{"id":"https://openalex.org/W2213021386","doi":"https://doi.org/10.1145/2818000.2818016","title":"Control Flow and Code Integrity for COTS binaries","display_name":"Control Flow and Code Integrity for COTS binaries","publication_year":2015,"publication_date":"2015-12-07","ids":{"openalex":"https://openalex.org/W2213021386","doi":"https://doi.org/10.1145/2818000.2818016","mag":"2213021386"},"language":"en","primary_location":{"id":"doi:10.1145/2818000.2818016","is_oa":true,"landing_page_url":"https://doi.org/10.1145/2818000.2818016","pdf_url":"https://dl.acm.org/doi/pdf/10.1145/2818000.2818016","source":null,"license":null,"license_id":null,"version":"publishedVersion","is_accepted":true,"is_published":true,"raw_source_name":"Proceedings of the 31st Annual Computer Security Applications Conference","raw_type":"proceedings-article"},"type":"article","indexed_in":["crossref"],"open_access":{"is_oa":true,"oa_status":"gold","oa_url":"https://dl.acm.org/doi/pdf/10.1145/2818000.2818016","any_repository_has_fulltext":null},"authorships":[{"author_position":"first","author":{"id":"https://openalex.org/A5100778616","display_name":"Mingwei Zhang","orcid":"https://orcid.org/0009-0006-7017-215X"},"institutions":[{"id":"https://openalex.org/I4210107658","display_name":"Machine Intelligence Research Labs","ror":"https://ror.org/013kgb629","country_code":"US","type":"facility","lineage":["https://openalex.org/I4210107658"]}],"countries":["US"],"is_corresponding":false,"raw_author_name":"Mingwei Zhang","raw_affiliation_strings":["Privacy and Intelligence Lab, Intel Labs"],"raw_orcid":null,"affiliations":[{"raw_affiliation_string":"Privacy and Intelligence Lab, Intel Labs","institution_ids":["https://openalex.org/I4210107658"]}]},{"author_position":"last","author":{"id":"https://openalex.org/A5102886132","display_name":"R. Sekar","orcid":"https://orcid.org/0009-0008-9135-3296"},"institutions":[{"id":"https://openalex.org/I59553526","display_name":"Stony Brook University","ror":"https://ror.org/05qghxh33","country_code":"US","type":"education","lineage":["https://openalex.org/I59553526"]}],"countries":["US"],"is_corresponding":false,"raw_author_name":"R. Sekar","raw_affiliation_strings":["Stony Brook University, Stony Brook"],"raw_orcid":null,"affiliations":[{"raw_affiliation_string":"Stony Brook University, Stony Brook","institution_ids":["https://openalex.org/I59553526"]}]}],"institutions":[],"countries_distinct_count":1,"institutions_distinct_count":2,"corresponding_author_ids":[],"corresponding_institution_ids":[],"apc_list":null,"apc_paid":null,"fwci":6.6776,"has_fulltext":true,"cited_by_count":55,"citation_normalized_percentile":{"value":0.96768345,"is_in_top_1_percent":false,"is_in_top_10_percent":true},"cited_by_percentile_year":{"min":90,"max":99},"biblio":{"volume":null,"issue":null,"first_page":"91","last_page":"100"},"is_retracted":false,"is_paratext":false,"is_xpac":false,"primary_topic":{"id":"https://openalex.org/T11424","display_name":"Security and Verification in Computing","score":0.9998999834060669,"subfield":{"id":"https://openalex.org/subfields/1702","display_name":"Artificial Intelligence"},"field":{"id":"https://openalex.org/fields/17","display_name":"Computer Science"},"domain":{"id":"https://openalex.org/domains/3","display_name":"Physical Sciences"}},"topics":[{"id":"https://openalex.org/T11424","display_name":"Security and Verification in Computing","score":0.9998999834060669,"subfield":{"id":"https://openalex.org/subfields/1702","display_name":"Artificial Intelligence"},"field":{"id":"https://openalex.org/fields/17","display_name":"Computer Science"},"domain":{"id":"https://openalex.org/domains/3","display_name":"Physical Sciences"}},{"id":"https://openalex.org/T10772","display_name":"Distributed systems and fault tolerance","score":0.9937999844551086,"subfield":{"id":"https://openalex.org/subfields/1705","display_name":"Computer