paper.bib

%==================================================================================================%
% Research Papers
%==================================================================================================%

%==================================================================================================%
% Security
%==================================================================================================%

%--------------------------------------------------------------------------------------------------%
% In-process Isolation
%--------------------------------------------------------------------------------------------------%
@inproceedings{ILDI:DAC17,
    author = {Cho, Yeongpil and Kwon, Donghyun and Paek, Yunheung},
    title = {{Instruction-Level Data Isolation for the Kernel on ARM}},
    booktitle = {Proceedings of the 54th Annual Design Automation Conference 2017},
    series = {DAC '17},
    year = {2017},
    isbn = {978-1-4503-4927-7},
    location = {Austin, TX, USA},
    pages = {26:1--26:6},
    articleno = {26},
    numpages = {6},
    url = {http://doi.acm.org/10.1145/3061639.3062267},
    doi = {10.1145/3061639.3062267},
    acmid = {3062267},
    publisher = {ACM},
    address = {New York, NY, USA},
}

@inproceedings {IMIX:Sec18,
    author = {Tommaso Frassetto and Patrick Jauernig and Christopher Liebchen and Ahmad-Reza Sadeghi},
    title = {{IMIX: In-Process Memory Isolation EXtension}},
    booktitle = {27th {USENIX} Security Symposium ({USENIX} Security 18)},
    year = {2018},
    isbn = {978-1-939133-04-5},
    address = {Baltimore, MD},
    pages = {83--97},
    url = {https://www.usenix.org/conference/usenixsecurity18/presentation/frassetto},
    publisher = {{USENIX} Association},
    month = aug,
}

@inproceedings {Hodor:ATC19,
    author = {Mohammad Hedayati and Spyridoula Gravani and Ethan Johnson and John Criswell and Michael L. Scott and Kai Shen and Mike Marty},
    title = {{Hodor: Intra-Process Isolation for High-Throughput Data Plane
        Libraries}},
    booktitle = {2019 {USENIX} Annual Technical Conference ({USENIX} {ATC} 19)},
    year = {2019},
    isbn = {978-1-939133-03-8},
    address = {Renton, WA},
    pages = {489--504},
    url = {https://www.usenix.org/conference/atc19/presentation/hedayati-hodor},
    publisher = {{USENIX} Association},
    month = jul,
}

@inproceedings {ERIM:Sec19,
    author = {Anjo Vahldiek-Oberwagner and Eslam Elnikety and Nuno O. Duarte and Michael Sammler and Peter Druschel and Deepak Garg},
    title = {{ERIM}: Secure, Efficient In-process Isolation with Protection
        Keys ({MPK})},
    booktitle = {28th {USENIX} Security Symposium ({USENIX} Security 19)},
    year = {2019},
    isbn = {978-1-939133-06-9},
    pages = {1221--1238},
    url = {https://www.usenix.org/conference/usenixsecurity19/presentation/vahldiek-oberwagner},
    publisher = {{USENIX} Association},
    month = aug,
}

@inproceedings{libmpk:ATC19,
    author = {Park, Soyeon and Lee, Sangho and Xu, Wen and Moon, Hyungon and Kim, Taesoo},
    title = {Libmpk: Software Abstraction for Intel Memory Protection Keys (Intel MPK)},
    year = {2019},
    isbn = {9781939133038},
    publisher = {USENIX Association},
    address = {USA},
    booktitle = {Proceedings of the 2019 USENIX Conference on Usenix Annual Technical Conference},
    pages = {241–254},
    numpages = {14},
    location = {Renton, WA, USA},
    series = {USENIX ATC '19}
}

@inproceedings{PKUPitfalls:Sec20,
    author = {R. Joseph Connor and Tyler McDaniel and Jared M. Smith and Max Schuchard},
    title = {{PKU} Pitfalls: Attacks on {PKU-based} Memory Isolation Systems},
    booktitle = {29th USENIX Security Symposium (USENIX Security 20)},
    year = {2020},
    isbn = {978-1-939133-17-5},
    pages = {1409--1426},
    url = {https://www.usenix.org/conference/usenixsecurity20/presentation/connor},
    publisher = {USENIX Association},
    month = aug,
}

@inproceedings{NoPassPKU:EuroSys22,
    author = {Voulimeneas, Alexios and Vinck, Jonas and Mechelinck, Ruben and Volckaert, Stijn},
    title = {You Shall Not (by)Pass! Practical, Secure, and Fast PKU-Based Sandboxing},
    year = {2022},
    isbn = {9781450391627},
    publisher = {Association for Computing Machinery},
    address = {New York, NY, USA},
    url = {https://doi.org/10.1145/3492321.3519560},
    doi = {10.1145/3492321.3519560},
    booktitle = {Proceedings of the Seventeenth European Conference on Computer Systems},
    pages = {266–282},
    numpages = {17},
    keywords = {security, in-process isolation, sanboxing, PKU},
    location = {Rennes, France},
    series = {EuroSys '22}
}

@inproceedings{Jenny:Sec22,
    author = {David Schrammel and Samuel Weiser and Richard Sadek and Stefan Mangard},
    title = {Jenny: Securing Syscalls for {PKU-based} Memory Isolation Systems},
    booktitle = {31st USENIX Security Symposium (USENIX Security 22)},
    year = {2022},
    isbn = {978-1-939133-31-1},
    address = {Boston, MA},
    pages = {936--952},
    url = {https://www.usenix.org/conference/usenixsecurity22/presentation/schrammel},
    publisher = {USENIX Association},
    month = aug,
}

@inproceedings {Silhouette:Sec20,
    author = {Jie Zhou and Yufei Du and Zhuojia Shen and Lele Ma and John Criswell and Robert J. Walls},
    title = {Silhouette: Efficient Protected Shadow Stacks for Embedded Systems},
    booktitle = {29th {USENIX} Security Symposium ({USENIX} Security 20)},
    year = {2020},
    isbn = {978-1-939133-17-5},
    pages = {1219--1236},
    url = {https://www.usenix.org/conference/usenixsecurity20/presentation/zhou-jie},
    publisher = {{USENIX} Association},
    month = aug,
}

@inproceedings{Kage:Sec22,
    author = {Yufei Du and Zhuojia Shen and Komail Dharsee and Jie Zhou and Robert J. Walls and John Criswell},
    title = {Holistic {Control-Flow} Protection on {Real-Time} Embedded Systems with Kage},
    booktitle = {31st USENIX Security Symposium (USENIX Security 22)},
    year = {2022},
    isbn = {978-1-939133-31-1},
    address = {Boston, MA},
    pages = {2281--2298},
    url = {https://www.usenix.org/conference/usenixsecurity22/presentation/du},
    publisher = {USENIX Association},
    month = aug,
}

%--------------------------------------------------------------------------------------------------%
% End of In-process Isolation
%--------------------------------------------------------------------------------------------------%

%--------------------------------------------------------------------------------------------------%
% Start of Privilege Separation
%--------------------------------------------------------------------------------------------------%
@INPROCEEDINGS{AutoPriv:SecDev18,
  author={Hu, Xiaoyu and Zhou, Jie and Gravani, Spyridoula and Criswell, John},
  booktitle={2018 IEEE Cybersecurity Development (SecDev)},
  title={Transforming Code to Drop Dead Privileges},
  year={2018},
  volume={},
  number={},
  pages={45-52},
  doi={10.1109/SecDev.2018.00014}
}

@INPROCEEDINGS{PrivAnalyzer:DSN19,
  author={Criswell, John and Zhou, Jie and Gravani, Spyridoula and Hu, Xiaoyu},
  booktitle={2019 49th Annual IEEE/IFIP International Conference on Dependable Systems and Networks (DSN)},
  title={PrivAnalyzer: Measuring the Efficacy of Linux Privilege Use},
  year={2019},
  volume={},
  number={},
  pages={593-604},
  doi={10.1109/DSN.2019.00065}
}

%--------------------------------------------------------------------------------------------------%
% Embedded Systems and IoT
%--------------------------------------------------------------------------------------------------%
@inproceedings{TinyOS:ASPLOS00,
  author = {Hill, Jason and Szewczyk, Robert and Woo, Alec and Hollar, Seth and Culler, David and Pister, Kristofer},
  title = {System Architecture Directions for Networked Sensors},
  booktitle = {Proceedings of the 9th International Conference on Architectural Support for Programming Languages and Operating Systems},
  series = {ASPLOS '00},
  year = {2000},
  isbn = {1-58113-317-0},
  address = {Cambridge, MA},
  pages = {93--104},
  numpages = {12},
  url = {https://doi.org/10.1145/378993.379006},
  doi = {10.1145/378993.379006},
  publisher = {ACM},
}

@article{BEEBS:arXiv13,
    author = {James Pallister and Simon Hollis and Jeremy Bennett},
    title = {BEEBS: Open Benchmarks for Energy Measurements on Embedded Platforms},
    journal = {arXiv preprint arXiv:1308.5174v2},
    archiveprefix = {arXiv},
    eprint = {1308.5174v2},
    year = {2013},
    month = {August}
}

@inproceedings{IoT:DAC15,
  author = {Sadeghi, Ahmad-Reza and Wachsmann, Christian and Waidner, Michael},
  title = {Security and Privacy Challenges in Industrial {Internet of Things}},
  booktitle = {Proceedings of the 52nd Annual Design Automation Conference},
  series = {DAC '15},
  year = {2015},
  isbn = {978-1-4503-3520-1},
  address = {San Francisco, CA},
  pages = {54:1--54:6},
  articleno = {54},
  numpages = {6},
  url = {https://doi.org/10.1145/2744769.2747942},
  doi = {10.1145/2744769.2747942},
  publisher = {ACM},
}

@INPROCEEDINGS{EPOXY:Oakland17,
    author={A. A. {Clements} and N. S. {Almakhdhub} and K. S. {Saab} and P. {Srivastava} and J. {Koo} and S. {Bagchi} and M. {Payer}},
    booktitle={2017 IEEE Symposium on Security and Privacy (SP)},
    title={{Protecting Bare-Metal Embedded Systems with Privilege Overlays}},
    year={2017},
    volume={},
    number={},
    pages={289-303},
    doi={10.1109/SP.2017.37},
    ISSN={2375-1207},
    month={May},
}

@inproceedings{nesCheck:AsiaCCS17,
  author = {Midi, Daniele and Payer, Mathias and Bertino, Elisa},
  title = {Memory Safety for Embedded Devices with {nesCheck}},
  booktitle = {Proceedings of the 2017 ACM Asia Conference on Computer and Communications Security},
  series = {ASIACCS '17},
  year = {2017},
  isbn = {978-1-4503-4944-4},
  address = {Abu Dhabi, United Arab Emirates},
  pages = {127--139},
  numpages = {13},
  url = {https://doi.org/10.1145/3052973.3053014},
  doi = {10.1145/3052973.3053014},
  publisher = {ACM},
}

@inproceedings{CFICaRE:RAID17,
  author = {Nyman, Thomas and Ekberg, Jan-Erik and Davi, Lucas and Asokan, N.},
  title = {{CFI CaRE}: Hardware-Supported Call and Return Enforcement for Commercial Microcontrollers},
  booktitle = {Proceedings of the 20th International Symposium on Research in Attacks, Intrusions, and Defenses},
  series = {RAID '17},
  year = {2017},
  isbn = {978-3-319-66332-6},
  address = {Atlanta, GA},
  pages = {259--284},
  numpages = {26},
  url = {https://doi.org/10.1007/978-3-319-66332-6_12},
  doi = {10.1007/978-3-319-66332-6_12},
  publisher = {Springer-Verlag},
}

@inproceedings{MINION:NDSS18,
  author = {Kim, Chung Hwan and Kim, Taegyu and Choi, Hongjun and Gu, Zhongshu and Lee, Byoungyoung and Zhang, Xiangyu and Xu, Dongyan},
  title = {Securing Real-Time Microcontroller Systems through Customized Memory View Switching},
  booktitle = {Proceedings of the 2018 Network and Distributed System Security Symposium},
  series = {NDSS '18},
  year = {2018},
  isbn = {1-891562-49-5},
  address = {San Diego, CA},
  numpages = {15},
  url = {https://doi.org/10.14722/ndss.2018.23107},
  doi = {10.14722/ndss.2018.23107},
  publisher = {Internet Society},
}

@inproceedings{ACES:USS18,
  author = {Clements, Abraham A and Almakhdhub, Naif Saleh and Bagchi, Saurabh and Payer, Mathias},
  title = {{ACES}: Automatic Compartments for Embedded Systems},
  booktitle = {Proceedings of the 27th USENIX Security Symposium},
  series = {Security '18},
  year = {2018},
  isbn = {978-1-939133-04-5},
  address = {Baltimore, MD},
  pages = {65--82},
  numpages = {18},
  url = {https://www.usenix.org/conference/usenixsecurity18/presentation/clements},
  publisher = {USENIX Association},
}

@inproceedings{SCFP:EuroOakland18,
  author = {Werner, Mario and Unterluggauer, Thomas and Schaffenrath, David and Mangard, Stefan},
  title = {Sponge-Based Control-Flow Protection for {IoT} Devices},
  booktitle = {Proceedings of the 2018 IEEE European Symposium on Security and Privacy},
  series = {EuroSP '18},
  year = {2018},
  isbn = {978-1-5386-4227-6},
  address = {London, United Kingdom},
  pages = {214--226},
  numpages = {13},
  url = {https://doi.org/10.1109/EuroSP.2018.00023},
  doi = {10.1109/EuroSP.2018.00023},
  publisher = {IEEE Computer Society},
}

@INPROCEEDINGS{RECFISH:ecrts19,
    author={R. J. {Walls} and N. F. {Brown} and T. {Le Baron} and C. A. {Shue} and H. {Okhravi} and B. {Ward}},
    booktitle={31st Conference on Real-Time Systems (ECRTS'19)},
    title={Control-Flow Integrity for Real-Time Embedded Systems},
    year={2019},
    volume={},
    number={},
    pages={},
    doi={},
    ISSN={},
    month={July},
}

@inproceedings{uXOM:USS19,
  author = {Kwon, Donghyun and Shin, Jangseop and Kim, Giyeol and Lee, Byoungyoung and Cho, Yeongpil and Paek, Yunheung},
  title = {{{\it u}XOM}: Efficient eXecute-Only Memory on {ARM} {Cortex-M}},
  booktitle = {Proceedings of the 28th USENIX Security Symposium},
  series = {Security '19},
  year = {2019},
  isbn = {978-1-939133-06-9},
  address = {Santa Clara, CA},
  pages = {231--247},
  numpages = {17},
  url = {https://www.usenix.org/conference/usenixsecurity19/presentation/kwon},
  publisher = {USENIX Association},
}

@inproceedings{uRAI:NDSS20,
  author = {Almakhdhub, Naif Saleh and Clements, Abraham A. and Bagchi, Saurabh and Payer, Mathias},
  title = {{{$\mu$RAI}: Securing Embedded Systems with Return Address Integrity}},
  booktitle = {Proceedings of the 2020 Network and Distributed System Security Symposium},
  series = {NDSS '20},
  year = {2020},
  isbn = {1-891562-61-4},
  address = {San Diego, CA},
  numpages = {18},
  url = {https://doi.org/10.14722/ndss.2020.24016},
  doi = {10.14722/ndss.2020.24016},
  publisher = {Internet Society},
}

%==================================================================================================%
% Memory Safety
%==================================================================================================%

%--------------------------------------------------------------------------------------------------%
% Static Analysis
%--------------------------------------------------------------------------------------------------%

@article{StaticAnalyzer:SPE00,
    author = {Bush, William R. and Pincus, Jonathan D. and Sielaff, David J.},
    title = {{A Static Analyzer for Finding Dynamic Programming Errors}},
    year = {2000},
    issue_date = {June 2000},
    publisher = {John Wiley & Sons, Inc.},
    address = {USA},
    volume = {30},
    number = {7},
    issn = {0038-0644},
    url = {https://doi.org/10.1002/(SICI)1097-024X(200006)30:7%3C775::AID-SPE309%3E3.0.CO;2-H},
    doi = {10.1002/(SICI)1097-024X(200006)30:7%3C775::AID-SPE309%3E3.0.CO;2-H},
    journal = {Softw. Pract. Exper.},
    month = jun,
    pages = {775–802},
    numpages = {28},
    keywords = {program analysis, program error checking}
}

@inproceedings{StaticAnalyzer:PLDI03,
    author = {Blanchet, Bruno and Cousot, Patrick and Cousot, Radhia and Feret, J\'{e}rome and Mauborgne, Laurent and Min\'{e}, Antoine and Monniaux, David and Rival, Xavier},
    title = {{A Static Analyzer for Large Safety-Critical Software}},
    year = {2003},
    isbn = {1581136625},
    publisher = {Association for Computing Machinery},
    address = {New York, NY, USA},
    url = {https://doi.org/10.1145/781131.781153},
    doi = {10.1145/781131.781153},
    booktitle = {Proceedings of the ACM SIGPLAN 2003 Conference on Programming Language Design and Implementation},
    pages = {196–207},
    numpages = {12},
    keywords = {safety-critical software, abstract interpretation, floating point, abstract domains, reactive, static analysis, embedded, verification, real-time},
    location = {San Diego, California, USA},
    series = {PLDI '03}
}

@inproceedings{TaintAnalysis:NDSS05,
    title={Dynamic Taint Analysis for Automatic Detection, Analysis, and SignatureGeneration of Exploits on Commodity Software.},
    author={Newsome, James and Song, Dawn Xiaodong},
    booktitle={NDSS},
    volume={5},
    pages={3--4},
    year={2005},
    organization={Citeseer}
}


@inproceedings{ModularChecker:ICSE06,
    author = {Hackett, Brian and Das, Manuvir and Wang, Daniel and Yang, Zhe},
    title = {Modular Checking for Buffer Overflows in the Large},
    year = {2006},
    isbn = {1595933751},
    publisher = {Association for Computing Machinery},
    address = {New York, NY, USA},
    url = {https://doi.org/10.1145/1134285.1134319},
    doi = {10.1145/1134285.1134319},
    booktitle = {Proceedings of the 28th International Conference on Software Engineering},
    pages = {232–241},
    numpages = {10},
    keywords = {modular analysis, annotation design, annotation inference, buffer overflows},
    location = {Shanghai, China},
    series = {ICSE '06}
}

@inproceedings{KLEE:OSDI08,
    author = {Cadar, Cristian and Dunbar, Daniel and Engler, Dawson},
    title = {{KLEE: Unassisted and Automatic Generation of High-Coverage Tests for Complex Systems
        Programs}},
    year = {2008},
    publisher = {USENIX Association},
    address = {USA},
    booktitle = {Proceedings of the 8th USENIX Conference on Operating Systems Design and Implementation},
    pages = {209–224},
    numpages = {16},
    location = {San Diego, California},
    series = {OSDI'08}
}

