{"status":"ok","message-type":"work","message-version":"1.0.0","message":{"indexed":{"date-parts":[[2026,2,26]],"date-time":"2026-02-26T15:25:43Z","timestamp":1772119543146,"version":"3.50.1"},"publisher-location":"New York, NY, USA","reference-count":35,"publisher":"ACM","license":[{"start":{"date-parts":[[2023,7,10]],"date-time":"2023-07-10T00:00:00Z","timestamp":1688947200000},"content-version":"vor","delay-in-days":0,"URL":"https:\/\/www.acm.org\/publications\/policies\/copyright_policy#Background"}],"content-domain":{"domain":["dl.acm.org"],"crossmark-restriction":true},"short-container-title":[],"published-print":{"date-parts":[[2023,7,10]]},"DOI":"10.1145\/3579856.3590341","type":"proceedings-article","created":{"date-parts":[[2023,7,5]],"date-time":"2023-07-05T14:52:13Z","timestamp":1688568733000},"page":"469-480","update-policy":"https:\/\/doi.org\/10.1145\/crossmark-policy","source":"Crossref","is-referenced-by-count":7,"title":["Sfitag: Efficient Software Fault Isolation with Memory Tagging for ARM Kernel Extensions"],"prefix":"10.1145","author":[{"ORCID":"https:\/\/orcid.org\/0000-0003-1848-750X","authenticated-orcid":false,"given":"Jiwon","family":"Seo","sequence":"first","affiliation":[{"name":"Seoul National University, Republic of Korea"}]},{"ORCID":"https:\/\/orcid.org\/0000-0003-1539-229X","authenticated-orcid":false,"given":"Junseung","family":"You","sequence":"additional","affiliation":[{"name":"Seoul National University, Republic of Korea"}]},{"ORCID":"https:\/\/orcid.org\/0000-0003-1297-8586","authenticated-orcid":false,"given":"Yungi","family":"Cho","sequence":"additional","affiliation":[{"name":"Seoul National University, Republic of Korea"}]},{"ORCID":"https:\/\/orcid.org\/0000-0001-7842-1719","authenticated-orcid":false,"given":"Yeongpil","family":"Cho","sequence":"additional","affiliation":[{"name":"Hanyang University, Republic of Korea"}]},{"ORCID":"https:\/\/orcid.org\/0000-0002-7507-3111","authenticated-orcid":false,"given":"Donghyun","family":"Kwon","sequence":"additional","affiliation":[{"name":"Pusan National University, Republic of Korea"}]},{"ORCID":"https:\/\/orcid.org\/0000-0002-6412-2926","authenticated-orcid":false,"given":"Yunheung","family":"Paek","sequence":"additional","affiliation":[{"name":"Seoul National University, Republic of Korea"}]}],"member":"320","published-online":{"date-parts":[[2023,7,10]]},"reference":[{"key":"e_1_3_2_1_1_1","unstructured":"2001 (accessed May 20 2021). ARM domain access control. https:\/\/developer.arm.com\/documentation\/ddi0198\/e\/memory-management-unit\/domain-access-control  2001 (accessed May 20 2021). ARM domain access control. https:\/\/developer.arm.com\/documentation\/ddi0198\/e\/memory-management-unit\/domain-access-control"},{"key":"e_1_3_2_1_2_1","unstructured":"2019 (accessed January 12 2021). Fast Models. https:\/\/developer.arm.com\/tools-and-software\/simulation-models\/fast-models  2019 (accessed January 12 2021). Fast Models. https:\/\/developer.arm.com\/tools-and-software\/simulation-models\/fast-models"},{"key":"e_1_3_2_1_3_1","volume-title":"Security Vulnerabilities Published In","author":"January","year":"2019","unstructured":"2019 (accessed January 12, 2021). Linux Kernel : Security Vulnerabilities