{"id":"https://openalex.org/W4405181838","doi":"https://doi.org/10.1145/3658644.3690310","title":"Top of the Heap: Efficient Memory Error Protection of Safe Heap Objects","display_name":"Top of the Heap: Efficient Memory Error Protection of Safe Heap Objects","publication_year":2024,"publication_date":"2024-12-02","ids":{"openalex":"https://openalex.org/W4405181838","doi":"https://doi.org/10.1145/3658644.3690310"},"language":"en","primary_location":{"id":"doi:10.1145/3658644.3690310","is_oa":true,"landing_page_url":"https://doi.org/10.1145/3658644.3690310","pdf_url":"https://dl.acm.org/doi/pdf/10.1145/3658644.3690310","source":null,"license":null,"license_id":null,"version":"publishedVersion","is_accepted":true,"is_published":true,"raw_source_name":"Proceedings of the 2024 on ACM SIGSAC Conference on Computer and Communications Security","raw_type":"proceedings-article"},"type":"article","indexed_in":["crossref"],"open_access":{"is_oa":true,"oa_status":"gold","oa_url":"https://dl.acm.org/doi/pdf/10.1145/3658644.3690310","any_repository_has_fulltext":null},"authorships":[{"author_position":"first","author":{"id":"https://openalex.org/A5072113393","display_name":"Kaiming Huang","orcid":"https://orcid.org/0000-0003-3665-2687"},"institutions":[{"id":"https://openalex.org/I130769515","display_name":"Pennsylvania State University","ror":"https://ror.org/04p491231","country_code":"US","type":"education","lineage":["https://openalex.org/I130769515"]}],"countries":["US"],"is_corresponding":true,"raw_author_name":"Kaiming Huang","raw_affiliation_strings":["The Pennsylvania State University, State College, PA, USA"],"affiliations":[{"raw_affiliation_string":"The Pennsylvania State University, State College, PA, USA","institution_ids":["https://openalex.org/I130769515"]}]},{"author_position":"middle","author":{"id":"https://openalex.org/A5065116578","display_name":"Mathias Payer","orcid":"https://orcid.org/0000-0001-5054-7547"},"institutions":[{"id":"https://openalex.org/I5124864","display_name":"\u00c9cole Polytechnique F\u00e9d\u00e9rale de Lausanne","ror":"https://ror.org/02s376052","country_code":"CH","type":"education","lineage":["https://openalex.org/I2799323385","https://openalex.org/I5124864"]}],"countries":["CH"],"is_corresponding":false,"raw_author_name":"Mathias Payer","raw_affiliation_strings":["\u00c9cole Polytechnique F\u00e9d\u00e9rale de Lausanne, Lausanne, Switzerland"],"affiliations":[{"raw_affiliation_string":"\u00c9cole Polytechnique F\u00e9d\u00e9rale de Lausanne, Lausanne, Switzerland","institution_ids":["https://openalex.org/I5124864"]}]},{"author_position":"middle","author":{"id":"https://openalex.org/A5022038961","display_name":"Zhiyun Qian","orcid":"https://orcid.org/0000-0003-1506-2522"},"institutions":[{"id":"https://openalex.org/I103635307","display_name":"University of California, Riverside","ror":"https://ror.org/03nawhv43","country_code":"US","type":"education","lineage":["https://openalex.org/I103635307"]}],"countries":["US"],"is_corresponding":false,"raw_author_name":"Zhiyun Qian","raw_affiliation_strings":["University of California, Riverside, Riverside, CA, USA"],"affiliations":[{"raw_affiliation_string":"University of California, Riverside, Riverside, CA, USA","institution_ids":["https://openalex.org/I103635307"]}]},{"author_position":"middle","author":{"id":"https://openalex.org/A5014048994","display_name":"Jack Sampson","orcid":null},"institutions":[{"id":"https://openalex.org/I130769515","display_name":"Pennsylvania State University","ror":"https://ror.org/04p491231","country_code":"US","type":"education","lineage":["https://openalex.org/I130769515"]}],"countries":["US"],"is_corresponding":false,"raw_author_name":"Jack Sampson","raw_affiliation_strings":["The Pennsylvania