{"id":"https://openalex.org/W2891196279","doi":"https://doi.org/10.1145/3243734.3243797","title":"Enforcing Unique Code Target Property for Control-Flow Integrity","display_name":"Enforcing Unique Code Target Property for Control-Flow Integrity","publication_year":2018,"publication_date":"2018-10-15","ids":{"openalex":"https://openalex.org/W2891196279","doi":"https://doi.org/10.1145/3243734.3243797","mag":"2891196279"},"language":"en","primary_location":{"id":"doi:10.1145/3243734.3243797","is_oa":false,"landing_page_url":"https://doi.org/10.1145/3243734.3243797","pdf_url":null,"source":null,"license":null,"license_id":null,"version":"publishedVersion","is_accepted":true,"is_published":true,"raw_source_name":"Proceedings of the 2018 ACM SIGSAC Conference on Computer and Communications Security","raw_type":"proceedings-article"},"type":"article","indexed_in":["crossref"],"open_access":{"is_oa":false,"oa_status":"closed","oa_url":null,"any_repository_has_fulltext":false},"authorships":[{"author_position":"first","author":{"id":"https://openalex.org/A5102150414","display_name":"Hong Hu","orcid":"https://orcid.org/0000-0002-6261-3190"},"institutions":[{"id":"https://openalex.org/I130701444","display_name":"Georgia Institute of Technology","ror":"https://ror.org/01zkghx44","country_code":"US","type":"education","lineage":["https://openalex.org/I130701444"]}],"countries":["US"],"is_corresponding":true,"raw_author_name":"Hong Hu","raw_affiliation_strings":["Georgia Institute of Technology, Atlanta, GA, USA"],"affiliations":[{"raw_affiliation_string":"Georgia Institute of Technology, Atlanta, GA, USA","institution_ids":["https://openalex.org/I130701444"]}]},{"author_position":"middle","author":{"id":"https://openalex.org/A5071764813","display_name":"Chenxiong Qian","orcid":"https://orcid.org/0000-0002-6201-6011"},"institutions":[{"id":"https://openalex.org/I130701444","display_name":"Georgia Institute of Technology","ror":"https://ror.org/01zkghx44","country_code":"US","type":"education","lineage":["https://openalex.org/I130701444"]}],"countries":["US"],"is_corresponding":false,"raw_author_name":"Chenxiong Qian","raw_affiliation_strings":["Georgia Institute of Technology, Atlanta, GA, USA"],"affiliations":[{"raw_affiliation_string":"Georgia Institute of Technology, Atlanta, GA, USA","institution_ids":["https://openalex.org/I130701444"]}]},{"author_position":"middle","author":{"id":"https://openalex.org/A5084633808","display_name":"Carter Yagemann","orcid":"https://orcid.org/0000-0002-8018-0341"},"institutions":[{"id":"https://openalex.org/I130701444","display_name":"Georgia Institute of Technology","ror":"https://ror.org/01zkghx44","country_code":"US","type":"education","lineage":["https://openalex.org/I130701444"]}],"countries":["US"],"is_corresponding":false,"raw_author_name":"Carter Yagemann","raw_affiliation_strings":["Georgia Institute of Technology, Atlanta, GA, USA"],"affiliations":[{"raw_affiliation_string":"Georgia Institute of Technology, Atlanta, GA, USA","institution_ids":["https://openalex.org/I130701444"]}]},{"author_position":"middle","author":{"id":"https://openalex.org/A5052526223","display_name":"Simon P. Chung","orcid":null},"institutions":[{"id":"https://openalex.org/I130701444","display_name":"Georgia Institute of Technology","ror":"https://ror.org/01zkghx44","country_code":"US","type":"education","lineage":["https://openalex.org/I130701444"]}],"countries":["US"],"is_corresponding":false,"raw_author_name":"Simon Pak Ho Chung","raw_affiliation_strings":["Georgia Institute of Technology, Atlanta, GA, USA"],"affiliations":[{"raw_affiliation_string":"Georgia Institute of Technology, Atlanta, GA, USA","institution_ids":["https://openalex.org/I130701444"]}]},{"author_position":"middle","author":{"id":"https://openalex.org/A5030836304","display_name":"William