{"id":"https://openalex.org/W4400119962","doi":"https://doi.org/10.1145/3634737.3644994","title":"ISLAB: Immutable Memory Management Metadata for Commodity Operating System Kernels","display_name":"ISLAB: Immutable Memory Management Metadata for Commodity Operating System Kernels","publication_year":2024,"publication_date":"2024-06-28","ids":{"openalex":"https://openalex.org/W4400119962","doi":"https://doi.org/10.1145/3634737.3644994"},"language":"en","primary_location":{"id":"doi:10.1145/3634737.3644994","is_oa":false,"landing_page_url":"https://doi.org/10.1145/3634737.3644994","pdf_url":null,"source":null,"license":null,"license_id":null,"version":"publishedVersion","is_accepted":true,"is_published":true,"raw_source_name":"Proceedings of the 19th ACM Asia Conference on Computer and Communications Security","raw_type":"proceedings-article"},"type":"article","indexed_in":["crossref"],"open_access":{"is_oa":false,"oa_status":"closed","oa_url":null,"any_repository_has_fulltext":false},"authorships":[{"author_position":"first","author":{"id":"https://openalex.org/A5026880771","display_name":"Marius Momeu","orcid":"https://orcid.org/0009-0009-3389-9837"},"institutions":[{"id":"https://openalex.org/I62916508","display_name":"Technical University of Munich","ror":"https://ror.org/02kkvpp62","country_code":"DE","type":"education","lineage":["https://openalex.org/I62916508"]}],"countries":["DE"],"is_corresponding":false,"raw_author_name":"Marius Momeu","raw_affiliation_strings":["Technical University of Munich, Munich, Germany"],"raw_orcid":"https://orcid.org/0009-0009-3389-9837","affiliations":[{"raw_affiliation_string":"Technical University of Munich, Munich, Germany","institution_ids":["https://openalex.org/I62916508"]}]},{"author_position":"middle","author":{"id":"https://openalex.org/A5003047561","display_name":"Fabian Kilger","orcid":"https://orcid.org/0009-0004-7233-4250"},"institutions":[{"id":"https://openalex.org/I62916508","display_name":"Technical University of Munich","ror":"https://ror.org/02kkvpp62","country_code":"DE","type":"education","lineage":["https://openalex.org/I62916508"]}],"countries":["DE"],"is_corresponding":false,"raw_author_name":"Fabian Kilger","raw_affiliation_strings":["Technical University of Munich, Munich, Germany"],"raw_orcid":"https://orcid.org/0009-0004-7233-4250","affiliations":[{"raw_affiliation_string":"Technical University of Munich, Munich, Germany","institution_ids":["https://openalex.org/I62916508"]}]},{"author_position":"middle","author":{"id":"https://openalex.org/A5099637756","display_name":"Christopher Roemheld","orcid":"https://orcid.org/0009-0008-9143-3202"},"institutions":[{"id":"https://openalex.org/I62916508","display_name":"Technical University of Munich","ror":"https://ror.org/02kkvpp62","country_code":"DE","type":"education","lineage":["https://openalex.org/I62916508"]}],"countries":["DE"],"is_corresponding":false,"raw_author_name":"Christopher Roemheld","raw_affiliation_strings":["Technical University of Munich, Munich, Germany"],"raw_orcid":"https://orcid.org/0009-0008-9143-3202","affiliations":[{"raw_affiliation_string":"Technical University of Munich, Munich, Germany","institution_ids":["https://openalex.org/I62916508"]}]},{"author_position":"middle","author":{"id":"https://openalex.org/A5099637757","display_name":"Simon Schn\u00fcckel","orcid":"https://orcid.org/0009-0002-0740-6495"},"institutions":[{"id":"https://openalex.org/I62916508","display_name":"Technical University of Munich","ror":"https://ror.org/02kkvpp62","country_code":"DE","type":"education","lineage":["https://openalex.org/I62916508"]}],"countries":["DE"],"is_corresponding":false,"raw_author_name":"Simon Schn\u00fcckel","raw_affiliation_strings":["Technical University of