{"status":"ok","message-type":"work","message-version":"1.0.0","message":{"indexed":{"date-parts":[[2026,3,10]],"date-time":"2026-03-10T14:57:55Z","timestamp":1773154675055,"version":"3.50.1"},"publisher-location":"New York, NY, USA","reference-count":119,"publisher":"ACM","license":[{"start":{"date-parts":[[2024,12,2]],"date-time":"2024-12-02T00:00:00Z","timestamp":1733097600000},"content-version":"vor","delay-in-days":0,"URL":"https:\/\/creativecommons.org\/licenses\/by\/4.0\/"}],"funder":[{"name":"National Science Foundation (NSF)","award":["CNS-2238467"],"award-info":[{"award-number":["CNS-2238467"]}]}],"content-domain":{"domain":["dl.acm.org"],"crossmark-restriction":true},"short-container-title":[],"published-print":{"date-parts":[[2024,12,2]]},"DOI":"10.1145\/3658644.3690201","type":"proceedings-article","created":{"date-parts":[[2024,12,9]],"date-time":"2024-12-09T12:19:20Z","timestamp":1733746760000},"page":"3913-3927","update-policy":"https:\/\/doi.org\/10.1145\/crossmark-policy","source":"Crossref","is-referenced-by-count":2,"title":["Eclipse: Preventing Speculative Memory-error Abuse with Artificial Data Dependencies"],"prefix":"10.1145","author":[{"ORCID":"https:\/\/orcid.org\/0000-0001-7335-9485","authenticated-orcid":false,"given":"Neophytos","family":"Christou","sequence":"first","affiliation":[{"name":"Brown University, Providence, RI, USA"}]},{"ORCID":"https:\/\/orcid.org\/0009-0004-6234-6514","authenticated-orcid":false,"given":"Alexander J.","family":"Gaidis","sequence":"additional","affiliation":[{"name":"Brown University, Providence, RI, USA"}]},{"ORCID":"https:\/\/orcid.org\/0000-0001-5490-9648","authenticated-orcid":false,"given":"Vaggelis","family":"Atlidakis","sequence":"additional","affiliation":[{"name":"Brown University, Providence, RI, USA"}]},{"ORCID":"https:\/\/orcid.org\/0000-0002-6528-437X","authenticated-orcid":false,"given":"Vasileios P.","family":"Kemerlis","sequence":"additional","affiliation":[{"name":"Brown University, Providence, RI, USA"}]}],"member":"320","published-online":{"date-parts":[[2024,12,9]]},"reference":[{"key":"e_1_3_2_1_1_1","unstructured":"2021. sysbench. https:\/\/github.com\/akopytov\/sysbench."},{"key":"e_1_3_2_1_2_1","unstructured":"2021. wrk -- a HTTP benchmarking tool. https:\/\/github.com\/wg\/wrk."},{"key":"e_1_3_2_1_3_1","unstructured":"2023. MariaDB. https:\/\/mariadb.com."},{"key":"e_1_3_2_1_4_1","unstructured":"2023. musl libc. https:\/\/musl.libc.org\/."},{"key":"e_1_3_2_1_5_1","unstructured":"2023. nginx. https:\/\/nginx.org."},{"key":"e_1_3_2_1_6_1","unstructured":"2023. Redis. https:\/\/redis.io."},{"key":"e_1_3_2_1_7_1","unstructured":"2023. SQLite. https:\/\/www.sqlite.org."},{"key":"e_1_3_2_1_8_1","unstructured":"2023. The Void (Linux) distribution. https:\/\/voidlinux.org\/."},{"key":"e_1_3_2_1_9_1","unstructured":"2024. Alpine Linux. https:\/\/alpinelinux.org\/."},{"key":"e_1_3_2_1_10_1","doi-asserted-by":"publisher","DOI":"10.1145\/1609956.1609960"},{"key":"e_1_3_2_1_11_1","unstructured":"AMD. 2020. SOFTWARE TECHNIQUES FOR MANAGING SPECULATION ON AMD PROCESSORS. https:\/\/developer.amd.com\/wp-content\/resources\/Managing-Speculation-on-AMD-Processors.pdf."},{"key":"e_1_3_2_1_12_1","volume-title":"USENIX Security Symposium (SEC). 971--988","author":"Barberis Enrico","year":"2022","unstructured":"Enrico Barberis, Pietro Frigo, Marius Muench, Herbert Bos, and Cristiano Giuffrida. 2022. Branch History Injection: On the Effectiveness of Hardware Mitigations Against Cross-Privilege Spectre-v2 Attacks. In USENIX Security Symposium (SEC). 971--988."},{"key":"e_1_3_2_1_13_1","doi-asserted-by":"publisher","DOI":"10.1145\/3319535.3363194"},{"key":"e_1_3_2_1_14_1","doi-asserted-by":"publisher","DOI":"10.1145\/1966913.1966919"},{"key":"e_1_3_2_1_15_1","volume-title":"Leakage-Resilient Layout Randomization for Mobile Devices. In Network and Distributed System Security Symposium (NDSS). 21--24","author":"Braden Kjell","year":"2016","unstructured":"Kjell Braden, Lucas Davi, Christopher Liebchen, Ahmad-Reza Sadeghi, Stephen Crane, Michael Franz, and Per Larsen. 