{"status":"ok","message-type":"work","message-version":"1.0.0","message":{"indexed":{"date-parts":[[2026,6,4]],"date-time":"2026-06-04T16:03:11Z","timestamp":1780588991375,"version":"3.54.1"},"publisher-location":"New York, NY, USA","reference-count":44,"publisher":"ACM","license":[{"start":{"date-parts":[[2026,6,1]],"date-time":"2026-06-01T00:00:00Z","timestamp":1780272000000},"content-version":"vor","delay-in-days":0,"URL":"https:\/\/creativecommons.org\/licenses\/by\/4.0\/legalcode"}],"funder":[{"DOI":"10.13039\/100000001","name":"NSF (National Science Foundation)","doi-asserted-by":"publisher","award":["2052951"],"award-info":[{"award-number":["2052951"]}],"id":[{"id":"10.13039\/100000001","id-type":"DOI","asserted-by":"publisher"}]}],"content-domain":{"domain":["dl.acm.org"],"crossmark-restriction":true},"short-container-title":[],"published-print":{"date-parts":[[2026,6]]},"DOI":"10.1145\/3779208.3807496","type":"proceedings-article","created":{"date-parts":[[2026,6,4]],"date-time":"2026-06-04T15:21:58Z","timestamp":1780586518000},"page":"743-758","update-policy":"https:\/\/doi.org\/10.1145\/crossmark-policy","source":"Crossref","is-referenced-by-count":0,"title":["Overseer: Enforcing fine-grained memory access control across execution environments"],"prefix":"10.1145","author":[{"ORCID":"https:\/\/orcid.org\/0000-0002-5227-1254","authenticated-orcid":false,"given":"Darius","family":"Suciu","sequence":"first","affiliation":[{"name":"Stony Brook University, Stony Brook, New York, USA"}],"role":[{"vocabulary":"crossref","role":"author"}]},{"ORCID":"https:\/\/orcid.org\/0000-0003-3182-4849","authenticated-orcid":false,"given":"Sandeep Kiran","family":"Pinjala","sequence":"additional","affiliation":[{"name":"Stony Brook University, Stony Brook, New York, USA"}],"role":[{"vocabulary":"crossref","role":"author"}]},{"ORCID":"https:\/\/orcid.org\/0009-0007-8424-8159","authenticated-orcid":false,"given":"Bin","family":"Sun","sequence":"additional","affiliation":[{"name":"Stony Brook University, Stony Brook, New York, USA"}],"role":[{"vocabulary":"crossref","role":"author"}]},{"ORCID":"https:\/\/orcid.org\/0000-0002-1237-8276","authenticated-orcid":false,"given":"Radu","family":"Sion","sequence":"additional","affiliation":[{"name":"Stony Brook University, Stony Brook, New York, USA"}],"role":[{"vocabulary":"crossref","role":"author"}]}],"member":"320","published-online":{"date-parts":[[2026,6,4]]},"reference":[{"key":"e_1_3_2_1_1_1","volume-title":"On the Performance of ARM Trust-Zone","author":"Amacher Julien","unstructured":"Julien Amacher and Valerio Schiavoni. 2019. On the Performance of ARM Trust-Zone. In Distributed Applications and Interoperable Systems, Jos\u00e9 Pereira and Laura Ricci (Eds.). Springer International Publishing, Cham, 133\u2013151."},{"key":"e_1_3_2_1_2_1","unstructured":"ARM. 2009. Bulding a secure System using TrustZone Technology. http:\/\/infocenter.arm.com\/help\/topic\/com.arm.doc.prd29-genc-009492c\/PRD29-GENC-009492C_trustzone_security_whitepaper.pdf. ARM Technical White Paper (2009)."},{"key":"e_1_3_2_1_3_1","doi-asserted-by":"publisher","DOI":"10.1145\/2660267.2660350"},{"key":"e_1_3_2_1_4_1","unstructured":"Gal Beniamini. 2016. TrustZone Kernel Privilege Escalation. http:\/\/bits-please.blogspot.com\/2016\/06\/trustzone-kernel-privilege-escalation.html."},{"key":"e_1_3_2_1_5_1","unstructured":"David Berard. 2018. Kinibi TEE: Trusted Application exploitation. https:\/\/www.synacktiv.com\/posts\/exploit\/kinibi-tee-trusted-application-exploitation.html."