Munich, Munich, Germany"],"raw_orcid":"https://orcid.org/0009-0002-0740-6495","affiliations":[{"raw_affiliation_string":"Technical University of Munich, Munich, Germany","institution_ids":["https://openalex.org/I62916508"]}]},{"author_position":"middle","author":{"id":"https://openalex.org/A5103119931","display_name":"Sergej Proskurin","orcid":"https://orcid.org/0000-0002-0524-2493"},"institutions":[],"countries":[],"is_corresponding":false,"raw_author_name":"Sergej Proskurin","raw_affiliation_strings":["BedRock Systems, Munich, Germany"],"raw_orcid":"https://orcid.org/0000-0002-0524-2493","affiliations":[{"raw_affiliation_string":"BedRock Systems, Munich, Germany","institution_ids":[]}]},{"author_position":"middle","author":{"id":"https://openalex.org/A5007101727","display_name":"Michalis Polychronakis","orcid":"https://orcid.org/0000-0002-3106-0343"},"institutions":[{"id":"https://openalex.org/I59553526","display_name":"Stony Brook University","ror":"https://ror.org/05qghxh33","country_code":"US","type":"education","lineage":["https://openalex.org/I59553526"]}],"countries":["US"],"is_corresponding":false,"raw_author_name":"Michalis Polychronakis","raw_affiliation_strings":["Stony Brook University, Stony Brook, New York, United States of America"],"raw_orcid":"https://orcid.org/0000-0002-3106-0343","affiliations":[{"raw_affiliation_string":"Stony Brook University, Stony Brook, New York, United States of America","institution_ids":["https://openalex.org/I59553526"]}]},{"author_position":"last","author":{"id":"https://openalex.org/A5006944216","display_name":"Vasileios P. Kemerlis","orcid":"https://orcid.org/0000-0002-6528-437X"},"institutions":[{"id":"https://openalex.org/I27804330","display_name":"Brown University","ror":"https://ror.org/05gq02987","country_code":"US","type":"education","lineage":["https://openalex.org/I27804330"]}],"countries":["US"],"is_corresponding":false,"raw_author_name":"Vasileios P. Kemerlis","raw_affiliation_strings":["Brown University, Providence, Rhode Island, United States of America"],"raw_orcid":"https://orcid.org/0000-0002-6528-437X","affiliations":[{"raw_affiliation_string":"Brown University, Providence, Rhode Island, United States of America","institution_ids":["https://openalex.org/I27804330"]}]}],"institutions":[],"countries_distinct_count":2,"institutions_distinct_count":7,"corresponding_author_ids":[],"corresponding_institution_ids":[],"apc_list":null,"apc_paid":null,"fwci":1.2219,"has_fulltext":false,"cited_by_count":4,"citation_normalized_percentile":{"value":0.82237888,"is_in_top_1_percent":false,"is_in_top_10_percent":false},"cited_by_percentile_year":{"min":90,"max":98},"biblio":{"volume":null,"issue":null,"first_page":"1159","last_page":"1172"},"is_retracted":false,"is_paratext":false,"is_xpac":false,"primary_topic":{"id":"https://openalex.org/T11424","display_name":"Security and Verification in Computing","score":0.9998000264167786,"subfield":{"id":"https://openalex.org/subfields/1702","display_name":"Artificial Intelligence"},"field":{"id":"https://openalex.org/fields/17","display_name":"Computer Science"},"domain":{"id":"https://openalex.org/domains/3","display_name":"Physical Sciences"}},"topics":[{"id":"https://openalex.org/T11424","display_name":"Security and Verification in Computing","score":0.9998000264167786,"subfield":{"id":"https://openalex.org/subfields/1702","display_name":"Artificial Intelligence"},"field":{"id":"https://openalex.org/fields/17","display_name":"Computer Science"},"domain":{"id":"https://openalex.org/domains/3","display_name":"Physical Sciences"}},{"id":"https://openalex.org/T10772","display_name":"Distributed systems and fault tolerance","score":0.9980000257492065,"subfield":{"id":"https://openalex.org/subfields/1705","display_name":"Computer Networks and Communications"},"field":{"id":"https://openalex.org/fields/17","display_name":"Computer