{"id":"https://openalex.org/W2072102701","doi":"https://doi.org/10.1145/2810103.2813646","title":"Control Jujutsu","display_name":"Control Jujutsu","publication_year":2015,"publication_date":"2015-10-06","ids":{"openalex":"https://openalex.org/W2072102701","doi":"https://doi.org/10.1145/2810103.2813646","mag":"2072102701"},"language":"en","primary_location":{"id":"doi:10.1145/2810103.2813646","is_oa":false,"landing_page_url":"https://doi.org/10.1145/2810103.2813646","pdf_url":null,"source":null,"license":null,"license_id":null,"version":"publishedVersion","is_accepted":true,"is_published":true,"raw_source_name":"Proceedings of the 22nd ACM SIGSAC Conference on Computer and Communications Security","raw_type":"proceedings-article"},"type":"article","indexed_in":["crossref"],"open_access":{"is_oa":false,"oa_status":"closed","oa_url":null,"any_repository_has_fulltext":false},"authorships":[{"author_position":"first","author":{"id":"https://openalex.org/A5067349317","display_name":"Isaac Evans","orcid":null},"institutions":[{"id":"https://openalex.org/I4210122954","display_name":"MIT Lincoln Laboratory","ror":"https://ror.org/022z6jk58","country_code":"US","type":"facility","lineage":["https://openalex.org/I4210122954","https://openalex.org/I63966007"]}],"countries":["US"],"is_corresponding":true,"raw_author_name":"Isaac Evans","raw_affiliation_strings":["MIT Lincoln Laboratory, Lincoln, MA, USA"],"affiliations":[{"raw_affiliation_string":"MIT Lincoln Laboratory, Lincoln, MA, USA","institution_ids":["https://openalex.org/I4210122954"]}]},{"author_position":"middle","author":{"id":"https://openalex.org/A5080879279","display_name":"Fan Long","orcid":"https://orcid.org/0000-0001-7973-1188"},"institutions":[],"countries":[],"is_corresponding":false,"raw_author_name":"Fan Long","raw_affiliation_strings":["MIT CSAIL, Cambridge, MA, USA"],"affiliations":[{"raw_affiliation_string":"MIT CSAIL, Cambridge, MA, USA","institution_ids":[]}]},{"author_position":"middle","author":{"id":"https://openalex.org/A5036928039","display_name":"Ulziibayar Otgonbaatar","orcid":null},"institutions":[],"countries":[],"is_corresponding":false,"raw_author_name":"Ulziibayar Otgonbaatar","raw_affiliation_strings":["MIT CSAIL, Cambridge, MA, USA"],"affiliations":[{"raw_affiliation_string":"MIT CSAIL, Cambridge, MA, USA","institution_ids":[]}]},{"author_position":"middle","author":{"id":"https://openalex.org/A5046588386","display_name":"Howard Shrobe","orcid":"https://orcid.org/0000-0003-0323-4606"},"institutions":[],"countries":[],"is_corresponding":false,"raw_author_name":"Howard Shrobe","raw_affiliation_strings":["MIT CSAIL, Cambridge, MA, USA"],"affiliations":[{"raw_affiliation_string":"MIT CSAIL, Cambridge, MA, USA","institution_ids":[]}]},{"author_position":"middle","author":{"id":"https://openalex.org/A5045127387","display_name":"Martin Rinard","orcid":"https://orcid.org/0000-0001-8095-8523"},"institutions":[],"countries":[],"is_corresponding":false,"raw_author_name":"Martin Rinard","raw_affiliation_strings":["MIT CSAIL, Cambridge, MA, USA"],"affiliations":[{"raw_affiliation_string":"MIT CSAIL, Cambridge, MA, USA","institution_ids":[]}]},{"author_position":"middle","author":{"id":"https://openalex.org/A5033661137","display_name":"Hamed Okhravi","orcid":"https://orcid.org/0000-0003-1450-3744"},"institutions":[{"id":"https://openalex.org/I4210122954","display_name":"MIT Lincoln Laboratory","ror":"https://ror.org/022z6jk58","country_code":"US","type":"facility","lineage":["https://openalex.org/I4210122954","https://openalex.org/I63966007"]}],"countries":["US"],"is_corresponding":false,"raw_author_name":"Hamed Okhravi","raw_affiliation_strings":["MIT Lincoln Laboratory, Lincoln, MA, USA"],"affiliations":[{"raw_affiliation_string":"MIT Lincoln Laboratory, Lincoln, MA, USA","institution_ids":["https://openalex.org/I4210122954"]}]},{"author_position":"last","author":{"id":"https://openalex.org/A5083030323","display_name":"Stelios Sidiroglou-Douskos","orcid":null},"institutions":[],"countries":[],"is_corresponding":false,"raw_author_name":"Stelios Sidiroglou-Douskos","raw_affiliation_strings":["MIT CSAIL, Cambridge, MA, USA"],"affiliations":[{"raw_affiliation_string":"MIT