Taesoo Kim, and Wenke Lee. 2015. ASLR-Guard: Stopping Address Space Leakage for Code Reuse Attacks. In ACM Conference on Computer and Communications Security (CCS). 280\u2013291."},{"key":"e_1_3_2_1_40_1","volume-title":"International Symposium on Engineering Secure Software and Systems (ESSoS). 141\u2013160","author":"Magazinius Jonas","year":"2014","unstructured":"Jonas Magazinius , Daniel Hedin , and Andrei Sabelfeld . 2014 . Architectures for Inlining Security Monitors in Web applications . In International Symposium on Engineering Secure Software and Systems (ESSoS). 141\u2013160 . Jonas Magazinius, Daniel Hedin, and Andrei Sabelfeld. 2014. Architectures for Inlining Security Monitors in Web applications. In International Symposium on Engineering Secure Software and Systems (ESSoS). 141\u2013160."},{"key":"e_1_3_2_1_41_1","volume-title":"Cross-language Attacks. In Network and Distributed System Security Symposium (NDSS).","author":"Mergendahl Samuel","year":"2022","unstructured":"Samuel Mergendahl , Nathan Burow , and Hamed Okhravi . 2022 . Cross-language Attacks. In Network and Distributed System Security Symposium (NDSS). Samuel Mergendahl, Nathan Burow, and Hamed Okhravi. 2022. Cross-language Attacks. In Network and Distributed System Security Symposium (NDSS)."},{"key":"e_1_3_2_1_42_1","unstructured":"MITRE. 2020. CVE-2020-28248. https:\/\/nvd.nist.gov\/vuln\/detail\/CVE-2020-28248.  MITRE. 2020. CVE-2020-28248. https:\/\/nvd.nist.gov\/vuln\/detail\/CVE-2020-28248."},{"key":"e_1_3_2_1_43_1","doi-asserted-by":"publisher","DOI":"10.1109\/TCAD.2019.2915318"},{"key":"e_1_3_2_1_44_1","volume-title":"SoftBound: Highly Compatible and Complete Spatial Memory Safety for C. In ACM Conference on Programming Language Design and Implementation (PLDI). 245\u2013258","author":"Nagarakatte Santosh","year":"2009","unstructured":"Santosh Nagarakatte , Jianzhou Zhao , Milo\u00a0 MK Martin , and Steve Zdancewic . 2009 . SoftBound: Highly Compatible and Complete Spatial Memory Safety for C. In ACM Conference on Programming Language Design and Implementation (PLDI). 245\u2013258 . Santosh Nagarakatte, Jianzhou Zhao, Milo\u00a0MK Martin, and Steve Zdancewic. 2009. SoftBound: Highly Compatible and Complete Spatial Memory Safety for C. In ACM Conference on Programming Language Design and Implementation (PLDI). 245\u2013258."},{"key":"e_1_3_2_1_45_1","volume-title":"CETS: Compiler Enforced Temporal Safety for C. In International Symposium on Memory Management (ISMM). 31\u201340","author":"Nagarakatte Santosh","year":"2010","unstructured":"Santosh Nagarakatte , Jianzhou Zhao , Milo\u00a0 MK Martin , and Steve Zdancewic . 2010 . CETS: Compiler Enforced Temporal Safety for C. In International Symposium on Memory Management (ISMM). 31\u201340 . Santosh Nagarakatte, Jianzhou Zhao, Milo\u00a0MK Martin, and Steve Zdancewic. 2010. CETS: Compiler Enforced Temporal Safety for C. In International Symposium on Memory Management (ISMM). 31\u201340."},{"key":"e_1_3_2_1_46_1","unstructured":"Node.js. 2022. Native Abstractions for Node.js. https:\/\/github.com\/nodejs\/nan.  