@inproceedings{RWset:TACAS08,
  author    = {Peter Boonstoppel and Cristian Cadar and Dawson R. Engler},
  editor    = {C. R. Ramakrishnan and Jakob Rehof},
  title     = {{RWset: Attacking Path Explosion in Constraint-Based Test Generation}},
  booktitle = {Tools and Algorithms for the Construction and Analysis of Systems,
               14th International Conference, {TACAS} 2008, Held as Part of the Joint
               European Conferences on Theory and Practice of Software, {ETAPS} 2008,
               Budapest, Hungary, March 29-April 6, 2008. Proceedings},
  series    = {Lecture Notes in Computer Science},
  volume    = {4963},
  pages     = {351--366},
  publisher = {Springer},
  year      = {2008},
  url       = {https://doi.org/10.1007/978-3-540-78800-3\_27},
  doi       = {10.1007/978-3-540-78800-3\_27},
  timestamp = {Tue, 14 May 2019 10:00:53 +0200},
  biburl    = {https://dblp.org/rec/conf/tacas/BoonstoppelCE08.bib},
  bibsource = {dblp computer science bibliography, https://dblp.org}
}

@article{Coverity:CACM10,
    author = {Bessey, Al and Block, Ken and Chelf, Ben and Chou, Andy and Fulton, Bryan and Hallem, Seth and Henri-Gros, Charles and Kamsky, Asya and McPeak, Scott and Engler, Dawson},
    title = {{A Few Billion Lines of Code Later: Using Static Analysis to Find Bugs in the Real
        World}},
    year = {2010},
    issue_date = {February 2010},
    publisher = {Association for Computing Machinery},
    address = {New York, NY, USA},
    volume = {53},
    number = {2},
    issn = {0001-0782},
    url = {https://doi.org/10.1145/1646353.1646374},
    doi = {10.1145/1646353.1646374},
    abstract = {How Coverity built a bug-finding tool, and a business, around the unlimited supply of bugs in software systems.},
    journal = {Commun. ACM},
    month = {feb},
    pages = {66–75},
    numpages = {10}
}

@misc{Infer:FB,
    title = {Infer: A tool to detect bugs in Java and {C/C++/Objective-C} code before it ships},
    author = {Facebook},
    url = {https://fbinfer.com}
}

%--------------------------------------------------------------------------------------------------%
% End of Static Analysis
%--------------------------------------------------------------------------------------------------%

%--------------------------------------------------------------------------------------------------%
% Fuzzing
%--------------------------------------------------------------------------------------------------%

@article{FuzzingSurvey:ACMSurvey22,
    author = {Zhu, Xiaogang and Wen, Sheng and Camtepe, Seyit and Xiang, Yang},
    title = {Fuzzing: A Survey for Roadmap},
    year = {2022},
    issue_date = {January 2022},
    publisher = {Association for Computing Machinery},
    address = {New York, NY, USA},
    volume = {54},
    number = {11s},
    issn = {0360-0300},
    url = {https://doi.org/10.1145/3512345},
    doi = {10.1145/3512345},
    journal = {ACM Comput. Surv.},
    month = {sep},
    articleno = {230},
    numpages = {36},
    keywords = {input space, automation, Fuzz testing, fuzzing theory, security}
}

@inproceedings{SafeC:PLDI94,
    author = {Austin, Todd M. and Breach, Scott E. and Sohi, Gurindar S.},
    title = {{Efficient Detection of All Pointer and Array Access Errors}},
    booktitle = {Proceedings of the ACM SIGPLAN 1994 Conference on Programming Language Design and Implementation},
    series = {PLDI '94},
    year = {1994},
    isbn = {0-89791-662-X},
    location = {Orlando, Florida, USA},
    pages = {290--301},
    numpages = {12},
    url = {http://doi.acm.org/10.1145/178243.178446},
    doi = {10.1145/178243.178446},
    acmid = {178446},
    publisher = {ACM},
}

@article{Guarding:SPE97,
    author = {Patil, Harish and Fischer, Charles},
    title = {{Low-cost, Concurrent Checking of Pointer and Array Accesses in C Programs}},
    journal = {Softw. Pract. Exper.},
    issue_date = {Jan. 1997},
    volume = {27},
    number = {1},
    month = Jan,
    year = {1997},
    issn = {0038-0644},
    pages = {87--110},
    numpages = {24},
    url = {http://dx.doi.org/10.1002/(SICI)1097-024X(199701)27:1<87::AID-SPE78>3.0.CO;2-P},
    doi = {10.1002/(SICI)1097-024X(199701)27:1<87::AID-SPE78>3.0.CO;2-P},
    acmid = {250910},
    publisher = {John Wiley \& Sons, Inc.},
    address = {New York, NY, USA},
    keywords = {memory access checking, multiprocessor workstations, program slicing},
}

@inproceedings{JKBoundsCheck:AADEBUG97,
    author = {Richard W M Jones and Paul H J Kelly},
    title = {Backwards-compatible Bounds Checking for Arrays and Pointers in C Programs},
    booktitle = {Proceedings of the Third International Workshop on Automated Debugging},
    location = {Linköping, Sweden},
    year = {1997},
    month = May,
    url = {https://dl.acm.org/doi/10.1145/1134285.1134309},
}

@INPROCEEDINGS{MemSafetySurvey:DISCEX00,
  author={Crispin Cowan and Perry Wagle and Calton Pu and Steve Beattie and Janathan Walpole},
  booktitle={Proceedings DARPA Information Survivability Conference and Exposition. DISCEX'00},
  title={Buffer Overflows: Attacks and Defenses for the Vulnerability of the Decade},
  year={2000},
  volume={2},
  number={},
  pages={119-129 vol.2},
  url = {https://ieeexplore.ieee.org/document/821514},
}

@inproceedings{CRED:NDSS04,
  title={A Practical Dynamic Buffer Overflow Detector},
  author={Olatunji Ruwase and M. Lam},
  booktitle={NDSS},
  year={2004}
}

@inproceedings {ASan:ATC12,
    author = {Konstantin Serebryany and Derek Bruening and Alexander Potapenko and Dmitriy Vyukov},
    title = {AddressSanitizer: A Fast Address Sanity Checker},
    booktitle = {2012 {USENIX} Annual Technical Conference ({USENIX} {ATC} 12)},
    year = {2012},
    isbn = {978-931971-93-5},
    address = {Boston, MA},
    pages = {309--318},
    url = {https://www.usenix.org/conference/atc12/technical-sessions/presentation/serebryany},
    publisher = {{USENIX} Association},
    month = jun,
}

@inproceedings{XuMemSafe:FSE04,
 author = {Xu, Wei and DuVarney, Daniel C. and Sekar, R.},
 title = {{An Efficient and Backwards-compatible Transformation to Ensure Memory
     Safety of C Programs}},
 booktitle = {Proceedings of the 12th ACM SIGSOFT Twelfth International Symposium on Foundations of Software Engineering},
 series = {SIGSOFT '04/FSE-12},
 year = {2004},
 isbn = {1-58113-855-5},
 location = {Newport Beach, CA, USA},
 pages = {117--126},
 numpages = {10},
 url = {http://doi.acm.org/10.1145/1029894.1029913},
 doi = {10.1145/1029894.1029913},
 acmid = {1029913},
 publisher = {ACM},
 address = {New York, NY, USA},
 keywords = {C, memory safety, program transformation},
}

@ARTICLE{MemAttackSurvey:Oakland04,
  author={J. {Pincus} and B. {Baker}},
  journal={IEEE Security \& Privacy},
  title={Beyond Stack Smashing: Recent Advances in Exploiting Buffer Overruns},
  year={2004},
  volume={2},
  number={4},
  pages={20-27},
  url = {https://ieeexplore.ieee.org/document/1324594},
}


@inproceedings{SAFECode:PLDI06,
    author = {Dhurjati, Dinakar and Kowshik, Sumant and Adve, Vikram},
    title = {{SAFECode}: Enforcing Alias Analysis for Weakly Typed Languages},
    year = {2006},
    isbn = {1595933204},
    publisher = {Association for Computing Machinery},
    address = {New York, NY, USA},
    url = {https://doi.org/10.1145/1133981.1133999},
    doi = {10.1145/1133981.1133999},
    booktitle = {Proceedings of the 27th ACM SIGPLAN Conference on Programming Language Design and Implementation},
    pages = {144–157},
    numpages = {14},
    keywords = {alias analysis, automatic pool allocation, region management, programming languages, compilers},
    location = {Ottawa, Ontario, Canada},
    series = {PLDI ’06}
}

@inproceedings{SAFECode:ICSE06,
    author = {Dhurjati, Dinakar and Adve, Vikram},
    title = {Backwards-Compatible Array Bounds Checking for C with Very Low Overhead},
    year = {2006},
    isbn = {1595933751},
    publisher = {Association for Computing Machinery},
    address = {New York, NY, USA},
    url = {https://doi.org/10.1145/1134285.1134309},
    doi = {10.1145/1134285.1134309},
    booktitle = {Proceedings of the 28th International Conference on Software Engineering},
    pages = {162–171},
    numpages = {10},
    keywords = {programming languages, automatic pool allocation, region management, compilers, array bounds checking},
    location = {Shanghai, China},
    series = {ICSE ’06}
}

@inproceedings{DFI:OSDI06,
    author = {Castro, Miguel and Costa, Manuel and Harris, Tim},
    title = {Securing Software by Enforcing Data-Flow Integrity},
    year = {2006},
    isbn = {1931971471},
    publisher = {USENIX Association},
    address = {USA},
    booktitle = {Proceedings of the 7th Symposium on Operating Systems Design and Implementation},
    pages = {147–160},
    numpages = {14},
    location = {Seattle, Washington},
    series = {OSDI ’06}
}

@inproceedings{SpecBasedKernelData:USS06,
    author = {Petroni, Nick L. and Fraser, Timothy and Walters, AAron and Arbaugh, William A.},
    title = {An Architecture for Specification-Based Detection of Semantic Integrity Violations in Kernel Dynamic Data},
    year = {2006},
    publisher = {USENIX Association},
    address = {USA},
    booktitle = {Proceedings of the 15th Conference on USENIX Security Symposium - Volume 15},
    articleno = {20},
    numpages = {1},
    location = {Vancouver, B.C., Canada},
    series = {USENIX-SS’06}
}

@inproceedings{SVA:SOSP07,
    author = {Criswell, John and Lenharth, Andrew and Dhurjati, Dinakar and Adve, Vikram},
    title = {{Secure Virtual Architecture: A Safe Execution Environment for
        Commodity Operating Systems}},
    booktitle = {Proceedings of Twenty-first ACM SIGOPS Symposium on Operating Systems Principles},
    series = {SOSP '07},
    year = {2007},
    isbn = {978-1-59593-591-5},
    location = {Stevenson, Washington, USA},
    pages = {351--366},
    numpages = {16},
    url = {http://doi.acm.org/10.1145/1294261.1294295},
    doi = {10.1145/1294261.1294295},
    acmid = {1294295},
    publisher = {ACM},
    address = {New York, NY, USA},
    keywords = {compiler, memory safety, operating systems, security, type safety, typed assembly language, virtual machine},
}

@inproceedings{SecVisor:SOSP07,
    author = {Seshadri, Arvind and Luk, Mark and Qu, Ning and Perrig, Adrian},
    title = {SecVisor: A Tiny Hypervisor to Provide Lifetime Kernel Code Integrity for Commodity OSes},
    year = {2007},
    isbn = {9781595935915},
    publisher = {Association for Computing Machinery},
    address = {New York, NY, USA},
    url = {https://doi.org/10.1145/1294261.1294294},
    doi = {10.1145/1294261.1294294},
    booktitle = {Proceedings of Twenty-First ACM SIGOPS Symposium on Operating Systems Principles},
    pages = {335–350},
    numpages = {16},
    keywords = {preventing, hypervisor, code attestation, code injection attacks, memory virtualization, code integrity},
    location = {Stevenson, Washington, USA},
    series = {SOSP ’07}
}

@inproceedings{SBCFI:CCS07,
    author = {Petroni, Nick L. and Hicks, Michael},
    title = {Automated Detection of Persistent Kernel Control-Flow Attacks},
    year = {2007},
    isbn = {9781595937032},
    publisher = {Association for Computing Machinery},
    address = {New York, NY, USA},
    url = {https://doi.org/10.1145/1315245.1315260},
    doi = {10.1145/1315245.1315260},
    booktitle = {Proceedings of the 14th ACM Conference on Computer and Communications Security},
    pages = {103–115},
    numpages = {13},
    keywords = {CFI, virtualization, kernel, integrity, rootkit},
    location = {Alexandria, Virginia, USA},
    series = {CCS ’07}
}

@inproceedings{SBCFI:CCS07,
    author = {Petroni, Nick L. and Hicks, Michael},
    title = {Automated Detection of Persistent Kernel Control-Flow Attacks},
    year = {2007},
    isbn = {9781595937032},
    publisher = {Association for Computing Machinery},
    address = {New York, NY, USA},
    url = {https://doi.org/10.1145/1315245.1315260},
    doi = {10.1145/1315245.1315260},
    booktitle = {Proceedings of the 14th ACM Conference on Computer and Communications Security},
    pages = {103–115},
    numpages = {13},
    keywords = {CFI, virtualization, kernel, integrity, rootkit},
    location = {Alexandria, Virginia, USA},
    series = {CCS ’07}
}

@inproceedings{Gibraltar:ACSAC08,
    author = {Baliga, Arati and Ganapathy, Vinod and Iftode, Liviu},
    title = {Automatic Inference and Enforcement of Kernel Data Structure Invariants},
    year = {2008},
    isbn = {9780769534473},
    publisher = {IEEE Computer Society},
    address = {USA},
    url = {https://doi.org/10.1109/ACSAC.2008.29},
    doi = {10.1109/ACSAC.2008.29},
    booktitle = {Proceedings of the 2008 Annual Computer Security Applications Conference},
    pages = {77–86},
    numpages = {10},
    keywords = {rootkits, kernel, data structures, invariants, automatic, non-control data, inference},
    series = {ACSAC ’08}
}

@inproceedings{SVAOS:USS09,
    author = {Criswell, John and Geoffray, Nicolas and Adve, Vikram},
    title = {{Memory Safety for Low-level Software/Hardware Interactions}},
    booktitle = {Proceedings of the 18th Conference on USENIX Security Symposium},
    series = {SSYM'09},
    year = {2009},
    location = {Montreal, Canada},
    pages = {83--100},
    numpages = {18},
    url = {http://dl.acm.org/citation.cfm?id=1855768.1855774},
    acmid = {1855774},
    publisher = {USENIX Association},
    address = {Berkeley, CA, USA},
}

@inproceedings{KOL:CCS09,
    author = {Carbone, Martim and Cui, Weidong and Lu, Long and Lee, Wenke and Peinado, Marcus and Jiang, Xuxian},
    title = {Mapping Kernel Objects to Enable Systematic Integrity Checking},
    year = {2009},
    isbn = {9781605588940},
    publisher = {Association for Computing Machinery},
    address = {New York, NY, USA},
    url = {https://doi.org/10.1145/1653662.1653729},
    doi = {10.1145/1653662.1653729},
    booktitle = {Proceedings of the 16th ACM Conference on Computer and Communications Security},
    pages = {555–565},
    numpages = {11},
    keywords = {memory analysis, pointer analysis, malware, introspection, kernel integrity},
    location = {Chicago, Illinois, USA},
    series = {CCS ’09}
}

@inproceedings{kGuard:USS12,
    author = {Kemerlis, Vasileios P. and Portokalidis, Georgios and Keromytis, Angelos D.},
    title = {KGuard: Lightweight Kernel Protection against Return-to-User Attacks},
    year = {2012},
    publisher = {USENIX Association},
    address = {USA},
    booktitle = {Proceedings of the 21st USENIX Conference on Security Symposium},
    pages = {39},
    numpages = {1},
    location = {Bellevue, WA},
    series = {Security’12}
}

@inproceedings{EternalWar:Oakland13,
    author = {Szekeres, Laszlo and Payer, Mathias and Wei, Tao and Song, Dawn},
    title = {{SoK: Eternal War in Memory}},
    booktitle = {Proceedings of the 2013 IEEE Symposium on Security and Privacy},
    series = {SP '13},
    year = {2013},
    isbn = {978-0-7695-4977-4},
    pages = {48--62},
    numpages = {15},
    url = {http://dx.doi.org/10.1109/SP.2013.13},
    doi = {10.1109/SP.2013.13},
    acmid = {2498101},
    publisher = {IEEE Computer Society},
    address = {Washington, DC, USA},
}

@inproceedings{MemErrorSurvey:RAID12,
    author = {van der Veen, Victor and Dutt-Sharma, Nitish and Cavallaro, Lorenzo and Bos, Herbert},
    year = {2012},
    month = {09},
    pages = {86-106},
    title = {Memory Errors: The Past, the Present, and the Future},
    volume = {7462},
    doi = {10.1007/978-3-642-33338-5_5},
    booktitle = {The Proceedings of the 15th International Symposium on Research in Attacks,
        Intrusions and Defenses}
}

@inproceedings{VirtualGohst:ASPLOS14,
    author = {Criswell, John and Dautenhahn, Nathan and Adve, Vikram},
    title = {{Virtual Ghost: Protecting Applications from Hostile Operating
        Systems}},
    booktitle = {Proceedings of the 19th International Conference on Architectural Support for Programming Languages and Operating Systems},
    series = {ASPLOS '14},
    year = {2014},
    isbn = {978-1-4503-2305-5},
    location = {Salt Lake City, Utah, USA},
    pages = {81--96},
    numpages = {16},
    url = {http://doi.acm.org/10.1145/2541940.2541986},
    doi = {10.1145/2541940.2541986},
    acmid = {2541986},
    publisher = {ACM},
    address = {New York, NY, USA},
    keywords = {control-flow integrity, inlined reference monitors, malicious operating systems, software fault isolation, software security},
}

@INPROCEEDINGS{KCFI:EuroSP16,
  author={X. {Ge} and N. {Talele} and M. {Payer} and T. {Jaeger}},
  booktitle={2016 IEEE European Symposium on Security and Privacy (EuroS P)},
  title={Fine-Grained Control-Flow Integrity for Kernel Software},
  year={2016},
  volume={},
  number={},
  pages={179-194},
}

@ARTICLE{FINECFI:IEEEIFS16,
  author={J. {Li} and X. {Tong} and F. {Zhang} and J. {Ma}},
  journal={IEEE Transactions on Information Forensics and Security},
  title={FINE-{CFI}: Fine-Grained Control-Flow Integrity for Operating System Kernels},
  year={2018},
  volume={13},
  number={6},
  pages={1535-1550},}


@inproceedings{KENALI:NDSS16,
  title        = {Enforcing Kernel Security Invariants with Data Flow Integrity},
  author       = {Chengyu Song and Byoungyoung Lee and Kangjie Lu and William R. Harris and Taesoo Kim and Wenke Lee},
  booktitle    = {Proceedings of the 2016 Annual Network and Distributed System Security Symposium (NDSS)},
  month        = feb,
  year         = 2016,
  address      = {San Diego, CA},
}

@inproceedings{Sulong:ASPLOS18,
    author = {Rigger, Manuel and Schatz, Roland and Mayrhofer, Ren\'{e} and Grimmer,
        Matthias and M\"{o}ssenb\"{o}ck, Hanspeter},
        title = {Sulong, and Thanks for All the Bugs:
            Finding Errors in C Programs by Abstracting from the Native Execution Model},
        year = {2018},
        isbn = {9781450349116},
        publisher = {Association for Computing Machinery},
        address = {New York, NY, USA},
        url = {https://doi.org/10.1145/3173162.3173174},
        doi = {10.1145/3173162.3173174},
        booktitle = {Proceedings of the Twenty-Third International Conference on Architectural
            Support for Programming Languages and Operating Systems},
        pages = {377–391},
        numpages = {15},
        keywords = {sulong, memory errors, bug detection, C},
        location = {Williamsburg, VA, USA},
        series = {ASPLOS '18}
}