Networks and Communications"},"field":{"id":"https://openalex.org/fields/17","display_name":"Computer Science"},"domain":{"id":"https://openalex.org/domains/3","display_name":"Physical Sciences"}},{"id":"https://openalex.org/T11241","display_name":"Advanced Malware Detection Techniques","score":0.9848999977111816,"subfield":{"id":"https://openalex.org/subfields/1711","display_name":"Signal Processing"},"field":{"id":"https://openalex.org/fields/17","display_name":"Computer Science"},"domain":{"id":"https://openalex.org/domains/3","display_name":"Physical Sciences"}}],"keywords":[{"id":"https://openalex.org/keywords/computer-science","display_name":"Computer science","score":0.7928377389907837},{"id":"https://openalex.org/keywords/computer-security","display_name":"Computer security","score":0.6500697135925293},{"id":"https://openalex.org/keywords/control-flow","display_name":"Control flow","score":0.6030865907669067},{"id":"https://openalex.org/keywords/loader","display_name":"Loader","score":0.5304864048957825},{"id":"https://openalex.org/keywords/software","display_name":"Software","score":0.5106754899024963},{"id":"https://openalex.org/keywords/source-code","display_name":"Source code","score":0.4578094184398651},{"id":"https://openalex.org/keywords/code","display_name":"Code (set theory)","score":0.4498157799243927},{"id":"https://openalex.org/keywords/operating-system","display_name":"Operating system","score":0.43373245000839233},{"id":"https://openalex.org/keywords/taint-checking","display_name":"Taint checking","score":0.41410568356513977},{"id":"https://openalex.org/keywords/embedded-system","display_name":"Embedded system","score":0.37946775555610657},{"id":"https://openalex.org/keywords/programming-language","display_name":"Programming language","score":0.23465695977210999}],"concepts":[{"id":"https://openalex.org/C41008148","wikidata":"https://www.wikidata.org/wiki/Q21198","display_name":"Computer science","level":0,"score":0.7928377389907837},{"id":"https://openalex.org/C38652104","wikidata":"https://www.wikidata.org/wiki/Q3510521","display_name":"Computer security","level":1,"score":0.6500697135925293},{"id":"https://openalex.org/C160191386","wikidata":"https://www.wikidata.org/wiki/Q868299","display_name":"Control flow","level":2,"score":0.6030865907669067},{"id":"https://openalex.org/C2779041774","wikidata":"https://www.wikidata.org/wiki/Q650550","display_name":"Loader","level":2,"score":0.5304864048957825},{"id":"https://openalex.org/C2777904410","wikidata":"https://www.wikidata.org/wiki/Q7397","display_name":"Software","level":2,"score":0.5106754899024963},{"id":"https://openalex.org/C43126263","wikidata":"https://www.wikidata.org/wiki/Q128751","display_name":"Source code","level":2,"score":0.4578094184398651},{"id":"https://openalex.org/C2776760102","wikidata":"https://www.wikidata.org/wiki/Q5139990","display_name":"Code (set theory)","level":3,"score":0.4498157799243927},{"id":"https://openalex.org/C111919701","wikidata":"https://www.wikidata.org/wiki/Q9135","display_name":"Operating system","level":1,"score":0.43373245000839233},{"id":"https://openalex.org/C63116202","wikidata":"https://www.wikidata.org/wiki/Q7676227","display_name":"Taint checking","level":3,"score":0.41410568356513977},{"id":"https://openalex.org/C149635348","wikidata":"https://www.wikidata.org/wiki/Q193040","display_name":"Embedded system","level":1,"score":0.37946775555610657},{"id":"https://openalex.org/C199360897","wikidata":"https://www.wikidata.org/wiki/Q9143","display_name":"Programming language","level":1,"score":0.23465695977210999},{"id":"https://openalex.org/C177264268","wikidata":"https://www.wikidata.org/wiki/Q1514741","display_name":"Set (abstract data