{"id":"https://openalex.org/W3191405550","doi":"https://doi.org/10.1145/3456299","title":"Software-driven Security Attacks: From Vulnerability Sources to Durable Hardware Defenses","display_name":"Software-driven Security Attacks: From Vulnerability Sources to Durable Hardware Defenses","publication_year":2021,"publication_date":"2021-07-31","ids":{"openalex":"https://openalex.org/W3191405550","doi":"https://doi.org/10.1145/3456299","mag":"3191405550"},"language":"en","primary_location":{"id":"doi:10.1145/3456299","is_oa":false,"landing_page_url":"https://doi.org/10.1145/3456299","pdf_url":null,"source":{"id":"https://openalex.org/S96198239","display_name":"ACM Journal on Emerging Technologies in Computing Systems","issn_l":"1550-4832","issn":["1550-4832","1550-4840"],"is_oa":false,"is_in_doaj":false,"is_core":true,"host_organization":"https://openalex.org/P4310319798","host_organization_name":"Association for Computing Machinery","host_organization_lineage":["https://openalex.org/P4310319798"],"host_organization_lineage_names":["Association for Computing Machinery"],"type":"journal"},"license":null,"license_id":null,"version":"publishedVersion","is_accepted":true,"is_published":true,"raw_source_name":"ACM Journal on Emerging Technologies in Computing Systems","raw_type":"journal-article"},"type":"article","indexed_in":["crossref"],"open_access":{"is_oa":false,"oa_status":"closed","oa_url":null,"any_repository_has_fulltext":false},"authorships":[{"author_position":"first","author":{"id":"https://openalex.org/A5042598156","display_name":"Lauren Biernacki","orcid":"https://orcid.org/0000-0001-8511-2287"},"institutions":[{"id":"https://openalex.org/I27837315","display_name":"University of Michigan","ror":"https://ror.org/00jmfr291","country_code":"US","type":"education","lineage":["https://openalex.org/I27837315"]}],"countries":["US"],"is_corresponding":false,"raw_author_name":"Lauren Biernacki","raw_affiliation_strings":["University of Michigan"],"raw_orcid":null,"affiliations":[{"raw_affiliation_string":"University of Michigan","institution_ids":["https://openalex.org/I27837315"]}]},{"author_position":"middle","author":{"id":"https://openalex.org/A5106787115","display_name":"Mark Gallagher","orcid":null},"institutions":[{"id":"https://openalex.org/I27837315","display_name":"University of Michigan","ror":"https://ror.org/00jmfr291","country_code":"US","type":"education","lineage":["https://openalex.org/I27837315"]}],"countries":["US"],"is_corresponding":false,"raw_author_name":"Mark Gallagher","raw_affiliation_strings":["University of Michigan"],"raw_orcid":null,"affiliations":[{"raw_affiliation_string":"University of Michigan","institution_ids":["https://openalex.org/I27837315"]}]},{"author_position":"middle","author":{"id":"https://openalex.org/A5101778825","display_name":"Zhixing Xu","orcid":"https://orcid.org/0000-0003-0823-8024"},"institutions":[{"id":"https://openalex.org/I20089843","display_name":"Princeton University","ror":"https://ror.org/00hx57361","country_code":"US","type":"education","lineage":["https://openalex.org/I20089843"]}],"countries":["US"],"is_corresponding":false,"raw_author_name":"Zhixing Xu","raw_affiliation_strings":["Princeton University"],"raw_orcid":null,"affiliations":[{"raw_affiliation_string":"Princeton University","institution_ids":["https://openalex.org/I20089843"]}]},{"author_position":"middle","author":{"id":"https://openalex.org/A5045919596","display_name":"Misiker Tadesse Aga","orcid":null},"institutions":[{"id":"https://openalex.org/I27837315","display_name":"University of Michigan","ror":"https://ror.org/00jmfr291","country_code":"US","type":"education","lineage":["https://openalex.org/I27837315"]}],"countries":["US"],"is_corresponding":false,"raw_author_name":"Misiker Tadesse Aga","raw_affiliation_strings":["University of Michigan"],"raw_orcid":null,"affiliations":[{"raw_affiliation_string":"University of Michigan","institution_ids":["https://openalex.org/I27837315"]}]},{"author_position":"middle","author":{"id":"https://openalex.org/A5071360635","display_name":"Austin