2016. Leakage-Resilient Layout Randomization for Mobile Devices. In Network and Distributed System Security Symposium (NDSS). 21--24."},{"key":"e_1_3_2_1_16_1","unstructured":"Bugtraq. 1997. Getting around non-executable stack (and fix). https:\/\/seclists.org\/bugtraq\/1997\/Aug\/63."},{"key":"e_1_3_2_1_17_1","volume-title":"SoK: Shining Light on Shadow Stacks. In IEEE Symposium on Security and Privacy (S&P). 985--999","author":"Burow Nathan","year":"2019","unstructured":"Nathan Burow, Xinping Zhang, and Mathias Payer. 2019. SoK: Shining Light on Shadow Stacks. In IEEE Symposium on Security and Privacy (S&P). 985--999."},{"key":"e_1_3_2_1_18_1","volume-title":"USENIX Security Symposium (SEC). 249--266","author":"Canella Claudio","year":"2019","unstructured":"Claudio Canella, Jo Van Bulck, Michael Schwarz, Moritz Lipp, Benjamin von Berg, Philipp Ortner, Frank Piessens, Dmitry Evtyushkin, and Daniel Gruss. 2019. A Systematic Evaluation of Transient Execution Attacks and Defenses. In USENIX Security Symposium (SEC). 249--266."},{"key":"e_1_3_2_1_19_1","volume-title":"Fallout: Leaking Data on Meltdown-resistant CPUs. In ACM SIGSAC Conference on Computer and Communications Security (CCS). 769--784","author":"Genkin Claudio","year":"2019","unstructured":"Canella, Claudio and Genkin, Daniel and Giner, Lukas and Gruss, Daniel and Lipp, Moritz and Minkin, Marina and Moghimi, Daniel and Piessens, Frank and Schwarz, Michael and Sunar, Berk and Van Bulck, Jo, and Yarom, Yuval. 2019. Fallout: Leaking Data on Meltdown-resistant CPUs. In ACM SIGSAC Conference on Computer and Communications Security (CCS). 769--784."},{"key":"e_1_3_2_1_20_1","volume-title":"Control-Flow Bending: On the Effectiveness of Control-Flow Integrity. In USENIX Security Symposium (SEC). 161--176","author":"Carlini Nicholas","year":"2015","unstructured":"Nicholas Carlini, Antonio Barresi, Mathias Payer, David Wagner, and Thomas R Gross. 2015. Control-Flow Bending: On the Effectiveness of Control-Flow Integrity. In USENIX Security Symposium (SEC). 161--176."},{"key":"e_1_3_2_1_21_1","unstructured":"Chandler Carruth. 2024. Speculative Load Hardening. https:\/\/llvm.org\/docs\/SpeculativeLoadHardening.html."},{"key":"e_1_3_2_1_22_1","volume-title":"SoK: Practical Foundations for Software Spectre Defenses. In IEEE Symposium on Security and Privacy (S&P). 666--680","author":"Cauligi Sunjay","year":"2022","unstructured":"Sunjay Cauligi, Craig Disselkoen, Daniel Moghimi, Gilles Barthe, and Deian Stefan. 2022. SoK: Practical Foundations for Software Spectre Defenses. In IEEE Symposium on Security and Privacy (S&P). 666--680."},{"key":"e_1_3_2_1_23_1","volume-title":"Non-Control-Data Attacks Are Realistic Threats. In USENIX Security Symposium (SEC). 178--191","author":"Chen Shuo","unstructured":"Shuo Chen, Jun Xu, and Emre C. Sezer. 2005. Non-Control-Data Attacks Are Realistic Threats. In USENIX Security Symposium (SEC). 178--191."},{"key":"e_1_3_2_1_24_1","volume-title":"Grand Schemozzle: Spectre continues to haunt. https:\/\/lwn.net\/Articles\/795637\/.","author":"Corbet Jonathan","year":"2019","unstructured":"Jonathan Corbet. 2019. Grand Schemozzle: Spectre continues to haunt. https:\/\/lwn.net\/Articles\/795637\/."},{"key":"e_1_3_2_1_25_1","unstructured":"Intel Corporation. 2019. Control-flow Enforcement Technology Specification."},{"key":"e_1_3_2_1_26_1","unstructured":"The MITRE Corporation. 2017. CVE-2017--7308."},{"key":"e_1_3_2_1_27_1","volume-title":"StackGuard: Automatic Adaptive Detection and Prevention of Buffer-Overflow Attacks. In USENIX Security Symposium (SEC).","author":"Cowan Crispin","year":"1998","unstructured":"Crispin Cowan, Calton Pu, Dave Maier, Heather Hintony, Jonathan Walpole, Peat Bakke, Steve Beattie, Aaron Grier, Perry Wagle, and Qian Zhang. 1998. StackGuard: Automatic Adaptive Detection and Prevention of Buffer-Overflow Attacks. In USENIX Security Symposium (SEC)."},{"key":"e_1_3_2_1_28_1","doi-asserted-by":"publisher","DOI":"10.1109\/SP.2015.52"},{"key":"e_1_3_2_1_29_1","unstructured":"Jake Edge. 2013. Kernel address space layout randomization. https:\/\/lwn.net\/Articles\/569635\/."