{"id":"https://openalex.org/W2772679484","doi":"https://doi.org/10.1145/3134600.3134634","title":"Protecting COTS Binaries from Disclosure-guided Code Reuse Attacks","display_name":"Protecting COTS Binaries from Disclosure-guided Code Reuse Attacks","publication_year":2017,"publication_date":"2017-12-04","ids":{"openalex":"https://openalex.org/W2772679484","doi":"https://doi.org/10.1145/3134600.3134634","mag":"2772679484"},"language":"en","primary_location":{"id":"doi:10.1145/3134600.3134634","is_oa":false,"landing_page_url":"https://doi.org/10.1145/3134600.3134634","pdf_url":null,"source":null,"license":null,"license_id":null,"version":"publishedVersion","is_accepted":true,"is_published":true,"raw_source_name":"Proceedings of the 33rd Annual Computer Security Applications Conference","raw_type":"proceedings-article"},"type":"article","indexed_in":["crossref"],"open_access":{"is_oa":false,"oa_status":"closed","oa_url":null,"any_repository_has_fulltext":false},"authorships":[{"author_position":"first","author":{"id":"https://openalex.org/A5100778616","display_name":"Mingwei Zhang","orcid":"https://orcid.org/0009-0006-7017-215X"},"institutions":[{"id":"https://openalex.org/I1343180700","display_name":"Intel (United States)","ror":"https://ror.org/01ek73717","country_code":"US","type":"company","lineage":["https://openalex.org/I1343180700"]}],"countries":["US"],"is_corresponding":true,"raw_author_name":"Mingwei Zhang","raw_affiliation_strings":["Intel Labs, Hillsboro, OR, USA"],"affiliations":[{"raw_affiliation_string":"Intel Labs, Hillsboro, OR, USA","institution_ids":["https://openalex.org/I1343180700"]}]},{"author_position":"middle","author":{"id":"https://openalex.org/A5007101727","display_name":"Michalis Polychronakis","orcid":"https://orcid.org/0000-0002-3106-0343"},"institutions":[{"id":"https://openalex.org/I59553526","display_name":"Stony Brook University","ror":"https://ror.org/05qghxh33","country_code":"US","type":"education","lineage":["https://openalex.org/I59553526"]}],"countries":["US"],"is_corresponding":false,"raw_author_name":"Michalis Polychronakis","raw_affiliation_strings":["Stony Brook University, Stony Brook, NY, USA"],"affiliations":[{"raw_affiliation_string":"Stony Brook University, Stony Brook, NY, USA","institution_ids":["https://openalex.org/I59553526"]}]},{"author_position":"last","author":{"id":"https://openalex.org/A5102886132","display_name":"R. Sekar","orcid":"https://orcid.org/0009-0008-9135-3296"},"institutions":[{"id":"https://openalex.org/I59553526","display_name":"Stony Brook University","ror":"https://ror.org/05qghxh33","country_code":"US","type":"education","lineage":["https://openalex.org/I59553526"]}],"countries":["US"],"is_corresponding":false,"raw_author_name":"R. Sekar","raw_affiliation_strings":["Stony Brook University, Stony Brook, NY, USA"],"affiliations":[{"raw_affiliation_string":"Stony Brook University, Stony Brook, NY, USA","institution_ids":["https://openalex.org/I59553526"]}]}],"institutions":[],"countries_distinct_count":1,"institutions_distinct_count":3,"corresponding_author_ids":["https://openalex.org/A5100778616"],"corresponding_institution_ids":["https://openalex.org/I1343180700"],"apc_list":null,"apc_paid":null,"fwci":1.1701,"has_fulltext":false,"cited_by_count":12,"citation_normalized_percentile":{"value":0.84692129,"is_in_top_1_percent":false,"is_in_top_10_percent":false},"cited_by_percentile_year":{"min":89,"max":97},"biblio":{"volume":null,"issue":null,"first_page":"128","last_page":"140"},"is_retracted":false,"is_paratext":false,"is_xpac":false,"primary_topic":{"id":"https://openalex.org/T11424","display_name":"Security and Verification in Computing","score":1.0,"subfield":{"id":"https://openalex.org/subfields/1702","display_name":"Artificial Intelligence"},"field":{"id":"https://openalex.org/fields/17","display_name":"Computer Science"},"domain":{"id":"https://openalex.org/domains/3","display_name":"Physical Sciences"}},"topics":[{"id":"https://openalex.org/T11424","display_name":"Security and Verification in Computing","score":1.0,"subfield":{"id":"https://openalex.org/subfields/1702","display_name":"Artificial Intelligence"},"field":{"id":"https://openalex.org/fields/17","display_name":"Computer