{"status":"ok","message-type":"work","message-version":"1.0.0","message":{"indexed":{"date-parts":[[2026,7,1]],"date-time":"2026-07-01T06:57:53Z","timestamp":1782889073690,"version":"3.54.5"},"publisher-location":"New York, NY, USA","reference-count":68,"publisher":"ACM","license":[{"start":{"date-parts":[[2026,6,30]],"date-time":"2026-06-30T00:00:00Z","timestamp":1782777600000},"content-version":"vor","delay-in-days":0,"URL":"https:\/\/creativecommons.org\/licenses\/by\/4.0\/legalcode"}],"content-domain":{"domain":["dl.acm.org"],"crossmark-restriction":true},"short-container-title":[],"published-print":{"date-parts":[[2026,6,30]]},"DOI":"10.1145\/3805773.3805994","type":"proceedings-article","created":{"date-parts":[[2026,7,1]],"date-time":"2026-07-01T05:20:41Z","timestamp":1782883241000},"page":"30-43","update-policy":"https:\/\/doi.org\/10.1145\/crossmark-policy","source":"Crossref","is-referenced-by-count":0,"title":["CFIghter: Automated Control-Flow Integrity Enablement and Evaluation for Legacy C\/C++ Systems"],"prefix":"10.1145","author":[{"ORCID":"https:\/\/orcid.org\/0000-0002-7679-0796","authenticated-orcid":false,"given":"Sabine","family":"Houy","sequence":"first","affiliation":[{"name":"Ume\u00e5 University, Ume\u00e5, Sweden"}],"role":[{"vocabulary":"crossref","role":"author"}]},{"ORCID":"https:\/\/orcid.org\/0009-0004-2456-895X","authenticated-orcid":false,"given":"Bruno","family":"Kreyssig","sequence":"additional","affiliation":[{"name":"Ume\u00e5 University, Ume\u00e5, Sweden"}],"role":[{"vocabulary":"crossref","role":"author"}]},{"ORCID":"https:\/\/orcid.org\/0000-0003-1383-0372","authenticated-orcid":false,"given":"Alexandre","family":"Bartel","sequence":"additional","affiliation":[{"name":"Ume\u00e5 University, Ume\u00e5, Sweden"}],"role":[{"vocabulary":"crossref","role":"author"}]}],"member":"320","published-online":{"date-parts":[[2026,6,30]]},"reference":[{"key":"e_1_3_2_1_1_1","doi-asserted-by":"publisher","DOI":"10.1145\/1609956.1609960"},{"key":"e_1_3_2_1_2_1","volume-title":"DCtheGeek, drewbatgit, knicholasa, ErikSwan, mijacobs, msatranjr.","year":"2024","unstructured":"alvinashcraft, alexbuckgit, mattwojo, v-kents, DCtheGeek, drewbatgit, knicholasa, ErikSwan, mijacobs, msatranjr. 2024. Control Flow Guard for platform security -Win32 apps | Microsoft Learn. https:\/\/learn.microsoft.com\/enus\/windows\/win32\/secbp\/control-flow-guard. Accessed 2025-10-03."},{"key":"e_1_3_2_1_3_1","unstructured":"AOSP | Android Open-Source Project. 2024. Control Flow Integrity | Android Open Source Project. https:\/\/source.android.com\/docs\/security\/test\/cfi. Accessed 2025-10-03."},{"key":"e_1_3_2_1_4_1","unstructured":"Apple Developer. 2024. Improving control flow integrity with pointer authentication | Apple Developer. https:\/\/developer.apple.com\/documentation\/ browserenginekit\/improving-control-flow-integrity-with-pointerauthentication. Accessed 2025-10-03."},{"key":"e_1_3_2_1_5_1","unstructured":"ARM Developers. [n. d.]."},{"key":"e_1_3_2_1_6_1","unstructured":"Armv8.1-M PACBTI Extensions. https: \/\/developer.arm.com\/documentation\/109576\/0100\/Pointer-Authentication- Code\/Introduction-to-PAC. Accessed 2025-10-03."},{"key":"e_1_3_2_1_7_1","doi-asserted-by":"publisher","DOI":"10.1145\/3607199.3607239"},{"key":"e_1_3_2_1_8_1","first-page":"189","volume-title":"18th USENIX WOOT Conference on Offensive Technologies (WOOT 24)","author":"Becker Lucas","year":"2024","unstructured":"Lucas Becker, Matthias Hollick, and Jiska Classen. 