State University, State College, PA, USA"],"affiliations":[{"raw_affiliation_string":"The Pennsylvania State University, State College, PA, USA","institution_ids":["https://openalex.org/I130769515"]}]},{"author_position":"middle","author":{"id":"https://openalex.org/A5010830558","display_name":"Gang Tan","orcid":"https://orcid.org/0000-0001-6109-6091"},"institutions":[{"id":"https://openalex.org/I130769515","display_name":"Pennsylvania State University","ror":"https://ror.org/04p491231","country_code":"US","type":"education","lineage":["https://openalex.org/I130769515"]}],"countries":["US"],"is_corresponding":false,"raw_author_name":"Gang Tan","raw_affiliation_strings":["The Pennsylvania State University, State College, PA, USA"],"affiliations":[{"raw_affiliation_string":"The Pennsylvania State University, State College, PA, USA","institution_ids":["https://openalex.org/I130769515"]}]},{"author_position":"last","author":{"id":"https://openalex.org/A5055045569","display_name":"Trent Jaeger","orcid":"https://orcid.org/0000-0002-4964-1170"},"institutions":[{"id":"https://openalex.org/I103635307","display_name":"University of California, Riverside","ror":"https://ror.org/03nawhv43","country_code":"US","type":"education","lineage":["https://openalex.org/I103635307"]}],"countries":["US"],"is_corresponding":false,"raw_author_name":"Trent Jaeger","raw_affiliation_strings":["University of California, Riverside, Riverside, CA, USA"],"affiliations":[{"raw_affiliation_string":"University of California, Riverside, Riverside, CA, USA","institution_ids":["https://openalex.org/I103635307"]}]}],"institutions":[],"countries_distinct_count":2,"institutions_distinct_count":6,"corresponding_author_ids":["https://openalex.org/A5072113393"],"corresponding_institution_ids":["https://openalex.org/I130769515"],"apc_list":null,"apc_paid":null,"fwci":1.0245,"has_fulltext":false,"cited_by_count":3,"citation_normalized_percentile":{"value":0.8181096,"is_in_top_1_percent":false,"is_in_top_10_percent":false},"cited_by_percentile_year":{"min":96,"max":97},"biblio":{"volume":null,"issue":null,"first_page":"1330","last_page":"1344"},"is_retracted":false,"is_paratext":false,"is_xpac":false,"primary_topic":{"id":"https://openalex.org/T11424","display_name":"Security and Verification in Computing","score":0.9998999834060669,"subfield":{"id":"https://openalex.org/subfields/1702","display_name":"Artificial Intelligence"},"field":{"id":"https://openalex.org/fields/17","display_name":"Computer Science"},"domain":{"id":"https://openalex.org/domains/3","display_name":"Physical Sciences"}},"topics":[{"id":"https://openalex.org/T11424","display_name":"Security and Verification in Computing","score":0.9998999834060669,"subfield":{"id":"https://openalex.org/subfields/1702","display_name":"Artificial Intelligence"},"field":{"id":"https://openalex.org/fields/17","display_name":"Computer Science"},"domain":{"id":"https://openalex.org/domains/3","display_name":"Physical Sciences"}},{"id":"https://openalex.org/T11241","display_name":"Advanced Malware Detection Techniques","score":0.9944999814033508,"subfield":{"id":"https://openalex.org/subfields/1711","display_name":"Signal Processing"},"field":{"id":"https://openalex.org/fields/17","display_name":"Computer Science"},"domain":{"id":"https://openalex.org/domains/3","display_name":"Physical Sciences"}},{"id":"https://openalex.org/T12479","display_name":"Web Application Security Vulnerabilities","score":0.9832000136375427,"subfield":{"id":"https://openalex.org/subfields/1710","display_name":"Information Systems"},"field":{"id":"https://openalex.org/fields/17","display_name":"Computer Science"},"domain":{"id":"https://openalex.org/domains/3","display_name":"Physical