research-article

Public Access

PT-CFI: Transparent Backward-Edge Control Flow Violation Detection Using Intel Processor Trace

Authors:

Qingchuan Zhao,

Zhiqiang LinAuthors Info & Claims

CODASPY '17: Proceedings of the Seventh ACM on Conference on Data and Application Security and Privacy

Pages 173 - 184

https://doi.org/10.1145/3029806.3029830

Published: 22 March 2017 Publication History

Abstract

This paper presents PT-CFI, a new backward-edge control flow violation detection system based on a novel use of a recently introduced hardware feature called Intel Processor Trace (PT). Designed primarily for offline software debugging and performance analysis, PT offers the capability of tracing the entire control flow of a running program. In this paper, we explore the practicality of using PT for security applications, and propose to build a new control flow integrity (CFI) model that enforces a backward-edge CFI policy for native COTS binaries based on the traces from Intel PT. By exploring the intrinsic properties of PT with a system call based synchronization primitive and a deep inspection capability, we have addressed a number of technical challenges such as how to make sure the backward edge CFI policy is both sound and complete, how to make PT enforce our CFI policy, and how to balance the performance overhead. We have implemented PT-CFI and evaluated with a number of programs including SPEC2006 and HTTP daemons. Our experimental results show that PT-CFI can enforce a perfect backward-edge CFI with only small overhead for the protected program.

References

[1]

Httperf, http://www.labs.hpe.com/research/linux/httperf/.

[2]

M. Abadi, M. Budiu, U. Erlingsson, and J. Ligatti. Control-flow integrity. In Proceedings of the 12th ACM Conference on Computer and Communications Security, CCS '05, pages 340--353. ACM, 2005.

Digital Library

[3]

S. Andersen and V. Abella. Data execution prevention. changes to functionality in microsoft windows xp service pack 2, part 3: Memory protection technologies, 2004.

[4]

N. Balakrishnan, T. Bytheway, L. Carata, O. R. A. Chick, J. Snee, S. Akoush, R. Sohan, M. Seltzer, and A. Hopper. Recent advances in computer architecture: The opportunities and challenges for provenance. In 7th USENIX Workshop on the Theory and Practice of Provenance (TaPP 15), Edinburgh, Scotland, July 2015. USENIX Association.

Digital Library

[5]

A. Bittau, A. Belay, A. Mashtizadeh, D. Mazieres, and D. Boneh. Hacking blind. In Security and Privacy (SP), 2014 IEEE Symposium on, pages 227--242. IEEE, 2014.

Digital Library

[6]

T. Bletsch, X. Jiang, and V. Freeh. Mitigating code-reuse attacks with control-flow locking. In Proceedings of the 27th Annual Computer Security Applications Conference, ACSAC '11, pages 353--362. ACM, 2011.

Digital Library

[7]

T. Bletsch, X. Jiang, V. W. Freeh, and Z. Liang. Jump-oriented programming: a new class of code-reuse attack. In Proceedings of the 6th ACM Symposium on Information, Computer and Communications Security, pages 30--40. ACM, 2011.

Digital Library

[8]

E. Bosman and H. Bos. Framing signals -- return to portable exploits. (working title, subject to change.). In Security & Privacy (Oakland), San Jose, CA, USA, May 2014. IEEE.

Digital Library

[9]

N. Carlini, A. Barresi, M. Payer, D. Wagner, and T. R. Gross. Control-flow bending: On the effectiveness of control-flow integrity. In 24th USENIX Security Symposium (USENIX Security 15), pages 161--176, Washington, D.C., Aug. 2015. USENIX Association.

Digital Library

[10]

N. Carlini, A. Barresi, M. Payer, D. Wagner, and T. R. Gross. Control-flow bending: On the effectiveness of control-flow integrity. In 24th USENIX Security Symposium (USENIX Security 15), pages 161--176, 2015.

Digital Library

[11]

N. Carlini and D. Wagner. ROP is still dangerous: Breaking modern defenses. In Proceedings of the 23rd USENIX Conference on Security Symposium, SEC'14, pages 385--399, Berkeley, CA, USA, 2014. USENIX Association.

Digital Library

[12]

S. Checkoway, L. Davi, A. Dmitrienko, A.-R. Sadeghi, H. Shacham, and M. Winandy. Return-oriented programming without returns. In Proceedings of the 17th ACM Conference on Computer and Communications Security, CCS '10, pages 559--572, New York, NY, USA, 2010. ACM.