R. Harris","orcid":"https://orcid.org/0000-0002-7667-1287"},"institutions":[{"id":"https://openalex.org/I130701444","display_name":"Georgia Institute of Technology","ror":"https://ror.org/01zkghx44","country_code":"US","type":"education","lineage":["https://openalex.org/I130701444"]},{"id":"https://openalex.org/I4210140281","display_name":"Galois (United States)","ror":"https://ror.org/03g8y8161","country_code":"US","type":"company","lineage":["https://openalex.org/I4210140281"]}],"countries":["US"],"is_corresponding":false,"raw_author_name":"William R. Harris","raw_affiliation_strings":["Georgia Institute of Technology &amp; Galois Inc., Atlanta, GA, USA"],"affiliations":[{"raw_affiliation_string":"Georgia Institute of Technology &amp; Galois Inc., Atlanta, GA, USA","institution_ids":["https://openalex.org/I130701444","https://openalex.org/I4210140281"]}]},{"author_position":"middle","author":{"id":"https://openalex.org/A5100743709","display_name":"Taesoo Kim","orcid":"https://orcid.org/0000-0002-7440-2067"},"institutions":[{"id":"https://openalex.org/I130701444","display_name":"Georgia Institute of Technology","ror":"https://ror.org/01zkghx44","country_code":"US","type":"education","lineage":["https://openalex.org/I130701444"]}],"countries":["US"],"is_corresponding":false,"raw_author_name":"Taesoo Kim","raw_affiliation_strings":["Georgia Institute of Technology, Atlanta, GA, USA"],"affiliations":[{"raw_affiliation_string":"Georgia Institute of Technology, Atlanta, GA, USA","institution_ids":["https://openalex.org/I130701444"]}]},{"author_position":"last","author":{"id":"https://openalex.org/A5047140382","display_name":"Wenke Lee","orcid":"https://orcid.org/0000-0003-2761-1277"},"institutions":[{"id":"https://openalex.org/I130701444","display_name":"Georgia Institute of Technology","ror":"https://ror.org/01zkghx44","country_code":"US","type":"education","lineage":["https://openalex.org/I130701444"]}],"countries":["US"],"is_corresponding":false,"raw_author_name":"Wenke Lee","raw_affiliation_strings":["Georgia Institute of Technology, Atlanta, GA, USA"],"affiliations":[{"raw_affiliation_string":"Georgia Institute of Technology, Atlanta, GA, USA","institution_ids":["https://openalex.org/I130701444"]}]}],"institutions":[],"countries_distinct_count":1,"institutions_distinct_count":7,"corresponding_author_ids":["https://openalex.org/A5102150414"],"corresponding_institution_ids":["https://openalex.org/I130701444"],"apc_list":null,"apc_paid":null,"fwci":9.1154,"has_fulltext":false,"cited_by_count":106,"citation_normalized_percentile":{"value":0.98213748,"is_in_top_1_percent":false,"is_in_top_10_percent":true},"cited_by_percentile_year":{"min":94,"max":100},"biblio":{"volume":null,"issue":null,"first_page":"1470","last_page":"1486"},"is_retracted":false,"is_paratext":false,"is_xpac":false,"primary_topic":{"id":"https://openalex.org/T11424","display_name":"Security and Verification in Computing","score":0.9998999834060669,"subfield":{"id":"https://openalex.org/subfields/1702","display_name":"Artificial Intelligence"},"field":{"id":"https://openalex.org/fields/17","display_name":"Computer Science"},"domain":{"id":"https://openalex.org/domains/3","display_name":"Physical Sciences"}},"topics":[{"id":"https://openalex.org/T11424","display_name":"Security and Verification in Computing","score":0.9998999834060669,"subfield":{"id":"https://openalex.org/subfields/1702","display_name":"Artificial Intelligence"},"field":{"id":"https://openalex.org/fields/17","display_name":"Computer Science"},"domain":{"id":"https://openalex.org/domains/3","display_name":"Physical Sciences"}},{"id":"https://openalex.org/T10478","display_name":"Diamond and Carbon-based Materials Research","score":0.979200005531311,"subfield":{"id":"https://openalex.org/subfields/2505","display_name":"Materials