{"status":"ok","message-type":"work","message-version":"1.0.0","message":{"indexed":{"date-parts":[[2025,6,19]],"date-time":"2025-06-19T05:06:49Z","timestamp":1750309609420,"version":"3.41.0"},"publisher-location":"New York, NY, USA","reference-count":54,"publisher":"ACM","license":[{"start":{"date-parts":[[2025,3,31]],"date-time":"2025-03-31T00:00:00Z","timestamp":1743379200000},"content-version":"vor","delay-in-days":0,"URL":"https:\/\/www.acm.org\/publications\/policies\/copyright_policy#Background"}],"funder":[{"name":"Delta Electronics, Inc.","award":["111HT907011"],"award-info":[{"award-number":["111HT907011"]}]}],"content-domain":{"domain":["dl.acm.org"],"crossmark-restriction":true},"short-container-title":[],"published-print":{"date-parts":[[2025,3,31]]},"DOI":"10.1145\/3672608.3707841","type":"proceedings-article","created":{"date-parts":[[2025,5,14]],"date-time":"2025-05-14T18:26:54Z","timestamp":1747247214000},"page":"1810-1819","update-policy":"https:\/\/doi.org\/10.1145\/crossmark-policy","source":"Crossref","is-referenced-by-count":0,"title":["Strengthening Application Security through Integrity Protection of System Call Usage"],"prefix":"10.1145","author":[{"ORCID":"https:\/\/orcid.org\/0009-0002-8277-8504","authenticated-orcid":false,"given":"Chih-Kai","family":"Hsu","sequence":"first","affiliation":[{"name":"National Taiwan University, Taipei City, Taiwan"}]},{"ORCID":"https:\/\/orcid.org\/0009-0000-3086-0093","authenticated-orcid":false,"given":"Yung-Chi","family":"Tseng","sequence":"additional","affiliation":[{"name":"National Taiwan University, Taipei City, Taiwan"}]},{"ORCID":"https:\/\/orcid.org\/0009-0002-6883-5373","authenticated-orcid":false,"given":"Shih-Wei","family":"Li","sequence":"additional","affiliation":[{"name":"National Taiwan University, Taipei City, Taiwan"}]},{"ORCID":"https:\/\/orcid.org\/0000-0002-7292-3942","authenticated-orcid":false,"given":"Yi-Hui","family":"Lin","sequence":"additional","affiliation":[{"name":"Delta Research Center, Taipei City, Taiwan"}]},{"ORCID":"https:\/\/orcid.org\/0009-0009-8212-0375","authenticated-orcid":false,"given":"Wei-Cheng","family":"Tian","sequence":"additional","affiliation":[{"name":"Delta Research Center, Taipei City, Taiwan"}]},{"ORCID":"https:\/\/orcid.org\/0009-0005-1713-6603","authenticated-orcid":false,"given":"Lap Chung","family":"Lam","sequence":"additional","affiliation":[{"name":"Delta Research Center, New York, USA"}]},{"ORCID":"https:\/\/orcid.org\/0009-0006-5754-6794","authenticated-orcid":false,"given":"Yu-Chen","family":"Liu","sequence":"additional","affiliation":[{"name":"National Taiwan University\/University of Southern California, Los Angeles, CA, USA"}]}],"member":"320","published-online":{"date-parts":[[2025,5,14]]},"reference":[{"key":"e_1_3_2_1_1_1","unstructured":"2018. A SQLite3 benchmark tool. https:\/\/github.com\/ukontainer\/sqlite-bench."},{"key":"e_1_3_2_1_2_1","unstructured":"2022. NGINX web server. https:\/\/nginx.org."},{"key":"e_1_3_2_1_3_1","doi-asserted-by":"publisher","DOI":"10.1145\/3359789.3359823"},{"key":"e_1_3_2_1_4_1","unstructured":"Apple. 2020. Apple Mac Mini M1. https:\/\/www.apple.com\/shop\/buy-mac\/mac-mini\/applem1-chip-with-8-core-cpu-and-8-core-gpu-256gb."