{"status":"ok","message-type":"work","message-version":"1.0.0","message":{"indexed":{"date-parts":[[2025,6,4]],"date-time":"2025-06-04T10:40:01Z","timestamp":1749033601259,"version":"3.41.0"},"reference-count":37,"publisher":"Institute of Electronics, Information and Communications Engineers (IEICE)","issue":"8","content-domain":{"domain":[],"crossmark-restriction":false},"short-container-title":["IEICE Trans. Inf. &amp; Syst."],"published-print":{"date-parts":[[2016]]},"DOI":"10.1587\/transinf.2015inp0003","type":"journal-article","created":{"date-parts":[[2016,7,31]],"date-time":"2016-07-31T22:12:32Z","timestamp":1470003152000},"page":"2002-2009","source":"Crossref","is-referenced-by-count":1,"title":["BFWindow: Speculatively Checking Data Property Consistency against Buffer Overflow Attacks"],"prefix":"10.1587","volume":"E99.D","author":[{"given":"Jinli","family":"RAO","sequence":"first","affiliation":[{"name":"School of Optical and Electronic Information, Huazhong University of Science and Technology"}],"role":[{"role":"author","vocabulary":"crossref"}]},{"given":"Zhangqing","family":"HE","sequence":"additional","affiliation":[{"name":"School of Optical and Electronic Information, Huazhong University of Science and Technology"}],"role":[{"role":"author","vocabulary":"crossref"}]},{"given":"Shu","family":"XU","sequence":"additional","affiliation":[{"name":"Science and Technology on Information Assurance Laboratory"}],"role":[{"role":"author","vocabulary":"crossref"}]},{"given":"Kui","family":"DAI","sequence":"additional","affiliation":[{"name":"Institute of National Network Security and Information, Peking University"}],"role":[{"role":"author","vocabulary":"crossref"}]},{"given":"Xuecheng","family":"ZOU","sequence":"additional","affiliation":[{"name":"School of Optical and Electronic Information, Huazhong University of Science and Technology"}],"role":[{"role":"author","vocabulary":"crossref"}]}],"member":"532","reference":[{"key":"1","doi-asserted-by":"crossref","unstructured":"[1] L. Atzori, A. Iera, and G. Morabito, \u201cThe Internet of Things: A survey,\u201d Comput. Netw., vol.54, no.15, pp.2787-2805, 2010.","DOI":"10.1016\/j.comnet.2010.05.010"},{"key":"2","doi-asserted-by":"crossref","unstructured":"[2] J. Gubbi, R. Buyya, S. Marusic, and M. Palaniswami, \u201cInternet of Things (IoT): A vision, architectural elements, and future directions,\u201d Future Generation Computer Systems, vol.29, no.7, pp.1645-1660, 2013.","DOI":"10.1016\/j.future.2013.01.010"},{"key":"3","doi-asserted-by":"crossref","unstructured":"[3] H. Li, M. Dong, and K. Ota,, \u201cRadio Access Network Virtualization for the Social Internet of Things,\u201d IEEE Cloud Computing, vol.2, no.6, pp.42-50, 2015.","DOI":"10.1109\/MCC.2015.114"},{"key":"4","doi-asserted-by":"crossref","unstructured":"[4] J. Wu, M. Dong, K. Ota, L. Liang, and Z. Zhou, \u201cSecuring distributed storage for Social Internet of Things using regenerating code and Blom key agreement,\u201d Peer-to-Peer Networking and Applications, vol.8, no.6 pp.1133-1142, 2015.","DOI":"10.1007\/s12083-014-0286-y"},{"key":"5","doi-asserted-by":"crossref","unstructured":"[5] S.K. Sowe, T. Kimata and M. Dong, and K. Zettsu, \u201cManaging Heterogeneous Sensor Data on a Big Data Platform: IoT Services for Data-Intensive Science,\u201d COMPSAC Workshops, pp.295-300, 2014.","DOI":"10.1109\/COMPSACW.2014.52"},{"key":"6","doi-asserted-by":"crossref","unstructured":"[6] P. Kocher, R. Lee, G. McGraw, and A. Raghunathan, \u201cSecurity as a new dimension in embedded system design,\u201d Proc. 41st annual Design Automation Conference, pp.753-760, 2004.","DOI":"10.1145\/996566.996771"},{"key":"7","doi-asserted-by":"crossref","unstructured":"[7] S. Ravi, A. Raghunathan, P. Kocher, and S. Hattangady, \u201cSecurity in embedded systems: Design challenges,\u201d ACM Trans. Embedded Computing Systems (TECS), vol.3, no.3, pp.461-491, 2004.","DOI":"10.1145\/1015047.1015049"},{"key":"8","unstructured":"[8] M. Dalton, H. Kannan, and C. Kozyrakis, \u201cReal-world buffer overflow protection for userspace and kernelspace,\u201d USENIX Security Symposium, pp.395-410, 2008."