{"status":"ok","message-type":"work","message-version":"1.0.0","message":{"indexed":{"date-parts":[[2026,3,5]],"date-time":"2026-03-05T15:45:42Z","timestamp":1772725542762,"version":"3.50.1"},"publisher-location":"New York, NY, USA","reference-count":52,"publisher":"ACM","license":[{"start":{"date-parts":[[2024,7,1]],"date-time":"2024-07-01T00:00:00Z","timestamp":1719792000000},"content-version":"vor","delay-in-days":0,"URL":"https:\/\/www.acm.org\/publications\/policies\/copyright_policy#Background"}],"content-domain":{"domain":["dl.acm.org"],"crossmark-restriction":true},"short-container-title":[],"published-print":{"date-parts":[[2024,7]]},"DOI":"10.1145\/3634737.3637662","type":"proceedings-article","created":{"date-parts":[[2024,6,28]],"date-time":"2024-06-28T11:51:38Z","timestamp":1719575498000},"page":"217-230","update-policy":"https:\/\/doi.org\/10.1145\/crossmark-policy","source":"Crossref","is-referenced-by-count":6,"title":["Switchpoline: A Software Mitigation for Spectre-BTB and Spectre-BHB on ARMv8"],"prefix":"10.1145","author":[{"ORCID":"https:\/\/orcid.org\/0009-0007-1201-0299","authenticated-orcid":false,"given":"Lorenz","family":"Hetterich","sequence":"first","affiliation":[{"name":"CISPA Helmholtz Center for Information Security, Saarbr\u00fccken, Saarland, Germany"}],"role":[{"role":"author","vocabulary":"crossref"}]},{"ORCID":"https:\/\/orcid.org\/0000-0003-1609-3726","authenticated-orcid":false,"given":"Markus","family":"Bauer","sequence":"additional","affiliation":[{"name":"CISPA Helmholtz Center for Information Security, Saarbr\u00fccken, Saarland, Germany"}],"role":[{"role":"author","vocabulary":"crossref"}]},{"ORCID":"https:\/\/orcid.org\/0000-0001-6744-3410","authenticated-orcid":false,"given":"Michael","family":"Schwarz","sequence":"additional","affiliation":[{"name":"CISPA Helmholtz Center for Information Security, Saarbr\u00fccken, Saarland, Germany"}],"role":[{"role":"author","vocabulary":"crossref"}]},{"ORCID":"https:\/\/orcid.org\/0000-0003-2470-8444","authenticated-orcid":false,"given":"Christian","family":"Rossow","sequence":"additional","affiliation":[{"name":"CISPA Helmholtz Center for Information Security, Saarbr\u00fccken, Saarland, Germany"}],"role":[{"role":"author","vocabulary":"crossref"}]}],"member":"320","published-online":{"date-parts":[[2024,7]]},"reference":[{"key":"e_1_3_2_1_1_1","doi-asserted-by":"crossref","unstructured":"Mart\u00edn Abadi Mihai Budiu Ulfar Erlingsson and Jay Ligatti. 2005. Control-Flow Integrity. In CCS.","DOI":"10.1145\/1102120.1102165"},{"key":"e_1_3_2_1_2_1","unstructured":"Advanced Micro Devices Inc. 2018. Software Techniques for Managing Speculation on AMD Processors. Revison 7.10.18."},{"key":"e_1_3_2_1_3_1","unstructured":"Bill Allombert. 2022. Debian Popularity Contest. https:\/\/popcon.debian.org\/stable\/by_vote"},{"key":"e_1_3_2_1_4_1","unstructured":"Nadav Amit Fred Jacobs and Michael Wei. 2019. Jumpswitches: restoring the performance of indirect branches in the era of spectre. In USENIX ATC."