Chemistry"},"field":{"id":"https://openalex.org/fields/25","display_name":"Materials Science"},"domain":{"id":"https://openalex.org/domains/3","display_name":"Physical Sciences"}},{"id":"https://openalex.org/T11241","display_name":"Advanced Malware Detection Techniques","score":0.9690999984741211,"subfield":{"id":"https://openalex.org/subfields/1711","display_name":"Signal Processing"},"field":{"id":"https://openalex.org/fields/17","display_name":"Computer Science"},"domain":{"id":"https://openalex.org/domains/3","display_name":"Physical Sciences"}}],"keywords":[{"id":"https://openalex.org/keywords/computer-science","display_name":"Computer science","score":0.852169930934906},{"id":"https://openalex.org/keywords/control-flow","display_name":"Control flow","score":0.6769325733184814},{"id":"https://openalex.org/keywords/context","display_name":"Context (archaeology)","score":0.6140369176864624},{"id":"https://openalex.org/keywords/exploit","display_name":"Exploit","score":0.6134400963783264},{"id":"https://openalex.org/keywords/overhead","display_name":"Overhead (engineering)","score":0.5489360690116882},{"id":"https://openalex.org/keywords/process","display_name":"Process (computing)","score":0.518986165523529},{"id":"https://openalex.org/keywords/property","display_name":"Property (philosophy)","score":0.5094767212867737},{"id":"https://openalex.org/keywords/server","display_name":"Server","score":0.4618263840675354},{"id":"https://openalex.org/keywords/code","display_name":"Code (set theory)","score":0.45957088470458984},{"id":"https://openalex.org/keywords/set","display_name":"Set (abstract data type)","score":0.4274595081806183},{"id":"https://openalex.org/keywords/information-flow","display_name":"Information flow","score":0.4243411719799042},{"id":"https://openalex.org/keywords/spec#","display_name":"Spec#","score":0.4232168197631836},{"id":"https://openalex.org/keywords/computer-security","display_name":"Computer security","score":0.3949703276157379},{"id":"https://openalex.org/keywords/operating-system","display_name":"Operating system","score":0.3323150873184204},{"id":"https://openalex.org/keywords/programming-language","display_name":"Programming language","score":0.1724674105644226}],"concepts":[{"id":"https://openalex.org/C41008148","wikidata":"https://www.wikidata.org/wiki/Q21198","display_name":"Computer science","level":0,"score":0.852169930934906},{"id":"https://openalex.org/C160191386","wikidata":"https://www.wikidata.org/wiki/Q868299","display_name":"Control flow","level":2,"score":0.6769325733184814},{"id":"https://openalex.org/C2779343474","wikidata":"https://www.wikidata.org/wiki/Q3109175","display_name":"Context (archaeology)","level":2,"score":0.6140369176864624},{"id":"https://openalex.org/C165696696","wikidata":"https://www.wikidata.org/wiki/Q11287","display_name":"Exploit","level":2,"score":0.6134400963783264},{"id":"https://openalex.org/C2779960059","wikidata":"https://www.wikidata.org/wiki/Q7113681","display_name":"Overhead (engineering)","level":2,"score":0.5489360690116882},{"id":"https://openalex.org/C98045186","wikidata":"https://www.wikidata.org/wiki/Q205663","display_name":"Process (computing)","level":2,"score":0.518986165523529},{"id":"https://openalex.org/C189950617","wikidata":"https://www.wikidata.org/wiki/Q937228","display_name":"Property (philosophy)","level":2,"score":0.5094767212867737},{"id":"https://openalex.org/C93996380","wikidata":"https://www.wikidata.org/wiki/Q44127","display_name":"Server","level":2,"score":0.4618263840675354},{"id":"https://openalex.org/C2776760102","wikidata":"https://www.wikidata.org/wiki/Q5139990","display_name":"Code (set theory)","level":3,"score":0.45957088470458984},{"id":"https://openalex.org/C177264268","wikidata":"https://www.wikidata.org/wiki/Q1514741","display_name":"Set (abstract data