},{"key":"9","unstructured":"[9] CERT, OpenSSL heartbleed, https:\/\/www.us-cert.gov\/ncas\/alerts\/TA14-098A, 2014."},{"key":"10","doi-asserted-by":"crossref","unstructured":"[10] G.C. Necula, S. McPeak, and W. Weimer, \u201cCCured: Type-safe retrofitting of legacy code,\u201d ACM SIGPLAN Notices, vol.37, no.1, pp.128-139, 2002.","DOI":"10.1145\/565816.503286"},{"key":"11","unstructured":"[11] O. Ruwase and M.S. Lam, \u201cA practical dynamic buffer overflow detector,\u201d NDSS, pp.159-169, 2004."},{"key":"12","doi-asserted-by":"crossref","unstructured":"[12] P. Akritidis, C. Cadar, C. Raiciu, and M. Castro, \u201cPreventing memory error exploits with WIT,\u201d IEEE Symposium on Security and Privacy, pp.263-277, 2008.","DOI":"10.1109\/SP.2008.30"},{"key":"13","unstructured":"[13] C. Cowan, C. Pu and D. Maier, et al., \u201cStackguard: Automatic adaptive detection and prevention of buffer-overflow attacks,\u201d USENIX Security Symposium, vol.98, pp.63-78, 1998."},{"key":"14","unstructured":"[14] S.S. Vendicator, \u201cA stack smashing technique protection tool for linux,\u201d http:\/\/www.angelfire.com\/sk\/stackshield\/info.html"},{"key":"15","doi-asserted-by":"crossref","unstructured":"[15] M. Tran, M. Etheridge, T. Bletsch, X. Jiang, V. Freeh, and P. Ning, \u201cOn the expressiveness of return-into-libc attacks,\u201d Recent Advances in Intrusion Detection, pp.121-141, Springer, 2011.","DOI":"10.1007\/978-3-642-23644-0_7"},{"key":"16","unstructured":"[16] H. Etoh and K. Yoda, \u201cPropolice: Improved stack-smashing attack detection,\u201d IPSJ SIGNotes Computer Security, 2001."},{"key":"17","unstructured":"[17] NX bit, https:\/\/en.wikipedia.org\/wiki\/NX_bit"},{"key":"18","doi-asserted-by":"crossref","unstructured":"[18] J.P. McGregor, D.K. Karig, Z. Shi, and R.B. Lee, \u201cA processor architecture defense against buffer overflow attacks,\u201d Information Technology: Research and Education, pp.243-250, 2003.","DOI":"10.1109\/ITRE.2003.1270612"},{"key":"19","unstructured":"[19] N. Zeldovich, H. Kannan, M. Dalton, and C. Kozyrakis, \u201cHardware enforcement of application security policies using tagged memory,\u201d OSDI, vol.8, pp.225-240, 2008."},{"key":"20","doi-asserted-by":"crossref","unstructured":"[20] S. Chiricescu, A. DeHon, D. Demange, S. Iyer, A. Kliger, G. Morrisett, B.C. Pierce, H. Reubenstein, J.M. Smith, G.T. Sullivan, A. Thomas, J. Tov, C.M. White, and D. Wittenberg, \u201cSAFE: A clean-slate architecture for secure systems,\u201d IEEE International Conference on Technologies for Homeland Security (HST), pp.570-576, 2013.","DOI":"10.1109\/THS.2013.6699066"},{"key":"21","doi-asserted-by":"crossref","unstructured":"[21] J.R. Crandall and F.T. Chong, \u201cMinos: Control data attack prevention orthogonal to memory model,\u201d MICRO-37, pp.221-232, 2004.","DOI":"10.1109\/MICRO.2004.26"},{"key":"22","doi-asserted-by":"crossref","unstructured":"[22] G.E. Suh, J.W. Lee, D. Zhang, and S. Devadas, \u201cSecure program execution via dynamic information flow tracking,\u201d ACM SIGPLAN Notices, vol.39, no.11, pp.85, 2004.","DOI":"10.1145\/1037187.1024404"},{"key":"23","doi-asserted-by":"crossref","unstructured":"[23] K. Piromsopa and R.J. Enbody, \u201cSecure bit: Transparent, hardware buffer-overflow protection,\u201d IEEE Trans. Dependable and Secure Computing, vol.3, no.4, pp.365-376, 2006.","DOI":"10.1109\/TDSC.2006.56"},{"key":"24","doi-asserted-by":"crossref","unstructured":"[24] S. Nagarakatte, M.M.K. Martin, and S. Zdancewic, \u201cWatchdog: Hardware for Safe and Secure Manual Memory Management and Full Memory Safety,\u201d 39th Annual International Symposium on Computer Architecture, 2012.","DOI":"10.1145\/2366231.2337181"},{"key":"25","unstructured":"[25] Intel, \u201cIntel Architecture Instruction Set Extensions Programming Reference,\u201d 319433-015 edition, 2013."