Published In 2019 . https:\/\/www.cvedetails.com\/vulnerability-list\/vendor_id-33\/product_id-47\/year-2019\/Linux-Linux-Kernel.html 2019 (accessed January 12, 2021). Linux Kernel : Security Vulnerabilities Published In 2019. https:\/\/www.cvedetails.com\/vulnerability-list\/vendor_id-33\/product_id-47\/year-2019\/Linux-Linux-Kernel.html"},{"key":"e_1_3_2_1_4_1","unstructured":"2019 (accessed January 12 2021). Memory Tagging Extension: Enhancing memory safety through architecture. https:\/\/developer.arm.com\/-\/media\/Arm%20Developer%20Community\/PDF\/Arm_Memory_Tagging_Extension_Whitepaper.pdf  2019 (accessed January 12 2021). Memory Tagging Extension: Enhancing memory safety through architecture. https:\/\/developer.arm.com\/-\/media\/Arm%20Developer%20Community\/PDF\/Arm_Memory_Tagging_Extension_Whitepaper.pdf"},{"key":"e_1_3_2_1_5_1","unstructured":"2019 (accessed January 12 2021). ODROID C4. https:\/\/www.odroid.co.uk\/index.php?route=product\/product&product_id=1027  2019 (accessed January 12 2021). ODROID C4. https:\/\/www.odroid.co.uk\/index.php?route=product\/product&product_id=1027"},{"key":"e_1_3_2_1_6_1","doi-asserted-by":"publisher","DOI":"10.1145\/1075382.1075383"},{"key":"e_1_3_2_1_7_1","volume-title":"USENIX annual technical conference.","author":"Boyd-Wickizer Silas","unstructured":"Silas Boyd-Wickizer and Nickolai Zeldovich . 2010. Tolerating Malicious Device Drivers in Linux .. In USENIX annual technical conference. Boston . Silas Boyd-Wickizer and Nickolai Zeldovich. 2010. Tolerating Malicious Device Drivers in Linux.. In USENIX annual technical conference. Boston."},{"key":"e_1_3_2_1_8_1","volume-title":"2009 Annual Computer Security Applications Conference. IEEE, 301\u2013310","author":"Butt Shakeel","year":"2009","unstructured":"Shakeel Butt , Vinod Ganapathy , Michael\u00a0 M Swift , and Chih-Cheng Chang . 2009 . Protecting commodity operating system kernels from vulnerable device drivers . In 2009 Annual Computer Security Applications Conference. IEEE, 301\u2013310 . Shakeel Butt, Vinod Ganapathy, Michael\u00a0M Swift, and Chih-Cheng Chang. 2009. Protecting commodity operating system kernels from vulnerable device drivers. In 2009 Annual Computer Security Applications Conference. IEEE, 301\u2013310."},{"key":"e_1_3_2_1_9_1","doi-asserted-by":"publisher","DOI":"10.1145\/1629575.1629581"},{"key":"e_1_3_2_1_10_1","doi-asserted-by":"publisher","DOI":"10.1145\/2103799.2103805"},{"key":"e_1_3_2_1_11_1","volume-title":"Proceedings of the 7th symposium on Operating systems design and implementation. 75\u201388","author":"Erlingsson \u00dalfar","year":"2006","unstructured":"\u00dalfar Erlingsson , Mart\u00edn Abadi , Michael Vrable , Mihai Budiu , and George\u00a0 C Necula . 2006 . XFI: Software guards for system address spaces . In Proceedings of the 7th symposium on Operating systems design and implementation. 75\u201388 . \u00dalfar Erlingsson, Mart\u00edn Abadi, Michael Vrable, Mihai Budiu, and George\u00a0C Necula. 2006. XFI: Software guards for system address spaces. In Proceedings of the 7th symposium on Operating systems design and implementation. 75\u201388."