},{"key":"e_1_3_2_1_30_1","doi-asserted-by":"publisher","DOI":"10.1109\/SP.2015.53"},{"key":"e_1_3_2_1_31_1","doi-asserted-by":"publisher","DOI":"10.1145\/2810103.2813646"},{"key":"e_1_3_2_1_32_1","doi-asserted-by":"publisher","DOI":"10.1145\/1900546.1900550"},{"key":"e_1_3_2_1_33_1","volume-title":"FineIBT: Fine-grain Control-flow Enforcement with Indirect Branch Tracking. In International Symposium on Research in Attacks, Intrusions and Defenses (RAID). 527--546","author":"Gaidis Alexander J.","unstructured":"Alexander J. Gaidis, Joao Moreira, Ke Sun, Alyssa Milburn, Vaggelis Atlidakis, and Vasileios P. Kemerlis. 2023. FineIBT: Fine-grain Control-flow Enforcement with Indirect Branch Tracking. In International Symposium on Research in Attacks, Intrusions and Defenses (RAID). 527--546."},{"key":"e_1_3_2_1_34_1","unstructured":"Go. 2024. The Go Programming Language. https:\/\/go.dev\/."},{"key":"e_1_3_2_1_35_1","volume-title":"Out Of Control: Overcoming Control-Flow Integrity. In IEEE Symposium on Security and Privacy (S&P). 575--589","author":"G\u00f6ktas Enes","year":"2014","unstructured":"Enes G\u00f6ktas, Elias Athanasopoulos, Herbert Bos, and Georgios Portokalidis. 2014. Out Of Control: Overcoming Control-Flow Integrity. In IEEE Symposium on Security and Privacy (S&P). 575--589."},{"key":"e_1_3_2_1_36_1","volume-title":"USENIX Security Symposium (SEC). 105--119","author":"G\u00f6ktas Enes","year":"2016","unstructured":"Enes G\u00f6ktas, Robert Gawlik, Benjamin Kollenda, Elias Athanasopoulos, Georgios Portokalidis, Cristiano Giuffrida, and Herbert Bos. 2016. Undermining information hiding (and what to do about it). In USENIX Security Symposium (SEC). 105--119."},{"key":"e_1_3_2_1_37_1","doi-asserted-by":"publisher","DOI":"10.1145\/3372297.3417289"},{"key":"e_1_3_2_1_38_1","unstructured":"Google Security Blog. 2021. Mitigating Memory Safety Issues in Open Source Software. https:\/\/security.googleblog.com\/2021\/02\/mitigating-memory-safety-issues-in-open.html."},{"key":"e_1_3_2_1_39_1","doi-asserted-by":"crossref","unstructured":"Daniel Gruss Moritz Lipp Michael Schwarz Richard Fellner Cl\u00e9mentine Maurice and Stefan Mangard. 2017. KASLR is Dead: Long Live KASLR. In Engineering Secure Software and Systems (ESSoS). 161--176.","DOI":"10.1007\/978-3-319-62105-0_11"},{"key":"e_1_3_2_1_40_1","volume-title":"Cache Template Attacks: Automating Attacks on Inclusive Last-Level Caches. In USENIX Security Symposium (SEC). 897--912","author":"Gruss Daniel","year":"2015","unstructured":"Daniel Gruss, Raphael Spreitzer, and Stefan Mangard. 2015. Cache Template Attacks: Automating Attacks on Inclusive Last-Level Caches. In USENIX Security Symposium (SEC). 897--912."},{"key":"e_1_3_2_1_41_1","volume-title":"Computer Architecture: A Quantitative Approach","author":"Hennessy J.L.","year":"2017","unstructured":"J.L. Hennessy and D.A. Patterson. 2017. Computer Architecture: A Quantitative Approach. Elsevier Science."},{"key":"e_1_3_2_1_42_1","volume-title":"SoK: Hardware Defenses Against Speculative Execution Attacks. In International Symposium on Secure and Private Execution Environment Design (SEED). 108--120","author":"Hu Guangyuan","unstructured":"Guangyuan Hu, Zecheng He, and Ruby B. Lee. 2021. SoK: Hardware Defenses Against Speculative Execution Attacks. In International Symposium on Secure and Private Execution Environment Design (SEED). 108--120."},{"key":"e_1_3_2_1_43_1","volume-title":"Data-Oriented Programming: On the Expressiveness of Non-control Data Attacks. In IEEE Symposium on Security and Privacy (S&P). 969--986","author":"Hu Hong","year":"2016","unstructured":"Hong Hu, Shweta Shinde, Sendroiu Adrian, Zheng Leong Chua, Prateek Saxena, and Zhenkai Liang. 2016. Data-Oriented Programming: On the Expressiveness of Non-control Data Attacks. In IEEE Symposium on Security and Privacy (S&P). 969--986."},{"key":"e_1_3_2_1_44_1","unstructured":"Intel. 2018. Indirect Branch Restricted Speculation. https:\/\/www.intel.com\/content\/www\/us\/en\/developer\/articles\/technical\/software-security-guidance\/technical-documentation\/indirect-branch-restricted-speculation.html."