},{"key":"26","doi-asserted-by":"crossref","unstructured":"[26] S. Nagarakatte, M.M.K. Martin, and S. Zdancewic, \u201cWatchdogLite: Hardware-accelerated compiler-based pointer checking,\u201d International Symposium on Code Generation and Optimization, pp175, ACM, 2014.","DOI":"10.1145\/2581122.2544147"},{"key":"27","doi-asserted-by":"crossref","unstructured":"[27] C. Cowan, F. Wagle, C. Pu, S. Beattie, and J. Walpole, \u201cBuffer overflows: Attacks and defenses for the vulnerability of the decade,\u201d DARPA Information Survivability Conference and Exposition, vol.2, pp.119-129, 2000.","DOI":"10.1109\/DISCEX.2000.821514"},{"key":"28","unstructured":"[28] G. Richarte, \u201cFour different tricks to bypass stackshield and stackguard protection,\u201d World Wide Web, 2002."},{"key":"29","unstructured":"[29] Z. Shao, Q. Zhuge, Y. He, and E.H.-M. Sha, \u201cDefending embedded systems against buffer overflow via hardware\/software,\u201d IEEE Computer Security Applications Conference, pp.352-361, 2003."},{"key":"30","unstructured":"[30] S. Jisha, D. Thomas, and S. Jamal, \u201cA categorized survey on buffer overflow countermeasures,\u201d IJARCCE, vol.2, pp2068-2074, 2013."},{"key":"31","unstructured":"[31] A. Baratloo, N. Singh and T.K. Tsai, et al., \u201cTransparent run-time defense against stack-smashing attacks,\u201d USENIX Annual Technical Conference, General Track, pp.251-262, 2000."},{"key":"32","doi-asserted-by":"crossref","unstructured":"[32] G.C. Necula, S. McPeak, S.P. Rahul, and W. Weimer, \u201cCIL: Intermediate language and tools for analysis and transformation of c programs,\u201d Compiler Construction, pp.213-228, Springer, 2002.","DOI":"10.1007\/3-540-45937-5_16"},{"key":"33","doi-asserted-by":"crossref","unstructured":"[33] T. Austin, E. Larson, and D. Ernst, \u201cSimpleScalar: An infrastructure for computer system modeling,\u201d Computer, vol.35, no.2, pp.59-67, 2002.","DOI":"10.1109\/2.982917"},{"key":"34","unstructured":"[34] Intel, \u201cSA-1100 Microprocessor Technical Reference Manual,\u201d 1998."},{"key":"35","unstructured":"[35] Canonical, Ubuntu Wiki, https:\/\/wiki.ubuntu.com\/Security\/Features, 2016."},{"key":"36","doi-asserted-by":"crossref","unstructured":"[36] J. Wilander, N. Nikiforakis, Y. Younan, M. Kamkar, and W. Joosen, \u201cRIPE: runtime intrusion prevention evaluator,\u201d Proc. 27th Annual Computer Security Applications Conference, pp.41-50, ACM, 2011.","DOI":"10.1145\/2076732.2076739"},{"key":"37","doi-asserted-by":"crossref","unstructured":"[37] M.R. Guthaus, J.S. Ringenberg, D. Ernst, T.M. Austin, T. Mudge, and R.B. Brown, \u201cMibench: A free, commercially representative embedded benchmark suite,\u201d Workshop on Workload Characterization, pp.3-14, IEEE, 2001.","DOI":"10.1109\/WWC.2001.990739"}],"container-title":["IEICE Transactions on Information and Systems"],"original-title":[],"language":"en","link":[{"URL":"https:\/\/www.jstage.jst.go.jp\/article\/transinf\/E99.D\/8\/E99.D_2015INP0003\/_pdf","content-type":"unspecified","content-version":"vor","intended-application":"similarity-checking"}],"deposited":{"date-parts":[[2025,6,4]],"date-time":"2025-06-04T10:06:50Z","timestamp":1749031610000},"score":1,"resource":{"primary":{"URL":"https:\/\/www.jstage.jst.go.jp\/article\/transinf\/E99.D\/8\/E99.D_2015INP0003\/_article"}},"subtitle":[],"short-title":[],"issued":{"date-parts":[[2016]]},"references-count":37,"journal-issue":{"issue":"8","published-print":{"date-parts":[[2016]]}},"URL":"https:\/\/doi.org\/10.1587\/transinf.2015inp0003","relation":{},"ISSN":["0916-8532","1745-1361"],"issn-type":[{"type":"print","value":"0916-8532"},{"type":"electronic","value":"1745-1361"}],"subject":[],"published":{"date-parts":[[2016]]}}}