Node.js. 2022. Native Abstractions for Node.js. https:\/\/github.com\/nodejs\/nan."},{"key":"e_1_3_2_1_47_1","unstructured":"Node.js. 2022. What is Node-API?https:\/\/nodejs.github.io\/node-addon-examples\/about\/what\/.  Node.js. 2022. What is Node-API?https:\/\/nodejs.github.io\/node-addon-examples\/about\/what\/."},{"key":"e_1_3_2_1_48_1","unstructured":"ohmu. 2022. The missing POSIX system calls for Node. https:\/\/github.com\/ohmu\/node-posix.  ohmu. 2022. The missing POSIX system calls for Node. https:\/\/github.com\/ohmu\/node-posix."},{"key":"e_1_3_2_1_49_1","volume-title":"Annual Computer Security Applications Conference (ACSAC). 49\u201358","author":"Bilge Kaan","year":"2010","unstructured":"Onarlioglu, Kaan and Bilge , Leyla and Lanzi , Andrea and Balzarotti , Davide and Kirda , Engin. 2010 . G-Free: Defeating Return-Oriented Programming through Gadget-less Binaries . In Annual Computer Security Applications Conference (ACSAC). 49\u201358 . Onarlioglu, Kaan and Bilge, Leyla and Lanzi, Andrea and Balzarotti, Davide and Kirda, Engin. 2010. G-Free: Defeating Return-Oriented Programming through Gadget-less Binaries. In Annual Computer Security Applications Conference (ACSAC). 49\u201358."},{"key":"e_1_3_2_1_50_1","article-title":"Smashing The Stack For Fun And Profit","volume":"7","author":"One Aleph","year":"1996","unstructured":"Aleph One . 1996 . Smashing The Stack For Fun And Profit . Phrack Magazine 7 , 49 (1996). Aleph One. 1996. Smashing The Stack For Fun And Profit. Phrack Magazine 7, 49 (1996).","journal-title":"Phrack Magazine"},{"key":"e_1_3_2_1_51_1","unstructured":"OpenBSD. 2003. i386 W\u2303X. https:\/\/marc.info\/?l=openbsd-misc&m=105056000801065.  OpenBSD. 2003. i386 W\u2303X. https:\/\/marc.info\/?l=openbsd-misc&m=105056000801065."},{"key":"e_1_3_2_1_52_1","unstructured":"openJS Foundation. 2009. Node.js. https:\/\/nodejs.org\/en\/.  openJS Foundation. 2009. Node.js. https:\/\/nodejs.org\/en\/."},{"key":"e_1_3_2_1_53_1","volume-title":"USENIX Annual Technical Conference (ATC). 241\u2013254","author":"Park Soyeon","year":"2019","unstructured":"Soyeon Park , Sangho Lee , Wen Xu , Hyungon Moon , and Taesoo Kim . 2019 . libmpk: Software Abstraction for Intel Memory Protection Keys (Intel MPK) . In USENIX Annual Technical Conference (ATC). 241\u2013254 . Soyeon Park, Sangho Lee, Wen Xu, Hyungon Moon, and Taesoo Kim. 2019. libmpk: Software Abstraction for Intel Memory Protection Keys (Intel MPK). In USENIX Annual Technical Conference (ATC). 241\u2013254."},{"key":"e_1_3_2_1_54_1","volume-title":"European Conference on Computer Systems (EuroSys). 420\u2013436","author":"Pomonis Marios","year":"2017","unstructured":"Marios Pomonis , Theofilos Petsios , Angelos\u00a0 D. Keromytis , Michalis Polychronakis , and Vasileios\u00a0 P. Kemerlis . 2017 . kR\u00a0 X: Comprehensive Kernel Protection against Just-In-Time Code Reuse . In European Conference on Computer Systems (EuroSys). 420\u2013436 . Marios Pomonis, Theofilos Petsios, Angelos\u00a0D. Keromytis, Michalis Polychronakis, and Vasileios\u00a0P. Kemerlis. 