},{"key":"e_1_3_2_1_5_1","unstructured":"ARM. 2018. Cache Speculation Side-channels. https:\/\/armkeil.blob.core.windows.net\/developer\/Files\/pdf\/Cache_Speculation_Side-channels_03May18.pdf"},{"key":"e_1_3_2_1_6_1","unstructured":"ARM. 2020. Cache Speculation Side-channels. Version 2.5."},{"key":"e_1_3_2_1_7_1","unstructured":"Arm. 2020. Spectre-BHB: Speculative Target Reuse Attacks. https:\/\/developer.arm.com\/documentation\/102898\/latest\/ Version 1.7."},{"key":"e_1_3_2_1_8_1","unstructured":"ARM. 2020. Straight-line Speculation. Version 1.0."},{"key":"e_1_3_2_1_9_1","unstructured":"Arm. 2022. Speculative Processor Vulnerability. https:\/\/developer.arm.com\/Arm%20Security%20Center\/Speculative%20Processor%20Vulnerability"},{"key":"e_1_3_2_1_10_1","unstructured":"ARM. 2023. Arm Architecture Reference Manual for A-profile architecture."},{"key":"e_1_3_2_1_11_1","unstructured":"Enrico Barberis Pietro Frigo Marius Muench Herbert Bos and Cristiano Giuffrida. 2022. Branch history injection: On the effectiveness of hardware mitigations against cross-privilege Spectre-v2 attacks. In USENIX Security."},{"key":"e_1_3_2_1_12_1","doi-asserted-by":"crossref","unstructured":"Markus Bauer Ilya Grishchenko and Christian Rossow. 2022. TyPro: Forward CFI for C-Style Indirect Function Calls Using Type Propagation. In ACSAC.","DOI":"10.1145\/3564625.3564627"},{"key":"e_1_3_2_1_13_1","volume-title":"Eliminating C++ Virtual Calls to Mitigate Vtable Hijacking","author":"Bauer Markus","unstructured":"Markus Bauer and Christian Rossow. 2021. NoVT: Eliminating C++ Virtual Calls to Mitigate Vtable Hijacking. In IEEE EuroS&P."},{"key":"e_1_3_2_1_14_1","doi-asserted-by":"crossref","unstructured":"Atri Bhattacharyya Alexandra Sandulescu Matthias Neugschwandtner Alessandro Sorniotti Babak Falsafi Mathias Payer and Anil Kurmus. 2019. SMoTher-Spectre: exploiting speculative execution through port contention. In CCS.","DOI":"10.1145\/3319535.3363194"},{"key":"e_1_3_2_1_15_1","first-page":"564","article-title":"Efficient mitigation of side-channel based attacks against speculative execution processing architectures","volume":"16","author":"Branco Rodrigo","year":"2019","unstructured":"Rodrigo Branco, Kekai Hu, Ke Sun, and Henrique Kawakami. 2019. Efficient mitigation of side-channel based attacks against speculative execution processing architectures. US Patent App. 16\/023,564.","journal-title":"US Patent App."},{"key":"e_1_3_2_1_16_1","doi-asserted-by":"crossref","unstructured":"Nathan Burow Xinping Zhang and Mathias Payer. 2019. SoK: Shining light on shadow stacks. In S&P.","DOI":"10.1109\/SP.2019.00076"},{"key":"e_1_3_2_1_17_1","volume-title":"Michael Schwarz, Moritz Lipp, Benjamin von","author":"Canella Claudio","year":"2019","unstructured":"Claudio Canella, Jo Van Bulck, Michael Schwarz, Moritz Lipp, Benjamin von Berg, Philipp Ortner, Frank Piessens, Dmitry Evtyushkin, and Daniel Gruss. 2019. A Systematic Evaluation of Transient Execution Attacks and Defenses. In USENIX Security. Extended classification tree and PoCs at https:\/\/transient.fail\/.."},{"key":"e_1_3_2_1_18_1","unstructured":"Chandler Carruth. 2018. https:\/\/reviews.llvm.org\/D41723"},{"key":"e_1_3_2_1_19_1","unstructured":"Chandler Carruth. 