},{"key":"e_1_3_2_1_5_1","unstructured":"Apple. 2020. Apple unleashes M1. https:\/\/www.apple.com\/newsroom\/2020\/11\/apple-unleashes-m1\/."},{"key":"e_1_3_2_1_6_1","unstructured":"Apple Inc. May 2022. Apple Platform Security. https:\/\/help.apple.com\/pdf\/security\/en_US\/apple-platform-security-guide.pdf."},{"key":"e_1_3_2_1_7_1","unstructured":"Arm Developer. 2014. Execute Never. https:\/\/developer.arm.com\/documentation\/den0013\/d\/The-Memory-Management-Unit\/Memory-attributes\/Execute-Never?lang=en."},{"key":"e_1_3_2_1_8_1","doi-asserted-by":"crossref","unstructured":"Roberto Avanzi. 2017. The QARMA block cipher family. Almost MDS matrices over rings with zero divisors nearly symmetric even-mansour constructions with non-involutory central rounds and search heuristics for low-latency s-boxes. IACR Transactions on Symmetric Cryptology (2017) 4\u201344.","DOI":"10.46586\/tosc.v2017.i1.4-44"},{"key":"e_1_3_2_1_9_1","volume-title":"IEEE Symposium on Security and Privacy","author":"Bosman Erik","year":"2014","unstructured":"Erik Bosman and Herbert Bos. 2014. Framing Signals\u2014A Return to Portable Shellcode. IEEE Symposium on Security and Privacy (2014)."},{"key":"e_1_3_2_1_10_1","doi-asserted-by":"publisher","DOI":"10.1145\/3185768.3185771"},{"key":"e_1_3_2_1_11_1","volume-title":"SFIP: Coarse-Grained Syscall-Flow-Integrity Protection in Modern Systems. arXiv preprint arXiv:2202.13716","author":"Canella Claudio","year":"2022","unstructured":"Claudio Canella, Sebastian Dorn, Daniel Gruss, and Michael Schwarz. 2022. SFIP: Coarse-Grained Syscall-Flow-Integrity Protection in Modern Systems. arXiv preprint arXiv:2202.13716 (2022)."},{"key":"e_1_3_2_1_12_1","doi-asserted-by":"publisher","DOI":"10.1145\/3474123.3486762"},{"key":"e_1_3_2_1_13_1","unstructured":"CERT Advisory CA-2001-33 Multiple Vulnerabilities in WU-FTPD [n. d.]. https:\/\/vuls.cert.org\/confluence\/display\/historical\/CERT+Advisory+CA-2001-33+Multiple+Vulnerabilities+in+WU-FTPD."},{"key":"e_1_3_2_1_14_1","volume-title":"Proceedings of the 14th Conference on USENIX Security Symposium -","volume":"14","author":"Chen Shuo","unstructured":"Shuo Chen, Jun Xu, Emre C. Sezer, Prachi Gauriar, and Ravishankar K. Iyer. 2005. Non-control-data attacks are realistic threats. In Proceedings of the 14th Conference on USENIX Security Symposium - Volume 14 (Baltimore, MD) (SSYM'05). USENIX Association, 12."},{"key":"e_1_3_2_1_15_1","unstructured":"DWARF Debugging Information Format Committee. [n. d.]. DWARF Debugging Information Format Version 4. https:\/\/dwarfstd.org\/doc\/DWARF4.pdf."},{"key":"e_1_3_2_1_16_1","unstructured":"Intel Corporation. 2019. Intel 64 and IA-32 Architectures Software Developer's Manual. https:\/\/software.intel.com\/en-us\/articles\/intel-sdm."},{"key":"e_1_3_2_1_17_1","unstructured":"Intel Corporation. 2020. A Technical Look at Intel's Control-flow Enforcement Technology. https:\/\/www.intel.com\/content\/www\/us\/en\/developer\/articles\/technical\/technical-look-control-flow-enforcement-technology.html."},{"key":"e_1_3_2_1_18_1","volume-title":"23rd International Symposium on Research in Attacks, Intrusions and Defenses (RAID","author":"DeMarinis Nicholas","year":"2020","unstructured":"Nicholas DeMarinis, Kent Williams-King, Di Jin, Rodrigo Fonseca, and Vasileios P Kemerlis. 