Science"},"domain":{"id":"https://openalex.org/domains/3","display_name":"Physical Sciences"}},{"id":"https://openalex.org/T10478","display_name":"Diamond and Carbon-based Materials Research","score":0.9901999831199646,"subfield":{"id":"https://openalex.org/subfields/2505","display_name":"Materials Chemistry"},"field":{"id":"https://openalex.org/fields/25","display_name":"Materials Science"},"domain":{"id":"https://openalex.org/domains/3","display_name":"Physical Sciences"}},{"id":"https://openalex.org/T11241","display_name":"Advanced Malware Detection Techniques","score":0.9811999797821045,"subfield":{"id":"https://openalex.org/subfields/1711","display_name":"Signal Processing"},"field":{"id":"https://openalex.org/fields/17","display_name":"Computer Science"},"domain":{"id":"https://openalex.org/domains/3","display_name":"Physical Sciences"}}],"keywords":[{"id":"https://openalex.org/keywords/computer-science","display_name":"Computer science","score":0.865951418876648},{"id":"https://openalex.org/keywords/operating-system","display_name":"Operating system","score":0.5421245694160461},{"id":"https://openalex.org/keywords/embedded-system","display_name":"Embedded system","score":0.5414405465126038},{"id":"https://openalex.org/keywords/compiler","display_name":"Compiler","score":0.5412684082984924},{"id":"https://openalex.org/keywords/pointer","display_name":"Pointer (user interface)","score":0.5031406283378601},{"id":"https://openalex.org/keywords/executable","display_name":"Executable","score":0.5001657009124756},{"id":"https://openalex.org/keywords/memory-protection","display_name":"Memory protection","score":0.48892703652381897},{"id":"https://openalex.org/keywords/code-reuse","display_name":"Code reuse","score":0.47580844163894653},{"id":"https://openalex.org/keywords/unreachable-code","display_name":"Unreachable code","score":0.4674328863620758},{"id":"https://openalex.org/keywords/source-code","display_name":"Source code","score":0.4529241621494293},{"id":"https://openalex.org/keywords/machine-code","display_name":"Machine code","score":0.44207990169525146},{"id":"https://openalex.org/keywords/code-generation","display_name":"Code generation","score":0.42023128271102905},{"id":"https://openalex.org/keywords/software","display_name":"Software","score":0.4153573215007782},{"id":"https://openalex.org/keywords/redundant-code","display_name":"Redundant code","score":0.35589009523391724},{"id":"https://openalex.org/keywords/computer-hardware","display_name":"Computer hardware","score":0.2736392319202423},{"id":"https://openalex.org/keywords/memory-management","display_name":"Memory management","score":0.1767657995223999},{"id":"https://openalex.org/keywords/overlay","display_name":"Overlay","score":0.14687573909759521},{"id":"https://openalex.org/keywords/virtual-memory","display_name":"Virtual memory","score":0.1301821768283844}],"concepts":[{"id":"https://openalex.org/C41008148","wikidata":"https://www.wikidata.org/wiki/Q21198","display_name":"Computer science","level":0,"score":0.865951418876648},{"id":"https://openalex.org/C111919701","wikidata":"https://www.wikidata.org/wiki/Q9135","display_name":"Operating system","level":1,"score":0.5421245694160461},{"id":"https://openalex.org/C149635348","wikidata":"https://www.wikidata.org/wiki/Q193040","display_name":"Embedded system","level":1,"score":0.5414405465126038},{"id":"https://openalex.org/C169590947","wikidata":"https://www.wikidata.org/wiki/Q47506","display_name":"Compiler","level":2,"score":0.5412684082984924},{"id":"https://openalex.org/C150202949","wikidata":"https://www.wikidata.org/wiki/Q107602","display_name":"Pointer (user interface)","level":2,"score":0.5031406283378601},{"id":"https://openalex.org/C160145156","wikidata":"https://www.wikidata.org/wiki/Q778586","display_name":"Executable","level":2,"score":0.5001657009124756},{"id":"https://openalex.org/C18131444","wikidata":"https://www.wikidata.org/wiki/Q163585","display_name":"Memory protection","level":5,"score":0.48892703652381897},{"id":"https://openalex.org/C2778583558","wikidata":"https://www.wikidata.org/wiki/Q771245","display_name":"Code reuse","level":3,"score":0.47580844163894653},{"id":"https://openalex.org/C50951305","wikidata":"https://www.wikidata.org/wiki/Q2482534","display_name":"Unreachable