},{"key":"e_1_3_2_1_12_1","volume-title":"1st Workshop on Operating System and Architectural Support for the on demand IT InfraStructure (OASIS)","author":"Fraser Keir","year":"2004","unstructured":"Keir Fraser , Steven Hand , Rolf Neugebauer , Ian Pratt , Andrew Warfield , Mark Williamson , 2004 . Safe hardware access with the Xen virtual machine monitor . In 1st Workshop on Operating System and Architectural Support for the on demand IT InfraStructure (OASIS) . Boston, USA;, 1\u20131. Keir Fraser, Steven Hand, Rolf Neugebauer, Ian Pratt, Andrew Warfield, Mark Williamson, 2004. Safe hardware access with the Xen virtual machine monitor. In 1st Workshop on Operating System and Architectural Support for the on demand IT InfraStructure (OASIS). Boston, USA;, 1\u20131."},{"key":"e_1_3_2_1_13_1","volume-title":"16th USENIX Symposium on Operating Systems Design and Implementation (OSDI 22)","author":"Huang Yongzhe","year":"2022","unstructured":"Yongzhe Huang , Vikram Narayanan , David Detweiler , Kaiming Huang , Gang Tan , Trent Jaeger , and Anton Burtsev . 2022 . { KSplit} : Automating Device Driver Isolation . In 16th USENIX Symposium on Operating Systems Design and Implementation (OSDI 22) . 613\u2013631. Yongzhe Huang, Vikram Narayanan, David Detweiler, Kaiming Huang, Gang Tan, Trent Jaeger, and Anton Burtsev. 2022. { KSplit} : Automating Device Driver Isolation. In 16th USENIX Symposium on Operating Systems Design and Implementation (OSDI 22). 613\u2013631."},{"key":"e_1_3_2_1_14_1","doi-asserted-by":"publisher","DOI":"10.1145\/1243418.1243424"},{"key":"e_1_3_2_1_15_1","doi-asserted-by":"publisher","DOI":"10.1145\/3243734.3243739"},{"key":"e_1_3_2_1_16_1","doi-asserted-by":"publisher","DOI":"10.1145\/3064176.3064217"},{"key":"e_1_3_2_1_17_1","volume-title":"Divide et Impera: MemoryRanger Runs Drivers in Isolated Kernel Spaces. arXiv preprint arXiv:1812.09920","author":"Korkin Igor","year":"2018","unstructured":"Igor Korkin . 2018. Divide et Impera: MemoryRanger Runs Drivers in Isolated Kernel Spaces. arXiv preprint arXiv:1812.09920 ( 2018 ). Igor Korkin. 2018. Divide et Impera: MemoryRanger Runs Drivers in Isolated Kernel Spaces. arXiv preprint arXiv:1812.09920 (2018)."},{"key":"e_1_3_2_1_18_1","doi-asserted-by":"publisher","DOI":"10.1109\/CGO.2004.1281665"},{"key":"e_1_3_2_1_19_1","volume-title":"Domain Isolated Kernel: A lightweight sandbox for untrusted kernel extensions. computers & security 74","author":"Man\u00e8s JM","year":"2018","unstructured":"Valentin\u00a0 JM Man\u00e8s , Daehee Jang , Chanho Ryu , and Brent\u00a0Byunghoon Kang . 2018. Domain Isolated Kernel: A lightweight sandbox for untrusted kernel extensions. computers & security 74 ( 2018 ), 130\u2013143. Valentin\u00a0JM Man\u00e8s, Daehee Jang, Chanho Ryu, and Brent\u00a0Byunghoon Kang. 2018. Domain Isolated Kernel: A lightweight sandbox for untrusted kernel extensions. computers & security 74 (2018), 130\u2013143."},{"key":"e_1_3_2_1_20_1","doi-asserted-by":"publisher","DOI":"10.1145\/2043556.2043568"},{"key":"e_1_3_2_1_21_1","unstructured":"Vikram Narayanan Abhiram Balasubramanian Charlie Jacobsen Sarah Spall Scott Bauer Michael Quigley Aftab Hussain Abdullah Younis Junjie Shen Moinak Bhattacharyya 2019. LXDs: Towards isolation of kernel subsystems. In 2019 { USENIX} Annual Technical Conference ({ USENIX}{ ATC} 19). 269\u2013284.  