2018. Speculative Load Hardening. https:\/\/docs.google.com\/document\/d\/1wwcfv3UV9ZnZVcGiGuoITT_61e_Ko3TmoCS3uXLcJR0\/edit#heading=h.phdehs44eom6"},{"key":"e_1_3_2_1_20_1","unstructured":"CodeSourcery Compaq EDG HP IBM Intel Red Hat and SGI. 2021. Itanium C++ ABI. https:\/\/itanium-cxx-abi.github.io\/cxx-abi\/abi.html"},{"key":"e_1_3_2_1_21_1","unstructured":"Google. 2019. A year with Spectre: a V8 perspective. https:\/\/v8.dev\/blog\/spectre"},{"key":"e_1_3_2_1_22_1","doi-asserted-by":"crossref","unstructured":"Lorenz Hetterich and Michael Schwarz. 2022. Branch Different - Spectre Attacks on Apple Silicon. In DIMVA.","DOI":"10.1007\/978-3-031-09484-2_7"},{"key":"e_1_3_2_1_23_1","unstructured":"Intel. 2018. Indirect Branch Restricted Speculation. https:\/\/www.intel.com\/content\/www\/us\/en\/developer\/articles\/technical\/software-security-guidance\/technical-documentation\/indirect-branch-restricted-speculation.html"},{"key":"e_1_3_2_1_24_1","volume-title":"Retpoline: A Branch Target Injection Mitigation. Revision 003.","year":"2018","unstructured":"Intel. 2018. Retpoline: A Branch Target Injection Mitigation. Revision 003."},{"key":"e_1_3_2_1_25_1","unstructured":"Intel. 2018. Speculative Execution Side Channel Mitigations. Revision 3.0."},{"key":"e_1_3_2_1_26_1","unstructured":"Intel. 2020. An Optimized Mitigation Approach for Load Value Injection. https:\/\/www.intel.com\/content\/www\/us\/en\/developer\/articles\/technical\/software-security-guidance\/best-practices\/optimized-mitigation-approach-load-value-injection.html"},{"key":"e_1_3_2_1_27_1","volume-title":"Intel 64 and IA-32 Architectures Software Developer's Manual","unstructured":"Intel. 2023. Intel 64 and IA-32 Architectures Software Developer's Manual, Volume 3 (3A, 3B & 3C): System Programming Guide."},{"key":"e_1_3_2_1_28_1","unstructured":"Intel Corporation. 2020. Single Thread Indirect Branch Predictors. https:\/\/software.intel.com\/security-software-guidance\/deep-dives\/deep-dive-single-thread-indirect-branch-predictors"},{"key":"e_1_3_2_1_29_1","unstructured":"ISO. 2011. ISO\/IEC 9899:2011 Information technology --- Programming languages --- C. International Organization for Standardization."},{"key":"e_1_3_2_1_30_1","volume-title":"Spectre Attacks: Exploiting Speculative Execution. In S&P.","author":"Kocher Paul","year":"2019","unstructured":"Paul Kocher, Jann Horn, Anders Fogh, Daniel Genkin, Daniel Gruss, Werner Haas, Mike Hamburg, Moritz Lipp, Stefan Mangard, Thomas Prescher, Michael Schwarz, and Yuval Yarom. 2019. Spectre Attacks: Exploiting Speculative Execution. In S&P."},{"key":"e_1_3_2_1_31_1","unstructured":"Moritz Lipp Daniel Gruss and Michael Schwarz. 2022. AMD Prefetch Attacks through Power and Time. In USENIX Security."},{"key":"e_1_3_2_1_32_1","doi-asserted-by":"crossref","unstructured":"Moritz Lipp Vedad Had\u017ei\u0107 Michael Schwarz Arthur Perais Cl\u00e9mentine Maurice and Daniel Gruss. 