code","level":5,"score":0.4674328863620758},{"id":"https://openalex.org/C43126263","wikidata":"https://www.wikidata.org/wiki/Q128751","display_name":"Source code","level":2,"score":0.4529241621494293},{"id":"https://openalex.org/C115168132","wikidata":"https://www.wikidata.org/wiki/Q55813","display_name":"Machine code","level":3,"score":0.44207990169525146},{"id":"https://openalex.org/C133162039","wikidata":"https://www.wikidata.org/wiki/Q1061077","display_name":"Code generation","level":3,"score":0.42023128271102905},{"id":"https://openalex.org/C2777904410","wikidata":"https://www.wikidata.org/wiki/Q7397","display_name":"Software","level":2,"score":0.4153573215007782},{"id":"https://openalex.org/C151578736","wikidata":"https://www.wikidata.org/wiki/Q1251793","display_name":"Redundant code","level":4,"score":0.35589009523391724},{"id":"https://openalex.org/C9390403","wikidata":"https://www.wikidata.org/wiki/Q3966","display_name":"Computer hardware","level":1,"score":0.2736392319202423},{"id":"https://openalex.org/C176649486","wikidata":"https://www.wikidata.org/wiki/Q2308807","display_name":"Memory management","level":3,"score":0.1767657995223999},{"id":"https://openalex.org/C136085584","wikidata":"https://www.wikidata.org/wiki/Q910289","display_name":"Overlay","level":2,"score":0.14687573909759521},{"id":"https://openalex.org/C76399640","wikidata":"https://www.wikidata.org/wiki/Q189401","display_name":"Virtual memory","level":4,"score":0.1301821768283844},{"id":"https://openalex.org/C26517878","wikidata":"https://www.wikidata.org/wiki/Q228039","display_name":"Key (lock)","level":2,"score":0.0}],"mesh":[],"locations_count":1,"locations":[{"id":"doi:10.1145/3134600.3134634","is_oa":false,"landing_page_url":"https://doi.org/10.1145/3134600.3134634","pdf_url":null,"source":null,"license":null,"license_id":null,"version":"publishedVersion","is_accepted":true,"is_published":true,"raw_source_name":"Proceedings of the 33rd Annual Computer Security Applications Conference","raw_type":"proceedings-article"}],"best_oa_location":null,"sustainable_development_goals":[{"score":0.41999998688697815,"id":"https://metadata.un.org/sdg/16","display_name":"Peace, Justice and strong institutions"}],"awards":[{"id":"https://openalex.org/G2863140821","display_name":null,"funder_award_id":"N00014-15-1-2378 and N00014-17-1-2891","funder_id":"https://openalex.org/F4320337345","funder_display_name":"Office of Naval Research"},{"id":"https://openalex.org/G7268679954","display_name":null,"funder_award_id":"CNS-1319137","funder_id":"https://openalex.org/F4320306076","funder_display_name":"National Science Foundation"}],"funders":[{"id":"https://openalex.org/F4320306076","display_name":"National Science Foundation","ror":"https://ror.org/021nxhr62"},{"id":"https://openalex.org/F4320337345","display_name":"Office of Naval Research","ror":"https://ror.org/00rk2pe57"}],"has_content":{"grobid_xml":false,"pdf":false},"content_urls":null,"referenced_works_count":66,"referenced_works":["https://openalex.org/W1429241971","https://openalex.org/W1477563924","https://openalex.org/W1537077670","https://openalex.org/W1538332098","https://openalex.org/W1544471297","https://openalex.org/W1545927878","https://openalex.org/W1591211019","https://openalex.org/W1593678010","https://openalex.org/W1605557845","https://openalex.org/W1631846088","https://openalex.org/W1691322864","https://openalex.org/W1816718056","https://openalex.org/W1823377586","https://openalex.org/W1893312510","https://openalex.org/W1963947298","https://openalex.org/W1969338270","https://openalex.org/W1982829328","https://openalex.org/W1990465482","https://openalex.org/W1993682390","https://openalex.org/W1993736952","https://openalex.org/W2001978806","https://openalex.org/W2003619630","https://openalex.org/W2004877887","https://openalex.org/W2006790656","https://openalex.org/W2009801020","https://openalex.org/W2012559808","https://openalex.org/W2012578421","https://openalex.org/W2022292029","https://openalex.org/W2022413220","https://openalex.org/W2033593513","https://openalex.org/W2035991175","https://openalex.org/W2066852506","https://openalex.org/W2079029390","https://openalex.org/W2080313875","https://openalex.org/W2098010707","https://openalex.org/W2108860