Harris","orcid":"https://orcid.org/0000-0002-6531-1526"},"institutions":[{"id":"https://openalex.org/I86519309","display_name":"The University of Texas at Austin","ror":"https://ror.org/00hj54h04","country_code":"US","type":"education","lineage":["https://openalex.org/I86519309"]}],"countries":["US"],"is_corresponding":false,"raw_author_name":"Austin Harris","raw_affiliation_strings":["University of Texas at Austin"],"raw_orcid":null,"affiliations":[{"raw_affiliation_string":"University of Texas at Austin","institution_ids":["https://openalex.org/I86519309"]}]},{"author_position":"middle","author":{"id":"https://openalex.org/A5052466712","display_name":"Shijia Wei","orcid":"https://orcid.org/0000-0002-4513-5334"},"institutions":[{"id":"https://openalex.org/I86519309","display_name":"The University of Texas at Austin","ror":"https://ror.org/00hj54h04","country_code":"US","type":"education","lineage":["https://openalex.org/I86519309"]}],"countries":["US"],"is_corresponding":false,"raw_author_name":"Shijia Wei","raw_affiliation_strings":["University of Texas at Austin"],"raw_orcid":null,"affiliations":[{"raw_affiliation_string":"University of Texas at Austin","institution_ids":["https://openalex.org/I86519309"]}]},{"author_position":"middle","author":{"id":"https://openalex.org/A5071185644","display_name":"Mohit Tiwari","orcid":"https://orcid.org/0000-0003-1836-3451"},"institutions":[{"id":"https://openalex.org/I86519309","display_name":"The University of Texas at Austin","ror":"https://ror.org/00hj54h04","country_code":"US","type":"education","lineage":["https://openalex.org/I86519309"]}],"countries":["US"],"is_corresponding":false,"raw_author_name":"Mohit Tiwari","raw_affiliation_strings":["University of Texas at Austin"],"raw_orcid":null,"affiliations":[{"raw_affiliation_string":"University of Texas at Austin","institution_ids":["https://openalex.org/I86519309"]}]},{"author_position":"middle","author":{"id":"https://openalex.org/A5050964144","display_name":"Baris Kasikci","orcid":"https://orcid.org/0000-0001-6122-8998"},"institutions":[{"id":"https://openalex.org/I27837315","display_name":"University of Michigan","ror":"https://ror.org/00jmfr291","country_code":"US","type":"education","lineage":["https://openalex.org/I27837315"]}],"countries":["US"],"is_corresponding":false,"raw_author_name":"Baris Kasikci","raw_affiliation_strings":["University of Michigan"],"raw_orcid":null,"affiliations":[{"raw_affiliation_string":"University of Michigan","institution_ids":["https://openalex.org/I27837315"]}]},{"author_position":"middle","author":{"id":"https://openalex.org/A5085975362","display_name":"Sharad Malik","orcid":"https://orcid.org/0000-0002-0837-5443"},"institutions":[{"id":"https://openalex.org/I20089843","display_name":"Princeton University","ror":"https://ror.org/00hx57361","country_code":"US","type":"education","lineage":["https://openalex.org/I20089843"]}],"countries":["US"],"is_corresponding":false,"raw_author_name":"Sharad Malik","raw_affiliation_strings":["Princeton University"],"raw_orcid":null,"affiliations":[{"raw_affiliation_string":"Princeton University","institution_ids":["https://openalex.org/I20089843"]}]},{"author_position":"last","author":{"id":"https://openalex.org/A5113456715","display_name":"Todd Austin","orcid":null},"institutions":[{"id":"https://openalex.org/I27837315","display_name":"University of Michigan","ror":"https://ror.org/00jmfr291","country_code":"US","type":"education","lineage":["https://openalex.org/I27837315"]}],"countries":["US"],"is_corresponding":false,"raw_author_name":"Todd Austin","raw_affiliation_strings":["University of Michigan"],"raw_orcid":null,"affiliations":[{"raw_affiliation_string":"University of Michigan","institution_ids":["https://openalex.org/I27837315"]}]}],"institutions":[],"countries_distinct_count":1,"institutions_distinct_count":10,"corresponding_author_ids":[],"corresponding_institution_ids":[],"apc_list":null,"apc_paid":null,"fwci":0.2799,"has_fulltext":false,"cited_by_count":2,"citation_normalized_percentile":{"value":0.63908603,"is_in_top_1_percent":false,"is_in_top_10_percent":false},"cited_by_percentile_year":{"min":90,"max":94},"biblio":{"volume":"17","issue":"3","first_page":"1","last_page":"38"},"is_retracted":false,"is_paratext":false,"is_xpac":false,"primary_topic":{"id":"https://openalex.org/T11424","display_name":"Security