},{"key":"e_1_3_2_1_45_1","unstructured":"Intel. 2018. Managed Runtime Speculative Execution Side Channel Mitigations. https:\/\/www.intel.com\/content\/www\/us\/en\/developer\/articles\/technical\/software-security-guidance\/technical-documentation\/runtime-speculative-side-channel-mitigations.html."},{"key":"e_1_3_2_1_46_1","unstructured":"Intel. 2018. Retpoline: A Branch Target Injection Mitigation. https:\/\/www.intel.com\/content\/www\/us\/en\/developer\/articles\/technical\/software-security-guidance\/technical-documentation\/retpoline-branch-target-injection-mitigation.html."},{"key":"e_1_3_2_1_47_1","unstructured":"Intel. 2018. Single Thread Indirect Branch Predictors. https:\/\/www.intel.com\/content\/www\/us\/en\/developer\/articles\/technical\/software-security-guidance\/technical-documentation\/single-thread-indirect-branch-predictors.html."},{"key":"e_1_3_2_1_48_1","unstructured":"Intel. 2023. Intel Analysis of Speculative Execution Side Channels. https:\/\/www.intel.com\/content\/www\/us\/en\/developer\/articles\/technical\/software-security-guidance\/technical-documentation\/analysis-speculative-execution-side-channels.html."},{"key":"e_1_3_2_1_49_1","doi-asserted-by":"publisher","DOI":"10.1145\/3243734.3243739"},{"key":"e_1_3_2_1_50_1","unstructured":"Jann Horn. 2019. speculative execution variant 4: speculative store bypass. https:\/\/bugs.chromium.org\/p\/project-zero\/issues\/detail?id=1528."},{"key":"e_1_3_2_1_51_1","unstructured":"The Linux Kernel. 2024. Spectre Side Channels. https:\/\/docs.kernel.org\/admin-guide\/hw-vuln\/spectre.html."},{"key":"e_1_3_2_1_52_1","doi-asserted-by":"publisher","DOI":"10.1145\/3316781.3317903"},{"key":"e_1_3_2_1_53_1","volume-title":"DAWG: A Defense Against Cache Timing Attacks in Speculative Execution Processors. In IEEE\/ACM International Symposium on Microarchitecture (MICRO). 974--987","author":"Kiriansky Vladimir","year":"2018","unstructured":"Vladimir Kiriansky, Ilia Lebedev, Saman Amarasinghe, Srinivas Devadas, and Joel Emer. 2018. DAWG: A Defense Against Cache Timing Attacks in Speculative Execution Processors. In IEEE\/ACM International Symposium on Microarchitecture (MICRO). 974--987."},{"key":"e_1_3_2_1_54_1","volume-title":"Waldspurger","author":"Kiriansky Vladimir","year":"2018","unstructured":"Vladimir Kiriansky and Carl A. Waldspurger. 2018. Speculative Buffer Overflows: Attacks and Defenses. CoRR abs\/1807.03757 (2018)."},{"key":"e_1_3_2_1_55_1","volume-title":"Spectre Attacks: Exploiting Speculative Execution. In IEEE Symposium on Security and Privacy (S&P). 1--19","author":"Kocher Paul","year":"2019","unstructured":"Paul Kocher, Jann Horn, Anders Fogh, Daniel Genkin, Daniel Gruss, Werner Haas, Mike Hamburg, Moritz Lipp, Stefan Mangard, Thomas Prescher, et al. 2019. Spectre Attacks: Exploiting Speculative Execution. In IEEE Symposium on Security and Privacy (S&P). 1--19."},{"key":"e_1_3_2_1_56_1","volume-title":"USENIX Workshop on Offensive Technologies (WOOT).","author":"Koruyeh Esmaeil Mohammadian","year":"2018","unstructured":"Esmaeil Mohammadian Koruyeh, Khaled N. Khasawneh, Chengyu Song, and Nael Abu-Ghazaleh. 2018. Spectre Returns! Speculation Attacks using the Return Stack Buffer. In USENIX Workshop on Offensive Technologies (WOOT)."},{"key":"e_1_3_2_1_57_1","volume-title":"Code-Pointer Integrity. In USENIX Symposium on Operating Systems Design and Implementation (OSDI). 147--163","author":"Kuznetsov Volodymyr","year":"2014","unstructured":"Volodymyr Kuznetsov, Laszlo Szekeres, Mathias Payer, George Candea, R. Sekar, and Dawn Song. 2014. Code-Pointer Integrity. In USENIX Symposium on Operating Systems Design and Implementation (OSDI). 147--163."},{"key":"e_1_3_2_1_58_1","doi-asserted-by":"publisher","DOI":"10.1109\/MSP.2013.129"},{"key":"e_1_3_2_1_59_1","volume-title":"USENIX Security Symposium (SEC). 177--194","author":"Liljestrand Hans","unstructured":"Hans Liljestrand, Thomas Nyman, Kui Wang, Carlos Chinea Perez, Jan-Erik Ekberg, and N. Asokan. 2019. PAC it up: Towards Pointer Integrity using ARM Pointer Authentication. In USENIX Security Symposium (SEC). 