2017. kR\u00a0 X: Comprehensive Kernel Protection against Just-In-Time Code Reuse. In European Conference on Computer Systems (EuroSys). 420\u2013436."},{"key":"e_1_3_2_1_55_1","unstructured":"Prior99. 2022. Unofficial bindings for node to libpng. https:\/\/github.com\/Prior99\/node-libpng.  Prior99. 2022. Unofficial bindings for node to libpng. https:\/\/github.com\/Prior99\/node-libpng."},{"key":"e_1_3_2_1_56_1","volume-title":"IEEE Symposium on Security and Privacy (S&P). 563\u2013577","author":"Proskurin Sergej","year":"2020","unstructured":"Sergej Proskurin , Marius Momeu , Seyedhamed Ghavamnia , Vasileios\u00a0 P Kemerlis , and Michalis Polychronakis . 2020 . xMP: Selective Memory Protection for Kernel and User Space . In IEEE Symposium on Security and Privacy (S&P). 563\u2013577 . Sergej Proskurin, Marius Momeu, Seyedhamed Ghavamnia, Vasileios\u00a0P Kemerlis, and Michalis Polychronakis. 2020. xMP: Selective Memory Protection for Kernel and User Space. In IEEE Symposium on Security and Privacy (S&P). 563\u2013577."},{"key":"e_1_3_2_1_57_1","volume-title":"Security Technologies: FORTIFY_SOURCE. https:\/\/www.redhat.com\/en\/blog\/security-technologies-fortifysource.","author":"Huzaifa Sidhpurwala Red Hat","year":"2018","unstructured":"Red Hat Blog \u2013 Huzaifa Sidhpurwala . 2018 . Security Technologies: FORTIFY_SOURCE. https:\/\/www.redhat.com\/en\/blog\/security-technologies-fortifysource. Red Hat Blog \u2013 Huzaifa Sidhpurwala. 2018. Security Technologies: FORTIFY_SOURCE. https:\/\/www.redhat.com\/en\/blog\/security-technologies-fortifysource."},{"key":"e_1_3_2_1_58_1","volume-title":"Security Technologies: RELRO. https:\/\/www.redhat.com\/en\/blog\/hardening-elf-binaries-using-relocation-read-only-relro.","author":"Huzaifa Sidhpurwala Red Hat","year":"2019","unstructured":"Red Hat Blog \u2013 Huzaifa Sidhpurwala . 2019 . Security Technologies: RELRO. https:\/\/www.redhat.com\/en\/blog\/hardening-elf-binaries-using-relocation-read-only-relro. Red Hat Blog \u2013 Huzaifa Sidhpurwala. 2019. Security Technologies: RELRO. https:\/\/www.redhat.com\/en\/blog\/hardening-elf-binaries-using-relocation-read-only-relro."},{"key":"e_1_3_2_1_59_1","unstructured":"Jonathan Salwan. 2015. ROPgadget Tool. https:\/\/github.com\/JonathanSalwan\/ROPgadget.  Jonathan Salwan. 2015. ROPgadget Tool. https:\/\/github.com\/JonathanSalwan\/ROPgadget."},{"key":"e_1_3_2_1_60_1","unstructured":"Sascha Schirra. 2022. Ropper. https:\/\/github.com\/sashs\/Ropper.  Sascha Schirra. 2022. Ropper. https:\/\/github.com\/sashs\/Ropper."},{"key":"e_1_3_2_1_61_1","volume-title":"Jenny: Securing Syscalls for PKU-based Memory Isolation Systems. In USENIX Security Symposium (SEC). 936\u2013952","author":"Schrammel David","year":"2022","unstructured":"David Schrammel , Samuel Weiser , Richard Sadek , and Stefan Mangard . 2022 . Jenny: Securing Syscalls for PKU-based Memory Isolation Systems. In USENIX Security Symposium (SEC). 936\u2013952 . David Schrammel, Samuel Weiser, Richard Sadek, and Stefan Mangard. 2022. Jenny: Securing Syscalls for PKU-based Memory Isolation Systems. In USENIX Security Symposium (SEC). 936\u2013952."