type)","level":2,"score":0.0}],"mesh":[],"locations_count":1,"locations":[{"id":"doi:10.1145/2818000.2818016","is_oa":true,"landing_page_url":"https://doi.org/10.1145/2818000.2818016","pdf_url":"https://dl.acm.org/doi/pdf/10.1145/2818000.2818016","source":null,"license":null,"license_id":null,"version":"publishedVersion","is_accepted":true,"is_published":true,"raw_source_name":"Proceedings of the 31st Annual Computer Security Applications Conference","raw_type":"proceedings-article"}],"best_oa_location":{"id":"doi:10.1145/2818000.2818016","is_oa":true,"landing_page_url":"https://doi.org/10.1145/2818000.2818016","pdf_url":"https://dl.acm.org/doi/pdf/10.1145/2818000.2818016","source":null,"license":null,"license_id":null,"version":"publishedVersion","is_accepted":true,"is_published":true,"raw_source_name":"Proceedings of the 31st Annual Computer Security Applications Conference","raw_type":"proceedings-article"},"sustainable_development_goals":[{"score":0.8299999833106995,"id":"https://metadata.un.org/sdg/16","display_name":"Peace, Justice and strong institutions"}],"awards":[{"id":"https://openalex.org/G4859090984","display_name":"CT-T:   Proactive Techniques for Preserving System Integrity:   A Basis for Robust Defense Against Malware","funder_award_id":"0831298","funder_id":"https://openalex.org/F4320306076","funder_display_name":"National Science Foundation"},{"id":"https://openalex.org/G4911320805","display_name":null,"funder_award_id":"N00014-15-1-2378","funder_id":"https://openalex.org/F4320337345","funder_display_name":"Office of Naval Research"},{"id":"https://openalex.org/G5909444678","display_name":null,"funder_award_id":"CNS-0831298","funder_id":"https://openalex.org/F4320306076","funder_display_name":"National Science Foundation"},{"id":"https://openalex.org/G7268679954","display_name":null,"funder_award_id":"CNS-1319137","funder_id":"https://openalex.org/F4320306076","funder_display_name":"National Science Foundation"},{"id":"https://openalex.org/G7852973988","display_name":null,"funder_award_id":"CNS-0831298 and CNS-1319137","funder_id":"https://openalex.org/F4320306076","funder_display_name":"National Science Foundation"},{"id":"https://openalex.org/G8798836806","display_name":"TWC: Small: A platform for enhancing security of binary code","funder_award_id":"1319137","funder_id":"https://openalex.org/F4320306076","funder_display_name":"National Science Foundation"},{"id":"https://openalex.org/G8876996369","display_name":null,"funder_award_id":"N00014","funder_id":"https://openalex.org/F4320337345","funder_display_name":"Office of Naval Research"}],"funders":[{"id":"https://openalex.org/F4320306076","display_name":"National Science Foundation","ror":"https://ror.org/021nxhr62"},{"id":"https://openalex.org/F4320331904","display_name":"Stony Brook University","ror":"https://ror.org/05qghxh33"},{"id":"https://openalex.org/F4320337345","display_name":"Office of Naval Research","ror":"https://ror.org/00rk2pe57"}],"has_content":{"pdf":true,"grobid_xml":true},"content_urls":{"pdf":"https://content.openalex.org/works/W2213021386.pdf","grobid_xml":"https://content.openalex.org/works/W2213021386.grobid-xml"},"referenced_works_count":50,"referenced_works":["https://openalex.org/W1469795891","https://openalex.org/W1499992849","https://openalex.org/W1544471297","https://openalex.org/W1557018311","https://openalex.org/W1563300346","https://openalex.org/W1575709006","https://openalex.org/W1593678010","https://openalex.org/W1605557845","https://openalex.org/W1631846088","https://openalex.org/W1691322864","https://openalex.org/W1816718056","https://openalex.org/W1823377586","https://openalex.org/W1963947298","https://openalex.org/W1969519208","https://openalex.org/W1972235549","https://openalex.org/W1990465482","https://openalex.org/W1993682390","https://openalex.org/W1993736952","https://openalex.org/W2004769014","https://openalex.org/W2012578421","https://openalex.org/W2022292029","https://openalex.org/W2027475