2020. Take a Way: Exploring the Security Implications of AMD's Cache Way Predictors. In AsiaCCS.","DOI":"10.1145\/3320269.3384746"},{"key":"e_1_3_2_1_33_1","volume-title":"USENIX Security Symposium.","author":"Lipp Moritz","year":"2018","unstructured":"Moritz Lipp, Michael Schwarz, Daniel Gruss, Thomas Prescher, Werner Haas, Anders Fogh, Jann Horn, Stefan Mangard, Paul Kocher, Daniel Genkin, Yuval Yarom, and Mike Hamburg. 2018. Meltdown: Reading Kernel Memory from User Space. In USENIX Security Symposium."},{"key":"e_1_3_2_1_34_1","unstructured":"LLVM Project. 2022. \"compiler-rt\" runtime libraries. https:\/\/compiler-rt.llvm.org\/"},{"key":"e_1_3_2_1_35_1","unstructured":"LLVM Project. 2022. \"libc++\" C++ Standard Library. https:\/\/libcxx.llvm.org\/"},{"key":"e_1_3_2_1_36_1","doi-asserted-by":"crossref","unstructured":"G. Maisuradze and C. Rossow. 2018. ret2spec: Speculative Execution Using Return Stack Buffers. In CCS.","DOI":"10.1145\/3243734.3243761"},{"key":"e_1_3_2_1_37_1","volume-title":"You cannot always win the race: Analyzing the lfence\/jmp mitigation for branch target injection. arXiv:2203.04277","author":"Milburn Alyssa","year":"2022","unstructured":"Alyssa Milburn, Ke Sun, and Henrique Kawakami. 2022. You cannot always win the race: Analyzing the lfence\/jmp mitigation for branch target injection. arXiv:2203.04277 (2022)."},{"key":"e_1_3_2_1_38_1","unstructured":"musl authors. 2022. musl libc. https:\/\/musl.libc.org\/"},{"key":"e_1_3_2_1_39_1","volume-title":"Site Isolation: Process Separation for Web Sites within the Browser. In USENIX Security Symposium.","author":"Reis Charles","year":"2019","unstructured":"Charles Reis, Alexander Moshchuk, and Nasko Oskov. 2019. Site Isolation: Process Separation for Web Sites within the Browser. In USENIX Security Symposium."},{"key":"e_1_3_2_1_40_1","doi-asserted-by":"crossref","unstructured":"Michael Schwarz Moritz Lipp Claudio Canella Robert Schilling Florian Kargl and Daniel Gruss. 2020. ConTExT: A Generic Approach for Mitigating Spectre. In NDSS.","DOI":"10.14722\/ndss.2020.24271"},{"key":"e_1_3_2_1_41_1","doi-asserted-by":"crossref","unstructured":"Michael Schwarz Martin Schwarzl Moritz Lipp and Daniel Gruss. 2019. Net-Spectre: Read Arbitrary Memory over Network. In ESORICS.","DOI":"10.1007\/978-3-030-29959-0_14"},{"key":"e_1_3_2_1_42_1","doi-asserted-by":"crossref","unstructured":"Martin Schwarzl Pietro Borrello Andreas Kogler Kenton Varda Thomas Schuster Daniel Gruss and Michael Schwarz. 2022. Robust and Scalable Process Isolation against Spectre in the Cloud. In ESORICS.","DOI":"10.1007\/978-3-031-17146-8_9"},{"key":"e_1_3_2_1_43_1","volume-title":"Specfuscator: Evaluating Branch Removal as a Spectre Mitigation. In FC.","author":"Schwarzl Martin","year":"2021","unstructured":"Martin Schwarzl, Claudio Canella, Daniel Gruss, and Michael Schwarz. 2021. Specfuscator: Evaluating Branch Removal as a Spectre Mitigation. In FC."},{"key":"e_1_3_2_1_44_1","doi-asserted-by":"crossref","unstructured":"Martin Schwarzl Thomas Schuster Michael Schwarz and Daniel Gruss. 