and Verification in Computing","score":0.9998999834060669,"subfield":{"id":"https://openalex.org/subfields/1702","display_name":"Artificial Intelligence"},"field":{"id":"https://openalex.org/fields/17","display_name":"Computer Science"},"domain":{"id":"https://openalex.org/domains/3","display_name":"Physical Sciences"}},"topics":[{"id":"https://openalex.org/T11424","display_name":"Security and Verification in Computing","score":0.9998999834060669,"subfield":{"id":"https://openalex.org/subfields/1702","display_name":"Artificial Intelligence"},"field":{"id":"https://openalex.org/fields/17","display_name":"Computer Science"},"domain":{"id":"https://openalex.org/domains/3","display_name":"Physical Sciences"}},{"id":"https://openalex.org/T11241","display_name":"Advanced Malware Detection Techniques","score":0.9965999722480774,"subfield":{"id":"https://openalex.org/subfields/1711","display_name":"Signal Processing"},"field":{"id":"https://openalex.org/fields/17","display_name":"Computer Science"},"domain":{"id":"https://openalex.org/domains/3","display_name":"Physical Sciences"}},{"id":"https://openalex.org/T12122","display_name":"Physical Unclonable Functions (PUFs) and Hardware Security","score":0.9603000283241272,"subfield":{"id":"https://openalex.org/subfields/1708","display_name":"Hardware and Architecture"},"field":{"id":"https://openalex.org/fields/17","display_name":"Computer Science"},"domain":{"id":"https://openalex.org/domains/3","display_name":"Physical Sciences"}}],"keywords":[{"id":"https://openalex.org/keywords/exploit","display_name":"Exploit","score":0.9754016399383545},{"id":"https://openalex.org/keywords/vulnerability-management","display_name":"Vulnerability management","score":0.7746196985244751},{"id":"https://openalex.org/keywords/vulnerability","display_name":"Vulnerability (computing)","score":0.771354079246521},{"id":"https://openalex.org/keywords/computer-security","display_name":"Computer security","score":0.6948320865631104},{"id":"https://openalex.org/keywords/computer-science","display_name":"Computer science","score":0.5835162401199341},{"id":"https://openalex.org/keywords/unintended-consequences","display_name":"Unintended consequences","score":0.5513166189193726},{"id":"https://openalex.org/keywords/sophistication","display_name":"Sophistication","score":0.5253210067749023},{"id":"https://openalex.org/keywords/software","display_name":"Software","score":0.4742661714553833},{"id":"https://openalex.org/keywords/vulnerability-assessment","display_name":"Vulnerability assessment","score":0.3118530511856079},{"id":"https://openalex.org/keywords/political-science","display_name":"Political science","score":0.0813765823841095},{"id":"https://openalex.org/keywords/operating-system","display_name":"Operating system","score":0.07162231206893921}],"concepts":[{"id":"https://openalex.org/C165696696","wikidata":"https://www.wikidata.org/wiki/Q11287","display_name":"Exploit","level":2,"score":0.9754016399383545},{"id":"https://openalex.org/C172776598","wikidata":"https://www.wikidata.org/wiki/Q7943570","display_name":"Vulnerability management","level":4,"score":0.7746196985244751},{"id":"https://openalex.org/C95713431","wikidata":"https://www.wikidata.org/wiki/Q631425","display_name":"Vulnerability (computing)","level":2,"score":0.771354079246521},{"id":"https://openalex.org/C38652104","wikidata":"https://www.wikidata.org/wiki/Q3510521","display_name":"Computer security","level":1,"score":0.6948320865631104},{"id":"https://openalex.org/C41008148","wikidata":"https://www.wikidata.org/wiki/Q21198","display_name":"Computer science","level":0,"score":0.5835162401199341},{"id":"https://openalex.org/C2776889888","wikidata":"https://www.wikidata.org/wiki/Q1135789","display_name":"Unintended