},{"key":"e_1_3_2_1_62_1","volume-title":"USENIX Security Symposium (SEC). 1677\u20131694","author":"Schrammel David","year":"2020","unstructured":"David Schrammel , Samuel Weiser , Stefan Steinegger , Martin Schwarzl , Michael Schwarz , Stefan Mangard , and Daniel Gruss . 2020 . Donky: Domain Keys \u2013 Efficient In-Process Isolation for RISC-V and x86 . In USENIX Security Symposium (SEC). 1677\u20131694 . David Schrammel, Samuel Weiser, Stefan Steinegger, Martin Schwarzl, Michael Schwarz, Stefan Mangard, and Daniel Gruss. 2020. Donky: Domain Keys \u2013 Efficient In-Process Isolation for RISC-V and x86. In USENIX Security Symposium (SEC). 1677\u20131694."},{"key":"e_1_3_2_1_63_1","volume-title":"ACM Conference on Computer and Communications Security (CCS). 552\u2013561","author":"Shacham Hovav","year":"2007","unstructured":"Hovav Shacham . 2007 . The Geometry of Innocent Flesh on the Bone: Return-into-libc Without Function Calls (on the x86) . In ACM Conference on Computer and Communications Security (CCS). 552\u2013561 . Hovav Shacham. 2007. The Geometry of Innocent Flesh on the Bone: Return-into-libc Without Function Calls (on the x86). In ACM Conference on Computer and Communications Security (CCS). 552\u2013561."},{"key":"e_1_3_2_1_64_1","unstructured":"Snyk. 2021. Vulnerability Database. https:\/\/snyk.io\/vuln?type=npm.  Snyk. 2021. Vulnerability Database. https:\/\/snyk.io\/vuln?type=npm."},{"key":"e_1_3_2_1_65_1","unstructured":"Snyk. 2022. node-sass vulnerabilities. https:\/\/security.snyk.io\/package\/npm\/node-sass.  Snyk. 2022. node-sass vulnerabilities. https:\/\/security.snyk.io\/package\/npm\/node-sass."},{"key":"e_1_3_2_1_66_1","volume-title":"Sok: Eternal War in Memory. In IEEE Symposium on Security and Privacy (S&P). 48\u201362","author":"Szekeres Laszlo","year":"2013","unstructured":"Laszlo Szekeres , Mathias Payer , Tao Wei , and Dawn Song . 2013 . Sok: Eternal War in Memory. In IEEE Symposium on Security and Privacy (S&P). 48\u201362 . Laszlo Szekeres, Mathias Payer, Tao Wei, and Dawn Song. 2013. Sok: Eternal War in Memory. In IEEE Symposium on Security and Privacy (S&P). 48\u201362."},{"key":"e_1_3_2_1_67_1","volume-title":"SafeScript: JavaScript Transformation for Policy Enforcement. In Nordic Conference on Secure IT Systems (NordSec). 67\u201383","author":"Ter\u00a0Louw Mike","year":"2013","unstructured":"Mike Ter\u00a0Louw , Phu\u00a0 H Phung , Rohini Krishnamurti , and Venkat\u00a0 N Venkatakrishnan . 2013 . SafeScript: JavaScript Transformation for Policy Enforcement. In Nordic Conference on Secure IT Systems (NordSec). 67\u201383 . Mike Ter\u00a0Louw, Phu\u00a0H Phung, Rohini Krishnamurti, and Venkat\u00a0N Venkatakrishnan. 2013. SafeScript: JavaScript Transformation for Policy Enforcement. In Nordic Conference on Secure IT Systems (NordSec). 67\u201383."},{"key":"e_1_3_2_1_68_1","volume-title":"USENIX Security Symposium (SEC). 1221\u20131238","author":"Vahldiek-Oberwagner Anjo","year":"2019","unstructured":"Anjo Vahldiek-Oberwagner , Eslam Elnikety , Nuno\u00a0 O Duarte , Michael Sammler , Peter Druschel , and Deepak Garg . 