},{"key":"e_1_3_2_1_6_1","doi-asserted-by":"publisher","DOI":"10.14722\/ndss.2019.23448"},{"key":"e_1_3_2_1_7_1","volume-title":"31st USENIX Security Symposium (USENIX Security 22)","author":"Cerdeira David","year":"2022","unstructured":"David Cerdeira, Jos\u00e9 Martins, Nuno Santos, and Sandro Pinto. 2022. {ReZone }: Disarming {TrustZone } with {TEE} Privilege Reduction. In 31st USENIX Security Symposium (USENIX Security 22). 2261\u20132279."},{"key":"e_1_3_2_1_8_1","volume-title":"SoK: Understanding the Prevailing Security Vulnerabilities in TrustZone-assisted TEE Systems. 2020 IEEE Symposium on Security and Privacy (SP)","author":"Cerdeira David","year":"2020","unstructured":"David Cerdeira, Nuno Santos, Pedro Fonseca, and Sandro Pinto. 2020. SoK: Understanding the Prevailing Security Vulnerabilities in TrustZone-assisted TEE Systems. 2020 IEEE Symposium on Security and Privacy (SP) (2020), 1416\u20131432."},{"key":"e_1_3_2_1_9_1","doi-asserted-by":"publisher","DOI":"10.1145\/1353536.1346284"},{"key":"e_1_3_2_1_10_1","volume-title":"Proceedings of the 2016 USENIX Conference on Usenix Annual Technical Conference (USENIX ATC '16). USENIX Association, USA, 565\u2013578","author":"Cho Yeongpil","year":"2016","unstructured":"Yeongpil Cho, Junbum Shin, Donghyun Kwon, MyungJoo Ham, Yuna Kim, and Yunheung Paek. 2016. Hardware-Assisted on-Demand Hypervisor Activation for Efficient Security Critical Code Execution on Mobile Devices. In Proceedings of the 2016 USENIX Conference on Usenix Annual Technical Conference (USENIX ATC '16). USENIX Association, USA, 565\u2013578."},{"key":"e_1_3_2_1_11_1","unstructured":"codeaurora.org. 2020. Qualcomm patch for CVE-2021-1961. https:\/\/git.codelinaro.org\/clo\/le\/kernel\/msm-4.19\/-\/commit\/edc0db63de9a0a7375bf05fafda3d47b558fd9ff."},{"key":"e_1_3_2_1_12_1","unstructured":"Jake Edge. 2020. KVM for Android. https:\/\/lwn.net\/Articles\/836693\/."},{"key":"e_1_3_2_1_13_1","doi-asserted-by":"publisher","DOI":"10.1145\/1165389.945464"},{"key":"e_1_3_2_1_14_1","volume-title":"Sprobes: Enforcing Kernel Code Integrity on the Trust Zone Architecture. CoRR abs\/1410.7747(2014). arXiv:1410.7747 http:\/\/arxiv.org\/abs\/1410.7747","author":"Ge Xinyang","year":"2014","unstructured":"Xinyang Ge, Hayawardh Vijayakumar, and Trent Jaeger. 2014. Sprobes: Enforcing Kernel Code Integrity on the Trust Zone Architecture. CoRR abs\/1410.7747(2014). arXiv:1410.7747 http:\/\/arxiv.org\/abs\/1410.7747"},{"key":"e_1_3_2_1_15_1","unstructured":"GlobalPlatform. 2010. TEE Client API Specification v1.0. https:\/\/globalplatform.org\/specslibrary\/tee-client-api-specification\/."},{"key":"e_1_3_2_1_16_1","volume-title":"PARTEMU: Enabling Dynamic Analysis of Real-World TrustZone Software Using Emulation. In 29th USENIX Security Symposium (USENIX Security 20)","author":"Harrison Lee","year":"2020","unstructured":"Lee Harrison, Hayawardh Vijayakumar, Rohan Padhye, Koushik Sen, and Michael Grace. 2020. PARTEMU: Enabling Dynamic Analysis of Real-World TrustZone Software Using Emulation. In 29th USENIX Security Symposium (USENIX Security 20). USENIX Association, 789\u2013806. https:\/\/www.usenix.org\/conference\/usenixsecurity20\/presentation\/harrison"},{"key":"e_1_3_2_1_17_1","volume-title":"26th USENIX Security Symposium (USENIX Security 17)","author":"Hua Zhichao","year":"2017","unstructured":"Zhichao Hua, Jinyu Gu, Yubin Xia, Haibo Chen, Binyu Zang, and Haibing Guan. 2017. vTZ: Virtualizing ARM TrustZone. In 26th USENIX Security Symposium (USENIX Security 17). USENIX Association, Vancouver, BC, 541\u2013556. https:\/\/www.usenix.org\/conference\/usenixsecurity17\/technical-sessions\/presentation\/hua"},{"key":"e_1_3_2_1_18_1","doi-asserted-by":"publisher","DOI":"10.1109\/tdsc.2016.2622261"},{"key":"e_1_3_2_1_19_1","doi-asserted-by":"publisher","DOI":"10.1145\/2994459.2994470"},{"key":"e_1_3_2_1_20_1","unstructured":"Daniel Komaromy. 