CSAIL, Cambridge, MA, USA","institution_ids":[]}]}],"institutions":[],"countries_distinct_count":1,"institutions_distinct_count":7,"corresponding_author_ids":["https://openalex.org/A5067349317"],"corresponding_institution_ids":["https://openalex.org/I4210122954"],"apc_list":null,"apc_paid":null,"fwci":33.0219,"has_fulltext":false,"cited_by_count":171,"citation_normalized_percentile":{"value":0.99712577,"is_in_top_1_percent":true,"is_in_top_10_percent":true},"cited_by_percentile_year":{"min":97,"max":100},"biblio":{"volume":null,"issue":null,"first_page":"901","last_page":"913"},"is_retracted":false,"is_paratext":false,"is_xpac":false,"primary_topic":{"id":"https://openalex.org/T11424","display_name":"Security and Verification in Computing","score":0.9998999834060669,"subfield":{"id":"https://openalex.org/subfields/1702","display_name":"Artificial Intelligence"},"field":{"id":"https://openalex.org/fields/17","display_name":"Computer Science"},"domain":{"id":"https://openalex.org/domains/3","display_name":"Physical Sciences"}},"topics":[{"id":"https://openalex.org/T11424","display_name":"Security and Verification in Computing","score":0.9998999834060669,"subfield":{"id":"https://openalex.org/subfields/1702","display_name":"Artificial Intelligence"},"field":{"id":"https://openalex.org/fields/17","display_name":"Computer Science"},"domain":{"id":"https://openalex.org/domains/3","display_name":"Physical Sciences"}},{"id":"https://openalex.org/T10478","display_name":"Diamond and Carbon-based Materials Research","score":0.9907000064849854,"subfield":{"id":"https://openalex.org/subfields/2505","display_name":"Materials Chemistry"},"field":{"id":"https://openalex.org/fields/25","display_name":"Materials Science"},"domain":{"id":"https://openalex.org/domains/3","display_name":"Physical Sciences"}},{"id":"https://openalex.org/T11241","display_name":"Advanced Malware Detection Techniques","score":0.9897000193595886,"subfield":{"id":"https://openalex.org/subfields/1711","display_name":"Signal Processing"},"field":{"id":"https://openalex.org/fields/17","display_name":"Computer Science"},"domain":{"id":"https://openalex.org/domains/3","display_name":"Physical Sciences"}}],"keywords":[{"id":"https://openalex.org/keywords/computer-science","display_name":"Computer science","score":0.8605043888092041},{"id":"https://openalex.org/keywords/exploit","display_name":"Exploit","score":0.7552461624145508},{"id":"https://openalex.org/keywords/control-flow","display_name":"Control flow","score":0.6842907667160034},{"id":"https://openalex.org/keywords/static-analysis","display_name":"Static analysis","score":0.6704761981964111},{"id":"https://openalex.org/keywords/scalability","display_name":"Scalability","score":0.6129594445228577},{"id":"https://openalex.org/keywords/construct","display_name":"Construct (python library)","score":0.6016516089439392},{"id":"https://openalex.org/keywords/call-stack","display_name":"Call stack","score":0.5514489412307739},{"id":"https://openalex.org/keywords/control-flow-graph","display_name":"Control flow graph","score":0.4876367151737213},{"id":"https://openalex.org/keywords/overhead","display_name":"Overhead (engineering)","score":0.44893938302993774},{"id":"https://openalex.org/keywords/memory-safety","display_name":"Memory safety","score":0.4222826659679413},{"id":"https://openalex.org/keywords/computer-security","display_name":"Computer security","score":0.3962166905403137},{"id":"https://openalex.org/keywords/distributed-computing","display_name":"Distributed computing","score":0.3474002480506897},{"id":"https://openalex.org/keywords/programming-language","display_name":"Programming language","score":0.2403501570224762},{"id":"https://openalex.org/keywords/operating-system","display_name":"Operating system","score":0.2377488911151886},{"id":"https://openalex.org/keywords/stack","display_name":"Stack (abstract data type)","score":0.18908217549324036}],"concepts":[{"id":"https://openalex.org/C41008148","wikidata":"https://www.wikidata.org/wiki/Q21198","display_name":"Computer science","level":0,"score":0.8605043888092041},{"id":"https://openalex.org/C165696696","wikidata":"https://www.wikidata.org/wiki/Q11287","display_name":"Exploit","level":2,"score":0.7552461624145508},{"id":"https://openalex.org/C160191386","wikidata":"https://www.wikidata.org/wiki/Q868299","display_name":"Control