2019 . ERIM: Secure, Efficient In-process Isolation with Protection Keys (MPK) . In USENIX Security Symposium (SEC). 1221\u20131238 . Anjo Vahldiek-Oberwagner, Eslam Elnikety, Nuno\u00a0O Duarte, Michael Sammler, Peter Druschel, and Deepak Garg. 2019. ERIM: Secure, Efficient In-process Isolation with Protection Keys (MPK). In USENIX Security Symposium (SEC). 1221\u20131238."},{"key":"e_1_3_2_1_69_1","volume-title":"International Symposium on Research in Attacks, Intrusions and Defenses (RAID). 86\u2013106","author":"Veen Victor Van\u00a0der","year":"2012","unstructured":"Victor Van\u00a0der Veen , Nitish Dutt-Sharma , Lorenzo Cavallaro , and Herbert Bos . 2012 . Memory Errors: The Past, the Present, and the Future . In International Symposium on Research in Attacks, Intrusions and Defenses (RAID). 86\u2013106 . Victor Van\u00a0der Veen, Nitish Dutt-Sharma, Lorenzo Cavallaro, and Herbert Bos. 2012. Memory Errors: The Past, the Present, and the Future. In International Symposium on Research in Attacks, Intrusions and Defenses (RAID). 86\u2013106."},{"key":"e_1_3_2_1_70_1","doi-asserted-by":"crossref","unstructured":"Nikos Vasilakis Ben Karel Nick Roessler Nathan Dautenhahn Andr\u00e9 DeHon and Jonathan\u00a0M Smith. 2018. BreakApp: Automated Flexible Application Compartmentalization.. In NDSS.  Nikos Vasilakis Ben Karel Nick Roessler Nathan Dautenhahn Andr\u00e9 DeHon and Jonathan\u00a0M Smith. 2018. BreakApp: Automated Flexible Application Compartmentalization.. In NDSS.","DOI":"10.14722\/ndss.2018.23131"},{"key":"e_1_3_2_1_71_1","doi-asserted-by":"crossref","unstructured":"Nikos Vasilakis Grigoris Ntousakis Veit Heller and Martin\u00a0C. Rinard. 2021. Efficient Module-Level Dynamic Analysis for Dynamic Languages with Module Recontextualization. In ACM Joint Meeting on European Software Engineering Conference and Symposium on the Foundations of Software Engineering (ESEC\/FSE). 1202\u20131213.  Nikos Vasilakis Grigoris Ntousakis Veit Heller and Martin\u00a0C. Rinard. 2021. Efficient Module-Level Dynamic Analysis for Dynamic Languages with Module Recontextualization. In ACM Joint Meeting on European Software Engineering Conference and Symposium on the Foundations of Software Engineering (ESEC\/FSE). 1202\u20131213.","DOI":"10.1145\/3468264.3468574"},{"key":"e_1_3_2_1_72_1","volume-title":"ACM Conference on Computer and Communications Security (CCS). 1821\u20131838","author":"Vasilakis Nikos","year":"2021","unstructured":"Nikos Vasilakis , Cristian-Alexandru Staicu , Grigoris Ntousakis , Konstantinos Kallas , Ben Karel , Andr\u00e9 DeHon , and Michael Pradel . 2021 . Preventing Dynamic Library Compromise on Node.js via RWX-Based Privilege Reduction . In ACM Conference on Computer and Communications Security (CCS). 1821\u20131838 . Nikos Vasilakis, Cristian-Alexandru Staicu, Grigoris Ntousakis, Konstantinos Kallas, Ben Karel, Andr\u00e9 DeHon, and Michael Pradel. 2021. Preventing Dynamic Library Compromise on Node.js via RWX-Based Privilege Reduction. In ACM Conference on Computer and Communications Security (CCS). 1821\u20131838."},{"key":"e_1_3_2_1_73_1","unstructured":"Verdaccio. 