2008. Unbox Your Phone. https:\/\/medium.com\/taszksec\/unbox-your-phone-part-iii-7436ffaff7c7."},{"key":"e_1_3_2_1_21_1","unstructured":"laginimaineb. 2015. QSEE privilege escalation vulnerability and exploit. http:\/\/bits-please.blogspot.com\/2016\/05\/qsee-privilege-escalation-vulnerability.html."},{"key":"e_1_3_2_1_22_1","doi-asserted-by":"crossref","unstructured":"Paul Leach Michael Mealling and Rich Salz. 2005. A Universally Unique Identifier (UUID) URN Namespace. https:\/\/datatracker.ietf.org\/doc\/html\/rfc4122","DOI":"10.17487\/rfc4122"},{"key":"e_1_3_2_1_23_1","doi-asserted-by":"publisher","DOI":"10.14722\/ndss.2017.23227"},{"key":"e_1_3_2_1_24_1","first-page":"279","article-title":"lmbench: Portable Tools for Performance Analysis. In USENIX annual technical conference","author":"McVoy Larry W","year":"1996","unstructured":"Larry W McVoy, Carl Staelin, et al.1996. lmbench: Portable Tools for Performance Analysis. In USENIX annual technical conference. San Diego, CA, USA, 279\u2013294.","journal-title":"San Diego, CA, USA"},{"key":"e_1_3_2_1_25_1","unstructured":"Federico Menarini. 2026. Breaking TEE Security Part 2: Exploiting Trusted Applications (TAs). https:\/\/www.riscure.com\/blog\/tee-security-samsung-teegris-part-2."},{"key":"e_1_3_2_1_26_1","unstructured":"MITRE. 2019. CVE-2019-20607. https:\/\/www.cvedetails.com\/cve\/CVE-2019-20607."},{"key":"e_1_3_2_1_27_1","unstructured":"MITRE. 2020. CVE-2020-12752. https:\/\/www.cvedetails.com\/cve\/CVE-2020-12752."},{"key":"e_1_3_2_1_28_1","unstructured":"MITRE. 2021. CVE-2021-1961. https:\/\/www.cvedetails.com\/cve\/CVE-2021-1961."},{"key":"e_1_3_2_1_29_1","unstructured":"MITRE. 2022. cve-2022-22271. https:\/\/www.cvedetails.com\/cve\/CVE-2022-22271."},{"key":"e_1_3_2_1_30_1","unstructured":"MITRE. 2026. Common Vulnerabilities Enumeration. https:\/\/cve.mitre.org\/."},{"key":"e_1_3_2_1_31_1","doi-asserted-by":"publisher","DOI":"10.1109\/CIC.2016.065"},{"key":"e_1_3_2_1_32_1","unstructured":"NXP-IMX. 2018. IMXOP-TEE Test. https:\/\/github.com\/nxp-imx\/imx-optee-test."},{"key":"e_1_3_2_1_33_1","unstructured":"NXP-IMX. 2019. OP-TEE Trusted OS. https:\/\/github.com\/nxp-imx\/imx-optee-os."},{"key":"e_1_3_2_1_34_1","unstructured":"Sandeep Kiran P. 2026. Overseer code repository. https:\/\/github.com\/sandeepkiranp\/overseer."},{"key":"e_1_3_2_1_35_1","doi-asserted-by":"publisher","DOI":"10.1145\/3291047"},{"key":"e_1_3_2_1_36_1","volume-title":"Reflections on Trusting TrustZone. BlackHat USA","author":"Rosenberg Dan","year":"2014","unstructured":"Dan Rosenberg. 2014. Reflections on Trusting TrustZone. BlackHat USA (2014)."},{"key":"e_1_3_2_1_37_1","doi-asserted-by":"publisher","DOI":"10.1145\/361011.361067"},{"key":"e_1_3_2_1_38_1","doi-asserted-by":"crossref","unstructured":"Yan Shoshitaishvili Ruoyu Wang Christopher Salls Nick Stephens Mario Polino Audrey Dutcher John Grosen Siji Feng Christophe Hauser Christopher Kruegel and Giovanni Vigna. 