{"id":"https://openalex.org/W4313562895","doi":"https://doi.org/10.1109/itnac55475.2022.9998407","title":"Through the Window: On the exploitability of Xtensa's Register Window Overflow","display_name":"Through the Window: On the exploitability of Xtensa's Register Window Overflow","publication_year":2022,"publication_date":"2022-11-30","ids":{"openalex":"https://openalex.org/W4313562895","doi":"https://doi.org/10.1109/itnac55475.2022.9998407"},"language":"en","primary_location":{"id":"doi:10.1109/itnac55475.2022.9998407","is_oa":false,"landing_page_url":"http://dx.doi.org/10.1109/itnac55475.2022.9998407","pdf_url":null,"source":null,"license":null,"license_id":null,"version":"publishedVersion","is_accepted":true,"is_published":true,"raw_source_name":"2022 32nd International Telecommunication Networks and Applications Conference (ITNAC)","raw_type":"proceedings-article"},"type":"article","indexed_in":["crossref"],"open_access":{"is_oa":false,"oa_status":"closed","oa_url":null,"any_repository_has_fulltext":false},"authorships":[{"author_position":"first","author":{"id":"https://openalex.org/A5086912004","display_name":"Kai Lehniger","orcid":"https://orcid.org/0000-0002-3274-2469"},"institutions":[{"id":"https://openalex.org/I96578850","display_name":"Leibniz Institute for Neurobiology","ror":"https://ror.org/01zwmgk08","country_code":"DE","type":"facility","lineage":["https://openalex.org/I315704651","https://openalex.org/I96578850"]}],"countries":["DE"],"is_corresponding":true,"raw_author_name":"Kai Lehniger","raw_affiliation_strings":["IHP - Leibniz-Institut f&#x00FC; r innovative Mikroelektronik,Frankfurt (Oder),Germany"],"affiliations":[{"raw_affiliation_string":"IHP - Leibniz-Institut f&#x00FC; r innovative Mikroelektronik,Frankfurt (Oder),Germany","institution_ids":["https://openalex.org/I96578850"]}]},{"author_position":"last","author":{"id":"https://openalex.org/A5111235693","display_name":"Peter Langend\u00f6rfer","orcid":null},"institutions":[{"id":"https://openalex.org/I96578850","display_name":"Leibniz Institute for Neurobiology","ror":"https://ror.org/01zwmgk08","country_code":"DE","type":"facility","lineage":["https://openalex.org/I315704651","https://openalex.org/I96578850"]}],"countries":["DE"],"is_corresponding":false,"raw_author_name":"Peter Langendorfer","raw_affiliation_strings":["IHP - Leibniz-Institut f&#x00FC; r innovative Mikroelektronik,Frankfurt (Oder),Germany"],"affiliations":[{"raw_affiliation_string":"IHP - Leibniz-Institut f&#x00FC; r innovative Mikroelektronik,Frankfurt (Oder),Germany","institution_ids":["https://openalex.org/I96578850"]}]}],"institutions":[],"countries_distinct_count":1,"institutions_distinct_count":2,"corresponding_author_ids":["https://openalex.org/A5086912004"],"corresponding_institution_ids":["https://openalex.org/I96578850"],"apc_list":null,"apc_paid":null,"fwci":0.2652,"has_fulltext":false,"cited_by_count":2,"citation_normalized_percentile":{"value":0.63083556,"is_in_top_1_percent":false,"is_in_top_10_percent":false},"cited_by_percentile_year":{"min":94,"max":96},"biblio":{"volume":"49","issue":null,"first_page":"353","last_page":"358"},"is_retracted":false,"is_paratext":false,"is_xpac":false,"primary_topic":{"id":"https://openalex.org/T11424","display_name":"Security and Verification in Computing","score":1.0,"subfield":{"id":"https://openalex.org/subfields/1702","display_name":"Artificial Intelligence"},"field":{"id":"https://openalex.org/fields/17","display_name":"Computer Science"},"domain":{"id":"https://openalex.org/domains/3","display_name":"Physical Sciences"}},"topics":[{"id":"https://openalex.org/T11424","display_name":"Security and Verification in Computing","score":1.0,"subfield":{"id":"https://openalex.org/subfields/1702","display_name":"Artificial Intelligence"},"field":{"id":"https://openalex.org/fields/17","display_name":"Computer Science"},"domain":{"id":"https://openalex.org/domains/3","display_name":"Physical Sciences"}},{"id":"https://openalex.org/T11241","display_name":"Advanced Malware Detection Techniques","score":0.9959999918937683,"subfield":{"id":"https://openalex.org/subfields/1711","display_name":"Signal Processing"},"field":{"id":"https://openalex.org/fields/17","display_name":"Computer Science"},"domain":{"id":"https://openalex.org/domains/3","display_name":"Physical Sciences"}},{"id":"https://openalex.org/T10951","display_name":"Cryptographic Implementations and Security","score":0.9832000136375427,"subfield":{"id":"https://openalex.org/subfields/1702","display_name":"Artificial