739","https://openalex.org/W2029224396","https://openalex.org/W2033593513","https://openalex.org/W2059969702","https://openalex.org/W2062340141","https://openalex.org/W2072102701","https://openalex.org/W2080313875","https://openalex.org/W2080379526","https://openalex.org/W2088383546","https://openalex.org/W2098010707","https://openalex.org/W2109219878","https://openalex.org/W2117479921","https://openalex.org/W2117703831","https://openalex.org/W2123553986","https://openalex.org/W2124360577","https://openalex.org/W2128637495","https://openalex.org/W2136096788","https://openalex.org/W2138517425","https://openalex.org/W2154411999","https://openalex.org/W2155851497","https://openalex.org/W2159216827","https://openalex.org/W2162800072","https://openalex.org/W2171938395","https://openalex.org/W2397986719","https://openalex.org/W3023860284","https://openalex.org/W6633875382","https://openalex.org/W6638559843","https://openalex.org/W6678483193","https://openalex.org/W6678545021"],"related_works":["https://openalex.org/W4200282997","https://openalex.org/W3081644756","https://openalex.org/W2292865721","https://openalex.org/W4226258670","https://openalex.org/W2912319261","https://openalex.org/W2181712945","https://openalex.org/W4388868405","https://openalex.org/W2121579803","https://openalex.org/W2015960018","https://openalex.org/W2966514766"],"abstract_inverted_index":{"Despite":[0],"decades":[1],"of":[2,12,92,162],"sustained":[3],"effort,":[4],"memory":[5],"corruption":[6],"attacks":[7,75,100,125],"continue":[8],"to":[9,35,48,138],"be":[10,102],"one":[11],"the":[13,33,136,144,160],"most":[14],"serious":[15],"security":[16],"threats":[17],"faced":[18],"today.":[19],"They":[20],"are":[21],"highly":[22],"sought":[23],"after":[24],"by":[25,65,159],"attackers,":[26],"as":[27,54,143,156],"they":[28],"provide":[29,109],"ultimate":[30],"control":[31],"---":[32],"ability":[34,47],"execute":[36],"arbitrary":[37],"low-level":[38],"code.":[39],"Attackers":[40],"have":[41,76,85],"shown":[42],"time":[43,161],"and":[44,60,116,147],"again":[45],"their":[46],"overcome":[49],"widely":[50],"deployed":[51],"countermeasures":[52],"such":[53,142],"Address":[55],"Space":[56],"Layout":[57],"Randomization":[58],"(ASLR)":[59],"Data":[61],"Execution":[62],"Prevention":[63],"(DEP)":[64],"crafting":[66],"Return":[67],"Oriented":[68],"Programming":[69],"(ROP)":[70],"attacks.":[71],"Although":[72],"Turing-complete":[73],"ROP":[74,83],"been":[77],"demonstrated":[78],"in":[79],"research":[80],"papers,":[81],"real-world":[82],"payloads":[84],"had":[86],"a":[87,110],"more":[88],"limited":[89],"objective:":[90],"that":[91,96,120],"disabling":[93],"DEP":[94],"so":[95],"injected":[97,122],"native":[98,123],"code":[99,124],"can":[101],"carried":[103],"out.":[104],"In":[105],"this":[106,129,163],"paper,":[107],"we":[108],"systematic":[111],"defense,":[112],"called":[113],"Control":[114],"Flow":[115],"Code":[117],"Integrity":[118],"(CFCI),":[119],"makes":[121],"impossible.":[126],"CFCI":[127,155],"achieves":[128],"without":[130,148],"sacrificing":[131],"compatibility":[132],"with":[133],"existing":[134],"software,":[135],"need":[137],"replace":[139],"system":[140],"programs":[141],"dynamic":[145],"loader,":[146],"significant":[149],"performance":[150],"penalty.":[151],"We":[152],"will":[153],"release":[154],"open-source":[157],"software":[158],"conference.":[164]},"counts_by_year":[{"year":2026,"cited_by_count":2},{"year":2025,"cited_by_count":6},{"year":2024,"cited_by_count":9},{"year":2023,"cited_by_count":5},{"year":2022,"cited_by_count":3},{"year":2021,"cited_by_count":4},{"year":2020,"cited_by_count":7},{"year":2019,"cited_by_count":4},{"year":2018,"cited_by_count":3},{"year":2017,"cited_by_count":7},{"year":2016,"cited_by_count":4},{"year":2015,"cited_by_count":1}],"updated_date":"2026-06-11T09:08:48.828518","created_date":"2025-10-10T00:00:00"}