177--194."},{"key":"e_1_3_2_1_60_1","unstructured":"Arm Limited. 2024. ARM -- Cache Speculation Side channels v2.5. https:\/\/developer.arm.com\/documentation\/102816\/latest\/."},{"key":"e_1_3_2_1_61_1","unstructured":"Arm Limited. 2024. Arm A64 Instruction Set Architecture -- AUTDA AUTDZA. https:\/\/developer.arm.com\/documentation\/ddi0596\/2021--12\/Base-Instructions\/AUTDA--AUTDZA--Authenticate-Data-address--using-key-A-."},{"key":"e_1_3_2_1_62_1","unstructured":"Arm Limited. 2024. Arm A64 Instruction Set Architecture -- AUTIA AUTIA1716 AUTIASP AUTIAZ AUTIZA. https:\/\/developer.arm.com\/documentation\/ddi0596\/2021--12\/Base-Instructions\/AUTIA--AUTIA1716--AUTIASP--AUTIAZ--AUTIZA--Authenticate-Instruction-address--using-key-A-."},{"key":"e_1_3_2_1_63_1","unstructured":"Arm Limited. 2024. Arm A64 Instruction Set Architecture -- CSETM. https:\/\/developer.arm.com\/documentation\/ddi0596\/2021--12\/Base-Instructions\/CSETM--Conditional-Set-Mask--an-alias-of-CSINV-."},{"key":"e_1_3_2_1_64_1","unstructured":"Arm Limited. 2024. Arm A64 Instruction Set Architecture -- LDRAA LDRAB. https:\/\/developer.arm.com\/documentation\/ddi0596\/2021--12\/Base-Instructions\/LDRAA--LDRAB--Load-Register--with-pointer-authentication-."},{"key":"e_1_3_2_1_65_1","volume-title":"USENIX Security Symposium (SEC). 973--990","author":"Schwarz Moritz","year":"2018","unstructured":"Lipp, Moritz and Schwarz, Michael and Gruss, Daniel and Prescher, Thomas and Haas, Werner and Fogh, Anders and Horn, Jann and Mangard, Stefan and Kocher, Paul and Genkin, Daniel and Yarom, Yuval and Hamburg, Mike. 2018. Meltdown: Reading Kernel Memory from User Space. In USENIX Security Symposium (SEC). 973--990."},{"key":"e_1_3_2_1_66_1","volume-title":"IEEE Symposium on Security and Privacy (S&P). 605--622","author":"Yarom Fangfei","year":"2015","unstructured":"Liu, Fangfei and Yarom, Yuval and Ge, Qian and Heiser, Gernot and Lee, Ruby B. 2015. Last-Level Cache Side-Channel Attacks are Practical. In IEEE Symposium on Security and Privacy (S&P). 605--622."},{"key":"e_1_3_2_1_67_1","unstructured":"LLVM. 2024. The LLVM Compiler Infrastructure. https:\/\/llvm.org\/."},{"key":"e_1_3_2_1_68_1","unstructured":"ARM Ltd. 2018. Addressing Spectre Variant 1 (CVE-2017--5753) in Software. https:\/\/developer.arm.com\/documentation\/102820\/latest\/."},{"key":"e_1_3_2_1_69_1","doi-asserted-by":"publisher","DOI":"10.1145\/2810103.2813694"},{"key":"e_1_3_2_1_70_1","unstructured":"LWN.net. 2004. x86 NX support. https:\/\/lwn.net\/Articles\/87814\/."},{"key":"e_1_3_2_1_71_1","doi-asserted-by":"publisher","DOI":"10.1145\/3243734.3243761"},{"key":"e_1_3_2_1_72_1","volume-title":"IEEE European Symposium on Security and Privacy (EuroS&P). 633--649","author":"Mambretti A.","unstructured":"A. Mambretti, A. Sandulescu, A. Sorniotti, W. Robertson, E. Kirda, and A. Kurmus. 2021. Bypassing memory safety mechanisms through speculative control flow hijacks. In IEEE European Symposium on Security and Privacy (EuroS&P). 633--649."},{"key":"e_1_3_2_1_73_1","volume-title":"Beyond Over-Protection: A Targeted Approach to Spectre Mitigation and Performance Optimization. arXiv preprint arXiv:2312.09770","author":"Marinaro Tiziano","year":"2023","unstructured":"Tiziano Marinaro, Pablo Buiras, Andreas Lindner, Roberto Guanciale, and Hamed Nemati. 2023. Beyond Over-Protection: A Targeted Approach to Spectre Mitigation and Performance Optimization. arXiv preprint arXiv:2312.09770 (2023)."},{"key":"e_1_3_2_1_74_1","volume-title":"USENIX Annual Technical Conference (ATC). 279--294","author":"McVoy Larry W","year":"1996","unstructured":"Larry W McVoy and Carl Staelin. 1996. lmbench: Portable Tools for Performance Analysis. In USENIX Annual Technical Conference (ATC). 279--294."},{"key":"e_1_3_2_1_75_1","volume-title":"Docker: Lightweight Linux Containers for Consistent Development and Deployment. Linux J. 2014","author":"Merkel Dirk","year":"2014","unstructured":"Dirk Merkel. 2014. Docker: Lightweight Linux Containers for Consistent Development and Deployment. Linux J. 2014 (2014)."