@INPROCEEDINGS {SanitizerSoK:Oakland19,
    author = {Dokyung Song and Julian Lettner and Prabhu Rajasekaran and Yeoul Na and
        Stijin Volckaert and Per Larsen and Michael Franz},
    booktitle = {2019 IEEE Symposium on Security and Privacy (SP)},
    title = {SoK: Sanitizing for Security},
    year = {2019},
    volume = {},
    issn = {CFP19020-ART},
    pages = {},
    keywords = {computer-bugs;security;software-safety;system-software},
    doi = {10.1109/SP.2019.00010},
    url = {https://doi.ieeecomputersociety.org/10.1109/SP.2019.00010},
    publisher = {IEEE Computer Society},
    address = {Los Alamitos, CA, USA},
    month = {may}
}

%--------------------------------------------------------------------------------------------------%
% Safe Implementation
%--------------------------------------------------------------------------------------------------%

@inproceedings{JonesKelly:AADEBUG97,
  author = {Jones, Richard W. M. and Kelly, Paul H. J.},
  title = {Backwards-Compatible Bounds Checking for Arrays and Pointers in {C} Programs},
  booktitle = {Proceedings of the 3rd International Workshop on Automatic Debugging},
  series = {AADEBUG '97},
  year = {1997},
  address = {Link\"{o}ping, Sweden},
  pages = {13--26},
  numpages = {14},
  url = {https://www.ep.liu.se/ecp/article.asp?issue=001&article=002},
  publisher = {Link\"{o}ping University Electronic Press; Link\"{o}pings universitet},
  issn = {1650-3740},
}

@inproceedings{Mudflap:GCCDev03,
  title={Mudflap: Pointer use checking for C/C},
  author={Frank Ch. Eigler},
  year={2003}
}

@inproceedings{WIT:Oakland08,
  author = {Akritidis, Periklis and Cadar, Cristian and Raiciu, Costin and Costa, Manuel and Castro, Miguel},
  title = {{Preventing Memory Error Exploits with {WIT}}},
  booktitle = {Proceedings of the 2008 IEEE Symposium on Security and Privacy},
  series = {SP '08},
  year = {2008},
  isbn = {978-0-7695-3168-7},
  address = {Oakland, CA},
  pages = {263--277},
  numpages = {15},
  url = {https://doi.org/10.1109/SP.2008.30},
  doi = {10.1109/SP.2008.30},
  publisher = {IEEE Computer Society},
}

@inproceedings{BBC:USS09,
  author = {Akritidis, Periklis and Costa, Manuel and Castro, Miguel and Hand, Steven},
  title = {{Baggy Bounds Checking: An Efficient and Backwards-Compatible Defense against
      out-of-Bounds Errors}},
  booktitle = {Proceedings of the 18th USENIX Security Symposium},
  series = {Security '09},
  year = {2009},
  isbn = {978-1-931971-69-0},
  address = {Montreal, QC, Canada},
  pages = {51--66},
  numpages = {16},
  url = {https://www.usenix.org/legacy/events/sec09/tech/full_papers/akritidis.pdf},
  publisher = {USENIX Association},
}

@inproceedings{BBAC:ISSREW12,
  author = {Ding, Baozeng and He, Yeping and Wu, Yanjun and Miller, Alex and Criswell, John},
  title = {Baggy Bounds with Accurate Checking},
  booktitle = {Proceedings of the 23rd IEEE International Symposium on Software Reliability Engineering Workshops},
  series = {ISSREW '12},
  year = {2012},
  isbn = {978-0-7695-4928-6},
  address = {Dallas, TX},
  pages = {195--200},
  numpages = {6},
  url = {https://doi.org/10.1109/ISSREW.2012.24},
  doi = {10.1109/ISSREW.2012.24},
  publisher = {IEEE Computer Society},
}

@article{MemSafe:SPE13,
    author = {Simpson, Matthew S. and Barua, Rajeev K.},
    title = {MemSafe: Ensuring the Spatial and Temporal Memory Safety of C at Runtime},
    year = {2013},
    issue_date = {January 2013},
    publisher = {John Wiley & Sons, Inc.},
    address = {USA},
    volume = {43},
    number = {1},
    issn = {0038-0644},
    url = {https://doi.org/10.1002/spe.2105},
    doi = {10.1002/spe.2105},
    journal = {Softw. Pract. Exper.},
    month = jan,
    pages = {93–128},
    numpages = {36},
    keywords = {reliability, programming languages, memory safety, verification}
}

@inproceedings{HeapLowFatPtr:CC16,
    author = {Duck, Gregory J. and Yap, Roland H. C.},
    title = {Heap Bounds Protection with Low Fat Pointers},
    year = {2016},
    isbn = {9781450342414},
    publisher = {Association for Computing Machinery},
    address = {New York, NY, USA},
    url = {https://doi.org/10.1145/2892208.2892212},
    doi = {10.1145/2892208.2892212},
    booktitle = {Proceedings of the 25th International Conference on Compiler Construction},
    pages = {132–142},
    numpages = {11},
    keywords = {low-fat pointers, buffer overflows, memory safety},
    location = {Barcelona, Spain},
    series = {CC 2016}
}

@inproceedings{StackLowFatPtr:NDSS17,
  title={Stack Bounds Protection with Low Fat Pointers},
  author={Gregory Duck and Roland H.C. Yap and Lorenzo Cavallaro},
  booktitle={NDSS},
  year={2017}
}

@inproceedings{VariadicFn:Sec17,
    author = {Biswas, Priyam and Di Federico, Alessandro and Carr, Scott A. and Rajasekaran, Prabhu and Volckaert, Stijn and Na, Yeoul and Franz, Michael and Payer, Mathias},
    title = {{Venerable Variadic Vulnerabilities Vanquished}},
    year = {2017},
    isbn = {9781931971409},
    publisher = {USENIX Association},
    address = {USA},
    booktitle = {Proceedings of the 26th USENIX Conference on Security Symposium},
    pages = {183–198},
    numpages = {16},
    location = {Vancouver, BC, Canada},
    series = {SEC'17}
}

@inproceedings{PtrSplit:CCS17,
    author = {Liu, Shen and Tan, Gang and Jaeger, Trent},
    title = {PtrSplit: Supporting General Pointers in Automatic Program Partitioning},
    year = {2017},
    isbn = {9781450349468},
    publisher = {Association for Computing Machinery},
    address = {New York, NY, USA},
    url = {https://doi.org/10.1145/3133956.3134066},
    doi = {10.1145/3133956.3134066},
    booktitle = {Proceedings of the 2017 ACM SIGSAC Conference on Computer and Communications Security},
    pages = {2359–2371},
    numpages = {13},
    keywords = {bounds tracking, automatic program partitioning, data marshalling},
    location = {Dallas, Texas, USA},
    series = {CCS '17}
}

@inproceedings{CUP:AsiaCCS18,
    author = {Burow, Nathan and McKee, Derrick and Carr, Scott A. and Payer, Mathias},
    title = {{CUP: Comprehensive User-Space Protection for C/C++}},
    year = {2018},
    isbn = {9781450355766},
    publisher = {Association for Computing Machinery},
    address = {New York, NY, USA},
    url = {https://doi.org/10.1145/3196494.3196540},
    doi = {10.1145/3196494.3196540},
    booktitle = {Proceedings of the 2018 on Asia Conference on Computer and Communications Security},
    pages = {381–392},
    numpages = {12},
    keywords = {temporal memory safety, sanitizer, application security, memory safety, spatial memory safety},
    location = {Incheon, Republic of Korea},
    series = {ASIACCS '18}
}

@InProceedings{SoftBoundCETS:SNAPL15,
  author =	{Santosh Nagarakatte and Milo M. K. Martin and Steve Zdancewic},
  title =	{{Everything You Want to Know About Pointer-Based Checking}},
  booktitle =	{1st Summit on Advances in Programming Languages (SNAPL 2015)},
  pages =	{190--208},
  series =	{Leibniz International Proceedings in Informatics (LIPIcs)},
  ISBN =	{978-3-939897-80-4},
  ISSN =	{1868-8969},
  year =	{2015},
  volume =	{32},
  editor =	{Thomas Ball and Rastislav Bodik and Shriram Krishnamurthi and Benjamin S. Lerner and Greg Morrisett},
  publisher =	{Schloss Dagstuhl--Leibniz-Zentrum fuer Informatik},
  address =	{Dagstuhl, Germany},
  URL =		{http://drops.dagstuhl.de/opus/volltexte/2015/5026},
  URN =		{urn:nbn:de:0030-drops-50268},
  doi =		{10.4230/LIPIcs.SNAPL.2015.190},
  annote =	{Keywords: Memory safety, Buffer overflows, Dangling pointers, Pointer-based checking, SoftBoundCETS}
}

%--------------------------------------------------------------------------------------------------%
% End of Safe Implementation
%--------------------------------------------------------------------------------------------------%

%--------------------------------------------------------------------------------------------------%
% Mitigations
%--------------------------------------------------------------------------------------------------%

@inproceedings {Stackguard:Sec98,
    author = {Crispin Cowan and Calton Pu and Dave Maier and Jonathan Walpole and Peat Bakke and Steve Beattie and Aaron Grier and Perry Wagle and Qian Zhang and Heather Hinton},
    title = {{StackGuard}: Automatic Adaptive Detection and Prevention of {Buffer-Overflow} Attacks},
    booktitle = {7th USENIX Security Symposium (USENIX Security 98)},
    year = {1998},
    address = {San Antonio, TX},
    url = {https://www.usenix.org/conference/7th-usenix-security-symposium/stackguard-automatic-adaptive-detection-and-prevention},
    publisher = {USENIX Association},
    month = jan,
}

@article{CFISurvey:CSUR17,
    author = {Burow, Nathan and Carr, Scott A. and Nash, Joseph and Larsen, Per and Franz, Michael and Brunthaler, Stefan and Payer, Mathias},
    title = {{Control-Flow Integrity: Precision, Security, and Performance}},
    year = {2017},
    issue_date = {April 2017},
    publisher = {Association for Computing Machinery},
    address = {New York, NY, USA},
    volume = {50},
    number = {1},
    issn = {0360-0300},
    url = {https://doi.org/10.1145/3054924},
    doi = {10.1145/3054924},
    journal = {ACM Comput. Surv.},
    month = apr,
    articleno = {16},
    numpages = {33},
    keywords = {shadow stack, control-flow hijacking, return-oriented programming, Control-flow integrity}
}


%--------------------------------------------------------------------------------------------------%
% End of Mitigations
%--------------------------------------------------------------------------------------------------%


%--------------------------------------------------------------------------------------------------%
% Program Analysis
%--------------------------------------------------------------------------------------------------%

@inproceedings{DART:PLDI05,
    author = {Godefroid, Patrice and Klarlund, Nils and Sen, Koushik},
    title = {DART: Directed Automated Random Testing},
    year = {2005},
    isbn = {1595930566},
    publisher = {Association for Computing Machinery},
    address = {New York, NY, USA},
    url = {https://doi.org/10.1145/1065010.1065036},
    doi = {10.1145/1065010.1065036},
    booktitle = {Proceedings of the 2005 ACM SIGPLAN Conference on Programming Language Design and Implementation},
    pages = {213–223},
    numpages = {11},
    keywords = {interfaces, program verification, random testing, software testing, automated test generation},
    location = {Chicago, IL, USA},
    series = {PLDI '05}
}

@inproceedings{SVF:CC16,
    author = {Sui, Yulei and Xue, Jingling},
    title = {SVF: Interprocedural Static Value-Flow Analysis in LLVM},
    year = {2016},
    isbn = {9781450342414},
    publisher = {Association for Computing Machinery},
    address = {New York, NY, USA},
    url = {https://doi.org/10.1145/2892208.2892235},
    doi = {10.1145/2892208.2892235},
    booktitle = {Proceedings of the 25th International Conference on Compiler Construction},
    pages = {265–266},
    numpages = {2},
    keywords = {SVF, Value-Flow, Pointer Analysis},
    location = {Barcelona, Spain},
    series = {CC 2016}
}

@inproceedings{IsPASolved:PASTE01,
    author = {Hind, Michael},
    title = {Pointer Analysis: Haven't We Solved This Problem Yet?},
    year = {2001},
    isbn = {1581134134},
    publisher = {Association for Computing Machinery},
    address = {New York, NY, USA},
    url = {https://doi.org/10.1145/379605.379665},
    doi = {10.1145/379605.379665},
    booktitle = {Proceedings of the 2001 ACM SIGPLAN-SIGSOFT Workshop on Program Analysis for Software Tools and Engineering},
    pages = {54–61},
    numpages = {8},
    location = {Snowbird, Utah, USA},
    series = {PASTE '01}
}


%
% Safe Dialect of C
%

@inproceedings{ControlC:CASES02,
    author = {Kowshik, Sumant and Dhurjati, Dinakar and Adve, Vikram},
    title = {Ensuring Code Safety without Runtime Checks for Real-Time Control Systems},
    year = {2002},
    isbn = {1581135750},
    publisher = {Association for Computing Machinery},
    address = {New York, NY, USA},
    url = {https://doi.org/10.1145/581630.581678},
    doi = {10.1145/581630.581678},
    booktitle = {Proceedings of the 2002 International Conference on Compilers, Architecture, and Synthesis for Embedded Systems},
    pages = {288–297},
    numpages = {10},
    keywords = {compiler, control, real-time, programming language, static analysis, security},
    location = {Grenoble, France},
    series = {CASES '02}
}

@inproceedings{ControlC:LCTES03,
    author = {Dhurjati, Dinakar and Kowshik, Sumant and Adve, Vikram and Lattner, Chris},
    title = {Memory Safety without Runtime Checks or Garbage Collection},
    year = {2003},
    isbn = {1581136471},
    publisher = {Association for Computing Machinery},
    address = {New York, NY, USA},
    url = {https://doi.org/10.1145/780732.780743},
    doi = {10.1145/780732.780743},
    booktitle = {Proceedings of the 2003 ACM SIGPLAN Conference on Language, Compiler, and Tool for Embedded Systems},
    pages = {69–80},
    numpages = {12},
    keywords = {automatic pool allocation, embedded systems, region management, compilers, static analysis, programming languages, security},
    location = {San Diego, California, USA},
    series = {LCTES '03}
}

@inproceedings{Cyclone:ATC02,
    author = {Jim, Trevor and Morrisett, J. Greg and Grossman, Dan and Hicks, Michael W. and Cheney, James and Wang, Yanling},
    title = {Cyclone: A Safe Dialect of C},
    booktitle = {Proceedings of the General Track of the Annual Conference on USENIX Annual Technical Conference},
    series = {ATEC '02},
    year = {2002},
    isbn = {1-880446-00-6},
    pages = {275--288},
    numpages = {14},
    url = {http://dl.acm.org/citation.cfm?id=647057.713871},
    acmid = {713871},
    publisher = {USENIX Association},
    address = {Berkeley, CA, USA},
}

@inproceedings{Cyclone:PLDI02,
    author = {Grossman, Dan and Morrisett, Greg and Jim, Trevor and Hicks, Michael and Wang, Yanling and Cheney, James},
    title = {Region-Based Memory Management in Cyclone},
    year = {2002},
    isbn = {1581134630},
    publisher = {Association for Computing Machinery},
    address = {New York, NY, USA},
    url = {https://doi.org/10.1145/512529.512563},
    doi = {10.1145/512529.512563},
    booktitle = {Proceedings of the ACM SIGPLAN 2002 Conference on Programming Language Design and Implementation},
    pages = {282–293},
    numpages = {12},
    location = {Berlin, Germany},
    series = {PLDI '02}
}

@inproceedings{Cyclone:ISMM04,
    author = {Hicks, Michael and Morrisett, Greg and Grossman, Dan and Jim, Trevor},
    title = {Experience with Safe Manual Memory-Management in Cyclone},
    year = {2004},
    isbn = {1581139454},
    publisher = {Association for Computing Machinery},
    address = {New York, NY, USA},
    url = {https://doi.org/10.1145/1029873.1029883},
    doi = {10.1145/1029873.1029883},
    booktitle = {Proceedings of the 4th International Symposium on Memory Management},
    pages = {73–84},
    numpages = {12},
    keywords = {cyclone, unique pointers, regions, memory safety, memory management},
    location = {Vancouver, BC, Canada},
    series = {ISMM '04}
}

@inproceedings{CCured:POPL02,
    author = {Necula, George C. and McPeak, Scott and Weimer, Westley},
    title = {CCured: Type-Safe Retrofitting of Legacy Code},
    year = {2002},
    isbn = {1581134509},
    publisher = {Association for Computing Machinery},
    address = {New York, NY, USA},
    url = {https://doi.org/10.1145/503272.503286},
    doi = {10.1145/503272.503286},
    booktitle = {Proceedings of the 29th ACM SIGPLAN-SIGACT Symposium on Principles of Programming Languages},
    pages = {128–139},
    numpages = {12},
    location = {Portland, Oregon},
    series = {POPL '02}
}

@article{CCured:TOPLAS05,
    author = {Necula, George C. and Condit, Jeremy and Harren, Matthew and McPeak, Scott and Weimer, Westley},
    title = {CCured: Type-Safe Retrofitting of Legacy Software},
    year = {2005},
    issue_date = {May 2005},
    publisher = {Association for Computing Machinery},
    address = {New York, NY, USA},
    volume = {27},
    number = {3},
    issn = {0164-0925},
    url = {https://doi.org/10.1145/1065887.1065892},
    doi = {10.1145/1065887.1065892},
    journal = {ACM Trans. Program. Lang. Syst.},
    month = may,
    pages = {477–526},
    numpages = {50},
    keywords = {pointer qualifier, Memory safety, libraries, subtyping}
}

@inproceedings{SafeDrive:OSDI06,
    author = {Zhou, Feng and Condit, Jeremy and Anderson, Zachary and Bagrak, Ilya and Ennals, Rob and Harren, Matthew and Necula, George and Brewer, Eric and Brewer, Eric and Brewer, Eric},
    title = {SafeDrive: Safe and Recoverable Extensions Using Language-based Techniques},
    booktitle = {Proceedings of the 7th Symposium on Operating Systems Design and Implementation},
    series = {OSDI '06},
    year = {2006},
    isbn = {1-931971-47-1},
    location = {Seattle, Washington},
    pages = {45--60},
    numpages = {16},
    url = {http://dl.acm.org/citation.cfm?id=1298455.1298461},
    acmid = {1298461},
    publisher = {USENIX Association},
    address = {Berkeley, CA, USA},
}

@inproceedings{Deputy:ESOP07,
    author = {Condit, Jeremy and Harren, Matthew and Anderson, Zachary and Gay, David and Necula, George C.},
    title = {Dependent Types for Low-level Programming},
    booktitle = {Proceedings of the 16th European Symposium on Programming},
    series = {ESOP'07},
    year = {2007},
    isbn = {978-3-540-71314-2},
    location = {Braga, Portugal},
    pages = {520--535},
    numpages = {16},
    url = {http://dl.acm.org/citation.cfm?id=1762174.1762221},
    acmid = {1762221},
    publisher = {Springer-Verlag},
    address = {Berlin, Heidelberg},
}