2024. {SoK}: On the Effectiveness of {Control-Flow} Integrity in Practice. In 18th USENIX WOOT Conference on Offensive Technologies (WOOT 24). 189-209."},{"key":"e_1_3_2_1_9_1","unstructured":"Bugzilla. 2009. 510629 -(cfi)[meta] Ship Control Flow Integrity. https:\/\/bugzilla. mozilla.org\/show_bug.cgi?id=510629. Accessed 2025-10-03."},{"key":"e_1_3_2_1_10_1","doi-asserted-by":"publisher","DOI":"10.1145\/3054924"},{"key":"e_1_3_2_1_11_1","doi-asserted-by":"publisher","DOI":"10.1145\/3196494.3196540"},{"key":"e_1_3_2_1_12_1","doi-asserted-by":"publisher","DOI":"10.1109\/SP.2019.00076"},{"key":"e_1_3_2_1_13_1","first-page":"161","volume-title":"24th USENIX Security Symposium (USENIX Security 15)","author":"Carlini Nicholas","year":"2015","unstructured":"Nicholas Carlini, Antonio Barresi, Mathias Payer, David Wagner, and Thomas R Gross. 2015. {Control-Flow} bending: On the effectiveness of {Control-Flow} integrity. In 24th USENIX Security Symposium (USENIX Security 15). 161-176."},{"key":"e_1_3_2_1_14_1","unstructured":"Chris Rohlf. 2019. Root Cause. https:\/\/secure.dev\/cross_dso_cfi.html. Accessed 2025-11-10."},{"key":"e_1_3_2_1_15_1","doi-asserted-by":"publisher","DOI":"10.1145\/2857705.2857722"},{"key":"e_1_3_2_1_16_1","doi-asserted-by":"publisher","DOI":"10.1145\/2810103.2813671"},{"key":"e_1_3_2_1_17_1","doi-asserted-by":"publisher","DOI":"10.1145\/2714576.2714635"},{"key":"e_1_3_2_1_18_1","doi-asserted-by":"publisher","DOI":"10.1145\/2593069.2596656"},{"key":"e_1_3_2_1_19_1","doi-asserted-by":"publisher","DOI":"10.1109\/SP40000.2020.00009"},{"key":"e_1_3_2_1_20_1","doi-asserted-by":"publisher","DOI":"10.1145\/3731598"},{"key":"e_1_3_2_1_21_1","doi-asserted-by":"publisher","DOI":"10.1145\/2810103.2813646"},{"key":"e_1_3_2_1_22_1","doi-asserted-by":"publisher","DOI":"10.1145\/3274694.3274739"},{"key":"e_1_3_2_1_23_1","volume-title":"SAGE: whitebox fuzzing for security testing. SAGE 10, 1","author":"Fuzzing Introducing Whitebox","year":"2012","unstructured":"Introducing Whitebox Fuzzing. 2012. SAGE: whitebox fuzzing for security testing. SAGE 10, 1 (2012)."},{"key":"e_1_3_2_1_24_1","unstructured":"GNU. 2026. Coreutils -GNU core utilities. https:\/\/www.gnu.org\/software\/ coreutils\/. Accessed 2026-01-28 version 9.6.43-47204."},{"key":"e_1_3_2_1_25_1","unstructured":"GNU. 2026. diffutils.git -GNU diff and patch utilities. https:\/\/cgit.git.savannah. gnu.org\/cgit\/diffutils.git. Accessed 2026-01-28 version 3.11.8-362a."},{"key":"e_1_3_2_1_26_1","unstructured":"GNU. 2026. findutils.git -GNU diff and patch utilities. https:\/\/cgit.git.savannah. gnu.org\/cgit\/findutils.git. Accessed 2026-01-28 version 4.10.0.42-faa1-dirty."},{"key":"e_1_3_2_1_27_1","doi-asserted-by":"publisher","DOI":"10.1109\/SP.2014.43"},{"key":"e_1_3_2_1_28_1","doi-asserted-by":"publisher","DOI":"10.1145\/2976749.2978405"},{"key":"e_1_3_2_1_29_1","doi-asserted-by":"publisher","DOI":"10.1109\/SecDev61143.2024.00020"},{"key":"e_1_3_2_1_30_1","doi-asserted-by":"publisher","DOI":"10.1145\/3702982"},{"key":"e_1_3_2_1_31_1","doi-asserted-by":"crossref","unstructured":"Sabine Houy Bruno Kreyssig Timoth\u00e9e Riom Alexandre Bartel and Patrick McDaniel. 