Digital Library

[13]

P. Chen, H. Xiao, X. Shen, X. Yin, B. Mao, and L. Xie. Drop: Detecting return-oriented programming malicious code. In Proceedings of the 5th International Conference on Information Systems Security, ICISS '09, pages 163--177, Berlin, Heidelberg, 2009. Springer-Verlag.

Digital Library

[14]

S. Chen, J. Xu, E. C. Sezer, P. Gauriar, and R. K. Iyer. Non-control-data attacks are realistic threats. In Proceedings of the 14th Conference on USENIX Security Symposium - Volume 14. USENIX Association, 2005.

Digital Library

[15]

Y. Cheng, Z. Zhou, M. Yu, X. Ding, and R. H. Deng. ROPecker: A generic and practical approach for defending against ROP attack. In Proceedings of the 2014 Network and Distributed System Security Symposium, NDSS'14, 2014.

[16]

C. Cowan, C. Pu, D. Maier, J. Walpole, P. Bakke, S. Beattie, A. Grier, P. Wagle, Q. Zhang, and H. Hinton. Stackguard: Automatic adaptive detection and prevention of buffer-overflow attacks. In Usenix Security, volume 98, pages 63--78, 1998.

Digital Library

[17]

L. Davi, A. Dmitrienko, M. Egele, T. Fischer, T. Holz, R. Hund, S. Nürnberger, and A.-R. Sadeghi. MoCFI: A framework to mitigate control-flow attacks on smartphones. In 19th Annual Network & Distributed System Security Symposium (NDSS), Feb. 2012.

[18]

L. Davi, A.-R. Sadeghi, D. Lehmann, and F. Monrose. Stitching the gadgets: On the ineffectiveness of coarse-grained control-flow integrity protection. In Proceedings of the 23rd USENIX Conference on Security Symposium, SEC'14, Berkeley, CA, USA, 2014. USENIX Association.

Digital Library

[19]

L. Davi, A.-R. Sadeghi, and M. Winandy. Ropdefender: A detection tool to defend against return-oriented programming attacks. In Proceedings of the 6th ACM Symposium on Information, Computer and Communications Security, ASIACCS '11, pages 40--51. ACM, 2011.

Digital Library

[20]

U. Erlingsson. The Inlined Reference Monitor Approach to Security Policy Enforcement. PhD thesis, Ithaca, NY, USA, 2004. AAI3114521.

Digital Library

[21]

Y. Fu and Z. Lin. Exterior: Using a dual-vm based external shell for guest-os introspection, configuration, and recovery. In Proceedings of the Ninth Annual International Conference on Virtual Execution Environments, Houston, TX, March 2013.

Digital Library

[22]

X. Ge, W. Cui, and T. Jaeger. Griffin: Guarding control flows using intel processor trace. In Proceedings of the 22nd ACM International Conference on Architectural Support for Programming Languages and Operating Systems, Apr. 2017.

Digital Library

[23]

E. Göktas, E. Athanasopoulos, M. Polychronakis, H. Bos, and G. Portokalidis. Size does matter: Why using gadget-chain length to prevent code-reuse attacks is hard. In 23rd USENIX Security Symposium, pages 417--432, San Diego, CA, Aug. 2014. USENIX Association.

Digital Library

[24]

H. Hu, Z. L. Chua, S. Adrian, P. Saxena, and Z. Liang. Automatic generation of data-oriented exploits. In 24th USENIX Security Symposium, pages 177--192, Washington, D.C., Aug. 2015. USENIX Association.

Digital Library

[25]

H. Hu, S. Shinde, S. Adrian, Z. L. Chua, P. Saxena, and Z. Liang. Data-oriented programming: On the expressiveness of non-control data attacks. In 2016 IEEE Symposium on Security and Privacy. IEEE, 2016.

[26]

B. Kasikci, B. Schubert, C. Pereira, G. Pokam, and G. Candea. Failure sketching: A technique for automated root cause diagnosis of in-production failures. In Proceedings of the 25th Symposium on Operating Systems Principles, SOSP '15, pages 344--360, New York, NY, USA, 2015. ACM.