@INPROCEEDINGS{CheckedC:SecDev18,
    author={Archibald Samuel Elliott and Andrew Ruef and Michael Hicks and David Tarditi},
    booktitle={2018 IEEE Cybersecurity Development (SecDev)},
    title={{Checked C: Making C Safe by Extension}},
    year={2018},
    volume={},
    number={},
    pages={53-60},
    keywords={C++ language;program debugging;storage management;C safe;spatial
    safety;backward-compatibility;incremental conversion;developer control;highly performant
    code;performance evaluation;checked region;bounds-safe interfaces;checked
    pointer;checked C's design;Safety;Static analysis;Tools;Cyclones;Benchmark
    testing;Security;Computer bugs;programming languages;security},
    doi={10.1109/SecDev.2018.00015},
    ISSN={},
    month={Sep.},
}

@InProceedings{CheckedCProof:POST19,
    author="Ruef, Andrew
        and Lampropoulos, Leonidas
        and Sweet, Ian
        and Tarditi, David
        and Hicks, Michael",
    editor="Nielson, Flemming
        and Sands, David",
    title={{Achieving Safety Incrementally with Checked C}},
    booktitle="Principles of Security and Trust",
    year="2019",
    publisher="Springer International Publishing",
    address="Cham",
    pages="76--98",
    isbn="978-3-030-17138-4"
}

@INPROCEEDINGS{FreeBSDCheckedC:SecDev20,
  author={Junhan {Duan} and Yudi {Yang} and Jie {Zhou} and John {Criswell}},
  booktitle={2020 IEEE Secure Development (SecDev)},
  title={Refactoring the FreeBSD Kernel with Checked C},
  year={2020},
  volume={},
  number={},
  pages={15-22},
  doi={10.1109/SecDev45635.2020.00018},
}

@inproceedings{UAFSan:ISSTA21,
    author = {Gui, Binfa and Song, Wei and Huang, Jeff},
    title = {UAFSan: An Object-Identifier-Based Dynamic Approach for Detecting Use-after-Free Vulnerabilities},
    year = {2021},
    isbn = {9781450384599},
    publisher = {Association for Computing Machinery},
    address = {New York, NY, USA},
    url = {https://doi.org/10.1145/3460319.3464835},
    doi = {10.1145/3460319.3464835},
    booktitle = {Proceedings of the 30th ACM SIGSOFT International Symposium on Software Testing and Analysis},
    pages = {309–321},
    numpages = {13},
    keywords = {object identifier, Use-After-Free (UAF), double-free, instrumentation, dynamic analysis},
    location = {Virtual, Denmark},
    series = {ISSTA 2021}
}

@inproceedings{CheckedCModel:CSF22,
  author = {Liyi Li and Yiyun Liu and Deena L. Postol and Leonidas Lampropoulos and David Van Horn and Michael Hicks},
  title = {A Formal Model of {Checked C}},
  booktitle = {Proceedings of the Computer Security Foundations Symposium (CSF)},
  month = aug,
  year = 2022
}

@inproceedings{3C:OOPSLA22,
  title = {{C} to {Checked C} by {3C}},
  author = {Aravind Machiry and John Kastner and Matt McCutchen and Aaron Eline and Kyle Headley and Michael Hicks},
  booktitle = {Proceedings of the {ACM} Conference on Object-Oriented Programming Languages, Systems, and Applications (OOPSLA)},
  url = {https://arxiv.org/abs/2203.13445},
  month = oct,
  year = 2022
}

%--------------------------------------------------------------------------------------------------%
% Rust
%--------------------------------------------------------------------------------------------------%

@inproceedings{Sandcrust:PLOS17,
    author = {Lamowski, Benjamin and Weinhold, Carsten and Lackorzynski, Adam and H\"{a}rtig, Hermann},
    title = {Sandcrust: Automatic Sandboxing of Unsafe Components in Rust},
    year = {2017},
    isbn = {9781450351539},
    publisher = {Association for Computing Machinery},
    address = {New York, NY, USA},
    url = {https://doi.org/10.1145/3144555.3144562},
    doi = {10.1145/3144555.3144562},
    booktitle = {Proceedings of the 9th Workshop on Programming Languages and Operating Systems},
    pages = {51–57},
    numpages = {7},
    location = {Shanghai, China},
    series = {PLOS'17}
}

@inproceedings{FideliusCharm:CODSPY18,
    author = {Almohri, Hussain M. J. and Evans, David},
    title = {{Fidelius Charm: Isolating Unsafe Rust Code}},
    year = {2018},
    isbn = {9781450356329},
    publisher = {Association for Computing Machinery},
    address = {New York, NY, USA},
    url = {https://doi.org/10.1145/3176258.3176330},
    doi = {10.1145/3176258.3176330},
    booktitle = {Proceedings of the Eighth ACM Conference on Data and Application Security and Privacy},
    pages = {248–255},
    numpages = {8},
    keywords = {compartmentalization, sandboxing, rust, isolation},
    location = {Tempe, AZ, USA},
    series = {CODASPY '18}
}

@inproceedings{UnsafeRust:ICSE20,
    author = {Evans, Ana Nora and Campbell, Bradford and Soffa, Mary Lou},
    title = {{Is Rust Used Safely by Software Developers?}},
    year = {2020},
    isbn = {9781450371216},
    publisher = {Association for Computing Machinery},
    address = {New York, NY, USA},
    url = {https://doi.org/10.1145/3377811.3380413},
    doi = {10.1145/3377811.3380413},
    booktitle = {Proceedings of the ACM/IEEE 42nd International Conference on Software Engineering},
    pages = {246–257},
    numpages = {12},
    location = {Seoul, South Korea},
    series = {ICSE '20}
}

@inproceedings{UnsafeRust:PLDI20,
    author = {Qin, Boqin and Chen, Yilun and Yu, Zeming and Song, Linhai and Zhang, Yiying},
    title = {{Understanding Memory and Thread Safety Practices and Issues in Real-World Rust Programs}},
    year = {2020},
    isbn = {9781450376136},
    publisher = {Association for Computing Machinery},
    address = {New York, NY, USA},
    url = {https://doi.org/10.1145/3385412.3386036},
    doi = {10.1145/3385412.3386036},
    booktitle = {Proceedings of the 41st ACM SIGPLAN Conference on Programming Language Design and Implementation},
    pages = {763–779},
    numpages = {17},
    keywords = {Memory Bug, Concurrency Bug, Bug Study, Rust},
    location = {London, UK},
    series = {PLDI 2020}
}

@article{UnsafeRust:OOPSLA20,
    author = {Astrauskas, Vytautas and Matheja, Christoph and Poli, Federico and M\"{u}ller, Peter and Summers, Alexander J.},
    title = {{How Do Programmers Use Unsafe Rust?}},
    year = {2020},
    issue_date = {November 2020},
    publisher = {Association for Computing Machinery},
    address = {New York, NY, USA},
    volume = {4},
    number = {OOPSLA},
    url = {https://doi.org/10.1145/3428204},
    doi = {10.1145/3428204},
    journal = {Proc. ACM Program. Lang.},
    month = nov,
    articleno = {136},
    numpages = {27},
    keywords = {Rust hypothesis, Rust, unsafe code, empirical study}
}

@inproceedings{XRust:ICSE20,
    author = {Liu, Peiming and Zhao, Gang and Huang, Jeff},
    title = {Securing Unsafe Rust Programs with XRust},
    year = {2020},
    isbn = {9781450371216},
    publisher = {Association for Computing Machinery},
    address = {New York, NY, USA},
    url = {https://doi.org/10.1145/3377811.3380325},
    doi = {10.1145/3377811.3380325},
    booktitle = {Proceedings of the ACM/IEEE 42nd International Conference on Software Engineering},
    pages = {234–245},
    numpages = {12},
    location = {Seoul, South Korea},
    series = {ICSE '20}
}

@inproceedings{Galeed:ACSAC21,
    author = {Rivera, Elijah and Mergendahl, Samuel and Shrobe, Howard and Okhravi, Hamed and Burow, Nathan},
    title = {Keeping Safe Rust Safe with Galeed},
    year = {2021},
    isbn = {9781450385794},
    publisher = {Association for Computing Machinery},
    address = {New York, NY, USA},
    url = {https://doi.org/10.1145/3485832.3485903},
    doi = {10.1145/3485832.3485903},
    booktitle = {Annual Computer Security Applications Conference},
    pages = {824–836},
    numpages = {13},
    location = {Virtual Event, USA},
    series = {ACSAC '21}
}

@article{MemSafetyRust:TOSEM21,
    author = {Xu, Hui and Chen, Zhuangbin and Sun, Mingshen and Zhou, Yangfan and Lyu, Michael R.},
    title = {Memory-Safety Challenge Considered Solved? An In-Depth Study with All Rust CVEs},
    year = {2021},
    issue_date = {January 2022},
    publisher = {Association for Computing Machinery},
    address = {New York, NY, USA},
    volume = {31},
    number = {1},
    issn = {1049-331X},
    url = {https://doi.org/10.1145/3466642},
    doi = {10.1145/3466642},
    journal = {ACM Trans. Softw. Eng. Methodol.},
    month = {sep},
    articleno = {3},
    numpages = {25},
    keywords = {common vulnerability and exposures, memory-safety bugs, Rust}
}

@inproceedings{PKRUSafe:EuroSys22,
    author = {Kirth, Paul and Dickerson, Mitchel and Crane, Stephen and Larsen, Per and Dabrowski, Adrian and Gens, David and Na, Yeoul and Volckaert, Stijn and Franz, Michael},
    title = {PKRU-Safe: Automatically Locking down the Heap between Safe and Unsafe Languages},
    year = {2022},
    isbn = {9781450391627},
    publisher = {Association for Computing Machinery},
    address = {New York, NY, USA},
    url = {https://doi.org/10.1145/3492321.3519582},
    doi = {10.1145/3492321.3519582},
    booktitle = {Proceedings of the Seventeenth European Conference on Computer Systems},
    pages = {132–148},
    numpages = {17},
    keywords = {security, MPK, compartmentalization, compilers},
    location = {Rennes, France},
    series = {EuroSys '22}
}

@inproceedings{CLA:NDSS22,
  title={Cross-Language Attacks},
  author={Mergendahl, Samuel and Burow, Nathan and Okhravi, Hamed},
  booktitle={Proceedings 2022 Network and Distributed System Security Symposium. NDSS},
  volume={22},
  pages={1--17},
  year={2022}
}

@inproceedings{RustPerf:ASE22,
    author = {Zhang, Yuchen and Zhang, Yunhang and Portokalidis, Georgios and Xu, Jun},
    title = {Towards Understanding the Runtime Performance of Rust},
    year = {2023},
    isbn = {9781450394758},
    publisher = {Association for Computing Machinery},
    address = {New York, NY, USA},
    url = {https://doi.org/10.1145/3551349.3559494},
    doi = {10.1145/3551349.3559494},
    booktitle = {Proceedings of the 37th IEEE/ACM International Conference on Automated Software Engineering},
    articleno = {140},
    numpages = {6},
    location = {Rochester, MI, USA},
    series = {ASE '22}
}

%--------------------------------------------------------------------------------------------------%
% Spatial Memory Safety
%--------------------------------------------------------------------------------------------------%
@inproceedings{PAriCheck:AsiaCCS10,
    author = {Younan, Yves and Philippaerts, Pieter and Cavallaro, Lorenzo and Sekar, R. and Piessens, Frank and Joosen, Wouter},
    title = {PAriCheck: An Efficient Pointer Arithmetic Checker for C Programs},
    year = {2010},
    isbn = {9781605589367},
    publisher = {Association for Computing Machinery},
    address = {New York, NY, USA},
    url = {https://doi.org/10.1145/1755688.1755707},
    doi = {10.1145/1755688.1755707},
    booktitle = {Proceedings of the 5th ACM Symposium on Information, Computer and Communications Security},
    pages = {145–156},
    numpages = {12},
    keywords = {bounds checking, buffer overflows},
    location = {Beijing, China},
    series = {ASIACCS '10}
}

@inproceedings{SoftBound:PLDI09,
    author = {Nagarakatte, Santosh and Zhao, Jianzhou and Martin, Milo M.K. and Zdancewic, Steve},
    title = {SoftBound: Highly Compatible and Complete Spatial Memory Safety for C},
    booktitle = {Proceedings of the 30th ACM SIGPLAN Conference on Programming Language Design and Implementation},
    series = {PLDI '09},
    year = {2009},
    isbn = {978-1-60558-392-1},
    location = {Dublin, Ireland},
    pages = {245--258},
    numpages = {14},
    url = {http://doi.acm.org/10.1145/1542476.1542504},
    doi = {10.1145/1542476.1542504},
    acmid = {1542504},
    publisher = {ACM},
    address = {New York, NY, USA},
    keywords = {buffer overflows, c, spatial memory safety},
}

@inproceedings{BaggyBounds:Sec09,
    author = {Akritidis, Periklis and Costa, Manuel and Castro, Miguel and Hand, Steven},
    title = {Baggy Bounds Checking: An Efficient and Backwards-Compatible Defense against out-of-Bounds Errors},
    year = {2009},
    publisher = {USENIX Association},
    address = {USA},
    booktitle = {Proceedings of the 18th Conference on USENIX Security Symposium},
    pages = {51–66},
    numpages = {16},
    location = {Montreal, Canada},
    series = {SSYM'09}
}


@inproceedings{CPI:OSDI14,
    author = {Kuznetsov, Volodymyr and Szekeres, L\'{a}szl\'{o} and Payer, Mathias and Candea, George and Sekar, R. and Song, Dawn},
    title = {{Code-pointer Integrity}},
    booktitle = {Proceedings of the 11th USENIX Conference on Operating Systems Design and Implementation},
    series = {OSDI'14},
    year = {2014},
    isbn = {978-1-931971-16-4},
    location = {Broomfield, CO},
    pages = {147--163},
    numpages = {17},
    url = {http://dl.acm.org/citation.cfm?id=2685048.2685061},
    acmid = {2685061},
}

@INPROCEEDINGS{CPIEfficacy:Oakland15,
    author={I. {Evans} and S. {Fingeret} and J. {Gonzalez} and U. {Otgonbaatar} and T. {Tang} and H. {Shrobe} and S. {Sidiroglou-Douskos} and M. {Rinard} and H. {Okhravi}},
    booktitle={2015 IEEE Symposium on Security and Privacy},
    title={{Missing the Point(er): On the Effectiveness of Code Pointer Integrity}},
    year={2015},
    volume={},
    number={},
    pages={781-796},
    keywords={data protection;security of data;code pointer integrity effectiveness;memory corruption attacks;legacy languages;memory safety;C-C++;control flow integrity;control-hijacking attacks;code pointer protection;instruction level isolation;ARM;information hiding;CPI safe region;data pointer overwrites;security mechanisms;time 98 hour;Computer crashes;Libraries;Delays;Safety;Security},
    doi={10.1109/SP.2015.53},
    ISSN={},
    month={May},
}

@inproceedings{METAlloc:EuroSec16,
    author = {Haller, Istvan and van der Kouwe, Erik and Giuffrida, Cristiano and Bos, Herbert},
    title = {METAlloc: Efficient and Comprehensive Metadata Management for Software Security Hardening},
    year = {2016},
    isbn = {9781450342957},
    publisher = {Association for Computing Machinery},
    address = {New York, NY, USA},
    url = {https://doi.org/10.1145/2905760.2905766},
    doi = {10.1145/2905760.2905766},
    booktitle = {Proceedings of the 9th European Workshop on System Security},
    articleno = {5},
    numpages = {6},
    location = {London, United Kingdom},
    series = {EuroSec '16}
}

%
% ROP papers (and ret2lib)
%

@misc{Ret2Libc,
    author = {Solar Designer},
    title = {Return-into-libc Attack},
    booktitle = {Bugtraq},
    month = {August},
    year = {1997},
    url = {https://insecure.org/sploits/linux.libc.return.lpr.sploit.html},
    note = "\url{https://insecure.org/sploits/linux.libc.return.lpr.sploit.html}"
}

@inproceedings{ROP:CCS07,
    author = {Shacham, Hovav},
    title = {The Geometry of Innocent Flesh on the Bone: Return-into-libc Without Function Calls (on the x86)},
    booktitle = {Proceedings of the 14th ACM Conference on Computer and Communications Security},
    series = {CCS '07},
    year = {2007},
    isbn = {978-1-59593-703-2},
    location = {Alexandria, Virginia, USA},
    pages = {552--561},
    numpages = {10},
    url = {http://doi.acm.org/10.1145/1315245.1315313},
    doi = {10.1145/1315245.1315313},
    acmid = {1315313},
    publisher = {ACM},
    address = {New York, NY, USA},
    keywords = {instruction set, return-into-libc, turing completeness},
}

@article{ROP:TISSEC12,
    author = {Roemer, Ryan and Buchanan, Erik and Shacham, Hovav and Savage, Stefan},
    title = {Return-Oriented Programming: Systems, Languages, and Applications},
    journal = {ACM Trans. Inf. Syst. Secur.},
    issue_date = {March 2012},
    volume = {15},
    number = {1},
    month = mar,
    year = {2012},
    issn = {1094-9224},
    pages = {2:1--2:34},
    articleno = {2},
    numpages = {34},
    url = {http://doi.acm.org/10.1145/2133375.2133377},
    doi = {10.1145/2133375.2133377},
    acmid = {2133377},
    publisher = {ACM},
    keywords = {NX, RISC, Return-oriented programming, SPARC, W-xor-X, attacks, control flow integrity, memory safety, return-into-libc, x86},
}

@inproceedings{ROPDanger:USS14,
  author = {Carlini, Nicholas and Wagner, David},
  title = {{{ROP} is Still Dangerous: Breaking Modern Defenses}},
  booktitle = {Proceedings of the 23rd USENIX Security Symposium},
  series = {Security '14},
  year = {2014},
  isbn = {978-1-931971-15-7},
  address = {San Diego, CA},
  pages = {385--399},
  numpages = {15},
  url = {https://www.usenix.org/conference/usenixsecurity14/technical-sessions/presentation/carlini},
  publisher = {USENIX Association},
}

%
% CFI papers
%
@inproceedings{CFI:CCS05,
    author = {Abadi, Mart\'{\i}n and Budiu, Mihai and Erlingsson, \'{U}lfar and Ligatti, Jay},
    title = {{Control-flow Integrity}},
    booktitle = {Proceedings of the 12th ACM Conference on Computer and Communications Security},
    series = {CCS '05},
    year = {2005},
    isbn = {1-59593-226-7},
    location = {Alexandria, VA, USA},
    pages = {340--353},
    numpages = {14},
    url = {http://doi.acm.org/10.1145/1102120.1102165},
    doi = {10.1145/1102120.1102165},
    acmid = {1102165},
    publisher = {ACM},
    address = {New York, NY, USA},
    keywords = {binary rewriting, control-flow graph, inlined reference monitors, vulnerabilities},
}

@article{CFI:TISSEC09,
  author = {Abadi, Mart\'{\i}n and Budiu, Mihai and Erlingsson, \'{U}lfar and Ligatti, Jay},
  title = {{Control-Flow Integrity Principles, Implementations, and Applications}},
  journal = {ACM Transactions on Information Systems Security},
  issue_date = {October 2009},
  volume = {13},
  issue = {1},
  year = {2009},
  month = {November},
  issn = {1094-9224},
  pages = {4:1--4:40},
  articleno = {4},
  numpages = {40},
  url = {https://doi.org/10.1145/1609956.1609960},
  doi = {10.1145/1609956.1609960},
  publisher = {ACM},
  address = {New York, NY, USA},
}