2025. SoK: A Practical Guideline and Taxonomy to LLVM's Control Flow Integrity. (2025).","DOI":"10.1109\/SecDev66745.2025.00024"},{"key":"e_1_3_2_1_32_1","unstructured":"intel. 2020. A Technical Look at Intel's Control-flow Enforcement Technology. https:\/\/www.intel.com\/content\/www\/us\/en\/developer\/articles\/technical\/ technical-look-control-flow-enforcement-technology.html. Accessed 2025-11- 03."},{"key":"e_1_3_2_1_33_1","doi-asserted-by":"crossref","unstructured":"Dongseok Jang Zachary Tatlock and Sorin Lerner. 2014. SafeDispatch: Securing C++ Virtual Calls from Memory Corruption Attacks.. In NDSS.","DOI":"10.14722\/ndss.2014.23287"},{"key":"e_1_3_2_1_34_1","unstructured":"Max Kellermann. 2022. The Dirty Pipe Vulnerability. https:\/\/dirtypipe.cm4all. com\/. Accessed 2025-11-07."},{"key":"e_1_3_2_1_35_1","doi-asserted-by":"publisher","DOI":"10.1145\/3372297.3417867"},{"key":"e_1_3_2_1_36_1","doi-asserted-by":"publisher","DOI":"10.1145\/3316781.3322469"},{"key":"e_1_3_2_1_37_1","doi-asserted-by":"publisher","DOI":"10.1145\/3468264.3473932"},{"key":"e_1_3_2_1_38_1","doi-asserted-by":"publisher","DOI":"10.1145\/3052973.3053014"},{"key":"e_1_3_2_1_39_1","doi-asserted-by":"publisher","DOI":"10.1016\/j.asoc.2024.112528"},{"key":"e_1_3_2_1_40_1","doi-asserted-by":"publisher","DOI":"10.1145\/3359789.3359806"},{"key":"e_1_3_2_1_41_1","doi-asserted-by":"publisher","DOI":"10.1145\/503272.503286"},{"key":"e_1_3_2_1_42_1","doi-asserted-by":"publisher","DOI":"10.1145\/2594291.2594295"},{"key":"e_1_3_2_1_43_1","doi-asserted-by":"publisher","DOI":"10.1145\/2660267.2660281"},{"key":"e_1_3_2_1_44_1","doi-asserted-by":"publisher","DOI":"10.1145\/2810103.2813644"},{"key":"e_1_3_2_1_45_1","unstructured":"Serge Guelton. 2021. Identifying and resolving a compiler issue | Red Hat Developer. https:\/\/developers.redhat.com\/articles\/2021\/10\/27\/compiler-option-hiddenvisibility-and-weak-symbol-walk-bar#. Accessed 2025-10-03."},{"key":"e_1_3_2_1_46_1","doi-asserted-by":"publisher","DOI":"10.1109\/ACCESS.2022.3226269"},{"key":"e_1_3_2_1_47_1","doi-asserted-by":"publisher","DOI":"10.1109\/SP.2013.45"},{"key":"e_1_3_2_1_48_1","unstructured":"Stephen R\u00f6ttger. 2023. Control Flow Integrity in V8 \u2022 V8. https:\/\/v8.dev\/blog\/ control-flow-integrity. Accessed 2025-11-17."},{"key":"e_1_3_2_1_49_1","doi-asserted-by":"publisher","DOI":"10.1145\/3139337.3139339"},{"key":"e_1_3_2_1_50_1","unstructured":"GNU Compiler Collection team. 2025. Vtable Verification Feature Proposal. https:\/\/docs.google.com\/document\/d\/ 1EsIEkOUHMrTmgRnFNEe9ZupXPYq1wPliuFQB3GPJtzs\/pub. Accessed 2025-10-03."},{"key":"e_1_3_2_1_51_1","unstructured":"GNU Compiler Collection team. 2025. Vtable Verification User's Guide. https:\/\/docs.google.com\/document\/d\/1wN-uygC0hicLe1dyAGCvtn_ tJhnwFer0Nsy56b84doY\/pub. Accessed 2025-10-03."},{"key":"e_1_3_2_1_52_1","unstructured":"Radare2 Team. 2017. Radare2 Book. GitHub. Accessed 2025-11-17."},{"key":"e_1_3_2_1_53_1","unstructured":"Radare2 Team. 2017. Radare2 GitHub repository. https:\/\/github.com\/radare\/ radare2. Accessed 2025-11-17."},{"key":"e_1_3_2_1_54_1","unstructured":"The Clang Team. 2024. Control Flow Integrity -Clang 15.0.0.git documentation. https:\/\/clang.llvm.org\/docs\/ControlFlowIntegrity.html. Accessed 2025-10-03."},{"key":"e_1_3_2_1_55_1","unstructured":"The Clang Team. 2025. Control Flow Integrity Design Documentation. https: \/\/clang.llvm.org\/docs\/ControlFlowIntegrityDesign.html. Accessed 2025-10-03."