2016. SoK: (State of) The Art of War: Offensive Techniques in Binary Analysis. (2016).","DOI":"10.1109\/SP.2016.17"},{"key":"e_1_3_2_1_39_1","volume-title":"29th { USENIX} Security Symposium ({USENIX} Security 20).","author":"Suciu Darius","unstructured":"Darius Suciu, Stephen McLaughlin, Laurent Simon, and Radu Sion. 2020. Horizontal Privilege Escalation in Trusted Applications. In 29th { USENIX} Security Symposium ({USENIX} Security 20)."},{"key":"e_1_3_2_1_40_1","volume-title":"Radu Sion and Michael Ferdman","author":"Suciu Darius","year":"2022","unstructured":"Darius Suciu, Radu Sion and Michael Ferdman. 2022. AppBastion: Protection from Untrusted Apps and OSes on ARM. In Computer Security - ESORICS 2022, Vijayalakshmi Atluri, Roberto Di Pietro, Christian D. Jensen, and Weizhi Meng (Eds.). Springer Nature Switzerland, Cham, 692\u2013715."},{"key":"e_1_3_2_1_41_1","volume-title":"22nd International Symposium on Research in Attacks, Intrusions and Defenses (RAID 2019","author":"Weiser Samuel","year":"2019","unstructured":"Samuel Weiser, Luca Mayr, Michael Schwarz, and Daniel Gruss. 2019. SGXJail: Defeating Enclave Malware via Confinement. In 22nd International Symposium on Research in Attacks, Intrusions and Defenses (RAID 2019). USENIX Association, Chaoyang District, Beijing, 353\u2013366. https:\/\/www.usenix.org\/conference\/raid2019\/presentation\/weiser"},{"key":"e_1_3_2_1_42_1","unstructured":"Tamir Zahavi-Brunner. 2022. Attacking the Android kernel using the Qualcomm TrustZone. https:\/\/tamirzb.com\/attacking-android-kernel-using-qualcomm-trustzone."},{"key":"e_1_3_2_1_43_1","unstructured":"Thomas M. Zeng. 2012. The Android ION memory allocator. https:\/\/lwn.net\/Articles\/480055\/."},{"key":"e_1_3_2_1_44_1","volume-title":"SHELTER: Extending Arm CCA with Isolation in User Space. In 32nd USENIX Security Symposium (USENIX Security 23)","author":"Zhang Yiming","year":"2023","unstructured":"Yiming Zhang, Yuxin Hu, Zhenyu Ning, Fengwei Zhang, Xiapu Luo, Haoyang Huang, Shoumeng Yan, and Zhengyu He. 2023. SHELTER: Extending Arm CCA with Isolation in User Space. In 32nd USENIX Security Symposium (USENIX Security 23). USENIX Association, Anaheim, CA, 6257\u20136274. https:\/\/www.usenix.org\/conference\/usenixsecurity23\/presentation\/zhang-yiming"}],"event":{"name":"ASIA CCS '26: ACM Asia Conference on Computer and Communications Security","location":"Bangalore India","acronym":"ASIA CCS '26","sponsor":["SIGSAC ACM Special Interest Group on Security, Audit, and Control"]},"container-title":["Proceedings of the ACM Asia Conference on Computer and Communications Security"],"original-title":[],"link":[{"URL":"https:\/\/dl.acm.org\/doi\/pdf\/10.1145\/3779208.3807496","content-type":"application\/pdf","content-version":"vor","intended-application":"syndication"},{"URL":"https:\/\/dl.acm.org\/doi\/pdf\/10.1145\/3779208.3807496","content-type":"unspecified","content-version":"vor","intended-application":"similarity-checking"}],"deposited":{"date-parts":[[2026,6,4]],"date-time":"2026-06-04T15:33:50Z","timestamp":1780587230000},"score":1,"resource":{"primary":{"URL":"https:\/\/dl.acm.org\/doi\/10.1145\/3779208.3807496"}},"subtitle":[],"short-title":[],"issued":{"date-parts":[[2026,6]]},"references-count":44,"alternative-id":["10.1145\/3779208.3807496","10.1145\/3779208"],"URL":"https:\/\/doi.org\/10.1145\/3779208.3807496","relation":{},"subject":[],"published":{"date-parts":[[2026,6]]},"assertion":[{"value":"2026-06-04","order":3,"name":"published","label":"Published","group":{"name":"publication_history","label":"Publication History"}}]}}