Digital Library

[27]

V. Kuznetsov, L. Szekeres, M. Payer, G. Candea, R. Sekar, and D. Song. Code-pointer integrity. In 11th USENIX Symposium on Operating Systems Design and Implementation, pages 147--163, Broomfield, CO, Oct. 2014. USENIX Association.

Digital Library

[28]

Y. Lee, I. Heo, D. Hwang, K. Kim, and Y. Paek. Towards a practical solution to detect code reuse attacks on arm mobile devices. In Proceedings of the Fourth Workshop on Hardware and Architectural Support for Security and Privacy, HASP '15. ACM, 2015.

Digital Library

[29]

Y. Liu, P. Shi, X. Wang, H. Chen, B. Zang, and H. Guan. Transparent and efficient cfi enforcement with intel processor trace. In The 23rd IEEE Symposium on High Performance Computer Architecture, 2017.

[30]

C.-K. Luk, R. Cohn, R. Muth, H. Patil, A. Klauser, G. Lowney, S. Wallace, V. J. Reddi, and K. Hazelwood. Pin: Building customized program analysis tools with dynamic instrumentation. In Proceedings of the 2005 ACM SIGPLAN Conference on Programming Language Design and Implementation, PLDI '05, pages 190--200, New York, NY, USA, 2005. ACM.

Digital Library

[31]

A. J. Mashtizadeh, A. Bittau, D. Boneh, and D. Mazières. CCFI: Cryptographically enforced control flow integrity. In Proceedings of the 22nd ACM SIGSAC Conference on Computer and Communications Security, CCS '15, pages 941--951. ACM, 2015.

Digital Library

[32]

V. Mohan, P. Larsen, S. Brunthaler, K. W. Hamlen, and M. Franz. Opaque control-flow integrity. In Proceedings of the 2015 Network and Distributed System Security Symposium, NDSS'15, 2015.

[33]

B. Niu and G. Tan. Modular control-flow integrity. In Proceedings of the 35th ACM SIGPLAN Conference on Programming Language Design and Implementation, PLDI '14, pages 577--587. ACM, 2014.

Digital Library

[34]

B. Niu and G. Tan. Rockjit: Securing just-in-time compilation using modular control-flow integrity. In Proceedings of the 2014 ACM SIGSAC Conference on Computer and Communications Security, CCS '14, pages 1317--1328. ACM, 2014.

Digital Library

[35]

B. Niu and G. Tan. Per-input control-flow integrity. In Proceedings of the 22Nd ACM SIGSAC Conference on Computer and Communications Security, CCS '15, pages 914--926. ACM, 2015.

Digital Library

[36]

A. One. Smashing the stack for fun and profit. Phrack magazine, 7(49):14--16, 1996.

[37]

V. Pappas, M. Polychronakis, and A. D. Keromytis. Transparent ROP exploit mitigation using indirect branch tracing. In Proceedings of the 22Nd USENIX Conference on Security, SEC'13, pages 447--462, Berkeley, CA, USA, 2013. USENIX Association.

Digital Library

[38]

M. Payer, A. Barresi, and T. R. Gross. Fine-grained control-flow integrity through binary hardening. In Detection of Intrusions and Malware, and Vulnerability Assessment, pages 144--164. Springer, 2015.

Digital Library

[39]

F. Schuster, T. Tendyck, C. Liebchen, L. Davi, A.-R. Sadeghi, and T. Holz. Counterfeit object-oriented programming: On the difficulty of preventing code reuse attacks in c+ applications. In Security and Privacy (SP), 2015 IEEE Symposium on, pages 745--762. IEEE, 2015.

Digital Library

[40]

F. Schuster, T. Tendyck, J. Pewny, A. Maaß, M. Steegmanns, M. Contag, and T. Holz. Evaluating the effectiveness of current anti-ROP defenses. In Proceedings of the 17th International Symposium on Research in Attacks, Intrusions and Defenses. Springer International Publishing, 2014.

[41]

E. J. Schwartz, T. Avgerinos, and D. Brumley. Q: Exploit hardening made easy. In USENIX Security Symposium, pages 25--41, 2011.

Digital Library

[42]

H. Shacham. The geometry of innocent flesh on the bone: Return-into-libc without function calls (on the x86). In Proceedings of CCS 2007, pages 552--61. ACM Press, Oct. 2007.