@INPROCEEDINGS{CCFIR:Oakland13,
    author={C. {Zhang} and T. {Wei} and Z. {Chen} and L. {Duan} and L. {Szekeres} and S. {McCamant} and D. {Song} and W. {Zou}},
    booktitle={2013 IEEE Symposium on Security and Privacy},
    title={{Practical Control Flow Integrity and Randomization for Binary
        Executables}},
    year={2013},
    volume={},
    number={},
    pages={559-573},
    keywords={computer crime;legislation;online front-ends;Web sites;binary executable;control-flow hijacking attack protection;protection method;CCFIR;compact control flow integrity and randomization;CFI adoption;control-transfer instruction;springboard section;on-site target-randomization;ROP;return-into-libc;ASLR;Windows/x86 PE;legal instruction;Web browser;SPEC CPU2000;GCC;Firefox;Security;Layout;Libraries;Runtime;Law;Control systems},
    doi={10.1109/SP.2013.44},
    ISSN={1081-6011},
    month={May},
}

@inproceedings{KCoFI:Oakland14,
  author = {Criswell, John and Dautenhahn, Nathan and Adve, Vikram},
  title = {{KCoFI}: Complete Control-Flow Integrity for Commodity Operating System Kernels},
  booktitle = {Proceedings of the 2014 IEEE Symposium on Security and Privacy},
  series = {SP '14},
  year = {2014},
  isbn = {978-1-4799-4686-0},
  address = {San Jose, CA},
  pages = {292--307},
  numpages = {16},
  url = {https://doi.org/10.1109/SP.2014.26},
  doi = {10.1109/SP.2014.26},
  publisher = {IEEE Computer Society},
}

%--------------------------------------------------------------------------------------------------%
% Intra-Address Space Isolation
%--------------------------------------------------------------------------------------------------%

%
% Software Fault Isolation (SFI)
%
@inproceedings{SFI:SOSP93,
    author = {Wahbe, Robert and Lucco, Steven and Anderson, Thomas E. and Graham, Susan L.},
    title = {{Efficient Software-based Fault Isolation}},
    booktitle = {Proceedings of the Fourteenth ACM Symposium on Operating Systems Principles},
    series = {SOSP '93},
    year = {1993},
    isbn = {0-89791-632-8},
    location = {Asheville, North Carolina, USA},
    pages = {203--216},
    numpages = {14},
    url = {http://doi.acm.org/10.1145/168619.168635},
    doi = {10.1145/168619.168635},
    acmid = {168635},
    publisher = {ACM},
    address = {New York, NY, USA},
}

@inproceedings {CISCSFI:Sec06,
    author = {Stephen McCamant and Greg Morrisett},
    title = {Evaluating {SFI} for a {CISC} Architecture},
    booktitle = {15th {USENIX} Security Symposium ({USENIX} Security 06)},
    year = {2006},
    address = {Vancouver, B.C. Canada},
    url = {https://www.usenix.org/conference/15th-usenix-security-symposium/evaluating-sfi-cisc-architecture},
    publisher = {{USENIX} Association},
    month = jul,
}

@article{SASI:DISCEX00,
  title={SASI enforcement of security policies: a retrospective},
  author={{\'U}lfar Erlingsson and F. Schneider},
  journal={Proceedings DARPA Information Survivability Conference and Exposition. DISCEX'00},
  year={2000},
  volume={2},
  pages={287-295 vol.2}
}

@inproceedings{XFI:OSDI06,
    author = {Erlingsson, \'{U}lfar and Abadi, Mart\'{\i}n and Vrable, Michael and Budiu, Mihai and Necula, George C.},
    title = {{XFI}: Software Guards for System Address Spaces},
    year = {2006},
    isbn = {1931971471},
    publisher = {USENIX Association},
    address = {USA},
    booktitle = {Proceedings of the 7th Symposium on Operating Systems Design and Implementation},
    pages = {75–88},
    numpages = {14},
    location = {Seattle, Washington},
    series = {OSDI ’06}
}

@inproceedings{BGI:SOSP09,
    author = {Castro, Miguel and Costa, Manuel and Martin, Jean-Philippe and Peinado, Marcus and Akritidis, Periklis and Donnelly, Austin and Barham, Paul and Black, Richard},
    title = {{Fast Byte-Granularity Software Fault Isolation}},
    year = {2009},
    isbn = {9781605587523},
    publisher = {Association for Computing Machinery},
    address = {New York, NY, USA},
    url = {https://doi.org/10.1145/1629575.1629581},
    doi = {10.1145/1629575.1629581},
    booktitle = {Proceedings of the ACM SIGOPS 22nd Symposium on Operating Systems Principles},
    pages = {45–58},
    numpages = {14},
    keywords = {device drivers, isolation},
    location = {Big Sky, Montana, USA},
    series = {SOSP '09}
}

@INPROCEEDINGS{NaCl:Oakland09,
  author={B. {Yee} and D. {Sehr} and G. {Dardyk} and J. B. {Chen} and R. {Muth} and T. {Ormandy} and S. {Okasaka} and N. {Narula} and N. {Fullagar}},
  booktitle={2009 30th IEEE Symposium on Security and Privacy},
  title={Native Client: A Sandbox for Portable, Untrusted x86 Native Code},
  year={2009},
  volume={},
  number={},
  pages={79-93},
  doi={10.1109/SP.2009.25}
}

@inproceedings{PNaCl:Sec10,
    author = {Sehr, David and Muth, Robert and Biffle, Cliff and Khimenko, Victor and Pasko, Egor and Schimpf, Karl and Yee, Bennet and Chen, Brad},
    title = {Adapting Software Fault Isolation to Contemporary CPU Architectures},
    year = {2010},
    isbn = {8887666655554},
    publisher = {USENIX Association},
    address = {USA},
    booktitle = {Proceedings of the 19th USENIX Conference on Security},
    pages = {1},
    numpages = {1},
    location = {Washington, DC},
    series = {USENIX Security'10}
}

@inproceedings{CFISandboxing:CCS11,
    author = {Zeng, Bin and Tan, Gang and Morrisett, Greg},
    title = {Combining Control-Flow Integrity and Static Analysis for Efficient and Validated Data Sandboxing},
    year = {2011},
    isbn = {9781450309486},
    publisher = {Association for Computing Machinery},
    address = {New York, NY, USA},
    url = {https://doi.org/10.1145/2046707.2046713},
    doi = {10.1145/2046707.2046713},
    booktitle = {Proceedings of the 18th ACM Conference on Computer and Communications Security},
    pages = {29–40},
    numpages = {12},
    keywords = {binary rewriting, inlined reference monitors, control-flow integrity, static analysis},
    location = {Chicago, Illinois, USA},
    series = {CCS '11}
}

@inproceedings{ARMlock:CCS14,
  author = {Zhou, Yajin and Wang, Xiaoguang and Chen, Yue and Wang, Zhi},
  title = {{ARMlock}: Hardware-Based Fault Isolation for {ARM}},
  booktitle = {Proceedings of the 2014 ACM SIGSAC Conference on Computer and Communications Security},
  series = {CCS '14},
  year = {2014},
  isbn = {978-1-4503-2957-6},
  address = {Scottsdale, AZ},
  pages = {558--569},
  numpages = {12},
  url = {https://doi.org/10.1145/2660267.2660344},
  doi = {10.1145/2660267.2660344},
  publisher = {ACM},
}

@InProceedings{ISboxing:IFIP15,
    author="Deng, Liang and Zeng, Qingkai and Liu, Yao",
    editor="Federrath, Hannes
        and Gollmann, Dieter",
    title="ISboxing: An Instruction Substitution Based Data Sandboxing for x86 Untrusted Libraries",
    booktitle="ICT Systems Security and Privacy Protection",
    year="2015",
    publisher="Springer International Publishing",
    address="Cham",
    pages="386--400",
    isbn="978-3-319-18467-8"
}

%--------------------------------------------------------------------------------------------------%
% End of SFI
%--------------------------------------------------------------------------------------------------%

%--------------------------------------------------------------------------------------------------%
% Other Sandboxing
%--------------------------------------------------------------------------------------------------%
@inproceedings{CFISASandboxing:CCS11,
    author = {Zeng, Bin and Tan, Gang and Morrisett, Greg},
    title = {Combining Control-Flow Integrity and Static Analysis for Efficient and Validated Data Sandboxing},
    year = {2011},
    isbn = {9781450309486},
    publisher = {Association for Computing Machinery},
    address = {New York, NY, USA},
    url = {https://doi.org/10.1145/2046707.2046713},
    doi = {10.1145/2046707.2046713},
    booktitle = {Proceedings of the 18th ACM Conference on Computer and Communications Security},
    pages = {29–40},
    numpages = {12},
    keywords = {binary rewriting, static analysis, inlined reference monitors, control-flow integrity},
    location = {Chicago, Illinois, USA},
    series = {CCS '11}
}

%--------------------------------------------------------------------------------------------------%
% End of Other Sandboxing
%--------------------------------------------------------------------------------------------------%


%--------------------------------------------------------------------------------------------------%
% Shadow Stack papers
%--------------------------------------------------------------------------------------------------%

@inproceedings{SS:AsiaCCS15,
    author = {Dang, Thurston H.Y. and Maniatis, Petros and Wagner, David},
    title = {{The Performance Cost of Shadow Stacks and Stack Canaries}},
    year = {2015},
    isbn = {9781450332453},
    publisher = {Association for Computing Machinery},
    address = {New York, NY, USA},
    url = {https://doi.org/10.1145/2714576.2714635},
    doi = {10.1145/2714576.2714635},
    booktitle = {Proceedings of the 10th ACM Symposium on Information, Computer and Communications Security},
    pages = {555–566},
    numpages = {12},
    keywords = {shadow stack, stack canary, stack cookie},
    location = {Singapore, Republic of Singapore},
    series = {ASIA CCS ’15}
}

@inproceedings{SSSok:Oakland19,
  author = {Burow, Nathan and Zhang, Xinping and Payer, Mathias},
  title = {{{SoK}: Shining Light on Shadow Stacks}},
  booktitle = {Proceedings of the 2019 IEEE Symposium on Security and Privacy},
  series = {SP '19},
  year = {2019},
  isbn = {978-1-5386-6660-9},
  address = {San Francisco, CA},
  pages = {985--999},
  numpages = {15},
  url = {https://doi.org/10.1109/SP.2019.00076},
  doi = {10.1109/SP.2019.00076},
  publisher = {IEEE Computer Society},
}

%--------------------------------------------------------------------------------------------------%
% End of Shadow Stack papers
%--------------------------------------------------------------------------------------------------%


%
% Attacks
%
@inproceedings{NonCtrlData:USS05,
  author = {Chen, Shuo and Xu, Jun and Sezer, Emre C. and Gauriar, Prachi and Iyer, Ravishankar K.},
  title = {{Non-Control-Data Attacks Are Realistic Threats}},
  booktitle = {Proceedings of the 14th USENIX Security Symposium},
  series = {Security '05},
  year = {2005},
  address = {Baltimore, MD},
  pages = {177--191},
  numpages = {15},
  url = {https://www.usenix.org/legacy/event/sec05/tech/chen.html},
  publisher = {USENIX Association},
}

@INPROCEEDINGS{OutOfControl:Oakland14,
    author={E. {Göktas} and E. {Athanasopoulos} and H. {Bos} and G. {Portokalidis}},
    booktitle={2014 IEEE Symposium on Security and Privacy},
    title={Out of Control: Overcoming Control-Flow Integrity},
    year={2014},
    volume={},
    number={},
    pages={575-589},
    keywords={programming;security of data;control flow integrity;CFI;return oriented programming;code reuse attacks;Internet Explorer;Software;Security;Internet;Programming;Electronic mail;Payloads;Integrated circuits;Control-flow integrity evaluation;code-reuse attack},
    doi={10.1109/SP.2014.43},
    ISSN={2375-1207},
    month={May},
}

@inproceedings {StitchGadgets:USS14,
    author = {Lucas Davi and Ahmad-Reza Sadeghi and Daniel Lehmann and Fabian Monrose},
    title = {{Stitching the Gadgets: On the Ineffectiveness of Coarse-Grained Control-Flow Integrity
        Protection}},
    booktitle = {23rd {USENIX} Security Symposium ({USENIX} Security 14)},
    year = {2014},
    isbn = {978-1-931971-15-7},
    address = {San Diego, CA},
    pages = {401--416},
    url = {https://www.usenix.org/conference/usenixsecurity14/technical-sessions/presentation/davi},
    publisher = {{USENIX} Association},
    month = aug,
}

@inproceedings {CFBending:USS15,
    author = {Nicholas Carlini and Antonio Barresi and Mathias Payer and David Wagner and Thomas R. Gross},
    title = {{Control-Flow Bending: On the Effectiveness of Control-Flow Integrity}},
    booktitle = {24th {USENIX} Security Symposium ({USENIX} Security 15)},
    year = {2015},
    isbn = {978-1-931971-232},
    address = {Washington, D.C.},
    pages = {161--176},
    url = {https://www.usenix.org/conference/usenixsecurity15/technical-sessions/presentation/carlini},
    publisher = {{USENIX} Association},
    month = aug,
}

@inproceedings{LoseControl:CCS15,
    author = {Conti, Mauro and Crane, Stephen and Davi, Lucas and Franz, Michael and Larsen, Per and Negro, Marco and Liebchen, Christopher and Qunaibit, Mohaned and Sadeghi, Ahmad-Reza},
    title = {{Losing Control: On the Effectiveness of Control-Flow Integrity Under Stack Attacks}},
    booktitle = {Proceedings of the 22nd ACM SIGSAC Conference on Computer and Communications Security},
    series = {CCS '15},
    year = {2015},
    isbn = {978-1-4503-3832-5},
    location = {Denver, Colorado, USA},
    pages = {952--963},
    numpages = {12},
    url = {http://doi.acm.org/10.1145/2810103.2813671},
    doi = {10.1145/2810103.2813671},
    acmid = {2813671},
    publisher = {ACM},
    address = {New York, NY, USA},
    keywords = {code-reuse attacks, control-flow integrity, stack corruption},
}

@inproceedings{ControlJujutsu:CCS15,
  author = {Evans, Isaac and Long, Fan and Otgonbaatar, Ulziibayar and Shrobe, Howard and Rinard, Martin and Okhravi, Hamed and Sidiroglou-Douskos, Stelios},
  title = {{Control Jujutsu}: On the Weaknesses of Fine-Grained Control Flow Integrity},
  booktitle = {Proceedings of the 22nd ACM SIGSAC Conference on Computer and Communications Security},
  series = {CCS '15},
  year = {2015},
  isbn = {978-1-4503-3832-5},
  address = {Denver, CO},
  pages = {901--913},
  numpages = {13},
  url = {https://doi.org/10.1145/2810103.2813646},
  doi = {10.1145/2810103.2813646},
  publisher = {ACM},
}

@inproceedings{DOP:Oakland16,
  author = {Hu, Hong and Shinde, Shweta and Adrian, Sendroiu and Chua, Zheng Leong and Saxena, Prateek and Liang, Zhenkai},
  title = {Data-Oriented Programming: On the Expressiveness of Non-control Data Attacks},
  booktitle = {Proceedings of the 2016 IEEE Symposium on Security and Privacy},
  series = {SP '15},
  year = {2016},
  isbn = {978-1-5090-0824-7},
  address = {San Jose, CA},
  pages = {969--986},
  numpages = {18},
  url = {https://doi.org/10.1109/SP.2016.62},
  doi = {10.1109/SP.2016.62},
  publisher = {IEEE Computer Society},
}

%--------------------------------------------------------------------------------------------------%
% Temporal Memory Safety
%--------------------------------------------------------------------------------------------------%

@inproceedings{DAUAF:DSN06,
    author = {Dhurjati, Dinakar and Adve, Vikram},
    title = {{Efficiently Detecting All Dangling Pointer Uses in Production
        Servers}},
    booktitle = {Proceedings of the International Conference on Dependable Systems and Networks},
    series = {DSN '06},
    year = {2006},
    isbn = {0-7695-2607-1},
    pages = {269--280},
    numpages = {12},
    url = {http://dx.doi.org/10.1109/DSN.2006.31},
    doi = {10.1109/DSN.2006.31},
    acmid = {1135707},
    address = {Washington, DC, USA},
}

@inproceedings{DieHard:PLDI06,
    author = {Berger, Emery D. and Zorn, Benjamin G.},
    title = {{DieHard: Probabilistic Memory Safety for Unsafe Languages}},
    booktitle = {Proceedings of the 27th ACM SIGPLAN Conference on Programming Language Design and Implementation},
    series = {PLDI '06},
    year = {2006},
    isbn = {1-59593-320-4},
    location = {Ottawa, Ontario, Canada},
    pages = {158--168},
    numpages = {11},
    url = {http://doi.acm.org/10.1145/1133981.1134000},
    doi = {10.1145/1133981.1134000},
    acmid = {1134000},
    publisher = {ACM},
    address = {New York, NY, USA},
    keywords = {DieHard, dynamic memory allocation, probabilistic memory safety, randomization, replication},
}

@inproceedings{Exterminator:PLDI07,
    author = {Novark, Gene and Berger, Emery D. and Zorn, Benjamin G.},
    title = {Exterminator: Automatically Correcting Memory Errors with High Probability},
    year = {2007},
    isbn = {9781595936332},
    publisher = {Association for Computing Machinery},
    address = {New York, NY, USA},
    url = {https://doi.org/10.1145/1250734.1250736},
    doi = {10.1145/1250734.1250736},
    booktitle = {Proceedings of the 28th ACM SIGPLAN Conference on Programming Language Design and Implementation},
    pages = {1–11},
    numpages = {11},
    keywords = {probabilistic algorithms, randomized algorithms, memory errors, dieFast, dynamic memory allocation, error correction, exterminator},
    location = {San Diego, California, USA},
    series = {PLDI '07}
}

@incollection{UAF:BlackHatUSA07,
  author = {Afek, Jonathan and Sharabani, Adi},
  title = {{Dangling pointer: Smashing the Pointer for Fun and Profit}},
  booktitle = {Black Hat USA},
  year = {2007},
  url = {https://www.blackhat.com/presentations/bh-usa-07/Afek/Whitepaper/bh-usa-07-afek-WP.pdf},
}

@inproceedings{HeapSpray:WOOT08,
    author = {Daniel, Mark and Honoroff, Jake and Miller, Charlie},
    title = {{Engineering Heap Overflow Exploits with JavaScript}},
    booktitle = {Proceedings of the 2Nd Conference on USENIX Workshop on Offensive Technologies},
    series = {WOOT'08},
    year = {2008},
    location = {San Jose, CA},
    pages = {1:1--1:6},
    articleno = {1},
    numpages = {6},
    url = {http://dl.acm.org/citation.cfm?id=1496702.1496703},
    acmid = {1496703},
    publisher = {USENIX Association},
    address = {Berkeley, CA, USA},
}