2020. Sysfilter: Automated system call filtering for commodity software. In 23rd International Symposium on Research in Attacks, Intrusions and Defenses (RAID 2020). 459\u2013474."},{"key":"e_1_3_2_1_19_1","volume-title":"Network and Distributed System Security Symposium","author":"Duta Victor","year":"2017","unstructured":"Victor Duta, Fabian Freyer, Fabio Pagani, Marius Muench, and Cristiano Giuffrida. 2017. Let Me Unwind That For You: Exceptions to Backward-Edge Protection. Network and Distributed System Security Symposium (2017)."},{"key":"e_1_3_2_1_20_1","doi-asserted-by":"publisher","DOI":"10.1145\/2810103.2813646"},{"key":"e_1_3_2_1_21_1","volume-title":"RAID 2016, Paris, France, September 19\u201321, 2016, Proceedings 19","author":"Fu Yangchun","year":"2016","unstructured":"Yangchun Fu, Junghwan Rhee, Zhiqiang Lin, Zhichun Li, Hui Zhang, and Guofei Jiang. 2016. Detecting stack layout corruptions with robust stack unwinding. In Research in Attacks, Intrusions, and Defenses: 19th International Symposium, RAID 2016, Paris, France, September 19\u201321, 2016, Proceedings 19. Springer, 71\u201394."},{"key":"e_1_3_2_1_22_1","volume-title":"29th USENIX Security Symposium (USENIX Security 20)","author":"Ghavamnia Seyedhamed","year":"2020","unstructured":"Seyedhamed Ghavamnia, Tapti Palit, Shachee Mishra, and Michalis Polychronakis. 2020. Temporal system call specialization for attack surface reduction. In 29th USENIX Security Symposium (USENIX Security 20). 1749\u20131766."},{"key":"e_1_3_2_1_23_1","doi-asserted-by":"publisher","DOI":"10.1109\/SP.2016.62"},{"key":"e_1_3_2_1_24_1","volume-title":"31st USENIX Security Symposium (USENIX Security 22)","author":"Ismail Mohannad","year":"2022","unstructured":"Mohannad Ismail, Andrew Quach, Christopher Jelesnianski, Yeongjin Jang, and Changwoo Min. 2022. Tightly Seal Your Sensitive Pointers with {PACTight}. In 31st USENIX Security Symposium (USENIX Security 22). 3717\u20133734."},{"key":"e_1_3_2_1_25_1","doi-asserted-by":"publisher","DOI":"10.1145\/3460120.3485376"},{"key":"e_1_3_2_1_26_1","unstructured":"Jake Edge. 2012. A library for seccomp filters. https:\/\/lwn.net\/Articles\/494252\/."},{"key":"e_1_3_2_1_27_1","doi-asserted-by":"publisher","DOI":"10.1145\/3582016.3582066"},{"key":"e_1_3_2_1_28_1","doi-asserted-by":"publisher","DOI":"10.1007\/978-3-540-30143-1_1"},{"key":"e_1_3_2_1_29_1","unstructured":"lighttpd. 2024. Lighttpd web server. https:\/\/www.lighttpd.net\/."},{"key":"e_1_3_2_1_30_1","volume-title":"28th USENIX Security Symposium (USENIX Security 19)","author":"Liljestrand Hans","year":"2019","unstructured":"Hans Liljestrand, Thomas Nyman, Kui Wang, Carlos Chinea Perez, Jan-Erik Ekberg, and N Asokan. 2019. {PAC} it up: Towards pointer integrity using {ARM} pointer authentication. In 28th USENIX Security Symposium (USENIX Security 19). 177\u2013194."},{"key":"e_1_3_2_1_31_1","unstructured":"Linux Foundation. [n. d.]. Special Sections. https:\/\/refspecs.linuxfoundation.org\/LSB_1.2.0\/gLSB\/specialsections.html."},{"key":"e_1_3_2_1_32_1","unstructured":"Linux Foundation. 2001. Section Header. https:\/\/refspecs.linuxbase.org\/elf\/gabi4+\/ch4.sheader.html."