Digital Library

[43]

X. Shu, D. Yao, and N. Ramakrishnan. Unearthing stealthy program attacks buried in extremely long execution paths. In Proceedings of the 22Nd ACM SIGSAC Conference on Computer and Communications Security, CCS '15, pages 401--413, New York, NY, USA, 2015. ACM.

Digital Library

[44]

K. Z. Snow, F. Monrose, L. Davi, A. Dmitrienko, C. Liebchen, and A.-R. Sadeghi. Just-in-time code reuse: On the effectiveness of fine-grained address space layout randomization. In Security and Privacy (SP), 2013 IEEE Symposium on, pages 574--588. IEEE, 2013.

Digital Library

[45]

L. Szekeres, M. Payer, T. Wei, and D. Song. Sok: Eternal war in memory. In Proceedings of the 2013 IEEE Symposium on Security and Privacy, SP '13, pages 48--62. IEEE Computer Society, 2013.

Digital Library

[46]

P. Team. Pax address space layout randomization (aslr). 2003.

[47]

J. Thalheim, P. Bhatotia, and C. Fetzer. Inspector: A data provenance library for multithreaded programs, 2016. https://arxiv.org/abs/1605.00498.

[48]

C. Tice, T. Roeder, P. Collingbourne, S. Checkoway, Ú. Erlingsson, L. Lozano, and G. Pike. Enforcing forward-edge control-flow integrity in gcc & llvm. In 23rd USENIX Security Symposium, pages 941--955, San Diego, CA, Aug. 2014. USENIX Association.

Digital Library

[49]

V. van der Veen, D. Andriesse, E. Göktaş, B. Gras, L. Sambuc, A. Slowinska, H. Bos, and C. Giuffrida. Practical context-sensitive CFI. In Proceedings of the 22Nd ACM SIGSAC Conference on Computer and Communications Security, CCS '15, pages 927--940. ACM, 2015.

Digital Library

[50]

V. van der Veen, E. Goktas, M. Contag, A. Pawlowski, X. Chen, S. Rawat, H. Bos, T. Holz, E. Athanasopoulos, and C. Giuffrida. A tough call: Mitigating advanced code-reuse attacks at the binary level. In Proceedings of the 37th IEEE Symposium on Security and Privacy (Oakland), San Jose, CA, USA, May 2016. IEEE.

[51]

M. Wang, H. Yin, A. V. Bhaskar, P. Su, and D. Feng. Binary code continent: Finer-grained control flow integrity for stripped binaries. In Proceedings of the 31st Annual Computer Security Applications Conference, ACSAC 2015, pages 331--340. ACM, 2015.

Digital Library

[52]

R. Wojtczuk. The advanced return-into-lib (c) exploits: Pax case study. Phrack Magazine, Volume 0x0b, Issue 0x3a, Phile# 0x04 of 0x0e, 2001.

[53]

Y. Xia, Y. Liu, H. Chen, and B. Zang. CFIMon: Detecting violation of control flow integrity using performance counters. In Proceedings of the 42nd Annual IEEE/IFIP International Conference on Dependable Systems and Networks, DSN '12, Washington, DC, USA, 2012. IEEE Computer Society.

Digital Library

[54]

P. Yuan, Q. Zeng, and X. Ding. Hardware-assisted fine-grained code-reuse attack detection. In Proceedings of 18th International Symposium on Research in Attacks, Intrusions, and Defenses, RAID'15. Springer International Publishing, 2015.

Digital Library

[55]

B. Zeng, G. Tan, and Ú. Erlingsson. Strato: A retargetable framework for low-level inlined-reference monitors. In Presented as part of the 22nd USENIX Security Symposium (USENIX Security 13), pages 369--382, Washington, D.C., 2013. USENIX.

Digital Library

[56]

J. Zeng, Y. Fu, and Z. Lin. Automatic uncovering of tap points from kernel executions. In Proceedings of the 19th International Symposium on Research in Attacks, Intrusions and Defenses (RAID'16), Paris, France, September 2016.

[57]

C. Zhang, T. Wei, Z. Chen, L. Duan, L. Szekeres, S. McCamant, D. Song, and W. Zou. Practical control flow integrity and randomization for binary executables. In 2013 IEEE Symposium on Security and Privacy, pages 559--573, May 2013.