Sciences"}}],"keywords":[{"id":"https://openalex.org/keywords/heap","display_name":"Heap (data structure)","score":0.9337763786315918},{"id":"https://openalex.org/keywords/computer-science","display_name":"Computer science","score":0.8026673793792725},{"id":"https://openalex.org/keywords/spec#","display_name":"Spec#","score":0.7218196392059326},{"id":"https://openalex.org/keywords/memory-safety","display_name":"Memory safety","score":0.6771427989006042},{"id":"https://openalex.org/keywords/memory-protection","display_name":"Memory protection","score":0.6287367343902588},{"id":"https://openalex.org/keywords/allocator","display_name":"Allocator","score":0.5881568193435669},{"id":"https://openalex.org/keywords/memory-leak","display_name":"Memory leak","score":0.5088122487068176},{"id":"https://openalex.org/keywords/embedded-system","display_name":"Embedded system","score":0.4211358428001404},{"id":"https://openalex.org/keywords/operating-system","display_name":"Operating system","score":0.4045635163784027},{"id":"https://openalex.org/keywords/parallel-computing","display_name":"Parallel computing","score":0.3785037398338318},{"id":"https://openalex.org/keywords/overlay","display_name":"Overlay","score":0.2841895818710327},{"id":"https://openalex.org/keywords/memory-management","display_name":"Memory management","score":0.269207239151001},{"id":"https://openalex.org/keywords/software","display_name":"Software","score":0.2578740119934082},{"id":"https://openalex.org/keywords/programming-language","display_name":"Programming language","score":0.2519031763076782},{"id":"https://openalex.org/keywords/virtual-memory","display_name":"Virtual memory","score":0.14122411608695984}],"concepts":[{"id":"https://openalex.org/C134757568","wikidata":"https://www.wikidata.org/wiki/Q274089","display_name":"Heap (data structure)","level":2,"score":0.9337763786315918},{"id":"https://openalex.org/C41008148","wikidata":"https://www.wikidata.org/wiki/Q21198","display_name":"Computer science","level":0,"score":0.8026673793792725},{"id":"https://openalex.org/C2778565505","wikidata":"https://www.wikidata.org/wiki/Q2207566","display_name":"Spec#","level":2,"score":0.7218196392059326},{"id":"https://openalex.org/C28180684","wikidata":"https://www.wikidata.org/wiki/Q4080983","display_name":"Memory safety","level":3,"score":0.6771427989006042},{"id":"https://openalex.org/C18131444","wikidata":"https://www.wikidata.org/wiki/Q163585","display_name":"Memory protection","level":5,"score":0.6287367343902588},{"id":"https://openalex.org/C162262903","wikidata":"https://www.wikidata.org/wiki/Q343527","display_name":"Allocator","level":2,"score":0.5881568193435669},{"id":"https://openalex.org/C156731835","wikidata":"https://www.wikidata.org/wiki/Q751740","display_name":"Memory leak","level":4,"score":0.5088122487068176},{"id":"https://openalex.org/C149635348","wikidata":"https://www.wikidata.org/wiki/Q193040","display_name":"Embedded system","level":1,"score":0.4211358428001404},{"id":"https://openalex.org/C111919701","wikidata":"https://www.wikidata.org/wiki/Q9135","display_name":"Operating system","level":1,"score":0.4045635163784027},{"id":"https://openalex.org/C173608175","wikidata":"https://www.wikidata.org/wiki/Q232661","display_name":"Parallel computing","level":1,"score":0.3785037398338318},{"id":"https://openalex.org/C136085584","wikidata":"https://www.wikidata.org/wiki/Q910289","display_name":"Overlay","level":2,"score":0.2841895818710327},{"id":"https://openalex.org/C176649486","wikidata":"https://www.wikidata.org/wiki/Q2308807","display_name":"Memory management","level":3,"score":0.269207239151001},{"id":"https://openalex.org/C2777904410","wikidata":"https://www.wikidata.org/wiki/Q7397","display_name":"Software","level":2,"score":0.2578740119934082},{"id":"https://openalex.org/C199360897","wikidata":"https://www.wikidata.org/wiki/Q9143","display_name":"Programming