},{"key":"e_1_3_2_1_33_1","unstructured":"Mark Rutland. September 14 2017. ARMv8.3 Pointer Authentication. https:\/\/events.static.linuxfound.org\/sites\/events\/files\/slides\/slides_23.pdf."},{"key":"e_1_3_2_1_34_1","unstructured":"Martin Weidmann. September 29 2022. ARM v9-A. https:\/\/community.arm.com\/arm-community-blogs\/b\/architectures-and-processors-blog\/posts\/arm-a-profile-architecture-2022."},{"key":"e_1_3_2_1_35_1","doi-asserted-by":"publisher","DOI":"10.1145\/2810103.2813676"},{"key":"e_1_3_2_1_36_1","unstructured":"SQLite Consortium members. [n. d.]. SQLite. https:\/\/www.sqlite.org\/index.html."},{"key":"e_1_3_2_1_37_1","unstructured":"Nathan Burow. 2018. CFIXX C++ test suite. https:\/\/github.com\/HexHive\/CFIXX\/tree\/master\/CFIXX-Suite."},{"key":"e_1_3_2_1_38_1","volume-title":"National Vulnerability Database","author":"National Institute of Standards and Technology.","year":"2015","unstructured":"National Institute of Standards and Technology. National Vulnerability Database. 2015. 2013. https:\/\/nvd.nist.gov\/vuln\/detail\/CVE-2013-2028."},{"key":"e_1_3_2_1_39_1","volume-title":"National Vulnerability Database","author":"National Institute of Standards and Technology.","year":"2015","unstructured":"National Institute of Standards and Technology. National Vulnerability Database. 2015. CVE-2012-0809 2012. https:\/\/nvd.nist.gov\/vuln\/detail\/CVE-2012-0809."},{"key":"e_1_3_2_1_40_1","volume-title":"National Vulnerability Database","author":"National Institute of Standards and Technology.","year":"2015","unstructured":"National Institute of Standards and Technology. National Vulnerability Database. 2015. CVE-2015-8617 2015. https:\/\/nvd.nist.gov\/vuln\/detail\/CVE-2015-8617."},{"key":"e_1_3_2_1_41_1","volume-title":"National Vulnerability Database","author":"National Institute of Standards and Technology.","year":"2015","unstructured":"National Institute of Standards and Technology. National Vulnerability Database. 2015. CVE-2019-3822 2019. https:\/\/nvd.nist.gov\/vuln\/detail\/CVE-2019-3822."},{"key":"e_1_3_2_1_42_1","volume-title":"National Vulnerability Database","author":"National Institute of Standards and Technology.","year":"2016","unstructured":"National Institute of Standards and Technology. National Vulnerability Database. 2016. CVE-2016-10190 [n. d.]. https:\/\/nvd.nist.gov\/vuln\/detail\/CVE-2016-10190."},{"key":"e_1_3_2_1_43_1","volume-title":"National Vulnerability Database","author":"National Institute of Standards and Technology.","year":"2016","unstructured":"National Institute of Standards and Technology. National Vulnerability Database. 2016. CVE-2016-10191 2016. https:\/\/nvd.nist.gov\/vuln\/detail\/CVE-2016-10191."},{"key":"e_1_3_2_1_44_1","unstructured":"PaX. 2003. Address Space Layout Randomization. https:\/\/pax.grsecurity.net\/docs\/aslr.txt."