flow","level":2,"score":0.6842907667160034},{"id":"https://openalex.org/C97686452","wikidata":"https://www.wikidata.org/wiki/Q7604153","display_name":"Static analysis","level":2,"score":0.6704761981964111},{"id":"https://openalex.org/C48044578","wikidata":"https://www.wikidata.org/wiki/Q727490","display_name":"Scalability","level":2,"score":0.6129594445228577},{"id":"https://openalex.org/C2780801425","wikidata":"https://www.wikidata.org/wiki/Q5164392","display_name":"Construct (python library)","level":2,"score":0.6016516089439392},{"id":"https://openalex.org/C119024030","wikidata":"https://www.wikidata.org/wiki/Q759899","display_name":"Call stack","level":3,"score":0.5514489412307739},{"id":"https://openalex.org/C27458966","wikidata":"https://www.wikidata.org/wiki/Q1187693","display_name":"Control flow graph","level":2,"score":0.4876367151737213},{"id":"https://openalex.org/C2779960059","wikidata":"https://www.wikidata.org/wiki/Q7113681","display_name":"Overhead (engineering)","level":2,"score":0.44893938302993774},{"id":"https://openalex.org/C28180684","wikidata":"https://www.wikidata.org/wiki/Q4080983","display_name":"Memory safety","level":3,"score":0.4222826659679413},{"id":"https://openalex.org/C38652104","wikidata":"https://www.wikidata.org/wiki/Q3510521","display_name":"Computer security","level":1,"score":0.3962166905403137},{"id":"https://openalex.org/C120314980","wikidata":"https://www.wikidata.org/wiki/Q180634","display_name":"Distributed computing","level":1,"score":0.3474002480506897},{"id":"https://openalex.org/C199360897","wikidata":"https://www.wikidata.org/wiki/Q9143","display_name":"Programming language","level":1,"score":0.2403501570224762},{"id":"https://openalex.org/C111919701","wikidata":"https://www.wikidata.org/wiki/Q9135","display_name":"Operating system","level":1,"score":0.2377488911151886},{"id":"https://openalex.org/C9395851","wikidata":"https://www.wikidata.org/wiki/Q177929","display_name":"Stack (abstract data type)","level":2,"score":0.18908217549324036},{"id":"https://openalex.org/C2777904410","wikidata":"https://www.wikidata.org/wiki/Q7397","display_name":"Software","level":2,"score":0.0}],"mesh":[],"locations_count":1,"locations":[{"id":"doi:10.1145/2810103.2813646","is_oa":false,"landing_page_url":"https://doi.org/10.1145/2810103.2813646","pdf_url":null,"source":null,"license":null,"license_id":null,"version":"publishedVersion","is_accepted":true,"is_published":true,"raw_source_name":"Proceedings of the 22nd ACM SIGSAC Conference on Computer and Communications Security","raw_type":"proceedings-article"}],"best_oa_location":null,"sustainable_development_goals":[{"id":"https://metadata.un.org/sdg/16","score":0.8100000023841858,"display_name":"Peace, Justice and strong institutions"}],"awards":[],"funders":[{"id":"https://openalex.org/F4320332180","display_name":"Defense Advanced Research Projects Agency","ror":"https://ror.org/02caytj08"}],"has_content":{"pdf":false,"grobid_xml":false},"content_urls":null,"referenced_works_count":61,"referenced_works":["https://openalex.org/W191839766","https://openalex.org/W201011964","https://openalex.org/W1429241971","https://openalex.org/W1495630617","https://openalex.org/W1591211019","https://openalex.org/W1788386172","https://openalex.org/W1816130922","https://openalex.org/W1816718056","https://openalex.org/W1823377586","https://openalex.org/W1825457006","https://openalex.org/W1878544538","https://openalex.org/W1904738922","https://openalex.org/W1963947298","https://openalex.org/W1969501726","https://openalex.org/W1978174330","https://openalex.org/W1982778414","https://openalex.org/W1987898580","https://openalex.org/W1996146601","https://openalex.org/W1997474908","https://openalex.org/W1997981086","https://openalex.org/W2003619630","https://openalex.org/W2022292029","https://openalex.org/W2033320580","https://openalex.org/W2034144210","https://openalex.org/W2035991175","https://openalex.org/W2046699259","https://openalex.org/W2048229966","https://openalex.org/W2048639238","https://openalex.org/W2055084740","https://openalex.org/W2059969702","https://openalex.org/W