Intelligence"},"field":{"id":"https://openalex.org/fields/17","display_name":"Computer Science"},"domain":{"id":"https://openalex.org/domains/3","display_name":"Physical Sciences"}}],"keywords":[{"id":"https://openalex.org/keywords/computer-science","display_name":"Computer science","score":0.8049638271331787},{"id":"https://openalex.org/keywords/buffer-overflow","display_name":"Buffer overflow","score":0.8043950796127319},{"id":"https://openalex.org/keywords/exploit","display_name":"Exploit","score":0.7615170478820801},{"id":"https://openalex.org/keywords/window","display_name":"Window (computing)","score":0.6905360221862793},{"id":"https://openalex.org/keywords/countermeasure","display_name":"Countermeasure","score":0.6292630434036255},{"id":"https://openalex.org/keywords/vulnerability","display_name":"Vulnerability (computing)","score":0.5985234975814819},{"id":"https://openalex.org/keywords/microcontroller","display_name":"Microcontroller","score":0.556806743144989},{"id":"https://openalex.org/keywords/overhead","display_name":"Overhead (engineering)","score":0.5298578143119812},{"id":"https://openalex.org/keywords/code-reuse","display_name":"Code reuse","score":0.5246303677558899},{"id":"https://openalex.org/keywords/reuse","display_name":"Reuse","score":0.5217141509056091},{"id":"https://openalex.org/keywords/computer-security","display_name":"Computer security","score":0.4896691143512726},{"id":"https://openalex.org/keywords/embedded-system","display_name":"Embedded system","score":0.4737623333930969},{"id":"https://openalex.org/keywords/code","display_name":"Code (set theory)","score":0.4283802807331085},{"id":"https://openalex.org/keywords/operating-system","display_name":"Operating system","score":0.3704724907875061},{"id":"https://openalex.org/keywords/software","display_name":"Software","score":0.195826917886734},{"id":"https://openalex.org/keywords/engineering","display_name":"Engineering","score":0.12964197993278503},{"id":"https://openalex.org/keywords/programming-language","display_name":"Programming language","score":0.08715856075286865}],"concepts":[{"id":"https://openalex.org/C41008148","wikidata":"https://www.wikidata.org/wiki/Q21198","display_name":"Computer science","level":0,"score":0.8049638271331787},{"id":"https://openalex.org/C40842320","wikidata":"https://www.wikidata.org/wiki/Q19423","display_name":"Buffer overflow","level":2,"score":0.8043950796127319},{"id":"https://openalex.org/C165696696","wikidata":"https://www.wikidata.org/wiki/Q11287","display_name":"Exploit","level":2,"score":0.7615170478820801},{"id":"https://openalex.org/C2778751112","wikidata":"https://www.wikidata.org/wiki/Q835016","display_name":"Window (computing)","level":2,"score":0.6905360221862793},{"id":"https://openalex.org/C21593369","wikidata":"https://www.wikidata.org/wiki/Q1032176","display_name":"Countermeasure","level":2,"score":0.6292630434036255},{"id":"https://openalex.org/C95713431","wikidata":"https://www.wikidata.org/wiki/Q631425","display_name":"Vulnerability (computing)","level":2,"score":0.5985234975814819},{"id":"https://openalex.org/C173018170","wikidata":"https://www.wikidata.org/wiki/Q165678","display_name":"Microcontroller","level":2,"score":0.556806743144989},{"id":"https://openalex.org/C2779960059","wikidata":"https://www.wikidata.org/wiki/Q7113681","display_name":"Overhead (engineering)","level":2,"score":0.5298578143119812},{"id":"https://openalex.org/C2778583558","wikidata":"https://www.wikidata.org/wiki/Q771245","display_name":"Code reuse","level":3,"score":0.5246303677558899},{"id":"https://openalex.org/C206588197","wikidata":"https://www.wikidata.org/wiki/Q846574","display_name":"Reuse","level":2,"score":0.5217141509056091},{"id":"https://openalex.org/C38652104","wikidata":"https://www.wikidata.org/wiki/Q3510521","display_name":"Computer security","level":1,"score":0.4896691143512726},{"id":"https://openalex.org/C149635348","wikidata":"https://www.wikidata.org/wiki/Q193040","display_name":"Embedded system","level":1,"score":0.4737623333930969},{"id":"https://openalex.org/C2776760102","wikidata":"https://www.wikidata.org/wiki/Q5139990","display_name":"Code (set theory)","level":3,"score":0.4283802807331085},{"id":"https://openalex.org/C111919701","wikidata":"https://www.wikidata.org/wiki/Q9135","display_name":"Operating