},{"key":"e_1_3_2_1_76_1","unstructured":"Microsoft Docs. 2022. Data Execution Prevention. https:\/\/docs.microsoft.com\/en-us\/."},{"key":"e_1_3_2_1_77_1","unstructured":"Microsoft Security Response Center. 2019. A proactive approach to more secure code. https:\/\/msrc.microsoft.com\/blog\/2019\/07\/a-proactive-approach-to-more-secure-code\/."},{"key":"e_1_3_2_1_78_1","volume-title":"ISLAB: Immutable Memory Management Metadata for Commodity Operating System Kernels. In ACM ASIA Conference on Computer and Communications Security (ASIA CCS). 1159--1172","author":"Momeu Marius","unstructured":"Marius Momeu, Fabian Kilger, Christopher Roemheld, Simon Schn\u00fcckel, Sergej Proskurin, Michalis Polychronakis, and Vasileios P. Kemerlis. 2024. ISLAB: Immutable Memory Management Metadata for Commodity Operating System Kernels. In ACM ASIA Conference on Computer and Communications Security (ASIA CCS). 1159--1172."},{"key":"e_1_3_2_1_79_1","doi-asserted-by":"publisher","DOI":"10.1145\/1543135.1542504"},{"key":"e_1_3_2_1_80_1","doi-asserted-by":"publisher","DOI":"10.1145\/1806651.1806657"},{"key":"e_1_3_2_1_81_1","volume-title":"Poking Holes in Information Hiding. In USENIX Security Symposium (SEC). 121--138","author":"Oikonomopoulos Angelos","year":"2016","unstructured":"Angelos Oikonomopoulos, Elias Athanasopoulos, Herbert Bos, and Cristiano Giuffrida. 2016. Poking Holes in Information Hiding. In USENIX Security Symposium (SEC). 121--138."},{"key":"e_1_3_2_1_82_1","volume-title":"You Shall Not Bypass: Employing data dependencies to prevent Bounds Check Bypass. CoRR abs\/1805.08506","author":"Oleksenko Oleksii","year":"2018","unstructured":"Oleksii Oleksenko, Bohdan Trach, Tobias Reiher, Mark Silberstein, and Christof Fetzer. 2018. You Shall Not Bypass: Employing data dependencies to prevent Bounds Check Bypass. CoRR abs\/1805.08506 (2018)."},{"key":"e_1_3_2_1_83_1","article-title":"Smashing The Stack For Fun And Profit","volume":"7","author":"One Aleph","year":"1996","unstructured":"Aleph One. 1996. Smashing The Stack For Fun And Profit. Phrack Magazine 7, 49 (1996).","journal-title":"Phrack Magazine"},{"key":"e_1_3_2_1_84_1","unstructured":"OpenBSD. 2003. i386 W^X. https:\/\/marc.info\/?l=openbsd-misc&m=105056000801065."},{"key":"e_1_3_2_1_85_1","volume-title":"Exorcising Spectres with Secure Compilers. In ACM SIGSAC Conference on Computer and Communications Security (CCS). 445--461","author":"Patrignani Marco","year":"2021","unstructured":"Marco Patrignani and Marco Guarnieri. 2021. Exorcising Spectres with Secure Compilers. In ACM SIGSAC Conference on Computer and Communications Security (CCS). 445--461."},{"key":"e_1_3_2_1_86_1","unstructured":"Team PaX. 2003. ASLR. https:\/\/pax.grsecurity.net\/docs\/aslr.txt."},{"key":"e_1_3_2_1_87_1","doi-asserted-by":"publisher","DOI":"10.1145\/3064176.3064216"},{"key":"e_1_3_2_1_88_1","doi-asserted-by":"publisher","DOI":"10.1109\/SP40000.2020.00041"},{"key":"e_1_3_2_1_89_1","unstructured":"PTS. 2024. Phoronix Test Suite. https:\/\/www.phoronix-test-suite.com\/."},{"key":"e_1_3_2_1_90_1","unstructured":"Qualcomm Technologies Inc. 2017. Pointer Authentication on ARMv8.3. https:\/\/www.qualcomm.com\/content\/dam\/qcomm-martech\/dm-assets\/documents\/pointer-auth-v7.pdf."},{"key":"e_1_3_2_1_91_1","unstructured":"Joseph Ravichandran. 2024. PacmanPatcher. https:\/\/github.com\/jprx\/PacmanPatcher."},{"key":"e_1_3_2_1_92_1","unstructured":"Joseph Ravichandran. 2024. The PACMAN Attack. https:\/\/github.com\/jprx\/PacmanAttack."},{"key":"e_1_3_2_1_93_1","doi-asserted-by":"publisher","DOI":"10.1145\/3470496.3527429"},{"key":"e_1_3_2_1_94_1","unstructured":"redhat. 2014. New Security Enhancements in Red Hat Enterprise Linux v.3 update 3. https:\/\/static.redhat.com\/legacy\/f\/pdf\/rhel\/WHP0006US_Execshield.pdf."},{"key":"e_1_3_2_1_95_1","unstructured":"Redis. 2023. memtier_benchmark. https:\/\/github.com\/RedisLabs\/memtier{_}benchmark."},{"key":"e_1_3_2_1_96_1","volume-title":"Revisiting Browser Security in the Modern Era: New Data-Only Attacks and Defenses. In IEEE European Symposium on Security and Privacy (EuroS&P). 