Science"},"domain":{"id":"https://openalex.org/domains/3","display_name":"Physical Sciences"}},{"id":"https://openalex.org/T10054","display_name":"Parallel Computing and Optimization Techniques","score":0.9955999851226807,"subfield":{"id":"https://openalex.org/subfields/1708","display_name":"Hardware and Architecture"},"field":{"id":"https://openalex.org/fields/17","display_name":"Computer Science"},"domain":{"id":"https://openalex.org/domains/3","display_name":"Physical Sciences"}}],"keywords":[{"id":"https://openalex.org/keywords/metadata","display_name":"Metadata","score":0.7895062565803528},{"id":"https://openalex.org/keywords/computer-science","display_name":"Computer science","score":0.7535626292228699},{"id":"https://openalex.org/keywords/memory-management","display_name":"Memory management","score":0.6595310568809509},{"id":"https://openalex.org/keywords/commodity","display_name":"Commodity","score":0.6096312999725342},{"id":"https://openalex.org/keywords/metadata-management","display_name":"Metadata management","score":0.595684826374054},{"id":"https://openalex.org/keywords/operating-system","display_name":"Operating system","score":0.594929575920105},{"id":"https://openalex.org/keywords/semiconductor-memory","display_name":"Semiconductor memory","score":0.14882969856262207},{"id":"https://openalex.org/keywords/business","display_name":"Business","score":0.11709803342819214}],"concepts":[{"id":"https://openalex.org/C93518851","wikidata":"https://www.wikidata.org/wiki/Q180160","display_name":"Metadata","level":2,"score":0.7895062565803528},{"id":"https://openalex.org/C41008148","wikidata":"https://www.wikidata.org/wiki/Q21198","display_name":"Computer science","level":0,"score":0.7535626292228699},{"id":"https://openalex.org/C176649486","wikidata":"https://www.wikidata.org/wiki/Q2308807","display_name":"Memory management","level":3,"score":0.6595310568809509},{"id":"https://openalex.org/C2779439359","wikidata":"https://www.wikidata.org/wiki/Q317088","display_name":"Commodity","level":2,"score":0.6096312999725342},{"id":"https://openalex.org/C2779489174","wikidata":"https://www.wikidata.org/wiki/Q6822246","display_name":"Metadata management","level":3,"score":0.595684826374054},{"id":"https://openalex.org/C111919701","wikidata":"https://www.wikidata.org/wiki/Q9135","display_name":"Operating system","level":1,"score":0.594929575920105},{"id":"https://openalex.org/C98986596","wikidata":"https://www.wikidata.org/wiki/Q1143031","display_name":"Semiconductor memory","level":2,"score":0.14882969856262207},{"id":"https://openalex.org/C144133560","wikidata":"https://www.wikidata.org/wiki/Q4830453","display_name":"Business","level":0,"score":0.11709803342819214},{"id":"https://openalex.org/C10138342","wikidata":"https://www.wikidata.org/wiki/Q43015","display_name":"Finance","level":1,"score":0.0}],"mesh":[],"locations_count":1,"locations":[{"id":"doi:10.1145/3634737.3644994","is_oa":false,"landing_page_url":"https://doi.org/10.1145/3634737.3644994","pdf_url":null,"source":null,"license":null,"license_id":null,"version":"publishedVersion","is_accepted":true,"is_published":true,"raw_source_name":"Proceedings of the 19th ACM Asia Conference on Computer and Communications Security","raw_type":"proceedings-article"}],"best_oa_location":null,"sustainable_development_goals":[],"awards":[{"id":"https://openalex.org/G1366025304","display_name":null,"funder_award_id":"CNS-2104148","funder_id":"https://openalex.org/F4320306076","funder_display_name":"National Science Foundation"},{"id":"https://openalex.org/G7219248990","display_name":null,"funder_award_id":"CNS-1749895","funder_id":"https://openalex.org/F4320306076","funder_display_name":"National Science