Vikram Narayanan Abhiram Balasubramanian Charlie Jacobsen Sarah Spall Scott Bauer Michael Quigley Aftab Hussain Abdullah Younis Junjie Shen Moinak Bhattacharyya 2019. LXDs: Towards isolation of kernel subsystems. In 2019 { USENIX} Annual Technical Conference ({ USENIX}{ ATC} 19). 269\u2013284."},{"key":"e_1_3_2_1_22_1","volume-title":"14th { USENIX} Symposium on Operating Systems Design and Implementation ({ OSDI} 20). 21\u201339.","author":"Narayanan Vikram","unstructured":"Vikram Narayanan , Tianjiao Huang , David Detweiler , Dan Appel , Zhaofeng Li , Gerd Zellweger , and Anton Burtsev . 2020. RedLeaf: Isolation and Communication in a Safe Operating System . In 14th { USENIX} Symposium on Operating Systems Design and Implementation ({ OSDI} 20). 21\u201339. Vikram Narayanan, Tianjiao Huang, David Detweiler, Dan Appel, Zhaofeng Li, Gerd Zellweger, and Anton Burtsev. 2020. RedLeaf: Isolation and Communication in a Safe Operating System. In 14th { USENIX} Symposium on Operating Systems Design and Implementation ({ OSDI} 20). 21\u201339."},{"key":"e_1_3_2_1_23_1","doi-asserted-by":"publisher","DOI":"10.1145\/3381052.3381328"},{"key":"e_1_3_2_1_24_1","doi-asserted-by":"publisher","DOI":"10.1145\/2644865.2541970"},{"key":"e_1_3_2_1_25_1","volume-title":"Proceedings of the 4th ACM European conference on Computer systems. 275\u2013288","author":"Ryzhyk Leonid","year":"2009","unstructured":"Leonid Ryzhyk , Peter Chubb , Ihor Kuz , and Gernot Heiser . 2009 . Dingo: Taming device drivers . In Proceedings of the 4th ACM European conference on Computer systems. 275\u2013288 . Leonid Ryzhyk, Peter Chubb, Ihor Kuz, and Gernot Heiser. 2009. Dingo: Taming device drivers. In Proceedings of the 4th ACM European conference on Computer systems. 275\u2013288."},{"key":"e_1_3_2_1_26_1","doi-asserted-by":"publisher","DOI":"10.1145\/1629575.1629583"},{"key":"e_1_3_2_1_27_1","doi-asserted-by":"publisher","DOI":"10.1109\/SP.2016.9"},{"key":"e_1_3_2_1_28_1","volume-title":"2013 43rd Annual IEEE\/IFIP International Conference on Dependable Systems and Networks (DSN). IEEE, 1\u201312","author":"Sun Yifeng","year":"2013","unstructured":"Yifeng Sun and Tzi-cker Chiueh. 2013 . SIDE: Isolated and efficient execution of unmodified device drivers . In 2013 43rd Annual IEEE\/IFIP International Conference on Dependable Systems and Networks (DSN). IEEE, 1\u201312 . Yifeng Sun and Tzi-cker Chiueh. 2013. SIDE: Isolated and efficient execution of unmodified device drivers. In 2013 43rd Annual IEEE\/IFIP International Conference on Dependable Systems and Networks (DSN). IEEE, 1\u201312."},{"key":"e_1_3_2_1_29_1","doi-asserted-by":"publisher","DOI":"10.1145\/945445.945466"},{"key":"e_1_3_2_1_30_1","doi-asserted-by":"publisher","DOI":"10.1145\/168619.168635"},{"key":"e_1_3_2_1_31_1","volume-title":"2015 IEEE Symposium on Security and Privacy. IEEE, 20\u201337","author":"Watson NM","year":"2015","unstructured":"Robert\u00a0 NM Watson , Jonathan Woodruff , Peter\u00a0 G Neumann , Simon\u00a0 W Moore , Jonathan Anderson , David Chisnall , Nirav Dave , Brooks Davis , Khilan Gudka , Ben Laurie , 2015 . Cheri: A hybrid capability-system architecture for scalable software compartmentalization . In 2015 IEEE Symposium on Security and Privacy. IEEE, 20\u201337 . Robert\u00a0NM Watson, Jonathan Woodruff, Peter\u00a0G Neumann, Simon\u00a0W Moore, Jonathan Anderson, David Chisnall, Nirav Dave, Brooks Davis, Khilan Gudka, Ben Laurie, 2015. Cheri: A hybrid capability-system architecture for scalable software compartmentalization. In 2015 IEEE Symposium on Security and Privacy. IEEE, 20\u201337."