type)","level":2,"score":0.4274595081806183},{"id":"https://openalex.org/C2779136372","wikidata":"https://www.wikidata.org/wiki/Q10283002","display_name":"Information flow","level":2,"score":0.4243411719799042},{"id":"https://openalex.org/C2778565505","wikidata":"https://www.wikidata.org/wiki/Q2207566","display_name":"Spec#","level":2,"score":0.4232168197631836},{"id":"https://openalex.org/C38652104","wikidata":"https://www.wikidata.org/wiki/Q3510521","display_name":"Computer security","level":1,"score":0.3949703276157379},{"id":"https://openalex.org/C111919701","wikidata":"https://www.wikidata.org/wiki/Q9135","display_name":"Operating system","level":1,"score":0.3323150873184204},{"id":"https://openalex.org/C199360897","wikidata":"https://www.wikidata.org/wiki/Q9143","display_name":"Programming language","level":1,"score":0.1724674105644226},{"id":"https://openalex.org/C86803240","wikidata":"https://www.wikidata.org/wiki/Q420","display_name":"Biology","level":0,"score":0.0},{"id":"https://openalex.org/C111472728","wikidata":"https://www.wikidata.org/wiki/Q9471","display_name":"Epistemology","level":1,"score":0.0},{"id":"https://openalex.org/C138885662","wikidata":"https://www.wikidata.org/wiki/Q5891","display_name":"Philosophy","level":0,"score":0.0},{"id":"https://openalex.org/C41895202","wikidata":"https://www.wikidata.org/wiki/Q8162","display_name":"Linguistics","level":1,"score":0.0},{"id":"https://openalex.org/C151730666","wikidata":"https://www.wikidata.org/wiki/Q7205","display_name":"Paleontology","level":1,"score":0.0}],"mesh":[],"locations_count":1,"locations":[{"id":"doi:10.1145/3243734.3243797","is_oa":false,"landing_page_url":"https://doi.org/10.1145/3243734.3243797","pdf_url":null,"source":null,"license":null,"license_id":null,"version":"publishedVersion","is_accepted":true,"is_published":true,"raw_source_name":"Proceedings of the 2018 ACM SIGSAC Conference on Computer and Communications Security","raw_type":"proceedings-article"}],"best_oa_location":null,"sustainable_development_goals":[{"id":"https://metadata.un.org/sdg/16","score":0.8100000023841858,"display_name":"Peace, Justice and strong institutions"}],"awards":[],"funders":[],"has_content":{"pdf":false,"grobid_xml":false},"content_urls":null,"referenced_works_count":58,"referenced_works":["https://openalex.org/W1112477","https://openalex.org/W70478248","https://openalex.org/W1429241971","https://openalex.org/W1431078357","https://openalex.org/W1538332098","https://openalex.org/W1605557845","https://openalex.org/W1691322864","https://openalex.org/W1823377586","https://openalex.org/W1825457006","https://openalex.org/W1963947298","https://openalex.org/W1968002620","https://openalex.org/W1969338270","https://openalex.org/W1969501726","https://openalex.org/W1973326708","https://openalex.org/W1984471991","https://openalex.org/W1990465482","https://openalex.org/W1992741024","https://openalex.org/W1993682390","https://openalex.org/W1993736952","https://openalex.org/W1996931407","https://openalex.org/W1997394198","https://openalex.org/W2019641142","https://openalex.org/W2022018347","https://openalex.org/W2022292029","https://openalex.org/W2033593513","https://openalex.org/W2035991175","https://openalex.org/W2080313875","https://openalex.org/W2081768685","https://openalex.org/W2109219878","https://openalex.org/W2118670307","https://openalex.org/W2122757982","https://openalex.org/W2124360577","https://openalex.org/W2128637495","https://openalex.org/W2138517425","https://openalex.org/W2140611647","https://openalex.org/W2155851497","https://openalex.org/W2159216827","https://openalex.org/W2162800072","https://openalex.org/W2168843528","https://openalex.org/W2171929398","https://openalex.org/W2293825325","https://openalex.org/W2460232746","https://openalex.org/W2487602542","https://openalex.org/W2512784977