Digital Library

[58]

M. Zhang and R. Sekar. Control flow integrity for cots binaries. In Proceedings of the 22nd USENIX Security Symposium, pages 337--352. USENIX, 2013.

Digital Library

Cited By

Ismail MJelesnianski CJang YMin CXiong WTsafrir DMusuvathi MGupta RAbu-Ghazaleh N(2024)Enforcing C/C++ Type and Scope at Runtime for Control-Flow and Data-Flow IntegrityProceedings of the 29th ACM International Conference on Architectural Support for Programming Languages and Operating Systems, Volume 310.1145/3620666.3651342(283-300)Online publication date: 27-Apr-2024
https://dl.acm.org/doi/10.1145/3620666.3651342
Yue TZhang FNing ZWang PZhou XLu KZhou L(2024)Armor: Protecting Software Against Hardware Tracing TechniquesIEEE Transactions on Information Forensics and Security10.1109/TIFS.2024.337281619(4247-4262)Online publication date: 2024
https://doi.org/10.1109/TIFS.2024.3372816
Wang YMack CTan XZhang NZhao ZBaruah SWard B(2024)InsectACIDE: Debugger-Based Holistic Asynchronous CFI for Embedded System2024 IEEE 30th Real-Time and Embedded Technology and Applications Symposium (RTAS)10.1109/RTAS61025.2024.00036(360-372)Online publication date: 13-May-2024
https://doi.org/10.1109/RTAS61025.2024.00036
Show More Cited By

Index Terms

PT-CFI: Transparent Backward-Edge Control Flow Violation Detection Using Intel Processor Trace
1. Security and privacy
  1. Software and application security
    1. Software security engineering

Recommendations

Enforcing Unique Code Target Property for Control-Flow Integrity
CCS '18: Proceedings of the 2018 ACM SIGSAC Conference on Computer and Communications Security

The goal of control-flow integrity (CFI) is to stop control-hijacking attacks by ensuring that each indirect control-flow transfer (ICT) jumps to its legitimate target. However, existing implementations of CFI have fallen short of this goal because ...
HCFI: Hardware-enforced Control-Flow Integrity
CODASPY '16: Proceedings of the Sixth ACM Conference on Data and Application Security and Privacy

Control-flow hijacking is the principal method for code-reuse techniques like Return-oriented Programming (ROP) and Jump-oriented Programming (JOP). For defending against such attacks, the community has proposed Control-flow Integrity (CFI), a technique ...
Live Path CFI Against Control Flow Hijacking Attacks
Information Security and Privacy
Abstract
Through memory vulnerabilities, control flow hijacking allows an attacker to force a running program to execute other than what the programmer has intended. Control Flow Integrity (CFI) aims to prevent the adversarial effects of these attacks. CFI ...

Comments

Information & Contributors

Information

Published In

cover image ACM Conferences

CODASPY '17: Proceedings of the Seventh ACM on Conference on Data and Application Security and Privacy

March 2017

382 pages

ISBN:9781450345231

DOI:10.1145/3029806

General Chair:
Gail-Joon Ahn
Arizona State University, USA
,
Program Chairs:
Alexander Pretschner
Technische Universität München, Germany
,
Gabriel Ghinita
University of Massachusetts Boston, USA

Copyright © 2017 ACM.

Permission to make digital or hard copies of all or part of this work for personal or classroom use is granted without fee provided that copies are not made or distributed for profit or commercial advantage and that copies bear this notice and the full citation on the first page. Copyrights for components of this work owned by others than ACM must be honored. Abstracting with credit is permitted. To copy otherwise, or republish, to post on servers or to redistribute to lists, requires prior specific permission and/or a fee. Request permissions from [email protected]

Sponsors

SIGSAC: ACM Special Interest Group on Security, Audit, and Control

Publisher

Association for Computing Machinery

New York, NY, United States

Publication History

Published: 22 March 2017

Permissions

Request permissions for this article.