},{"key":"e_1_3_2_1_32_1","volume-title":"27th { USENIX} Security Symposium ({ USENIX} Security 18). 781\u2013797.","author":"Wu Wei","unstructured":"Wei Wu , Yueqi Chen , Jun Xu , Xinyu Xing , Xiaorui Gong , and Wei Zou . 2018. { FUZE} : Towards facilitating exploit generation for kernel use-after-free vulnerabilities . In 27th { USENIX} Security Symposium ({ USENIX} Security 18). 781\u2013797. Wei Wu, Yueqi Chen, Jun Xu, Xinyu Xing, Xiaorui Gong, and Wei Zou. 2018. { FUZE} : Towards facilitating exploit generation for kernel use-after-free vulnerabilities. In 27th { USENIX} Security Symposium ({ USENIX} Security 18). 781\u2013797."},{"key":"e_1_3_2_1_33_1","doi-asserted-by":"publisher","DOI":"10.1109\/SP.2009.25"},{"key":"e_1_3_2_1_34_1","unstructured":"Nickolai Zeldovich Hari Kannan Michael Dalton and Christos Kozyrakis. 2008. Hardware Enforcement of Application Security Policies Using Tagged Memory.. In OSDI Vol.\u00a08. 225\u2013240.  Nickolai Zeldovich Hari Kannan Michael Dalton and Christos Kozyrakis. 2008. Hardware Enforcement of Application Security Policies Using Tagged Memory.. In OSDI Vol.\u00a08. 225\u2013240."},{"key":"e_1_3_2_1_35_1","volume-title":"Proceedings of the 2014 ACM SIGSAC conference on computer and communications security. 558\u2013569","author":"Zhou Yajin","year":"2014","unstructured":"Yajin Zhou , Xiaoguang Wang , Yue Chen , and Zhi Wang . 2014 . Armlock: Hardware-based fault isolation for arm . In Proceedings of the 2014 ACM SIGSAC conference on computer and communications security. 558\u2013569 . Yajin Zhou, Xiaoguang Wang, Yue Chen, and Zhi Wang. 2014. Armlock: Hardware-based fault isolation for arm. In Proceedings of the 2014 ACM SIGSAC conference on computer and communications security. 558\u2013569."}],"event":{"name":"ASIA CCS '23: ACM ASIA Conference on Computer and Communications Security","location":"Melbourne VIC Australia","acronym":"ASIA CCS '23","sponsor":["SIGSAC ACM Special Interest Group on Security, Audit, and Control"]},"container-title":["Proceedings of the ACM Asia Conference on Computer and Communications Security"],"original-title":[],"link":[{"URL":"https:\/\/dl.acm.org\/doi\/10.1145\/3579856.3590341","content-type":"unspecified","content-version":"vor","intended-application":"text-mining"}],"deposited":{"date-parts":[[2025,6,17]],"date-time":"2025-06-17T18:08:16Z","timestamp":1750183696000},"score":1,"resource":{"primary":{"URL":"https:\/\/dl.acm.org\/doi\/10.1145\/3579856.3590341"}},"subtitle":[],"short-title":[],"issued":{"date-parts":[[2023,7,10]]},"references-count":35,"alternative-id":["10.1145\/3579856.3590341","10.1145\/3579856"],"URL":"https:\/\/doi.org\/10.1145\/3579856.3590341","relation":{},"subject":[],"published":{"date-parts":[[2023,7,10]]},"assertion":[{"value":"2023-07-10","order":2,"name":"published","label":"Published","group":{"name":"publication_history","label":"Publication History"}}]}}