","https://openalex.org/W2516933175","https://openalex.org/W2534135179","https://openalex.org/W2574009340","https://openalex.org/W2575425722","https://openalex.org/W2584029330","https://openalex.org/W2602748134","https://openalex.org/W2606752733","https://openalex.org/W2612687770","https://openalex.org/W2735704859","https://openalex.org/W2741255062","https://openalex.org/W2752985907","https://openalex.org/W2912675049","https://openalex.org/W2914982603","https://openalex.org/W4234020632"],"related_works":["https://openalex.org/W878150521","https://openalex.org/W2008941207","https://openalex.org/W1491094004","https://openalex.org/W2188516702","https://openalex.org/W1575986870","https://openalex.org/W3102965473","https://openalex.org/W2032731920","https://openalex.org/W2620179576","https://openalex.org/W4383721685","https://openalex.org/W2231862131"],"abstract_inverted_index":{"The":[0,209],"goal":[1,34],"of":[2,27,32,46,77,178,197],"control-flow":[3,16],"integrity":[4],"(CFI)":[5],"is":[6,53],"to":[7,20,96,115,158,165,174],"stop":[8],"control-hijacking":[9,189],"attacks":[10,204],"by":[11,135],"ensuring":[12],"that":[13,108,205,212],"each":[14,75],"indirect":[15],"transfer":[17],"(ICT)":[18],"jumps":[19,58],"its":[21,176,182],"legitimate":[22],"target.":[23,89],"However,":[24],"existing":[25,207],"implementations":[26],"CFI":[28,160],"have":[29],"fallen":[30],"short":[31],"this":[33,61,98],"because":[35],"their":[36],"approaches":[37],"are":[38],"inaccurate":[39],"and":[40,85,111,131,168,172,181,201,226],"as":[41],"a":[42,92,128,145],"result,":[43],"the":[44,65,105,113,124,140,155,216],"set":[45],"allowable":[47],"targets":[48,153],"for":[49,71,74,219],"an":[50,78],"ICT":[51,79,110,152],"instruction":[52],"too":[54],"large,":[55],"making":[56],"illegal":[57],"possible.":[59],"In":[60],"paper,":[62],"we":[63],"propose":[64],"Unique":[66],"Code":[67],"Target":[68],"(UCT)":[69],"property":[70,218],"CFI.":[72],"Namely,":[73],"invocation":[76],"instruction,":[80],"there":[81],"should":[82],"be":[83],"one":[84,87],"only":[86],"valid":[88],"We":[90,162,184],"develop":[91],"prototype":[93],"called":[94],"uCFI":[95,103,122,164,187,213],"enforce":[97],"new":[99],"property.":[100],"During":[101],"compilation,":[102],"identifies":[104],"sensitive":[106,137],"instructions":[107,138],"influence":[109],"instruments":[112],"program":[114,125],"record":[116],"necessary":[117],"execution":[118,126,142],"context.":[119],"At":[120],"runtime,":[121],"monitors":[123],"in":[127,144],"different":[129],"process,":[130],"performs":[132],"points-to":[133],"analysis":[134,156],"interpreting":[136],"using":[139],"recorded":[141],"context":[143],"memory":[146],"safe":[147],"manner.":[148],"It":[149],"checks":[150],"runtime":[151],"against":[154,188],"results":[157,210],"detect":[159],"violations.":[161],"apply":[163],"SPEC":[166],"benchmarks":[167],"2":[169,202],"servers":[170],"(nginx":[171],"vsftpd)":[173],"evaluate":[175],"efficacy":[177],"enforcing":[179],"UCT":[180,217],"overhead.":[183,232],"also":[185],"test":[186],"attacks,":[190,225],"including":[191],"5":[192],"real-world":[193],"exploits,":[194],"1":[195],"proof":[196],"concept":[198],"COOP":[199],"attack,":[200],"synthesized":[203],"bypass":[206],"defenses.":[208],"show":[211],"strictly":[214],"enforces":[215],"protected":[220],"programs,":[221],"successfully":[222],"detects":[223],"all":[224],"introduces":[227],"less":[228],"than":[229],"10%":[230],"performance":[231]},"counts_by_year":[{"year":2025,"cited_by_count":11},{"year":2024,"cited_by_count":16},{"year":2023,"cited_by_count":16},{"year":2022,"cited_by_count":9},{"year":2021,"cited_by_count":15},{"year":2020,"cited_by_count":19},{"year":2019,"cited_by_count":18},{"year":2018,"cited_by_count":2}],"updated_date":"2026-03-17T09:09:15.849793","created_date":"2025-10-10T00:00:00"}