Request Permissions

Check for updates

Author Tags

Qualifiers

Research-article

Funding Sources

NSF Award
AFOSR

Conference

CODASPY '17

Sponsor:

SIGSAC

CODASPY '17: Seventh ACM Conference on Data and Application Security and Privacy

March 22 - 24, 2017

Arizona, Scottsdale, USA

Acceptance Rates

CODASPY '17 Paper Acceptance Rate 21 of 134 submissions, 16%;

Overall Acceptance Rate 149 of 789 submissions, 19%

Contributors

Other Metrics

View Article Metrics

Bibliometrics & Citations

Bibliometrics

Article Metrics

47
Total Citations
View Citations
1,066
Total Downloads

Downloads (Last 12 months)162
Downloads (Last 6 weeks)15

Reflects downloads up to

Other Metrics

View Author Metrics

Citations

Cited By

Ismail MJelesnianski CJang YMin CXiong WTsafrir DMusuvathi MGupta RAbu-Ghazaleh N(2024)Enforcing C/C++ Type and Scope at Runtime for Control-Flow and Data-Flow IntegrityProceedings of the 29th ACM International Conference on Architectural Support for Programming Languages and Operating Systems, Volume 310.1145/3620666.3651342(283-300)Online publication date: 27-Apr-2024
https://dl.acm.org/doi/10.1145/3620666.3651342
Yue TZhang FNing ZWang PZhou XLu KZhou L(2024)Armor: Protecting Software Against Hardware Tracing TechniquesIEEE Transactions on Information Forensics and Security10.1109/TIFS.2024.337281619(4247-4262)Online publication date: 2024
https://doi.org/10.1109/TIFS.2024.3372816
Wang YMack CTan XZhang NZhao ZBaruah SWard B(2024)InsectACIDE: Debugger-Based Holistic Asynchronous CFI for Embedded System2024 IEEE 30th Real-Time and Embedded Technology and Applications Symposium (RTAS)10.1109/RTAS61025.2024.00036(360-372)Online publication date: 13-May-2024
https://doi.org/10.1109/RTAS61025.2024.00036
Park YChoi SChoi UJin HNor NPark Y(2024)A practical approach for finding anti-debugging routines in the Arm-Linux using hardware tracingScientific Reports10.1038/s41598-024-65374-w14:1Online publication date: 26-Jun-2024
https://doi.org/10.1038/s41598-024-65374-w
Gaidis AMoreira JSun KMilburn AAtlidakis VKemerlis V(2023)FineIBT: Fine-grain Control-flow Enforcement with Indirect Branch TrackingProceedings of the 26th International Symposium on Research in Attacks, Intrusions and Defenses10.1145/3607199.3607219(527-546)Online publication date: 16-Oct-2023
https://dl.acm.org/doi/10.1145/3607199.3607219
Jelesnianski CIsmail MJang YWilliams DMin CAamodt TJerger NSwift M(2023)Protect the System Call, Protect (Most of) the World with BASTIONProceedings of the 28th ACM International Conference on Architectural Support for Programming Languages and Operating Systems, Volume 310.1145/3582016.3582066(528-541)Online publication date: 25-Mar-2023
https://dl.acm.org/doi/10.1145/3582016.3582066
Li SWang WLi WZhang D(2023)Hardware-Based Software Control Flow Integrity: Review on the State-of-the-Art Implementation TechnologyIEEE Access10.1109/ACCESS.2023.333704311(133255-133280)Online publication date: 2023
https://doi.org/10.1109/ACCESS.2023.3337043
Ding ZGuo YXu HYan LCui LPeng YCheng FHao Z(2023)SeqTrace: API Call Tracing Based on Intel PT and VMI for Malware DetectionAlgorithms and Architectures for Parallel Processing10.1007/978-3-031-22677-9_6(98-116)Online publication date: 11-Jan-2023
https://doi.org/10.1007/978-3-031-22677-9_6
Park SKang DKang JKwon D(2022)Bratter: An Instruction Set Extension for Forward Control-Flow Integrity in RISC-VSensors10.3390/s2204139222:4(1392)Online publication date: 11-Feb-2022
https://doi.org/10.3390/s22041392
Bauer MGrishchenko IRossow C(2022)TyPro: Forward CFI for C-Style Indirect Function Calls Using Type PropagationProceedings of the 38th Annual Computer Security Applications Conference10.1145/3564625.3564627(346-360)Online publication date: 5-Dec-2022
https://dl.acm.org/doi/10.1145/3564625.3564627
Show More Cited By

View Options

View options

PDF

View or Download as a PDF file.

eReader

View online with eReader.

Get Access

Login options

Check if you have access through your login credentials or your institution to get full access on this article.

Full Access

Get this Publication

Media

Figures

Other

Tables

View Table of Contents