},{"key":"e_1_3_2_1_56_1","unstructured":"The Chromium Projects. 2023. Control Flow Integrity. https:\/\/www.chromium. org\/developers\/testing\/control-flow-integrity\/. Accessed 2025-10-03."},{"key":"e_1_3_2_1_57_1","unstructured":"The Clang Team. [n. d.]."},{"key":"e_1_3_2_1_58_1","unstructured":"LTO Visibility -Clang 22.0.0git documentation. https: \/\/clang.llvm.org\/docs\/LTOVisibility.html. Accessed 2025-10-03."},{"key":"e_1_3_2_1_59_1","unstructured":"The Clang Team. [n. d.]."},{"key":"e_1_3_2_1_60_1","unstructured":"ShadowCallStack -Clang 22.0.0git documentation. https:\/\/clang.llvm.org\/docs\/ShadowCallStack.html. Accessed 2025-10-03."},{"key":"e_1_3_2_1_61_1","volume-title":"23rd USENIX security symposium (USENIX security 14). 941-955.","author":"Tice Caroline","unstructured":"Caroline Tice, Tom Roeder, Peter Collingbourne, Stephen Checkoway, \u00dalfar Erlingsson, Luis Lozano, and Geoff Pike. 2014. Enforcing {Forward-Edge} {Control- Flow} integrity in {GCC} & {LLVM}. In 23rd USENIX security symposium (USENIX security 14). 941-955."},{"key":"e_1_3_2_1_62_1","doi-asserted-by":"publisher","DOI":"10.1109\/SP.2016.60"},{"key":"e_1_3_2_1_63_1","unstructured":"GCC Wiki. 2025. vtv -GCC Wiki. https:\/\/gcc.gnu.org\/wiki\/vtv. Accessed 2025-10-03."},{"key":"e_1_3_2_1_64_1","doi-asserted-by":"publisher","DOI":"10.1109\/ICSM.2013.93"},{"key":"e_1_3_2_1_65_1","volume-title":"28th USENIX Security Symposium (USENIX Security 19)","author":"Xu Xiaoyang","year":"2019","unstructured":"Xiaoyang Xu, Masoud Ghaffarinia, Wenhao Wang, Kevin W Hamlen, and Zhiqiang Lin. 2019. CONFIRM: Evaluating compatibility and relevance of controlflow integrity protections for modern software. In 28th USENIX Security Symposium (USENIX Security 19). 1805-1821."},{"key":"e_1_3_2_1_66_1","unstructured":"Karel Zak Zami Kerola and Masatake Yamato. 2026. https:\/\/cgit.git.savannah.gnu.org\/cgit\/findutils.git. https:\/\/github.com\/utillinux\/util-linux. Accessed 2026-01-28 version v2.42-start-826."},{"key":"e_1_3_2_1_67_1","doi-asserted-by":"publisher","DOI":"10.1109\/32.988498"},{"key":"e_1_3_2_1_68_1","doi-asserted-by":"publisher","DOI":"10.1145\/2818000.2818016"}],"event":{"name":"SecDev '26: 2026 ACM Secure Development Conference","location":"Montreal QC Canada","acronym":"SecDev '26","sponsor":["SIGSOFT ACM Special Interest Group on Software Engineering"]},"container-title":["Proceedings of the 2026 ACM Secure Development Conference"],"original-title":[],"link":[{"URL":"https:\/\/dl.acm.org\/doi\/pdf\/10.1145\/3805773.3805994","content-type":"unspecified","content-version":"vor","intended-application":"similarity-checking"}],"deposited":{"date-parts":[[2026,7,1]],"date-time":"2026-07-01T05:22:36Z","timestamp":1782883356000},"score":1,"resource":{"primary":{"URL":"https:\/\/dl.acm.org\/doi\/10.1145\/3805773.3805994"}},"subtitle":[],"short-title":[],"issued":{"date-parts":[[2026,6,30]]},"references-count":68,"alternative-id":["10.1145\/3805773.3805994","10.1145\/3805773"],"URL":"https:\/\/doi.org\/10.1145\/3805773.3805994","relation":{},"subject":[],"published":{"date-parts":[[2026,6,30]]},"assertion":[{"value":"2026-06-30","order":3,"name":"published","label":"Published","group":{"name":"publication_history","label":"Publication History"}}]}}