@inproceedings{DieHarder:CCS10,
    author = {Novark, Gene and Berger, Emery D.},
    title = {{DieHarder: Securing the Heap}},
    booktitle = {Proceedings of the 17th ACM Conference on Computer and Communications Security},
    series = {CCS '10},
    year = {2010},
    isbn = {978-1-4503-0245-6},
    location = {Chicago, Illinois, USA},
    pages = {573--584},
    numpages = {12},
    url = {http://doi.acm.org/10.1145/1866307.1866371},
    doi = {10.1145/1866307.1866371},
    acmid = {1866371},
    publisher = {ACM},
    address = {New York, NY, USA},
    keywords = {buffer overflow, dangling pointer, dynamic memory allocation, memory errors},
}

@inproceedings{CETS:ISMM10,
    author = {Nagarakatte, Santosh and Zhao, Jianzhou and Martin, Milo M.K. and Zdancewic, Steve},
    title = {{CETS: Compiler-Enforced Temporal Safety for C}},
    booktitle = {Proceedings of the 2010 International Symposium on Memory Management},
    series = {ISMM '10},
    year = {2010},
    isbn = {978-1-4503-0054-4},
    location = {Toronto, Ontario, Canada},
    pages = {31--40},
    numpages = {10},
    url = {http://doi.acm.org/10.1145/1806651.1806657},
    doi = {10.1145/1806651.1806657},
    acmid = {1806657},
    publisher = {ACM},
    keywords = {c, dangling pointers, memory safety, temporal errors},
}

@inproceedings{Cling:Sec10,
    author = {Akritidis, Periklis},
    title = {{Cling: A Memory Allocator to Mitigate Dangling Pointers}},
    booktitle = {Proceedings of the 19th USENIX Conference on Security},
    series = {USENIX Security'10},
    year = {2010},
    isbn = {888-7-6666-5555-4},
    location = {Washington, DC},
    pages = {12--12},
    numpages = {1},
    url = {http://dl.acm.org/citation.cfm?id=1929820.1929836},
    acmid = {1929836},
    publisher = {USENIX Association},
    address = {Berkeley, CA, USA},
}

@inproceedings{Undangle:ISSTA12,
    author = {Caballero, Juan and Grieco, Gustavo and Marron, Mark and Nappa, Antonio},
    title = {Undangle: Early Detection of Dangling Pointers in Use-after-free and Double-free Vulnerabilities},
    booktitle = {Proceedings of the 2012 International Symposium on Software Testing and Analysis},
    series = {ISSTA 2012},
    year = {2012},
    isbn = {978-1-4503-1454-1},
    location = {Minneapolis, MN, USA},
    pages = {133--143},
    numpages = {11},
    url = {http://doi.acm.org/10.1145/2338965.2336769},
    doi = {10.1145/2338965.2336769},
    acmid = {2336769},
    publisher = {ACM},
}

@inproceedings{Watchdog:ISCA12,
    author = {Nagarakatte, Santosh and Martin, Milo M. K. and Zdancewic, Steve},
    title = {Watchdog: Hardware for Safe and Secure Manual Memory Management and Full Memory Safety},
    year = {2012},
    isbn = {9781450316422},
    publisher = {IEEE Computer Society},
    address = {USA},
    booktitle = {Proceedings of the 39th Annual International Symposium on Computer Architecture},
    pages = {189–200},
    numpages = {12},
    location = {Portland, Oregon},
    series = {ISCA '12}
}

@inproceedings{WatchdogLite:CGO14,
    author = {Nagarakatte, Santosh and Martin, Milo M. K. and Zdancewic, Steve},
    title = {WatchdogLite: Hardware-Accelerated Compiler-Based Pointer Checking},
    year = {2014},
    isbn = {9781450326704},
    publisher = {Association for Computing Machinery},
    address = {New York, NY, USA},
    url = {https://doi.org/10.1145/2544137.2544147},
    doi = {10.1145/2544137.2544147},
    booktitle = {Proceedings of Annual IEEE/ACM International Symposium on Code Generation and Optimization},
    pages = {175–184},
    numpages = {10},
    keywords = {bounds checking, use-after-free checking, temporal safety, spatial safety, memory safety},
    location = {Orlando, FL, USA},
    series = {CGO '14}
}

@inproceedings{DANGNULL:NDSS15,
  title={{Preventing Use-after-free with Dangling Pointers Nullification}},
  author={Byoungyoung Lee and Chengyu Song and Yeongjin Jang and Tielei Wang and Taesoo Kim and Long Lu and Wenke Lee},
  booktitle={NDSS},
  year={2015}
}

@inproceedings{FreeSentry:NDSS15,
  title = {{FreeSentry: Protecting Against Use-After-Free Vulnerabilities Due to
      Dangling Pointers}},
  author = {Yves Younan},
  booktitle = {NDSS},
  year = {2015}
}

@inproceedings{UAFKernel:CCS15,
    author = {Xu, Wen and Li, Juanru and Shu, Junliang and Yang, Wenbo and Xie, Tianyi and Zhang, Yuanyuan and Gu, Dawu},
    title = {From Collision To Exploitation: Unleashing Use-After-Free
        Vulnerabilities in Linux Kernel},
    booktitle = {Proceedings of the 22Nd ACM SIGSAC Conference on Computer and Communications Security},
    series = {CCS '15},
    year = {2015},
    isbn = {978-1-4503-3832-5},
    location = {Denver, Colorado, USA},
    pages = {414--425},
    numpages = {12},
    url = {http://doi.acm.org/10.1145/2810103.2813637},
    doi = {10.1145/2810103.2813637},
    acmid = {2813637},
    publisher = {ACM},
    address = {New York, NY, USA},
    keywords = {linux kernel exploit, memory collision, user-after-free vulnerability},
}

@inproceedings{DangSan:EuroSys17,
    author = {van der Kouwe, Erik and Nigade, Vinod and Giuffrida, Cristiano},
    title = {{DangSan: Scalable Use-after-free Detection}},
    booktitle = {Proceedings of the Twelfth European Conference on Computer Systems},
    series = {EuroSys '17},
    year = {2017},
    isbn = {978-1-4503-4938-3},
    location = {Belgrade, Serbia},
    pages = {405--419},
    numpages = {15},
    url = {http://doi.acm.org/10.1145/3064176.3064211},
    doi = {10.1145/3064176.3064211},
    acmid = {3064211},
    publisher = {ACM},
    keywords = {Dangling pointers, LLVM, use-after-free},
}

@inproceedings {Oscar:Sec17,
    author = {Thurston H.Y. Dang and Petros Maniatis and David Wagner},
    title = {Oscar: A Practical Page-Permissions-Based Scheme for Thwarting Dangling Pointers},
    booktitle = {26th {USENIX} Security Symposium ({USENIX} Security 17)},
    year = {2017},
    isbn = {978-1-931971-40-9},
    address = {Vancouver, BC},
    pages = {815--832},
    url = {https://www.usenix.org/conference/usenixsecurity17/technical-sessions/presentation/dang},
    publisher = {{USENIX} Association},
}

@inproceedings{FreeGuard:CCS17,
    author = {Silvestro, Sam and Liu, Hongyu and Crosser, Corey and Lin, Zhiqiang and Liu, Tongping},
    title = {FreeGuard: A Faster Secure Heap Allocator},
    year = {2017},
    isbn = {9781450349468},
    publisher = {Association for Computing Machinery},
    address = {New York, NY, USA},
    url = {https://doi.org/10.1145/3133956.3133957},
    doi = {10.1145/3133956.3133957},
    booktitle = {Proceedings of the 2017 ACM SIGSAC Conference on Computer and Communications Security},
    pages = {2389–2403},
    numpages = {15},
    keywords = {memory vulnerabilities, memory safety, heap allocator},
    location = {Dallas, Texas, USA},
    series = {CCS '17}
}

@inproceedings{Guarder:Sec18,
    author = {Silvestro, Sam and Liu, Hongyu and Liu, Tianyi and Lin, Zhiqiang and Liu, Tongping},
    title = {Guarder: A Tunable Secure Allocator},
    year = {2018},
    isbn = {9781931971461},
    publisher = {USENIX Association},
    address = {USA},
    booktitle = {Proceedings of the 27th USENIX Conference on Security Symposium},
    pages = {117–133},
    numpages = {17},
    location = {Baltimore, MD, USA},
    series = {SEC'18}
}

@inproceedings{pSweeper:CCS18,
    author = {Liu, Daiping and Zhang, Mingwei and Wang, Haining},
    title = {A Robust and Efficient Defense against Use-after-Free Exploits via Concurrent Pointer Sweeping},
    year = {2018},
    isbn = {9781450356930},
    publisher = {Association for Computing Machinery},
    address = {New York, NY, USA},
    url = {https://doi.org/10.1145/3243734.3243826},
    doi = {10.1145/3243734.3243826},
    booktitle = {Proceedings of the 2018 ACM SIGSAC Conference on Computer and Communications Security},
    pages = {1635–1648},
    numpages = {14},
    keywords = {vulnerability defense, use-after-free, software security},
    location = {Toronto, Canada},
    series = {CCS '18}
}

@ARTICLE{MPChecker:IEEEAccess19,
  author={W. {Qiang} and W. {Li} and H. {Jin} and J. {Surbiryala}},
  journal={IEEE Access},
  title={Mpchecker: Use-After-Free Vulnerabilities Protection Based on Multi-Level Pointers},
  year={2019},
  volume={7},
  number={},
  pages={45961-45977},
}

@inproceedings{CRCount:NDSS19,
    author = {Jangseop Shin and Donghyun Kwon and Jiwon Seo, Yeongpil Cho and
        Yunheung Paek},
    title = {{CRCount: Pointer Invalidation with Reference Counting to Mitigate
       Use-after-free in Legacy C/C++}},
    booktitle = {NDSS},
    year = {2019}
}

@inproceedings{BOGO:ASPLOS19,
    author = {Zhang, Tong and Lee, Dongyoon and Jung, Changhee},
    title = {{BOGO: Buy Spatial Memory Safety, Get Temporal Memory Safety (Almost) Free}},
    booktitle = {Proceedings of the Twenty-Fourth International Conference on Architectural Support for Programming Languages and Operating Systems},
    series = {ASPLOS '19},
    year = {2019},
    isbn = {978-1-4503-6240-5},
    location = {Providence, RI, USA},
    pages = {631--644},
    numpages = {14},
    url = {http://doi.acm.org/10.1145/3297858.3304017},
    doi = {10.1145/3297858.3304017},
    acmid = {3304017},
    keywords = {memory safety, mpx},
}

@inproceedings{CHERIvoke:MICRO19,
    author = {Xia, Hongyan and Woodruf, Jonathan and Ainsworth, Sam and Filardo, Nathaniel W. and Roe, Michael and Richardson, Alexander and Rugg, Peter and Neumann, Peter G. and Moore, Simon W. and Watson, Robert N. M. and Jones, Timothy M.},
    title = {{CHERIvoke: Characterising Pointer Revocation Using CHERI Capabilities
        for Temporal Memory Safety}},
    booktitle = {Proceedings of the 52Nd Annual IEEE/ACM International Symposium on Microarchitecture},
    series = {MICRO '52},
    year = {2019},
    isbn = {978-1-4503-6938-1},
    location = {Columbus, OH, USA},
    pages = {545--557},
    numpages = {13},
    url = {http://doi.acm.org/10.1145/3352460.3358288},
    doi = {10.1145/3352460.3358288},
    acmid = {3358288},
    publisher = {ACM},
    address = {New York, NY, USA},
    keywords = {architecture, security, temporal safety, use-after-free},
}

@INPROCEEDINGS{Cornucopia:Oakland20,
    author={Wesley Filardo, Nathaniel and Gutstein, Brett F. and Woodruff, Jonathan and Ainsworth, Sam and Paul-Trifu, Lucian and Davis, Brooks and Xia, Hongyan and Tomasz Napierala, Edward and Richardson, Alexander and Baldwin, John and Chisnall, David and Clarke, Jessica and Gudka, Khilan and Joannou, Alexandre and Theodore Markettos, A. and Mazzinghi, Alfredo and Norton, Robert M. and Roe, Michael and Sewell, Peter and Son, Stacey and Jones, Timothy M. and Moore, Simon W. and Neumann, Peter G. and Watson, Robert N. M.},
    booktitle={2020 IEEE Symposium on Security and Privacy (SP)},
    title={Cornucopia: Temporal Safety for CHERI Heaps},
    year={2020},
    volume={},
    number={},
    pages={608-625},
    doi={10.1109/SP40000.2020.00098}}

@INPROCEEDINGS {MarkUs:Oakland20,
    author = {Sam Ainsworth and Timothy M. Jones},
    booktitle = {2020 IEEE Symposium on Security and Privacy (SP)},
    title = {MarkUs: Drop-in use-after-free prevention for low-level languages},
    year = {2020},
    volume = {},
    issn = {},
    pages = {578-591},
    keywords = {c++ languages;security;safety;resource management;manuals;optimization;software},
    doi = {10.1109/SP40000.2020.00058},
    url = {https://doi.ieeecomputersociety.org/10.1109/SP40000.2020.00058},
    publisher = {IEEE Computer Society},
    address = {Los Alamitos, CA, USA},
    month = {may}
}

@inproceedings{HeapExpo:ACSAC20,
    author = {Zekun Shen and Brendan Dolan-Gavitt},
    title = {HeapExpo: Pinpointing Promoted Pointers to Prevent Use-After-Free Vulnerabilities},
    year = {2020},
    booktitle = {Proceedings of the 36th Annual Computer Security Applications Conference},
    publisher = {Association for Computing Machinery},
    series = {ACSAC '20}
}

@inproceedings {PTAuth:Sec21,
    author = {Reza Mirzazade Farkhani and Mansour Ahmadi and Long Lu},
    title = {PTAuth: Temporal Memory Safety via Robust Points-to Authentication},
    booktitle = {30th {USENIX} Security Symposium ({USENIX} Security 21)},
    year = {2021},
    publisher = {{USENIX} Association},
    url = {https://www.usenix.org/conference/usenixsecurity21/presentation/mirzazade},
    month = aug,
}

@inproceedings {FFmalloc:Sec21,
    author = {Brian Wickman and Hong Hu and Insu Yun and Daehee JangJungWon Lim
    and Sanidhya Kashyap and Taesoo Kim},
    title = {Preventing Use-After-Free Attacks with Fast Forward Allocation},
    booktitle = {30th {USENIX} Security Symposium ({USENIX} Security 21)},
    year = {2021},
    address = {Vancouver, B.C.},
    url = {https://www.usenix.org/conference/usenixsecurity21/presentation/wickman},
    publisher = {{USENIX} Association},
    month = aug,
}

@inproceedings{ViK:ASPLOS22,
    author = {Cho, Haehyun and Park, Jinbum and Oest, Adam and Bao, Tiffany and Wang, Ruoyu and Shoshitaishvili, Yan and Doup\'{e}, Adam and Ahn, Gail-Joon},
    title = {{ViK: Practical Mitigation of Temporal Memory Safety Violations through Object ID
        Inspection}},
    year = {2022},
    isbn = {9781450392051},
    publisher = {Association for Computing Machinery},
    address = {New York, NY, USA},
    url = {https://doi.org/10.1145/3503222.3507780},
    doi = {10.1145/3503222.3507780},
    booktitle = {Proceedings of the 27th ACM International Conference on Architectural Support for Programming Languages and Operating Systems},
    pages = {271–284},
    numpages = {14},
    keywords = {Temporal Memory Safety Violations, Operating System Kernels},
    location = {Lausanne, Switzerland},
    series = {ASPLOS 2022}
}

@article{CheckedCTemporal:OOPSLA23,
    author = {Zhou, Jie and Criswell, John and Hicks, Michael},
    title = {{Fat Pointers for Temporal Memory Safety of C}},
    year = {2023},
    issue_date = {April 2023},
    publisher = {Association for Computing Machinery},
    address = {New York, NY, USA},
    volume = {7},
    number = {OOPSLA1},
    url = {https://doi.org/10.1145/3586038},
    doi = {10.1145/3586038},
    journal = {Proc. ACM Program. Lang.},
    month = {April},
    articleno = {86},
    numpages = {32},
    keywords = {Fat Pointers, Checked C, Temporal Memory Safety}
}

%--------------------------------------------------------------------------------------------------%
% Architectures
%--------------------------------------------------------------------------------------------------%

@inproceedings{CompilerPrefetch:ASPLOS96,
    author = {Luk, Chi-Keung and Mowry, Todd C.},
    title = {Compiler-Based Prefetching for Recursive Data Structures},
    year = {1996},
    isbn = {0897917677},
    publisher = {Association for Computing Machinery},
    address = {New York, NY, USA},
    url = {https://doi.org/10.1145/237090.237190},
    doi = {10.1145/237090.237190},
    booktitle = {Proceedings of the Seventh International Conference on Architectural Support for Programming Languages an     d Operating Systems},
    pages = {222–233},
    numpages = {12},
    location = {Cambridge, Massachusetts, USA},
    series = {ASPLOS VII}
}

@inproceedings{LowFatPtr:CCS13,
    author = {Kwon, Albert and Dhawan, Udit and Smith, Jonathan M. and Knight, Thomas F. and DeHon, Andre},
    title = {Low-Fat Pointers: Compact Encoding and Efficient Gate-Level Implementation of Fat Pointers for Spatial Safety and Capability-Based Security},
    year = {2013},
    isbn = {9781450324779},
    publisher = {Association for Computing Machinery},
    address = {New York, NY, USA},
    url = {https://doi.org/10.1145/2508859.2516713},
    doi = {10.1145/2508859.2516713},
    booktitle = {Proceedings of the 2013 ACM SIGSAC Conference on Computer \& Communications Security},
    pages = {721–732},
    numpages = {12},
    keywords = {processor, memory safety, spatial confinement, fat pointer, capabilities, security},
    location = {Berlin, Germany},
    series = {CCS '13}
}

@inproceedings{CHERI:ISCA14,
    author = {Woodruff, Jonathan and Watson, Robert N.M. and Chisnall, David and Moore, Simon W. and Anderson, Jonathan and Davis, Brooks and Laurie, Ben and Neumann, Peter G. and Norton, Robert and Roe, Michael},
    title = {{The CHERI Capability Model: Revisiting RISC in an Age of Risk}},
    booktitle = {Proceeding of the 41st Annual International Symposium on Computer Architecture},
    series = {ISCA '14},
    year = {2014},
    isbn = {978-1-4799-4394-4},
    location = {Minneapolis, Minnesota, USA},
    pages = {457--468},
    numpages = {12},
    url = {http://dl.acm.org/citation.cfm?id=2665671.2665740},
    acmid = {2665740},
    publisher = {IEEE Press},
    address = {Piscataway, NJ, USA},
}


%==================================================================================================%
% Program Analysis
%==================================================================================================%
@inproceedings{APA:PLDI05,
    author = {Lattner, Chris and Adve, Vikram},
    title = {Automatic Pool Allocation: Improving Performance by Controlling Data Structure Layout in the Heap},
    booktitle = {Proceedings of the 2005 ACM SIGPLAN Conference on Programming Language Design and Implementation},
    series = {PLDI '05},
    year = {2005},
    isbn = {1-59593-056-6},
    location = {Chicago, IL, USA},
    pages = {129--142},
    numpages = {14},
    url = {http://doi.acm.org/10.1145/1065010.1065027},
    doi = {10.1145/1065010.1065027},
    acmid = {1065027},
    publisher = {ACM},
    keywords = {cache, data layout, pool allocation, recursive data structure, static analysis},
}