consequences","level":2,"score":0.5513166189193726},{"id":"https://openalex.org/C168725872","wikidata":"https://www.wikidata.org/wiki/Q991663","display_name":"Sophistication","level":2,"score":0.5253210067749023},{"id":"https://openalex.org/C2777904410","wikidata":"https://www.wikidata.org/wiki/Q7397","display_name":"Software","level":2,"score":0.4742661714553833},{"id":"https://openalex.org/C167063184","wikidata":"https://www.wikidata.org/wiki/Q1400839","display_name":"Vulnerability assessment","level":3,"score":0.3118530511856079},{"id":"https://openalex.org/C17744445","wikidata":"https://www.wikidata.org/wiki/Q36442","display_name":"Political science","level":0,"score":0.0813765823841095},{"id":"https://openalex.org/C111919701","wikidata":"https://www.wikidata.org/wiki/Q9135","display_name":"Operating system","level":1,"score":0.07162231206893921},{"id":"https://openalex.org/C144024400","wikidata":"https://www.wikidata.org/wiki/Q21201","display_name":"Sociology","level":0,"score":0.0},{"id":"https://openalex.org/C542102704","wikidata":"https://www.wikidata.org/wiki/Q183257","display_name":"Psychotherapist","level":1,"score":0.0},{"id":"https://openalex.org/C137176749","wikidata":"https://www.wikidata.org/wiki/Q4105337","display_name":"Psychological resilience","level":2,"score":0.0},{"id":"https://openalex.org/C36289849","wikidata":"https://www.wikidata.org/wiki/Q34749","display_name":"Social science","level":1,"score":0.0},{"id":"https://openalex.org/C199539241","wikidata":"https://www.wikidata.org/wiki/Q7748","display_name":"Law","level":1,"score":0.0},{"id":"https://openalex.org/C15744967","wikidata":"https://www.wikidata.org/wiki/Q9418","display_name":"Psychology","level":0,"score":0.0}],"mesh":[],"locations_count":1,"locations":[{"id":"doi:10.1145/3456299","is_oa":false,"landing_page_url":"https://doi.org/10.1145/3456299","pdf_url":null,"source":{"id":"https://openalex.org/S96198239","display_name":"ACM Journal on Emerging Technologies in Computing Systems","issn_l":"1550-4832","issn":["1550-4832","1550-4840"],"is_oa":false,"is_in_doaj":false,"is_core":true,"host_organization":"https://openalex.org/P4310319798","host_organization_name":"Association for Computing Machinery","host_organization_lineage":["https://openalex.org/P4310319798"],"host_organization_lineage_names":["Association for Computing Machinery"],"type":"journal"},"license":null,"license_id":null,"version":"publishedVersion","is_accepted":true,"is_published":true,"raw_source_name":"ACM Journal on Emerging Technologies in Computing Systems","raw_type":"journal-article"}],"best_oa_location":null,"sustainable_development_goals":[{"id":"https://metadata.un.org/sdg/12","display_name":"Responsible consumption and production","score":0.5699999928474426}],"awards":[{"id":"https://openalex.org/G3323179236","display_name":null,"funder_award_id":"HR0011-18-C-0019","funder_id":"https://openalex.org/F4320332180","funder_display_name":"Defense Advanced Research Projects Agency"}],"funders":[{"id":"https://openalex.org/F4320332180","display_name":"Defense Advanced Research Projects Agency","ror":"https://ror.org/02caytj08"}],"has_content":{"pdf":false,"grobid_xml":false},"content_urls":null,"referenced_works_count":63,"referenced_works":["https://openalex.org/W1605557845","https://openalex.org/W1680927362","https://openalex.org/W1963947298","https://openalex.org/W1964281299","https://openalex.org/W1969501726","https://openalex.org/W2003619630","https://openalex.org/W2004456327","https://openalex.org/W2022292029","https://openalex.org/W2033593513","https://openalex.org/W2035991175","https://openalex.org/W2036033615","https://openalex.org/W2036329595","https://openalex.org/W2042856445","https://openalex.org/W2072102701","https://openalex.org/W2087136780","https://openalex.org/W2089448621","https://openalex.org/W2098010707","https://openalex.org/W2101699859","https://openalex.org/W2109219878","https://openalex.org/W2111160280","https://openalex.org/W2124360577","https://openalex.org/W2146573211","https://openalex.org/W2154555738","https://openalex.org/W2154902280","https://openalex.org/W2157116240","https://openalex.org/W2171264329","https://openalex.org/W2293825325","https://openalex.org/W2301588800","https://openalex.org/W2327709439","https://openalex.org/W2511192821","https://openalex.org/W2512784977","https://openalex.org/W2572561587","https://openalex.org/W2574009340","https://openalex.org/W2612687770","https://openalex.org/W2624178362","https://openalex.org/W2722741879","https://openalex.org/W2732073075","https://openalex.org/W2751343396","https://openalex.org/W2780532113","https://openalex.org/W2809355808","https://openalex.org/W2810584084","https://openalex.org/W2868863044","https://openalex.org/W2884076027","https://openalex.org/W2884163605","https://openalex.org/W2903910116","https://openalex.org/W2905380323","https://openalex.org/W2935085295","https://openalex.org/W2952265249","https://openalex.org/W2952322674","https://openalex.org/W2954241526","https://openalex.org/W2955008836","https://openalex.org/W2963311060","https://openalex.org/W2964281551","https://openalex.org/W2979633637","https://openalex.org/W2982848142","https://openalex.org/W2987866126","https://openalex.org/W4210645602","https://openalex.org/W4229901690","https://openalex.org/W4238851087","https://openalex.org/W4241773843","https://openalex.org/W4242926647","https://openalex.org/W4253180115","https://openalex.org/W4300388644"],"related_works":["https://openalex.org/W4200107511","https://openalex.org/W4387360145","https://openalex.org/W4306762697","https://openalex.org/W4284888217","https://openalex.org/W3191405550","https://openalex.org/W3150345186","https://openalex.org/W2393340519","https://openalex.org/W2390459954","https://openalex.org/W2297096600","https://openalex.org/W4220885008"],"abstract_inverted_index":{"There":[0],"is":[1,24,33],"an":[2,85,136],"increasing":[3],"body":[4],"of":[5,10,28,87,141,154,173,180,196],"work":[6,147],"in":[7,20,41],"the":[8,26,94,121,133,189,194,197,209],"area":[9],"hardware":[11,107],"defenses":[12,23,44,53,80,146,160,166,200],"for":[13,208],"software-driven":[14],"security":[15,29,88,127],"attacks.":[16],"A":[17],"significant":[18],"challenge":[19],"developing":[21,164],"these":[22,52,100,142,150],"that":[25,45,63,167],"space":[27],"vulnerabilities":[30,89],"and":[31,35,106,109,118,144,159,192,199],"exploits":[32,128,198],"large":[34],"not":[36],"fully":[37],"understood.":[38],"This":[39,67,152],"results":[40],"specific":[42],"point":[43],"aim":[46],"to":[47,70,77,135,148],"patch":[48],"particular":[49],"vulnerabilities.":[50,66],"While":[51],"are":[54,57],"valuable,":[55],"they":[56,91,186],"often":[58],"blindsided":[59],"by":[60,74,131],"fresh":[61],"attacks":[62],"exploit":[64],"new":[65],"article":[68],"aims":[69],"address":[71],"this":[72],"issue":[73],"suggesting":[75],"ways":[76],"make":[78],"future":[79],"more":[81],"durable":[82,165],"based":[83],"on":[84],"organization":[86],"as":[90],"arise":[92],"throughout":[93],"program":[95],"life":[96],"cycle.":[97],"We":[98,175],"classify":[99],"vulnerability":[101,156],"sources":[102,143],"through":[103],"programming,":[104],"compilation,":[105],"realization,":[108],"we":[110,124],"show":[111,125],"how":[112,126,145,185,193],"each":[113],"source":[114],"introduces":[115],"unintended":[116,137],"states":[117],"transitions":[119],"into":[120,163,188],"implementation.":[122],"Further,":[123],"gain":[129],"control":[130],"moving":[132],"implementation":[134],"state":[138],"using":[139],"knowledge":[140],"prevent":[149],"transitions.":[151],"framework":[153,191],"analyzing":[155],"sources,":[157],"exploits,":[158],"provides":[161],"insights":[162,207],"could":[168],"defend":[169],"against":[170],"broader":[171],"categories":[172],"exploits.":[174],"present":[176],"illustrative":[177],"case":[178],"studies":[179],"four":[181],"important":[182],"attack":[183],"genealogies\u2014showing":[184],"fit":[187],"presented":[190],"sophistication":[195],"have":[201],"evolved":[202],"over":[203],"time,":[204],"providing":[205],"us":[206],"future.":[210]},"counts_by_year":[{"year":2024,"cited_by_count":1},{"year":2022,"cited_by_count":1}],"updated_date":"2026-06-11T09:08:48.828518","created_date":"2025-10-10T00:00:00"}