2022. Lightweight private npm proxy registry built in Node.js. https:\/\/verdaccio.org\/docs\/what-is-verdaccio.  Verdaccio. 2022. Lightweight private npm proxy registry built in Node.js. https:\/\/verdaccio.org\/docs\/what-is-verdaccio."},{"key":"e_1_3_2_1_74_1","volume-title":"European Conference on Computer Systems (EuroSys). 266\u2013282","author":"Voulimeneas Alexios","year":"2022","unstructured":"Alexios Voulimeneas , Jonas Vinck , Ruben Mechelinck , and Stijn Volckaert . 2022 . You Shall Not (by)Pass! Practical, Secure, and Fast PKU-based Sandboxing . In European Conference on Computer Systems (EuroSys). 266\u2013282 . Alexios Voulimeneas, Jonas Vinck, Ruben Mechelinck, and Stijn Volckaert. 2022. You Shall Not (by)Pass! Practical, Secure, and Fast PKU-based Sandboxing. In European Conference on Computer Systems (EuroSys). 266\u2013282."},{"key":"e_1_3_2_1_75_1","volume-title":"Egalito: Layout-agnostic Binary Recompilation. In International Conference on Architectural Support for Programming Languages and Operating Systems (ASPLOS). 133\u2013147","author":"Williams-King David","year":"2020","unstructured":"David Williams-King , Hidenori Kobayashi , Kent Williams-King , Graham Patterson , Frank Spano , Yu\u00a0Jian Wu , Junfeng Yang , and Vasileios\u00a0 P. Kemerlis . 2020 . Egalito: Layout-agnostic Binary Recompilation. In International Conference on Architectural Support for Programming Languages and Operating Systems (ASPLOS). 133\u2013147 . David Williams-King, Hidenori Kobayashi, Kent Williams-King, Graham Patterson, Frank Spano, Yu\u00a0Jian Wu, Junfeng Yang, and Vasileios\u00a0P. Kemerlis. 2020. Egalito: Layout-agnostic Binary Recompilation. In International Conference on Architectural Support for Programming Languages and Operating Systems (ASPLOS). 133\u2013147."}],"event":{"name":"ASIA CCS '23: ACM ASIA Conference on Computer and Communications Security","location":"Melbourne VIC Australia","acronym":"ASIA CCS '23","sponsor":["SIGSAC ACM Special Interest Group on Security, Audit, and Control"]},"container-title":["Proceedings of the ACM Asia Conference on Computer and Communications Security"],"original-title":[],"link":[{"URL":"https:\/\/dl.acm.org\/doi\/10.1145\/3579856.3590330","content-type":"unspecified","content-version":"vor","intended-application":"text-mining"},{"URL":"https:\/\/dl.acm.org\/doi\/abs\/10.1145\/3579856.3590330","content-type":"text\/html","content-version":"vor","intended-application":"syndication"}],"deposited":{"date-parts":[[2025,6,17]],"date-time":"2025-06-17T18:08:16Z","timestamp":1750183696000},"score":1,"resource":{"primary":{"URL":"https:\/\/dl.acm.org\/doi\/10.1145\/3579856.3590330"}},"subtitle":[],"short-title":[],"issued":{"date-parts":[[2023,7,10]]},"references-count":75,"alternative-id":["10.1145\/3579856.3590330","10.1145\/3579856"],"URL":"https:\/\/doi.org\/10.1145\/3579856.3590330","relation":{},"subject":[],"published":{"date-parts":[[2023,7,10]]},"assertion":[{"value":"2023-07-10","order":2,"name":"published","label":"Published","group":{"name":"publication_history","label":"Publication History"}}]}}