Foundation"},{"id":"https://openalex.org/G804146523","display_name":null,"funder_award_id":"CNS-2238467","funder_id":"https://openalex.org/F4320306076","funder_display_name":"National Science Foundation"}],"funders":[{"id":"https://openalex.org/F4320306076","display_name":"National Science Foundation","ror":"https://ror.org/021nxhr62"}],"has_content":{"grobid_xml":false,"pdf":false},"content_urls":null,"referenced_works_count":16,"referenced_works":["https://openalex.org/W1016402482","https://openalex.org/W1447175589","https://openalex.org/W1535810264","https://openalex.org/W1996027765","https://openalex.org/W2105321788","https://openalex.org/W2664885055","https://openalex.org/W2787793525","https://openalex.org/W2899499161","https://openalex.org/W2947243817","https://openalex.org/W3015513242","https://openalex.org/W3160448675","https://openalex.org/W3205828860","https://openalex.org/W4225569156","https://openalex.org/W4235202118","https://openalex.org/W4289126832","https://openalex.org/W4328005947"],"related_works":["https://openalex.org/W1487702188","https://openalex.org/W2374913837","https://openalex.org/W2460834149","https://openalex.org/W1512114296","https://openalex.org/W2354316773","https://openalex.org/W2376038160","https://openalex.org/W4205875026","https://openalex.org/W2389651964","https://openalex.org/W2374161210","https://openalex.org/W2023606539"],"abstract_inverted_index":{"Kernel":[0],"memory":[1,35,45,53,76,91,100,112,125,196],"allocators":[2],"maintain":[3],"several":[4,51],"metadata":[5,30,96,120,194],"structures":[6],"optimized":[7],"for":[8,195],"efficiently":[9],"managing":[10],"system":[11],"memory.":[12,104],"However,":[13],"existing":[14,44],"implementations":[15],"adopt":[16],"either":[17],"weak":[18],"or":[19],"no":[20,162],"protection":[21],"at":[22],"all":[23],"to":[24,70,117,146,183],"ensure":[25,71],"the":[26,32,72,75,79,83,135,185],"integrity":[27,73,186],"of":[28,34,62,74,187],"said":[29],"in":[31,139,153,165,171],"presence":[33],"errors.":[36],"In":[37],"this":[38],"paper,":[39],"we":[40,175],"first":[41],"demonstrate":[42],"how":[43,177],"hardening":[46,66],"schemes":[47],"fall":[48],"short":[49],"against":[50,121],"in-kernel":[52],"corruption":[54,92],"scenarios.":[55],"We":[56,128],"then":[57],"present":[58],"ISLAB:":[59],"a":[60,109,150],"set":[61],"novel":[63,110],"(slab-based)":[64],"heap":[65],"techniques":[67],"that":[68,159,191],"aim":[69],"managed":[77],"by":[78,94],"kernel,":[80],"and":[81,86,130,141,168],"minimize":[82],"incurred":[84],"runtime,":[85],"memory,":[87],"overhead.":[88],"ISLAB":[89,132,160],"prevents":[90],"exploits":[93],"segregating":[95],"from":[97],"within":[98],"corruptible":[99,193],"objects":[101],"into":[102],"shadow":[103],"It":[105],"also":[106],"relies":[107],"on":[108],"SMAP-assisted":[111],"isolation":[113],"framework,":[114],"called":[115],"kSMAP,":[116],"protect":[118,147,184],"allocator":[119,138],"adversaries":[122],"with":[123,144],"stronger":[124],"access":[126],"capabilities.":[127],"implemented":[129],"evaluated":[131],"atop":[133],"SLUB,":[134],"default":[136],"slab":[137],"Linux,":[140],"equipped":[142],"it":[143],"kSMAP":[145],"process":[148],"credentials,":[149],"popular":[151],"target":[152],"kernel":[154,189],"exploitation.":[155],"Our":[156],"experiments":[157],"show":[158,176],"incurs":[161],"runtime":[163],"overhead":[164,170],"realistic":[166],"benchmarks,":[167],"moderate":[169],"stress":[172],"tests.":[173],"Lastly,":[174],"ISLAB's":[178],"approach":[179],"can":[180],"be":[181],"generalized":[182],"other":[188],"subsystems":[190],"use":[192],"management,":[197],"such":[198],"as":[199],"linked":[200],"lists.":[201]},"counts_by_year":[{"year":2026,"cited_by_count":1},{"year":2025,"cited_by_count":2},{"year":2024,"cited_by_count":1}],"updated_date":"2026-06-11T09:08:48.828518","created_date":"2025-10-10T00:00:00"}