%--------------------------------------------------------------------------------------------------%
% Pointer Analysis
%--------------------------------------------------------------------------------------------------%
@phdthesis{AndersenPA,
    author = {Lars Ole Andersen},
    title = {Program Analysis and Specialization for the C Programming Language},
    school = {University of Copenhagen},
    year = 1994
}

@article{AliasUndecide:TOPLAS94,
    author = {Ramalingam, G.},
    title = {The Undecidability of Aliasing},
    journal = {ACM Trans. Program. Lang. Syst.},
    issue_date = {Sept. 1994},
    volume = {16},
    number = {5},
    month = sep,
    year = {1994},
    issn = {0164-0925},
    pages = {1467--1471},
    numpages = {5},
    url = {http://doi.acm.org/10.1145/186025.186041},
    doi = {10.1145/186025.186041},
    acmid = {186041},
    publisher = {ACM},
    address = {New York, NY, USA},
    keywords = {alias analysis, pointer analysis},
}

@inproceedings{SteensgaardPA:POPL96,
    author = {Steensgaard, Bjarne},
    title = {Points-to Analysis in Almost Linear Time},
    year = {1996},
    isbn = {0897917693},
    publisher = {Association for Computing Machinery},
    address = {New York, NY, USA},
    url = {https://doi.org/10.1145/237721.237727},
    doi = {10.1145/237721.237727},
    booktitle = {Proceedings of the 23rd ACM SIGPLAN-SIGACT Symposium on Principles of Programming Languages},
    pages = {32–41},
    numpages = {10},
    location = {St. Petersburg Beach, Florida, USA},
    series = {POPL '96}
}



@inproceedings{DSA:PLDI07,
    author = {Lattner, Chris and Lenharth, Andrew and Adve, Vikram},
    title = {{Making Context-sensitive Points-to Analysis with Heap Cloning Practical for the Real
        World}},
    booktitle = {Proceedings of the 28th ACM SIGPLAN Conference on Programming Language Design and Implementation},
    series = {PLDI '07},
    year = {2007},
    isbn = {978-1-59593-633-2},
    location = {San Diego, California, USA},
    pages = {278--289},
    numpages = {12},
    url = {http://doi.acm.org/10.1145/1250734.1250766},
    doi = {10.1145/1250734.1250766},
    acmid = {1250766},
    publisher = {ACM},
    address = {New York, NY, USA},
    keywords = {context-sensitive, field-sensitive, interprocedural, pointer analysis, recursive data structure, static analysis},
}


%==================================================================================================%
% Operating Systems
%==================================================================================================%

@inproceedings{SPIN:SOSP95,
    author = {Bershad, B. N. and Savage, S. and Pardyak, P. and Sirer, E. G. and Fiuczynski, M. E. and Becker, D. and Chambers, C. and Eggers, S.},
    title = {Extensibility Safety and Performance in the SPIN Operating System},
    year = {1995},
    isbn = {0897917154},
    publisher = {Association for Computing Machinery},
    address = {New York, NY, USA},
    url = {https://doi.org/10.1145/224056.224077},
    doi = {10.1145/224056.224077},
    booktitle = {Proceedings of the Fifteenth ACM Symposium on Operating Systems Principles},
    pages = {267–283},
    numpages = {17},
    location = {Copper Mountain, Colorado, USA},
    series = {SOSP ’95}
}

@inproceedings{JXOS:ATC02,
    author = {Golm, Michael and Felser, Meik and Wawersich, Christian and Klein\"{o}der, J\"{u}rgen},
    title = {The {JX} Operating System},
    year = {2002},
    isbn = {1880446006},
    publisher = {USENIX Association},
    address = {USA},
    booktitle = {Proceedings of the General Track of the Annual Conference on USENIX Annual Technical Conference},
    pages = {45–58},
    numpages = {14},
    series = {ATEC ’02}
}

@inproceedings{SingSharp:EuroSys06,
    author = {F\"{a}hndrich, Manuel and Aiken, Mark and Hawblitzel, Chris and Hodson, Orion and Hunt, Galen and Larus, James R. and Levi, Steven},
    title = {Language Support for Fast and Reliable Message-Based Communication in Singularity OS},
    year = {2006},
    isbn = {1595933220},
    publisher = {Association for Computing Machinery},
    address = {New York, NY, USA},
    url = {https://doi.org/10.1145/1217935.1217953},
    doi = {10.1145/1217935.1217953},
    booktitle = {Proceedings of the 1st ACM SIGOPS/EuroSys European Conference on Computer Systems 2006},
    pages = {177–190},
    numpages = {14},
    keywords = {channels, static checking, data ownership, asynchronous communication, protocols},
    location = {Leuven, Belgium},
    series = {EuroSys ’06}
}

@article{Singularity:SOSP07,
    author = {Hunt, Galen C. and Larus, James R.},
    title = {Singularity: Rethinking the Software Stack},
    year = {2007},
    issue_date = {April 2007},
    publisher = {Association for Computing Machinery},
    address = {New York, NY, USA},
    volume = {41},
    number = {2},
    issn = {0163-5980},
    url = {https://doi.org/10.1145/1243418.1243424},
    doi = {10.1145/1243418.1243424},
    journal = {SIGOPS Oper. Syst. Rev.},
    month = apr,
    pages = {37–49},
    numpages = {13},
    keywords = {sealed process architecture, unsafe code tax, hardware protection domains, operating systems, safe programming languages, program specification, sealed kernel, software-isolated processes (SIPs), program verification, manifest-based programs (MBPs)}
}

@inproceedings{Mirage:ASPLOS13,
    author = {Madhavapeddy, Anil and Mortier, Richard and Rotsos, Charalampos and Scott, David and Singh, Balraj and Gazagnaire, Thomas and Smith, Steven and Hand, Steven and Crowcroft, Jon},
    title = {Unikernels: Library Operating Systems for the Cloud},
    year = {2013},
    isbn = {9781450318709},
    publisher = {Association for Computing Machinery},
    address = {New York, NY, USA},
    url = {https://doi.org/10.1145/2451116.2451167},
    doi = {10.1145/2451116.2451167},
    booktitle = {Proceedings of the Eighteenth International Conference on Architectural Support for Programming Languages and Operating Systems},
    pages = {461–472},
    numpages = {12},
    keywords = {hypervisor, functional programming, microkernel},
    location = {Houston, Texas, USA},
    series = {ASPLOS ’13}
}

@inproceedings{Tock:SOSP17,
    author = {Levy, Amit and Campbell, Bradford and Ghena, Branden and Giffin, Daniel B. and Pannuto, Pat and Dutta, Prabal and Levis, Philip},
    title = {Multiprogramming a 64kB Computer Safely and Efficiently},
    year = {2017},
    isbn = {9781450350853},
    publisher = {Association for Computing Machinery},
    address = {New York, NY, USA},
    url = {https://doi.org/10.1145/3132747.3132786},
    doi = {10.1145/3132747.3132786},
    booktitle = {Proceedings of the 26th Symposium on Operating Systems Principles},
    pages = {234–251},
    numpages = {18},
    location = {Shanghai, China},
    series = {SOSP ’17}
}

@inproceedings{Biscuit:OSDI18,
    author = {Cutler, Cody and Kaashoek, M. Frans and Morris, Robert T.},
    title = {The Benefits and Costs of Writing a POSIX Kernel in a High-Level Language},
    year = {2018},
    isbn = {9781931971478},
    publisher = {USENIX Association},
    address = {USA},
    booktitle = {Proceedings of the 12th USENIX Conference on Operating Systems Design and Implementation},
    pages = {89–105},
    numpages = {17},
    location = {Carlsbad, CA, USA},
    series = {OSDI’18}
}

%==================================================================================================%
% Compilers
%==================================================================================================%
@inproceedings{PL.8:CC82,
  author = {Auslander, Marc and Hopkins, Martin},
  title = {{An Overview of the {PL.8} Compiler}},
  booktitle = {Proceedings of the 1982 SIGPLAN Symposium on Compiler Construction},
  series = {CC '82},
  year = {1982},
  isbn = {0-89791-074-5},
  address = {Boston, MA},
  pages = {22--31},
  numpages = {10},
  url = {https://doi.org/10.1145/800230.806977},
  doi = {10.1145/800230.806977},
  publisher = {ACM},
}

@article{SSA:TOPLS91,
    author = {Cytron, Ron and Ferrante, Jeanne and Rosen, Barry K. and Wegman, Mark N. and Zadeck, F. Kenneth},
    title = {Efficiently Computing Static Single Assignment Form and the Control Dependence Graph},
    year = {1991},
    issue_date = {Oct. 1991},
    publisher = {Association for Computing Machinery},
    address = {New York, NY, USA},
    volume = {13},
    number = {4},
    issn = {0164-0925},
    url = {https://doi.org/10.1145/115372.115320},
    doi = {10.1145/115372.115320},
    journal = {ACM Trans. Program. Lang. Syst.},
    month = {oct},
    pages = {451–490},
    numpages = {40},
    keywords = {optimizing compilers, control flow graph, control dependence, dominator, def-use chain}
}

@inproceedings{LLVM:CGO04,
  author = {Lattner, Chris and Adve, Vikram},
  title = {{LLVM}: A Compilation Framework for Lifelong Program Analysis \& Transformation},
  booktitle = {Proceedings of the 2nd International Symposium on Code Generation and Optimization},
  series = {CGO '04},
  year = {2004},
  isbn = {0-7695-2102-9},
  address = {Palo Alto, CA},
  numpages = {12},
  url = {https://doi.org/10.1109/CGO.2004.1281665},
  doi = {10.1109/CGO.2004.1281665},
  publisher = {IEEE Computer Society},
}

@inproceedings{SYZYGY:CGO04,
    author = {Moon, Sungdo and Li, Xinliang D. and Hundt, Robert and Chakrabarti, Dhruva R. and Lozano, Luis A. and Srinivasan, Uma and Liu, Shin-Ming},
    title = {SYZYGY - A Framework for Scalable Cross-Module IPO},
    year = {2004},
    isbn = {0769521029},
    publisher = {IEEE Computer Society},
    address = {USA},
    booktitle = {Proceedings of the International Symposium on Code Generation and Optimization: Feedback-Directed and Runtime Optimization},
    pages = {65},
    location = {Palo Alto, California},
    series = {CGO '04}
}

@inproceedings{LIPO:CGO10,
    author = {Li, David Xinliang and Ashok, Raksit and Hundt, Robert},
    title = {Lightweight Feedback-Directed Cross-Module Optimization},
    year = {2010},
    isbn = {9781605586359},
    publisher = {Association for Computing Machinery},
    address = {New York, NY, USA},
    url = {https://doi.org/10.1145/1772954.1772964},
    doi = {10.1145/1772954.1772964},
    booktitle = {Proceedings of the 8th Annual IEEE/ACM International Symposium on Code Generation and Optimization},
    pages = {53–61},
    numpages = {9},
    keywords = {cross-module, inter-procedural, optimization, feedback-directed},
    location = {Toronto, Ontario, Canada},
    series = {CGO '10}
}

@inproceedings{ThinLTO:CGO17,
    author = {Johnson, Teresa and Amini, Mehdi and Li, Xinliang David},
    title = {{ThinLTO}: Scalable and Incremental {LTO}},
    year = {2017},
    isbn = {9781509049318},
    publisher = {IEEE Press},
    booktitle = {Proceedings of the 2017 International Symposium on Code Generation and Optimization},
    pages = {111–121},
    numpages = {11},
    keywords = {Optimization, Link-Time Optimization, Inter-procedural, Cross-module},
    location = {Austin, USA},
    series = {CGO '17}
}



%==================================================================================================%
% Programming Languages
%==================================================================================================%

%
% C related
%

@article{CMOD:TOSE08,
  author = {Saurabh Srivastava and Michael Hicks and Jeffrey S. Foster and Patrick Jenkins},
  title = {Modular Information Hiding and Type Safe Linking for {C}},
  journal = {IEEE Transactions on Software Engineering},
  volume = 34,
  number = 3,
  note = {Full version of {TLDI} 07 paper},
  month = may,
  year = 2008,
  pages = {1--20}
}

@inproceedings{DepthsOfC:PLDI16,
    author = {Memarian, Kayvan and Matthiesen, Justus and Lingard, James and Nienhuis, Kyndylan and Chisnall, David and Watson, Robert N. M. and Sewell, Peter},
    title = {Into the Depths of C: Elaborating the de Facto Standards},
    year = {2016},
    isbn = {9781450342612},
    publisher = {Association for Computing Machinery},
    address = {New York, NY, USA},
    url = {https://doi.org/10.1145/2908080.2908081},
    doi = {10.1145/2908080.2908081},
    booktitle = {Proceedings of the 37th ACM SIGPLAN Conference on Programming Language Design and Implementation},
    pages = {1–15},
    numpages = {15},
    keywords = {C},
    location = {Santa Barbara, CA, USA},
    series = {PLDI '16}
}

@article{CSemantics:POPL19,
    author = {Memarian, Kayvan and Gomes, Victor B. F. and Davis, Brooks and Kell, Stephen and Richardson, Alexander and Watson, Robert N. M. and Sewell, Peter},
    title = {Exploring C Semantics and Pointer Provenance},
    year = {2019},
    issue_date = {January 2019},
    publisher = {Association for Computing Machinery},
    address = {New York, NY, USA},
    volume = {3},
    number = {POPL},
    url = {https://doi.org/10.1145/3290380},
    doi = {10.1145/3290380},
    journal = {Proc. ACM Program. Lang.},
    month = jan,
    articleno = {67},
    numpages = {32},
    keywords = {C}
}

@ARTICLE{UWPascal:ToSE80,
  author={Charles N. {Fischer} and Richard J. {LeBlanc}},
  journal={IEEE Transactions on Software Engineering},
  title={The Implementation of Run-Time Diagnostics in Pascal},
  year={1980},
  volume={SE-6},
  number={4},
  pages={313-319},
}

@inproceedings{CertifyingCompiler:PLDI98,
    author = {Necula, George C. and Lee, Peter},
    title = {The Design and Implementation of a Certifying Compiler},
    year = {1998},
    isbn = {0897919874},
    publisher = {Association for Computing Machinery},
    address = {New York, NY, USA},
    url = {https://doi.org/10.1145/277650.277752},
    doi = {10.1145/277650.277752},
    booktitle = {Proceedings of the ACM SIGPLAN 1998 Conference on Programming Language Design and Implementation},
    pages = {333–344},
    numpages = {12},
    location = {Montreal, Quebec, Canada},
    series = {PLDI ’98}
}

@inproceedings{WASM:PLDI17,
    author = {Haas, Andreas and Rossberg, Andreas and Schuff, Derek L. and Titzer, Ben L. and Holman, Michael and Gohman, Dan and Wagner, Luke and Zakai, Alon and Bastien, JF},
    title = {Bringing the Web up to Speed with WebAssembly},
    year = {2017},
    isbn = {9781450349888},
    publisher = {Association for Computing Machinery},
    address = {New York, NY, USA},
    url = {https://doi.org/10.1145/3062341.3062363},
    doi = {10.1145/3062341.3062363},
    booktitle = {Proceedings of the 38th ACM SIGPLAN Conference on Programming Language Design and Implementation},
    pages = {185–200},
    numpages = {16},
    keywords = {programming languages, type systems, virtual machines, assembly languages, just-in-time compilers},
    location = {Barcelona, Spain},
    series = {PLDI 2017}
}

%==================================================================================================%
% End of  Programming Languages
%==================================================================================================%


%==================================================================================================%
% Memory Management
%==================================================================================================%

@article{BDWGC:SPE88,
    author = {Boehm, Hans-Juergen and Weiser, Mark},
    title = {{Garbage Collection in an Uncooperative Environment}},
    journal = {Software: Practice and Experience},
    volume = {18},
    number = {9},
    pages = {807-820},
    keywords = {Garbage collection, Storage management, Debugging},
    doi = {https://doi.org/10.1002/spe.4380180902},
    url = {https://onlinelibrary.wiley.com/doi/abs/10.1002/spe.4380180902},
    eprint = {https://onlinelibrary.wiley.com/doi/pdf/10.1002/spe.4380180902},
    year = {1988}
}

@inproceedings{BoehmGC:PLDI93,
    author = {Boehm, Hans-Juergen},
    title = {{Space Efficient Conservative Garbage Collection}},
    year = {1993},
    isbn = {0897915984},
    publisher = {Association for Computing Machinery},
    address = {New York, NY, USA},
    url = {https://doi.org/10.1145/155090.155109},
    doi = {10.1145/155090.155109},
    booktitle = {Proceedings of the ACM SIGPLAN 1993 Conference on Programming Language Design and Implementation},
    pages = {197–206},
    numpages = {10},
    location = {Albuquerque, New Mexico, USA},
    series = {PLDI '93}
}

@article{RegionMM:IC97,
    author = {Tofte, Mads and Talpin, Jean-Pierre},
    title = {Region-Based Memory Management},
    year = {1997},
    issue_date = {Feb. 1, 1997},
    publisher = {Academic Press, Inc.},
    address = {USA},
    volume = {132},
    number = {2},
    issn = {0890-5401},
    url = {https://doi.org/10.1006/inco.1996.2613},
    doi = {10.1006/inco.1996.2613},
    journal = {Inf. Comput.},
    month = feb,
    pages = {109–176},
    numpages = {68}
}

@inproceedings{BoehmGC:POPL02,
    author = {Boehm, Hans-J.},
    title = {{Bounding Space Usage of Conservative Garbage Collectors}},
    year = {2002},
    isbn = {1581134509},
    publisher = {Association for Computing Machinery},
    address = {New York, NY, USA},
    url = {https://doi.org/10.1145/503272.503282},
    doi = {10.1145/503272.503282},
    booktitle = {Proceedings of the 29th ACM SIGPLAN-SIGACT Symposium on Principles of Programming Languages},
    pages = {93–100},
    numpages = {8},
    location = {Portland, Oregon},
    series = {POPL '02}
}



@inproceedings{RegionMM:PLDI98,
    author = {Gay, David and Aiken, Alex},
    title = {Memory Management with Explicit Regions},
    year = {1998},
    isbn = {0897919874},
    publisher = {Association for Computing Machinery},
    address = {New York, NY, USA},
    url = {https://doi.org/10.1145/277650.277748},
    doi = {10.1145/277650.277748},
    booktitle = {Proceedings of the ACM SIGPLAN 1998 Conference on Programming Language Design and Implementation},
    pages = {313–323},
    numpages = {11},
    location = {Montreal, Quebec, Canada},
    series = {PLDI '98}
}

@inproceedings {mallocRevisited:ATC98,
    author = {Poul-Henning Kamp},
    title = {malloc(3) Revisited},
    booktitle = {1998 {USENIX} Annual Technical Conference ({USENIX} {ATC} 98)},
    year = {1998},
    address = {New Orleans, LA},
    url = {https://www.usenix.org/conference/1998-usenix-annual-technical-conference/malloc3-revisited},
    publisher = {{USENIX} Association},
    month = jun,
}

%==================================================================================================%
% End of Memory Management
%==================================================================================================%