language","level":1,"score":0.2519031763076782},{"id":"https://openalex.org/C76399640","wikidata":"https://www.wikidata.org/wiki/Q189401","display_name":"Virtual memory","level":4,"score":0.14122411608695984}],"mesh":[],"locations_count":1,"locations":[{"id":"doi:10.1145/3658644.3690310","is_oa":true,"landing_page_url":"https://doi.org/10.1145/3658644.3690310","pdf_url":"https://dl.acm.org/doi/pdf/10.1145/3658644.3690310","source":null,"license":null,"license_id":null,"version":"publishedVersion","is_accepted":true,"is_published":true,"raw_source_name":"Proceedings of the 2024 on ACM SIGSAC Conference on Computer and Communications Security","raw_type":"proceedings-article"}],"best_oa_location":{"id":"doi:10.1145/3658644.3690310","is_oa":true,"landing_page_url":"https://doi.org/10.1145/3658644.3690310","pdf_url":"https://dl.acm.org/doi/pdf/10.1145/3658644.3690310","source":null,"license":null,"license_id":null,"version":"publishedVersion","is_accepted":true,"is_published":true,"raw_source_name":"Proceedings of the 2024 on ACM SIGSAC Conference on Computer and Communications Security","raw_type":"proceedings-article"},"sustainable_development_goals":[],"awards":[{"id":"https://openalex.org/G3149271786","display_name":null,"funder_award_id":"CNS-1801534","funder_id":"https://openalex.org/F4320323817","funder_display_name":"Universitas Brawijaya"},{"id":"https://openalex.org/G6824117195","display_name":null,"funder_award_id":"ERC Horizon 2020 grant 850868","funder_id":"https://openalex.org/F4320323817","funder_display_name":"Universitas Brawijaya"}],"funders":[{"id":"https://openalex.org/F4320323817","display_name":"Universitas Brawijaya","ror":"https://ror.org/01wk3d929"}],"has_content":{"pdf":true,"grobid_xml":false},"content_urls":{"pdf":"https://content.openalex.org/works/W4405181838.pdf"},"referenced_works_count":79,"referenced_works":["https://openalex.org/W181487622","https://openalex.org/W1517637393","https://openalex.org/W1963947298","https://openalex.org/W1969540782","https://openalex.org/W1980468060","https://openalex.org/W1984471991","https://openalex.org/W1994759706","https://openalex.org/W1996567876","https://openalex.org/W1997394198","https://openalex.org/W2031006315","https://openalex.org/W2072385532","https://openalex.org/W2089448621","https://openalex.org/W2089750484","https://openalex.org/W2097990218","https://openalex.org/W2098806455","https://openalex.org/W2122757982","https://openalex.org/W2154795299","https://openalex.org/W2158600037","https://openalex.org/W2186294736","https://openalex.org/W2289498116","https://openalex.org/W2297774820","https://openalex.org/W2301548261","https://openalex.org/W2350778671","https://openalex.org/W2512784977","https://openalex.org/W2534135179","https://openalex.org/W2547862110","https://openalex.org/W2574017551","https://openalex.org/W2578771209","https://openalex.org/W2751137623","https://openalex.org/W2752929869","https://openalex.org/W2766188225","https://openalex.org/W2773223713","https://openalex.org/W2774510177","https://openalex.org/W2788604126","https://openalex.org/W2790728214","https://openalex.org/W2804093830","https://openalex.org/W2891057055","https://openalex.org/W2903261599","https://openalex.org/W2911281300","https://openalex.org/W2912296587","https://openalex.org/W2914630606","https://openalex.org/W2948598708","https://openalex.org/W2985831349","https://openalex.org/W3015296434","https://openalex.org/W3015513242","https://openalex.org/W3020256702","https://openalex.org/W3043044582","https://openalex.org/W3108020564","https://openalex.org/W3109904794","https://openalex.org/W3154844554","https://openalex.org/W3156527753