2021. Speculative Dereferencing of Registers: Reviving Foreshadow. In FC.","DOI":"10.1007\/978-3-662-64322-8_15"},{"key":"e_1_3_2_1_45_1","unstructured":"Stephen R\u00f6ttger and Artur Janc. 2021. A Spectre proof-of-concept for a Spectre-proof web. https:\/\/security.googleblog.com\/2021\/03\/a-spectre-proof-of-concept-for-spectre.html"},{"key":"e_1_3_2_1_46_1","doi-asserted-by":"crossref","unstructured":"Laszlo Szekeres Mathias Payer Tao Wei and Dawn Song. 2013. SoK: Eternal War in Memory. In S&P.","DOI":"10.1109\/SP.2013.13"},{"key":"e_1_3_2_1_47_1","unstructured":"Caroline Tice Tom Roeder Peter Collingbourne Stephen Checkoway \u00dalfar Erlingsson Luis Lozano and Geoff Pike. 2014. Enforcing Forward-Edge Control-Flow Integrity in GCC & LLVM. In USENIX Security."},{"key":"e_1_3_2_1_48_1","doi-asserted-by":"crossref","unstructured":"Caroline Trippel Daniel Lustig and Margaret Martonosi. 2018. CheckMate: Automated Synthesis of Hardware Exploits and Security Litmus Tests. In MICRO.","DOI":"10.1109\/MICRO.2018.00081"},{"key":"e_1_3_2_1_49_1","unstructured":"Paul Turner. 2018. Retpoline: a software construct for preventing branch-target-injection. https:\/\/support.google.com\/faqs\/answer\/7625886"},{"key":"e_1_3_2_1_50_1","volume-title":"Osiris: Automated Discovery of Microarchitectural Side Channels. In USENIX Security.","author":"Weber Daniel","year":"2021","unstructured":"Daniel Weber, Ahmad Ibrahim, Hamed Nemati, Michael Schwarz, and Christian Rossow. 2021. Osiris: Automated Discovery of Microarchitectural Side Channels. In USENIX Security."},{"key":"e_1_3_2_1_51_1","volume-title":"RETBLEED: Arbitrary Speculative Code Execution with Return Instructions. In USENIX Security Symposium.","author":"Wikner Johannes","year":"2022","unstructured":"Johannes Wikner and Kaveh Razavi. 2022. RETBLEED: Arbitrary Speculative Code Execution with Return Instructions. In USENIX Security Symposium."},{"key":"e_1_3_2_1_52_1","doi-asserted-by":"crossref","unstructured":"Tao Zhang Kenneth Koltermann and Dmitry Evtyushkin. 2020. Exploring Branch Predictors for Constructing Transient Execution Trojans. In ASPLOS.","DOI":"10.1145\/3373376.3378526"}],"event":{"name":"ASIA CCS '24: 19th ACM Asia Conference on Computer and Communications Security","location":"Singapore Singapore","acronym":"ASIA CCS '24","sponsor":["SIGSAC ACM Special Interest Group on Security, Audit, and Control"]},"container-title":["Proceedings of the 19th ACM Asia Conference on Computer and Communications Security"],"original-title":[],"link":[{"URL":"https:\/\/dl.acm.org\/doi\/10.1145\/3634737.3637662","content-type":"unspecified","content-version":"vor","intended-application":"text-mining"}],"deposited":{"date-parts":[[2025,6,18]],"date-time":"2025-06-18T23:44:06Z","timestamp":1750290246000},"score":1,"resource":{"primary":{"URL":"https:\/\/dl.acm.org\/doi\/10.1145\/3634737.3637662"}},"subtitle":[],"short-title":[],"issued":{"date-parts":[[2024,7]]},"references-count":52,"alternative-id":["10.1145\/3634737.3637662","10.1145\/3634737"],"URL":"https:\/\/doi.org\/10.1145\/3634737.3637662","relation":{},"subject":[],"published":{"date-parts":[[2024,7]]},"assertion":[{"value":"2024-07-01","order":2,"name":"published","label":"Published","group":{"name":"publication_history","label":"Publication History"}}]}}