2062340141","https://openalex.org/W2109219878","https://openalex.org/W2114030344","https://openalex.org/W2117798902","https://openalex.org/W2121579803","https://openalex.org/W2122757982","https://openalex.org/W2124360577","https://openalex.org/W2132806808","https://openalex.org/W2133497528","https://openalex.org/W2138517425","https://openalex.org/W2140611647","https://openalex.org/W2148686658","https://openalex.org/W2148755014","https://openalex.org/W2149237601","https://openalex.org/W2149603369","https://openalex.org/W2154847114","https://openalex.org/W2155810272","https://openalex.org/W2158600037","https://openalex.org/W2159216827","https://openalex.org/W2162800072","https://openalex.org/W2168843528","https://openalex.org/W2263438460","https://openalex.org/W2293825325","https://openalex.org/W2350778671","https://openalex.org/W2949967155","https://openalex.org/W2978757628","https://openalex.org/W3015167333","https://openalex.org/W4230177578","https://openalex.org/W4243644740","https://openalex.org/W4243885711","https://openalex.org/W6600168703"],"related_works":["https://openalex.org/W4384302888","https://openalex.org/W2809457911","https://openalex.org/W2135849267","https://openalex.org/W2111825754","https://openalex.org/W2109219878","https://openalex.org/W2121579803","https://openalex.org/W2108399206","https://openalex.org/W2015960018","https://openalex.org/W332253968","https://openalex.org/W4226293134"],"abstract_inverted_index":{"Control":[0],"flow":[1,129],"integrity":[2],"(CFI)":[3],"has":[4],"been":[5,49],"proposed":[6],"as":[7,69,115],"an":[8,147,170,199],"approach":[9],"to":[10,22,43,51,140,149,158],"defend":[11],"against":[12,104],"control-hijacking":[13],"memory":[14],"corruption":[15],"attacks.":[16,106,213],"CFI":[17,35,68,85,173],"works":[18],"by":[19],"assigning":[20],"tags":[21,42,90],"indirect":[23],"branch":[24],"targets":[25],"statically":[26],"and":[27,91,98,117],"checking":[28],"them":[29],"at":[30],"runtime.":[31],"Coarse-grained":[32],"enforcements":[33],"of":[34,41,59,67,84,89,152,184,204,211],"that":[36,79,109,122,168,207],"use":[37,119],"a":[38,55,57,81,92,134,159,176,186,202],"small":[39],"number":[40,58,88,203],"improve":[44],"the":[45,142,153,182,209],"performance":[46],"overhead":[47],"have":[48,62],"shown":[50],"be":[52],"ineffective.":[53],"As":[54],"result,":[56],"recent":[60],"efforts":[61],"focused":[63],"on":[64,201],"fine-grained":[65,82,160],"enforcement":[66],"it":[70],"was":[71],"originally":[72],"proposed.":[73],"In":[74],"this":[75],"work,":[76],"we":[77,197],"show":[78,108],"even":[80,132],"form":[83],"with":[86,175],"unlimited":[87,171],"shadow":[93,177],"stack":[94],"(to":[95],"check":[96],"calls":[97],"returns)":[99],"is":[100,138],"ineffective":[101],"in":[102,125],"protecting":[103],"malicious":[105],"We":[107,162,179],"many":[110],"popular":[111,205],"code":[112],"bases":[113],"such":[114,212],"Apache":[116],"Nginx":[118],"coding":[120],"practices":[121],"create":[123],"flexibility":[124],"their":[126],"intended":[127],"control":[128,151],"graph":[130],"(CFG)":[131],"when":[133],"strong":[135],"static":[136,191],"analyzer":[137],"used":[139],"construct":[141,164],"CFG.":[143],"These":[144],"flexibilities":[145],"allow":[146],"attacker":[148],"gain":[150],"execution":[154],"while":[155],"strictly":[156],"adhering":[157],"CFI.":[161],"then":[163],"two":[165],"proof-of-concept":[166],"exploits":[167],"attack":[169],"tag":[172],"system":[174],"stack.":[178],"also":[180],"evaluate":[181],"difficulties":[183],"generating":[185],"precise":[187],"CFG":[188],"using":[189],"scalable":[190],"analysis":[192,200],"for":[193],"real-world":[194],"applications.":[195],"Finally,":[196],"perform":[198],"applications":[206],"highlights":[208],"availability":[210]},"counts_by_year":[{"year":2025,"cited_by_count":6},{"year":2024,"cited_by_count":8},{"year":2023,"cited_by_count":11},{"year":2022,"cited_by_count":10},{"year":2021,"cited_by_count":21},{"year":2020,"cited_by_count":18},{"year":2019,"cited_by_count":23},{"year":2018,"cited_by_count":24},{"year":2017,"cited_by_count":24},{"year":2016,"cited_by_count":22},{"year":2015,"cited_by_count":4}],"updated_date":"2026-03-12T08:34:05.389933","created_date":"2016-06-24T00:00:00"}