},{"key":"e_1_3_2_1_45_1","volume-title":"RAZOR: A Framework for Post-deployment Software Debloating. In 28th USENIX Security Symposium (USENIX Security 19)","author":"Qian Chenxiong","year":"2019","unstructured":"Chenxiong Qian, Hong Hu, Mansour Alharthi, Pak Ho Chung, Taesoo Kim, and Wenke Lee. 2019. RAZOR: A Framework for Post-deployment Software Debloating. In 28th USENIX Security Symposium (USENIX Security 19). USENIX Association, Santa Clara, CA, 1733\u20131750. https:\/\/www.usenix.org\/conference\/usenixsecurity19\/presentation\/qian"},{"key":"e_1_3_2_1_46_1","volume-title":"27th USENIX Security Symposium (USENIX Security 18)","author":"Quach Anh","year":"2018","unstructured":"Anh Quach, Aravind Prakash, and Lok Yan. 2018. Debloating Software through Piece-Wise Compilation and Loading. In 27th USENIX Security Symposium (USENIX Security 18). USENIX Association, Baltimore, MD, 869\u2013886. https:\/\/www.usenix.org\/conference\/usenixsecurity18\/presentation\/quach"},{"key":"e_1_3_2_1_47_1","unstructured":"Qualcomm Technologies Inc. January 2017. Pointer Authentication on ARMv8.3. https:\/\/www.qualcomm.com\/content\/dam\/qcomm-martech\/dm-assets\/documents\/pointer-auth-v7.pdf."},{"key":"e_1_3_2_1_48_1","volume-title":"Address-Oblivious Code Reuse: On the Effectiveness of Leakage-Resilient Diversity. Network and Distributed System Security Symposium","author":"Rudd Robert","year":"2017","unstructured":"Robert Rudd, Richard Skowyra, David Bigelow, Veer Dedhia, Thomas Hobson, Stephen Crane, Christopher Liebchen, Per Larsen, Lucas Davi, Michael Franz, Ahmad-Reza Sadeghi, and Hamed Okhravi. 2017. Address-Oblivious Code Reuse: On the Effectiveness of Leakage-Resilient Diversity. Network and Distributed System Security Symposium (2017)."},{"key":"e_1_3_2_1_49_1","doi-asserted-by":"publisher","DOI":"10.1109\/SP.2015.51"},{"key":"e_1_3_2_1_50_1","unstructured":"The Clang Team. 2024. ShadowCallStack. https:\/\/releases.llvm.org\/16.0.0\/tools\/clang\/docs\/ShadowCallStack.html."},{"key":"e_1_3_2_1_51_1","doi-asserted-by":"publisher","DOI":"10.1145\/3133956.3134026"},{"key":"e_1_3_2_1_52_1","unstructured":"Will Glozer. 2019. a HTTP benchmarking tool. https:\/\/github.com\/wg\/wrk."},{"key":"e_1_3_2_1_53_1","unstructured":"WU-FTPD Development Group 2003. https:\/\/web.archive.org\/web\/20080324003630\/http:\/\/www.wu-ftpd.org\/."},{"key":"e_1_3_2_1_54_1","doi-asserted-by":"publisher","DOI":"10.1145\/3556977"}],"event":{"name":"SAC '25: 40th ACM\/SIGAPP Symposium on Applied Computing","sponsor":["SIGAPP ACM Special Interest Group on Applied Computing"],"location":"Catania International Airport Catania Italy","acronym":"SAC '25"},"container-title":["Proceedings of the 40th ACM\/SIGAPP Symposium on Applied Computing"],"original-title":[],"link":[{"URL":"https:\/\/dl.acm.org\/doi\/10.1145\/3672608.3707841","content-type":"unspecified","content-version":"vor","intended-application":"text-mining"},{"URL":"https:\/\/dl.acm.org\/doi\/pdf\/10.1145\/3672608.3707841","content-type":"unspecified","content-version":"vor","intended-application":"similarity-checking"}],"deposited":{"date-parts":[[2025,6,19]],"date-time":"2025-06-19T01:57:33Z","timestamp":1750298253000},"score":1,"resource":{"primary":{"URL":"https:\/\/dl.acm.org\/doi\/10.1145\/3672608.3707841"}},"subtitle":[],"short-title":[],"issued":{"date-parts":[[2025,3,31]]},"references-count":54,"alternative-id":["10.1145\/3672608.3707841","10.1145\/3672608"],"URL":"https:\/\/doi.org\/10.1145\/3672608.3707841","relation":{},"subject":[],"published":{"date-parts":[[2025,3,31]]},"assertion":[{"value":"2025-05-14","order":3,"name":"published","label":"Published","group":{"name":"publication_history","label":"Publication History"}}]}}