%==================================================================================================%
% Parallel Computing
%==================================================================================================%
@inproceedings{TINYSTM:PPOPP08,
    author = {Felber, Pascal and Fetzer, Christof and Riegel, Torvald},
    title = {{Dynamic Performance Tuning of Word-based Software Transactional
        Memory}},
    booktitle = {Proceedings of the 13th ACM SIGPLAN Symposium on Principles and Practice of Parallel Programming},
    series = {PPoPP '08},
    year = {2008},
    isbn = {978-1-59593-795-7},
    location = {Salt Lake City, UT, USA},
    pages = {237--246},
    numpages = {10},
    url = {http://doi.acm.org/10.1145/1345206.1345241},
    doi = {10.1145/1345206.1345241},
    acmid = {1345241},
    publisher = {ACM},
    address = {New York, NY, USA},
    keywords = {dynamic tuning, transactional memory},
}

@inproceedings{RSTM:OPODIS08,
    author = {Spear, Michael F. and Dalessandro, Luke and Marathe, Virendra J. and Scott, Michael L.},
    title = {{Ordering-Based Semantics for Software Transactional Memory}},
    booktitle = {Proceedings of the 12th International Conference on Principles of Distributed Systems},
    series = {OPODIS '08},
    year = {2008},
    isbn = {978-3-540-92220-9},
    location = {Luxor, Egypt},
    pages = {275--294},
    numpages = {20},
    url = {http://dx.doi.org/10.1007/978-3-540-92221-6_19},
    doi = {10.1007/978-3-540-92221-6_19},
    acmid = {1496331},
    publisher = {Springer-Verlag},
    address = {Berlin, Heidelberg},
}

%==================================================================================================%
% Static Analysis on Multithreading Programs
%==================================================================================================%

@InProceedings{SAMultiT:SAS01,
    author="Rinard, Martin",
    editor="Cousot, Patrick",
    title="Analysis of Multithreaded Programs",
    booktitle="Static Analysis",
    year="2001",
    publisher="Springer Berlin Heidelberg",
    address="Berlin, Heidelberg",
    pages="1--19",
    isbn="978-3-540-47764-8"
}

@inproceedings{StaticDRJava:PLDI06,
    author = {Naik, Mayur and Aiken, Alex and Whaley, John},
    title = {Effective Static Race Detection for Java},
    year = {2006},
    isbn = {1595933204},
    publisher = {Association for Computing Machinery},
    address = {New York, NY, USA},
    url = {https://doi.org/10.1145/1133981.1134018},
    doi = {10.1145/1133981.1134018},
    abstract = {We present a novel technique for static race detection in Java programs, comprised of a series of stages that employ a combination of static analyses to successively reduce the pairs of memory accesses potentially involved in a race. We have implemented our technique and applied it to a suite of multi-threaded Java programs. Our experiments show that it is precise, scalable, and useful, reporting tens to hundreds of serious and previously unknown concurrency bugs in large, widely-used programs with few false alarms.},
    booktitle = {Proceedings of the 27th ACM SIGPLAN Conference on Programming Language Design and Implementation},
    pages = {308–319},
    numpages = {12},
    keywords = {concurrency, static race detection, multi-threading, synchronization, Java},
    location = {Ottawa, Ontario, Canada},
    series = {PLDI '06}
}

@article{LOCKSMITH:TOPLS11,
    author = {Pratikakis, Polyvios and Foster, Jeffrey S. and Hicks, Michael},
    title = {LOCKSMITH: Practical Static Race Detection for C},
    year = {2011},
    issue_date = {January 2011},
    publisher = {Association for Computing Machinery},
    address = {New York, NY, USA},
    volume = {33},
    number = {1},
    issn = {0164-0925},
    url = {https://doi.org/10.1145/1889997.1890000},
    doi = {10.1145/1889997.1890000},
    journal = {ACM Trans. Program. Lang. Syst.},
    month = jan,
    articleno = {3},
    numpages = {55},
    keywords = {static analysis, Data race, race detection, Locksmith, sharing analysis, contextual effects, context sensitivity, correlation inference}
}

%==================================================================================================%
% End of Parallel Computing
%==================================================================================================%

%==================================================================================================%
% Non-volatile Memory
%==================================================================================================%
@article{PCM:IBM08,
    author = {Raoux, S. and Burr, G. W. and Breitwisch, M. J. and Rettner, C. T. and Chen, Y.-C. and Shelby, R. M. and Salinga, M. and Krebs, D. and Chen, S.-H. and Lung, H.-L. and Lam, C. H.},
    title = {Phase-Change Random Access Memory: A Scalable Technology},
    year = {2008},
    issue_date = {July 2008},
    publisher = {IBM Corp.},
    address = {USA},
    volume = {52},
    number = {4},
    issn = {0018-8646},
    url = {https://doi.org/10.1147/rd.524.0465},
    doi = {10.1147/rd.524.0465},
    journal = {IBM J. Res. Dev.},
    month = jul,
    pages = {465–479},
    numpages = {15}
}

@article{NVMSurvey:DAES18,
    author = {Boukhobza, Jalil and Rubini, St\'{e}phane and Chen, Renhai and Shao, Zili},
    title = {Emerging {NVM}: A Survey on Architectural Integration and Research Challenges},
    year = {2017},
    issue_date = {January 2018},
    publisher = {Association for Computing Machinery},
    address = {New York, NY, USA},
    volume = {23},
    number = {2},
    issn = {1084-4309},
    url = {https://doi.org/10.1145/3131848},
    doi = {10.1145/3131848},
    journal = {ACM Trans. Des. Autom. Electron. Syst.},
    month = nov,
    articleno = {Article 14},
    numpages = {32},
    keywords = {PCM, FeRAM, main memory, MRAM, ReRAM, storage, Non-volatile memory}
}

%--------------------------------------------------------------------------------------------------%
% Encryption related
%--------------------------------------------------------------------------------------------------%

@inproceedings{BLE:DSN10,
    author = {Kong, Jingfei and Zhou, Huiyang},
    booktitle={2010 IEEE/IFIP International Conference on Dependable Systems   Networks (DSN)},
    year = {2010},
    month = {06},
    pages = {333-342},
    title = {Improving Privacy and Lifetime of PCM-based Main Memory},
    ISSN={2158-3927},
    doi = {10.1109/DSN.2010.5544298},
    url = {https://doi.org/10.1109/DSN.2010.5544298}
}

@inproceedings{iNVMM:ISCA11,
    author = {Chhabra, Siddhartha and Solihin, Yan},
    title = {I-NVMM: A Secure Non-Volatile Main Memory System with Incremental Encryption},
    year = {2011},
    isbn = {9781450304726},
    publisher = {Association for Computing Machinery},
    address = {New York, NY, USA},
    url = {https://doi.org/10.1145/2000064.2000086},
    doi = {10.1145/2000064.2000086},
    booktitle = {Proceedings of the 38th Annual International Symposium on Computer Architecture},
    pages = {177–188},
    numpages = {12},
    keywords = {non-volatile main memory, privacy, security, hardware attacks, incremental encryption},
    location = {San Jose, California, USA},
    series = {ISCA ’11}
}

@inproceedings{DEUCE:ASPLOS15,
    author = {Young, Vinson and Nair, Prashant J. and Qureshi, Moinuddin K.},
    title = {DEUCE: Write-Efficient Encryption for Non-Volatile Memories},
    year = {2015},
    isbn = {9781450328357},
    publisher = {Association for Computing Machinery},
    address = {New York, NY, USA},
    url = {https://doi.org/10.1145/2694344.2694387},
    doi = {10.1145/2694344.2694387},
    booktitle = {Proceedings of the Twentieth International Conference on Architectural Support for Programming Languages and Operating Systems},
    pages = {33–44},
    numpages = {12},
    keywords = {phase change memory, bitflip, security, encryption, NVM},
    location = {Istanbul, Turkey},
    series = {ASPLOS ’15}
}

@inproceedings{SilentShredder:ASPLOS16,
    author = {Awad, Amro and Manadhata, Pratyusa and Haber, Stuart and Solihin, Yan and Horne, William},
    title = {Silent Shredder: Zero-Cost Shredding for Secure Non-Volatile Main Memory Controllers},
    year = {2016},
    isbn = {9781450340915},
    publisher = {Association for Computing Machinery},
    address = {New York, NY, USA},
    url = {https://doi.org/10.1145/2872362.2872377},
    doi = {10.1145/2872362.2872377},
    booktitle = {Proceedings of the Twenty-First International Conference on Architectural Support for Programming Languages and Operating Systems},
    pages = {263–276},
    numpages = {14},
    keywords = {data protection, phase-change memory, keywords encryption, hardware security},
    location = {Atlanta, Georgia, USA},
    series = {ASPLOS ’16}
}

@inproceedings{Osiris:MICRO18,
    author = {Ye, Mao and Hughes, Clayton and Awad, Amro},
    title = {Osiris: A Low-Cost Mechanism to Enable Restoration of Secure Non-Volatile Memories},
    year = {2018},
    isbn = {9781538662403},
    publisher = {IEEE Press},
    url = {https://doi.org/10.1109/MICRO.2018.00040},
    doi = {10.1109/MICRO.2018.00040},
    booktitle = {Proceedings of the 51st Annual IEEE/ACM International Symposium on Microarchitecture},
    pages = {403–415},
    numpages = {13},
    keywords = {computer architecture, non-volatile memory, secure architecture, ECC},
    location = {Fukuoka, Japan},
    series = {MICRO-51}
}

%==================================================================================================%
% Side Channel
%==================================================================================================%
@article{Venkman:arXiv19,
    author = {Shen, Zhuojia and Zhou, Jie and Ojha, Divya and Criswell, John},
    title = {Restricting Control Flow During Speculative Execution with Venkman},
    journal = {arXiv:1903.10651},
    archiveprefix = {arXiv},
    eprint = {1903.10651},
    year = 2019,
    month = {March}
}


%==================================================================================================%
% Others
%==================================================================================================%
@ARTICLE{PascalDynDiagose:ITSE1980,
    author={C. N. {Fischer} and R. J. {LeBlanc}},
    journal={IEEE Transactions on Software Engineering},
    title={{The Implementation of Run-Time Diagnostics in Pascal}},
    year={1980},
    volume={SE-6},
    number={4},
    pages={313-319},
    keywords={Diagnostic compiler;Pascal;pointer checking;reference parameter checking;run-time checking;variant record checking;Runtime;Computer languages;Costs;Program processors;Testing;Degradation;Condition monitoring;Reactive power;Protection;Diagnostic compiler;Pascal;pointer checking;reference parameter checking;run-time checking;variant record checking},
    doi={10.1109/TSE.1980.230482},
    ISSN={},
    month={July},
}

@article{MorrisWorm:1989,
    author = {Spafford, Eugene H.},
    title = {The Internet Worm Program: An Analysis},
    year = {1989},
    issue_date = {Jan. 1989},
    publisher = {Association for Computing Machinery},
    address = {New York, NY, USA},
    volume = {19},
    number = {1},
    issn = {0146-4833},
    url = {https://doi.org/10.1145/66093.66095},
    doi = {10.1145/66093.66095},
    journal = {SIGCOMM Comput. Commun. Rev.},
    month = jan,
    pages = {17–57},
    numpages = {41}
}

@article{Olden:TOPLAS95,
    author = {Rogers, Anne and Carlisle, Martin C. and Reppy, John H. and Hendren, Laurie J.},
    title = {{Supporting Dynamic Data Structures on Distributed-memory Machines}},
    journal = {ACM Trans. Program. Lang. Syst.},
    issue_date = {March 1995},
    volume = {17},
    number = {2},
    month = mar,
    year = {1995},
    issn = {0164-0925},
    pages = {233--263},
    numpages = {31},
    url = {http://doi.acm.org/10.1145/201059.201065},
    doi = {10.1145/201059.201065},
    acmid = {201065},
    publisher = {ACM},
    address = {New York, NY, USA},
    keywords = {dynamic data structures},
}

@article{GoToHarmful:Dijkstra,
    author = {Dijkstra, Edsger W.},
    title = {{Letters to the Editor: Go to Statement Considered Harmful}},
    year = {1968},
    issue_date = {March 1968},
    publisher = {Association for Computing Machinery},
    address = {New York, NY, USA},
    volume = {11},
    number = {3},
    issn = {0001-0782},
    url = {https://doi.org/10.1145/362929.362947},
    doi = {10.1145/362929.362947},
    journal = {Commun. ACM},
    month = mar,
    pages = {147–148},
    numpages = {2},
    keywords = {alternative clause, branch instruction, repetitive clause, program sequencing, jump instruction, program intelligibility, go to statement, conditional clause}
}

@inproceedings{OTPEnc:MICRO03,
    author = {Suh, G. Edward and Clarke, Dwaine and Gassend, Blaise and Dijk, Marten van and Devadas, Srinivas},
    title = {Efficient Memory Integrity Verification and Encryption for Secure Processors},
    year = {2003},
    isbn = {076952043X},
    publisher = {IEEE Computer Society},
    address = {USA},
    booktitle = {Proceedings of the 36th Annual IEEE/ACM International Symposium on Microarchitecture},
    pages = {339},
    numpages = {12},
    series = {MICRO 36},
    url = {https://dl.acm.org/doi/10.5555/956417.956575}
}

@article{ColdBoot:USS08,
    author = {Halderman, J. Alex and Schoen, Seth D. and Heninger, Nadia and Clarkson, William and Paul, William and Calandrino, Joseph A. and Feldman, Ariel J. and Appelbaum, Jacob and Felten, Edward W.},
    title = {Lest We Remember: Cold-Boot Attacks on Encryption Keys},
    year = {2009},
    issue_date = {May 2009},
    publisher = {Association for Computing Machinery},
    address = {New York, NY, USA},
    volume = {52},
    number = {5},
    issn = {0001-0782},
    url = {https://doi.org/10.1145/1506409.1506429},
    doi = {10.1145/1506409.1506429},
    journal = {Commun. ACM},
    month = may,
    pages = {91–98},
    numpages = {8}
}

@article{SGXMEE,
  title={A Memory Encryption Engine Suitable for General Purpose Processors},
  author={Shay Gueron},
  journal={IACR Cryptology ePrint Archive},
  year={2016},
  volume={2016},
  pages={204},
  doi = {10.1109/MSP.2016.124},
  url = {https://eprint.iacr.org/2016/204.pdf}
}

@inproceedings{SideChannel:ISCA12,
    author = {Demme, John and Martin, Robert and Waksman, Adam and Sethumadhavan, Simha},
    title = {Side-Channel Vulnerability Factor: A Metric for Measuring Information Leakage},
    year = {2012},
    isbn = {9781450316422},
    publisher = {IEEE Computer Society},
    address = {USA},
    booktitle = {Proceedings of the 39th Annual International Symposium on Computer Architecture},
    pages = {106–117},
    numpages = {12},
    location = {Portland, Oregon},
    series = {ISCA ’12},
    url = {https://dl.acm.org/doi/10.1145/2366231.2337172}
}

@article{LogStructuredFS:TOCS92,
    author = {Rosenblum, Mendel and Ousterhout, John K.},
    title = {The Design and Implementation of a Log-Structured File System},
    year = {1992},
    issue_date = {Feb. 1992},
    publisher = {Association for Computing Machinery},
    address = {New York, NY, USA},
    volume = {10},
    number = {1},
    issn = {0734-2071},
    url = {https://doi.org/10.1145/146941.146943},
    doi = {10.1145/146941.146943},
    journal = {ACM Trans. Comput. Syst.},
    month = feb,
    pages = {26–52},
    numpages = {27},
    keywords = {file system organization, log-structured, logging, fast crash recovery, high write performance, disk storage management, file system performance, Unix}
}

@inproceedings{x86CodeDiff:PKDD11,
    author = {Wartell, Richard and Zhou, Yan and Hamlen, Kevin W. and Kantarcioglu, Murat and Thuraisingham, Bhavani},
    title = {Differentiating Code from Data in X86 Binaries},
    year = {2011},
    isbn = {9783642238079},
    publisher = {Springer-Verlag},
    address = {Berlin, Heidelberg},
    url = {https://doi.org/10.1007/978-3-642-23808-6_34},
    doi = {10.1007/978-3-642-23808-6_34},
    booktitle = {Proceedings of the 2011th European Conference on Machine Learning and Knowledge Discovery in Databases - Volume Part III},
    pages = {522–536},
    numpages = {15},
    keywords = {segmentation, x86 binary disassembly, classification, statistical data compression},
    location = {Athens, Greece},
    series = {ECMLPKDD'11}
}

@inproceedings{Olden:ASPLOS96,
    author = {Luk, Chi-Keung and Mowry, Todd C.},
    title = {Compiler-Based Prefetching for Recursive Data Structures},
    year = {1996},
    isbn = {0897917677},
    publisher = {Association for Computing Machinery},
    address = {New York, NY, USA},
    url = {https://doi.org/10.1145/237090.237190},
    doi = {10.1145/237090.237190},
    booktitle = {Proceedings of the Seventh International Conference on Architectural Support for Programming Languages and Operating Systems},
    pages = {222–233},
    numpages = {12},
    location = {Cambridge, Massachusetts, USA},
    series = {ASPLOS VII}
}

@inproceedings{Heartbleed:IMC14,
    author = {Durumeric, Zakir and Li, Frank and Kasten, James and Amann, Johanna and Beekman, Jethro and Payer, Mathias and Weaver, Nicolas and Adrian, David and Paxson, Vern and Bailey, Michael and Halderman, J. Alex},
    title = {The Matter of Heartbleed},
    year = {2014},
    isbn = {9781450332132},
    publisher = {Association for Computing Machinery},
    address = {New York, NY, USA},
    url = {https://doi.org/10.1145/2663716.2663755},
    doi = {10.1145/2663716.2663755},
    booktitle = {Proceedings of the 2014 Conference on Internet Measurement Conference},
    pages = {475–488},
    numpages = {14},
    keywords = {security, openssl, heartbleed, internet-wide scanning},
    location = {Vancouver, BC, Canada},
    series = {IMC '14}
}

@inproceedings{PAMD:ISMM17,
  author = {Liu, Zhengyang and Criswell, John},
  title = {Flexible and Efficient Memory Object Metadata},
  booktitle = {Proceedings of the 2017 ACM SIGPLAN International Symposium on Memory Management},
  series = {ISMM '17},
  year = {2017},
  isbn = {978-1-4503-5044-0},
  address = {Barcelona, Spain},
  pages = {36--46},
  numpages = {11},
  url = {https://doi.org/10.1145/3092255.3092268},
  doi = {10.1145/3092255.3092268},
  publisher = {ACM},
}

@inproceedings{PLCmp:SLE17,
    author = {Pereira, Rui and Couto, Marco and Ribeiro, Francisco and Rua, Rui and Cunha, J\'{a}come and Fernandes, Jo\~{a}o Paulo and Saraiva, Jo\~{a}o},
    title = {Energy Efficiency across Programming Languages: How Do Energy, Time, and Memory Relate?},
    year = {2017},
    isbn = {9781450355254},
    publisher = {Association for Computing Machinery},
    address = {New York, NY, USA},
    url = {https://doi.org/10.1145/3136014.3136031},
    doi = {10.1145/3136014.3136031},
    booktitle = {Proceedings of the 10th ACM SIGPLAN International Conference on Software Language Engineering},
    pages = {256–267},
    numpages = {12},
    keywords = {Green Software, Energy Efficiency, Programming Languages, Language Benchmarking},
    location = {Vancouver, BC, Canada},
    series = {SLE 2017}
}