366--381","author":"Rogowski Roman","year":"2017","unstructured":"Roman Rogowski, Micah Morton, Forrest Li, Fabian Monrose, Kevin Z. Snow, and Michalis Polychronakis. 2017. Revisiting Browser Security in the Modern Era: New Data-Only Attacks and Defenses. In IEEE European Symposium on Security and Privacy (EuroS&P). 366--381."},{"key":"e_1_3_2_1_97_1","unstructured":"SANS Institute. 2024. CWE\/SANS TOP 25 Most Dangerous Software Errors. https:\/\/www.sans.org\/top25-software-errors\/."},{"key":"e_1_3_2_1_98_1","volume-title":"USENIX Workshop on Offensive Technologies (WOOT).","author":"Schink Marc","year":"2019","unstructured":"Marc Schink and Johannes Obermaier. 2019. Taking a Look into Execute-Only Memory. In USENIX Workshop on Offensive Technologies (WOOT)."},{"key":"e_1_3_2_1_99_1","volume-title":"ConTExT: A Generic Approach for Mitigating Spectre. In Network and Distributed System Security Symposium (NDSS).","author":"Schwarz Michael","year":"2020","unstructured":"Michael Schwarz, Moritz Lipp, Claudio Canella, Robert Schilling, Florian Kargl, and Daniel Gruss. 2020. ConTExT: A Generic Approach for Mitigating Spectre. In Network and Distributed System Security Symposium (NDSS)."},{"key":"e_1_3_2_1_100_1","doi-asserted-by":"publisher","DOI":"10.1145\/3319535.3354252"},{"key":"e_1_3_2_1_101_1","doi-asserted-by":"publisher","DOI":"10.1145\/1315245.1315313"},{"key":"e_1_3_2_1_102_1","doi-asserted-by":"publisher","DOI":"10.1109\/SP46215.2023.10179355"},{"key":"e_1_3_2_1_103_1","unstructured":"SQLite. 2023. Database Speed Comparison. https:\/\/sqlite.org\/src\/file\/test\/speedtest1.c."},{"key":"e_1_3_2_1_104_1","volume-title":"SoK: Eternal War in Memory. In IEEE Symposium on Security and Privacy (S&P). 48--62","author":"Szekeres L\u00e1szl\u00f3","year":"2013","unstructured":"L\u00e1szl\u00f3 Szekeres, Mathias Payer, Tao Wei, and Dawn Song. 2013. SoK: Eternal War in Memory. In IEEE Symposium on Security and Privacy (S&P). 48--62."},{"key":"e_1_3_2_1_105_1","unstructured":"The Linux kernel. 2024. Page Table Isolation (PTI). https:\/\/www.kernel.org\/doc\/html\/next\/x86\/pti.html."},{"key":"e_1_3_2_1_106_1","volume-title":"Enforcing Forward-Edge Control-Flow Integrity in GCC & LLVM. In USENIX Security Symposium (SEC). 941--955","author":"Tice Caroline","year":"2014","unstructured":"Caroline Tice, Tom Roeder, Peter Collingbourne, Stephen Checkoway, \u00dalfar Erlingsson, Luis Lozano, and Geoff Pike. 2014. Enforcing Forward-Edge Control-Flow Integrity in GCC & LLVM. In USENIX Security Symposium (SEC). 941--955."},{"key":"e_1_3_2_1_107_1","volume-title":"USENIX Security Symposium (SEC). 991--1008","author":"Bulck Jo Van","year":"2018","unstructured":"Jo Van Bulck, Marina Minkin, Ofir Weisse, Daniel Genkin, Baris Kasikci, Frank Piessens, Mark Silberstein, Thomas F. Wenisch, Yuval Yarom, and Raoul Strackx. 2018. Foreshadow: Extracting the Keys to the Intel SGX Kingdom with Transient Out-of-Order Execution. In USENIX Security Symposium (SEC). 991--1008."},{"key":"e_1_3_2_1_108_1","doi-asserted-by":"publisher","DOI":"10.1007\/978-3-642-33338-5_5"},{"key":"e_1_3_2_1_109_1","volume-title":"RIDL: Rogue In-Flight Data Load. In IEEE Symposium on Security and Privacy (S&P). 88--105","author":"van Schaik Stephan","year":"2019","unstructured":"Stephan van Schaik, Alyssa Milburn, Sebastian \u00d6sterlund, Pietro Frigo, Giorgi Maisuradze, Kaveh Razavi, Herbert Bos, and Cristiano Giuffrida. 2019. RIDL: Rogue In-Flight Data Load. In IEEE Symposium on Security and Privacy (S&P). 88--105."},{"key":"e_1_3_2_1_110_1","doi-asserted-by":"publisher","DOI":"10.1145\/3434330"},{"key":"e_1_3_2_1_111_1","volume-title":"SafeHidden: An Efficient and Secure Information Hiding Technique Using Re-randomization. In USENIX Security Symposium (SEC). 1239--1256","author":"Wang Zhe","year":"2019","unstructured":"Zhe Wang, Chenggang Wu, Yinqian Zhang, Bowen Tang, Pen-Chung Yew, Mengyao Xie, Yuanming Lai, Yan Kang, Yueqiang Cheng, and Zhiping Shi. 2019. SafeHidden: An Efficient and Secure Information Hiding Technique Using Re-randomization. In USENIX Security Symposium (SEC). 