system","level":1,"score":0.3704724907875061},{"id":"https://openalex.org/C2777904410","wikidata":"https://www.wikidata.org/wiki/Q7397","display_name":"Software","level":2,"score":0.195826917886734},{"id":"https://openalex.org/C127413603","wikidata":"https://www.wikidata.org/wiki/Q11023","display_name":"Engineering","level":0,"score":0.12964197993278503},{"id":"https://openalex.org/C199360897","wikidata":"https://www.wikidata.org/wiki/Q9143","display_name":"Programming language","level":1,"score":0.08715856075286865},{"id":"https://openalex.org/C177264268","wikidata":"https://www.wikidata.org/wiki/Q1514741","display_name":"Set (abstract data type)","level":2,"score":0.0},{"id":"https://openalex.org/C548081761","wikidata":"https://www.wikidata.org/wiki/Q180388","display_name":"Waste management","level":1,"score":0.0},{"id":"https://openalex.org/C146978453","wikidata":"https://www.wikidata.org/wiki/Q3798668","display_name":"Aerospace engineering","level":1,"score":0.0}],"mesh":[],"locations_count":1,"locations":[{"id":"doi:10.1109/itnac55475.2022.9998407","is_oa":false,"landing_page_url":"http://dx.doi.org/10.1109/itnac55475.2022.9998407","pdf_url":null,"source":null,"license":null,"license_id":null,"version":"publishedVersion","is_accepted":true,"is_published":true,"raw_source_name":"2022 32nd International Telecommunication Networks and Applications Conference (ITNAC)","raw_type":"proceedings-article"}],"best_oa_location":null,"sustainable_development_goals":[{"score":0.7200000286102295,"display_name":"Peace, Justice and strong institutions","id":"https://metadata.un.org/sdg/16"}],"awards":[{"id":"https://openalex.org/G6607199070","display_name":null,"funder_award_id":"01IS18065E","funder_id":"https://openalex.org/F4320321114","funder_display_name":"Bundesministerium f\u00fcr Bildung und Forschung"}],"funders":[{"id":"https://openalex.org/F4320321114","display_name":"Bundesministerium f\u00fcr Bildung und Forschung","ror":"https://ror.org/04pz7b180"}],"has_content":{"pdf":false,"grobid_xml":false},"content_urls":null,"referenced_works_count":19,"referenced_works":["https://openalex.org/W2039789481","https://openalex.org/W2159059513","https://openalex.org/W2162800072","https://openalex.org/W2172131317","https://openalex.org/W2180474751","https://openalex.org/W2293825325","https://openalex.org/W2350778671","https://openalex.org/W2714546933","https://openalex.org/W2809973595","https://openalex.org/W2883468219","https://openalex.org/W2945027685","https://openalex.org/W2978757628","https://openalex.org/W3087256628","https://openalex.org/W3092071423","https://openalex.org/W4242125305","https://openalex.org/W4281896075","https://openalex.org/W6636991409","https://openalex.org/W6768779726","https://openalex.org/W6838437497"],"related_works":["https://openalex.org/W4316095964","https://openalex.org/W2479612266","https://openalex.org/W2378749186","https://openalex.org/W2364088131","https://openalex.org/W2180474751","https://openalex.org/W2362741838","https://openalex.org/W622044715","https://openalex.org/W2383001583","https://openalex.org/W2047431599","https://openalex.org/W2765589163"],"abstract_inverted_index":{"While":[0],"the":[1,9,11,18,28,39,55,97,105],"name":[2],"Xtensa":[3,62],"is":[4,76,111],"still":[5],"mostly":[6],"unknown":[7],"to":[8,65,80,95,102],"public,":[10],"architecture":[12],"plays":[13],"a":[14,49,84,109,114],"big":[15],"role":[16],"in":[17,27,118],"field":[19],"of":[20,22,30,44,60],"Internet":[21],"Things":[23],"(IoT),":[24],"be":[25],"it":[26],"form":[29],"custom":[31],"designs":[32],"or":[33],"broadly":[34],"used":[35,41],"microcontrollers":[36],"such":[37],"as":[38],"ESP32":[40],"inside":[42],"millions":[43],"devices.":[45],"This":[46],"paper":[47],"describes":[48],"newly":[50],"discovered":[51],"vulnerability":[52],"that":[53,78],"uses":[54],"window":[56],"overflow":[57],"exception":[58],"handlers":[59],"an":[61,74],"LX":[63],"processor":[64],"leak":[66],"and":[67,92],"manipulate":[68],"data.":[69],"To":[70],"show":[71],"its":[72],"severity,":[73],"exploit":[75],"demonstrated":[77],"allows":[79],"disable":[81],"Stack":[82],"Canaries,":[83],"common":[85],"protection":[86],"against":[87],"stack":[88],"buffer":[89],"overflows.":[90],"Requirements":[91],"potential":[93],"possibilities":[94],"escalate":[96],"vulnerability,":[98],"including":[99],"code-reuse":[100],"attacks":[101],"completely":[103],"compromise":[104],"attacked":[106],"device.":[107],"Finally,":[108],"countermeasure":[110],"introduced":[112],"with":[113],"<0.5%":[115],"runtime":[116],"overhead":[117],"our":[119],"worst-case":[120],"scenario.":[121]},"counts_by_year":[{"year":2023,"cited_by_count":2}],"updated_date":"2025-12-23T23:11:35.936235","created_date":"2025-10-10T00:00:00"}