","https://openalex.org/W3198309584","https://openalex.org/W3205730643","https://openalex.org/W4225985424","https://openalex.org/W4226422324","https://openalex.org/W4231756196","https://openalex.org/W4239876907","https://openalex.org/W4243606051","https://openalex.org/W4243885711","https://openalex.org/W4244413641","https://openalex.org/W4281763794","https://openalex.org/W4281779787","https://openalex.org/W4288057704","https://openalex.org/W4288057707","https://openalex.org/W4301329292","https://openalex.org/W4302784197","https://openalex.org/W4308391524","https://openalex.org/W4308642904","https://openalex.org/W4328143499","https://openalex.org/W4388483636","https://openalex.org/W4388857675","https://openalex.org/W4391725287","https://openalex.org/W4391725304","https://openalex.org/W4394595272","https://openalex.org/W6602193088","https://openalex.org/W6636364444","https://openalex.org/W6674518476","https://openalex.org/W6737309931","https://openalex.org/W6863951927"],"related_works":["https://openalex.org/W2182829270","https://openalex.org/W4221019007","https://openalex.org/W4240600268","https://openalex.org/W1913252777","https://openalex.org/W4248542611","https://openalex.org/W4235971859","https://openalex.org/W2063453797","https://openalex.org/W2156261519","https://openalex.org/W2153463445","https://openalex.org/W1826158585"],"abstract_inverted_index":{"Heap":[0],"memory":[1,11,54,164,181,198,219],"errors":[2,182,220],"remain":[3],"a":[4,43,93,140],"major":[5],"source":[6],"of":[7,53,95,111,212,218],"software":[8],"vulnerabilities.":[9],"Existing":[10],"safety":[12,97,124,199],"defenses":[13,194],"aim":[14],"at":[15,221],"protecting":[16],"all":[17,51,178,216],"objects,":[18],"resulting":[19],"in":[20,125,183],"high":[21],"performance":[22],"cost":[23],"and":[24,41,75,78,101,122,133,155,162,171,187],"incomplete":[25],"protection.":[26],"Instead,":[27],"we":[28,59],"propose":[29],"an":[30,87],"approach":[31],"that":[32,36,64],"accurately":[33],"identifies":[34,67],"objects":[35,48,70,85,116,205,214],"are":[37,136],"inexpensive":[38],"to":[39,45,91,146,195],"protect,":[40],"design":[42],"method":[44],"protect":[46],"such":[47,82],"comprehensively":[49],"from":[50,215],"classes":[52,217],"errors.":[55],"Towards":[56],"this":[57],"goal,":[58],"introduce":[60],"the":[61,68,126,167,179,202,210],"Uriah":[62,108,144,151],"system":[63],"(1)":[65],"statically":[66],"heap":[69,84,90,112,142,180,204,213],"whose":[71,117],"accesses":[72,118],"satisfy":[73,120],"spatial":[74,100,121],"type":[76,102,123],"safety,":[77,103],"(2)":[79],"dynamically":[80],"allocates":[81],"\"safe\"":[83],"on":[86,139,166,177,201],"isolated":[88,138],"safe":[89,141],"enforce":[92,147,196],"form":[94],"temporal":[96,105,148],"while":[98,174],"preserving":[99],"called":[104],"allocated-type":[106,149],"safety.":[107,150],"finds":[109],"72.0%":[110],"allocation":[113],"sites":[114],"produce":[115],"always":[119],"SPEC":[127,168],"CPU2006/2017":[128],"benchmarks,":[129,173],"5":[130],"server":[131],"programs,":[132],"Firefox,":[134],"which":[135],"then":[137],"using":[143,192],"allocator":[145],"incurs":[152],"only":[153],"2.9%":[154],"2.6%":[156],"runtime":[157],"overhead,":[158,165,208],"along":[159],"with":[160],"9.3%":[161],"5.4%":[163],"CPU":[169],"2006":[170],"2017":[172],"preventing":[175],"exploits":[176],"DARPA":[184],"CGC":[185],"binaries":[186],"28":[188],"recent":[189],"CVEs.":[190],"Additionally,":[191],"existing":[193],"their":[197],"guarantees":[200],"unsafe":[203],"significantly":[206],"reduces":[207],"enabling":[209],"protection":[211],"more":[222],"practical":[223],"costs.":[224]},"counts_by_year":[{"year":2025,"cited_by_count":3}],"updated_date":"2026-04-09T08:11:56.329763","created_date":"2025-10-10T00:00:00"}