1239--1256."},{"key":"e_1_3_2_1_112_1","volume-title":"Osiris: Automated Discovery of Microarchitectural Side Channels. In USENIX Security Symposium (SEC). 1--18","author":"Weber Daniel","year":"2021","unstructured":"Daniel Weber, Ahmad Ibrahim, Hamed Nemati, Michael Schwarz, and Christian Rossow. 2021. Osiris: Automated Discovery of Microarchitectural Side Channels. In USENIX Security Symposium (SEC). 1--18."},{"key":"e_1_3_2_1_113_1","volume-title":"Marina Minkin, Daniel Genkin, Baris Kasikci, Frank Piessens, Mark Silberstein, Raoul Strackx, Thomas F Wenisch, and Yuval Yarom.","author":"Weisse Ofir","year":"2018","unstructured":"Ofir Weisse, Jo Van Bulck, Marina Minkin, Daniel Genkin, Baris Kasikci, Frank Piessens, Mark Silberstein, Raoul Strackx, Thomas F Wenisch, and Yuval Yarom. 2018. Foreshadow-NG: Breaking the Virtual Memory Abstraction with Transient Out-of-Order Execution. Technical report (2018)."},{"key":"e_1_3_2_1_114_1","unstructured":"Wikipedia. 2023. NX bit. https:\/\/en.wikipedia.org\/wiki\/NX_bit."},{"key":"e_1_3_2_1_115_1","volume-title":"Egalito: Layout-Agnostic Binary Recompilation. In International Conference on Architectural Support for Programming Languages and Operating Systems (ASPLOS). 133--147","author":"Williams-King David","unstructured":"David Williams-King, Hidenori Kobayashi, Kent Williams-King, Graham Patterson, Frank Spano, Yu Jian Wu, Junfeng Yang, and Vasileios P. Kemerlis. 2020. Egalito: Layout-Agnostic Binary Recompilation. In International Conference on Architectural Support for Programming Languages and Operating Systems (ASPLOS). 133--147."},{"key":"e_1_3_2_1_116_1","volume-title":"Silent Bugs Matter: A Study of Compiler-Introduced Security Bugs. In USENIX Security Symposium (SEC). 3655--3672","author":"Xu Jianhao","year":"2023","unstructured":"Jianhao Xu, Kangjie Lu, Zhengjie Du, Zhu Ding, Linke Li, Qiushi Wu, Mathias Payer, and Bing Mao. 2023. Silent Bugs Matter: A Study of Compiler-Introduced Security Bugs. In USENIX Security Symposium (SEC). 3655--3672."},{"key":"e_1_3_2_1_117_1","doi-asserted-by":"publisher","DOI":"10.1145\/3352460.3361129"},{"key":"e_1_3_2_1_118_1","volume-title":"USENIX Security Symposium (SEC). 719--732","author":"Yarom Yuval","year":"2014","unstructured":"Yuval Yarom and Katrina Falkner. 2014. FLUSHRELOAD: A High Resolution, Low Noise, L3 Cache Side-Channel Attack. In USENIX Security Symposium (SEC). 719--732."},{"key":"e_1_3_2_1_119_1","volume-title":"USENIX Security Symposium (SEC). 7125--7142","author":"Zhang Zhiyuan","year":"2023","unstructured":"Zhiyuan Zhang, Gilles Barthe, Chitchanok Chuengsatiansup, Peter Schwabe, and Yuval Yarom. 2023. Ultimate SLH: Taking Speculative Load Hardening to the Next Level. In USENIX Security Symposium (SEC). 7125--7142."}],"event":{"name":"CCS '24: ACM SIGSAC Conference on Computer and Communications Security","location":"Salt Lake City UT USA","acronym":"CCS '24","sponsor":["SIGSAC ACM Special Interest Group on Security, Audit, and Control"]},"container-title":["Proceedings of the 2024 on ACM SIGSAC Conference on Computer and Communications Security"],"original-title":[],"link":[{"URL":"https:\/\/dl.acm.org\/doi\/10.1145\/3658644.3690201","content-type":"unspecified","content-version":"vor","intended-application":"text-mining"},{"URL":"https:\/\/dl.acm.org\/doi\/pdf\/10.1145\/3658644.3690201","content-type":"unspecified","content-version":"vor","intended-application":"similarity-checking"}],"deposited":{"date-parts":[[2025,8,22]],"date-time":"2025-08-22T06:06:25Z","timestamp":1755842785000},"score":1,"resource":{"primary":{"URL":"https:\/\/dl.acm.org\/doi\/10.1145\/3658644.3690201"}},"subtitle":[],"short-title":[],"issued":{"date-parts":[[2024,12,2]]},"references-count":119,"alternative-id":["10.1145\/3658644.3690201","10.1145\/3658644"],"URL":"https:\/\/doi.org\/10.1145\/3658644.3690201","relation":{},"subject":[],"published":{"date-parts":[[2024,12,2]]},"assertion":[{"value":"2024-12-09","order":3,"name":"published","label":"Published","group":{"name":"publication_history","label":"Publication History"}}]}}