402","https://openalex.org/W2109219878","https://openalex.org/W2121468041","https://openalex.org/W2123022206","https://openalex.org/W2123436168","https://openalex.org/W2123553986","https://openalex.org/W2124360577","https://openalex.org/W2132806808","https://openalex.org/W2134633067","https://openalex.org/W2136096788","https://openalex.org/W2138517425","https://openalex.org/W2142778065","https://openalex.org/W2154411999","https://openalex.org/W2154555738","https://openalex.org/W2155810272","https://openalex.org/W2155943969","https://openalex.org/W2159059513","https://openalex.org/W2162800072","https://openalex.org/W2162986442","https://openalex.org/W2168843528","https://openalex.org/W2209345602","https://openalex.org/W2213021386","https://openalex.org/W2293825325","https://openalex.org/W2301356482","https://openalex.org/W2404678703","https://openalex.org/W2487602542","https://openalex.org/W2516933175","https://openalex.org/W2607362719","https://openalex.org/W2691795444","https://openalex.org/W2752531355","https://openalex.org/W4239813889"],"related_works":["https://openalex.org/W1555552217","https://openalex.org/W1527771852","https://openalex.org/W4232768799","https://openalex.org/W2157322365","https://openalex.org/W179346248","https://openalex.org/W1777501891","https://openalex.org/W181269922","https://openalex.org/W2091871187","https://openalex.org/W1493727516","https://openalex.org/W77265138"],"abstract_inverted_index":{"Code":[0],"diversification,":[1],"combined":[2],"with":[3],"execute-only":[4,88],"memory,":[5],"provides":[6,84],"an":[7],"effective":[8],"defense":[9],"against":[10],"just-in-time":[11],"code":[12,20,49,104,108,126,136,193,200],"reuse":[13],"attacks.":[14],"However,":[15],"existing":[16,135],"techniques":[17],"for":[18],"combining":[19],"diversification":[21],"and":[22,80,107,205],"hardware-assisted":[23],"memory":[24,89,118],"protections":[25],"typically":[26],"require":[27],"compiler":[28],"support,":[29],"as":[30,32,187,195],"well":[31],"the":[33,55,64,116,120,169,203],"deployment":[34],"or":[35,53,95,198],"modification":[36],"of":[37,119,163],"a":[38,73,164],"hypervisor.":[39],"These":[40],"requirements":[41],"often":[42],"cannot":[43],"be":[44,61],"met,":[45],"either":[46],"because":[47,54],"source":[48],"is":[50,98],"not":[51,60],"available,":[52],"required":[56],"hardware":[57,93],"features":[58,94],"may":[59],"available":[62],"on":[63,92,130,146,161],"target":[65],"system.":[66],"In":[67,176],"this":[68],"paper":[69],"we":[70],"present":[71],"SECRET,":[72],"software":[74,82],"hardening":[75],"technique":[76],"tailored":[77],"to":[78,87,115,138,173,184],"legacy":[79],"closed-source":[81],"that":[83,153],"equivalent":[85],"protection":[86,181],"without":[90],"relying":[91],"recompilation.":[96],"This":[97],"achieved":[99],"using":[100],"two":[101],"novel":[102],"techniques,":[103,186],"space":[105],"isolation":[106],"pointer":[109,127],"remapping,":[110],"which":[111],"prevent":[112],"read":[113],"accesses":[114],"executable":[117],"protected":[121],"code.":[122],"Furthermore,":[123],"SECRET":[124,142],"thwarts":[125],"harvesting":[128],"attacks":[129],"ELF":[131],"files":[132],"by":[133,202],"remapping":[134],"pointers":[137],"use":[139],"random":[140],"values.":[141],"has":[143],"been":[144],"implemented":[145],"32-bit":[147],"Linux":[148],"systems.":[149],"Our":[150],"evaluation":[151],"shows":[152],"it":[154,178,188],"introduces":[155],"just":[156],"2%":[157],"additional":[158],"runtime":[159],"overhead":[160,172],"top":[162],"state-of-the-art":[165],"CFI":[166],"implementation,":[167],"bringing":[168],"total":[170],"average":[171],"about":[174],"16%.":[175],"addition,":[177],"achieves":[179],"better":[180],"coverage":[182],"compared":[183],"compiler-based":[185],"can":[189],"handle":[190],"low-level":[191],"machine":[192],"such":[194],"inline":[196],"assembly":[197],"extra":[199],"introduced":[201],"linker":[204],"loader.":[206]},"counts_by_year":[{"year":2024,"cited_by_count":1},{"year":2023,"cited_by_count":1},{"year":2022,"cited_by_count":2},{"year":2021,"cited_by_count":2},{"year":2020,"cited_by_count":1},{"year":2019,"cited_by_count":2},{"year":2018,"cited_by_count":3}],"updated_date":"2025-11-06T03:46:38.306776","created_date":"2025-10-10T00:00:00"}