{"status":"ok","message-type":"work","message-version":"1.0.0","message":{"indexed":{"date-parts":[[2025,3,25]],"date-time":"2025-03-25T14:32:09Z","timestamp":1742913129536,"version":"3.40.3"},"publisher-location":"Cham","reference-count":22,"publisher":"Springer International Publishing","isbn-type":[{"type":"print","value":"9783319651262"},{"type":"electronic","value":"9783319651279"}],"license":[{"start":{"date-parts":[[2017,1,1]],"date-time":"2017-01-01T00:00:00Z","timestamp":1483228800000},"content-version":"unspecified","delay-in-days":0,"URL":"http:\/\/www.springer.com\/tdm"}],"content-domain":{"domain":[],"crossmark-restriction":false},"short-container-title":[],"published-print":{"date-parts":[[2017]]},"DOI":"10.1007\/978-3-319-65127-9_28","type":"book-chapter","created":{"date-parts":[[2017,8,5]],"date-time":"2017-08-05T03:35:53Z","timestamp":1501904153000},"page":"348-359","source":"Crossref","is-referenced-by-count":1,"title":["Toward Third-Party Immune Applications"],"prefix":"10.1007","author":[{"given":"Omar","family":"Iraqi","sequence":"first","affiliation":[]},{"given":"Hanan","family":"El Bakkali","sequence":"additional","affiliation":[]}],"member":"297","published-online":{"date-parts":[[2017,8,6]]},"reference":[{"key":"28_CR1","unstructured":"Information Security Breaches Survey (2015). pwc.co.uk\/assets\/pdf\/2015-isbs-technical-report-blue-03.pdf"},{"key":"28_CR2","unstructured":"Forbes & IBM. The Reputational Impact of IT Risk (2014). www-935.ibm.com\/services\/multimedia\/RLL12363USEN_2014_Forbes_Insights.pdf"},{"key":"28_CR3","unstructured":"Kaspersky Security Bulletin 2015, Overall statistics for 2015. securelist.com\/files\/2015\/12\/KSB_2015_Statistics_FINAL_EN.pdf"},{"key":"28_CR4","unstructured":"OWASP 2013 Top 10 Application Security Report. owasptop10.googlecode.com\/files\/OWASP_Top_10-2013.pdf"},{"key":"28_CR5","unstructured":"The Heartbleed Bug. heartbleed.com"},{"key":"28_CR6","unstructured":"Microsoft Security Development Lifecycle. microsoft.com\/en-us\/sdl\/"},{"key":"28_CR7","unstructured":"OWASP Software Assurance Maturity Model. owasp.org\/index.php\/Category:Software_Assurance_Maturity_Model"},{"key":"28_CR8","doi-asserted-by":"crossref","unstructured":"Swanson, M., Guttman, B.: Generally Accepted Principles and Practices for Securing Information Technology Systems (1996)","DOI":"10.6028\/NIST.SP.800-14"},{"key":"28_CR9","doi-asserted-by":"crossref","unstructured":"Stoneburner, G., Hayden, C., Feringa, A.: Engineering Principles for Information Technology Security (A Baseline for Achieving Security) (2001)","DOI":"10.6028\/NIST.SP.800-27"},{"key":"28_CR10","doi-asserted-by":"crossref","first-page":"49:1","DOI":"10.1145\/2501654.2501663","volume":"45","author":"J Chang","year":"2013","unstructured":"Chang, J., Venkatasubramanian, K.K., West, A.G., Lee, I.: Analyzing and defending against web-based malware. ACM Comput. Surv. 45, 49:1\u201349:35 (2013)","journal-title":"ACM Comput. Surv."},{"key":"28_CR11","doi-asserted-by":"crossref","first-page":"23","DOI":"10.1007\/978-3-540-70542-0_2","volume-title":"Detection of Intrusions and Malware, and Vulnerability Assessment","author":"P Bisht","year":"2008","unstructured":"Bisht, P., Venkatakrishnan, V.N.: XSS-GUARD: precise dynamic prevention of cross-site scripting attacks. In: Zamboni, D. (ed.) Detection of Intrusions and Malware, and Vulnerability Assessment, pp. 23\u201343. Springer, Berlin Heidelberg (2008)"},{"key":"28_CR12","doi-asserted-by":"crossref","DOI":"10.1201\/9781439801512","volume-title":"Vulnerability Management","author":"P Foreman","year":"2009","unstructured":"Foreman, P.: Vulnerability Management. CRC Press, Boca Raton (2009)"},{"key":"28_CR13","unstructured":"Kilpatrick, D.: Privman: a library for partitioning applications. In: USENIX Annual Technical Conference, FREENIX Track, pp. 273\u2013284 (2003)"},{"key":"28_CR14","doi-asserted-by":"crossref","unstructured":"Sun, M., Tan, G.: NativeGuard: protecting android applications from third-party native libraries. In: Proceedings of the 2014 ACM Conference on Security and Privacy in Wireless & Mobile Networks, pp. 165\u2013176. ACM, New York (2014)","DOI":"10.1145\/2627393.2627396"},{"key":"28_CR15","doi-asserted-by":"crossref","unstructured":"Zhou, Y., Patel, K., Wu, L., Wang, Z., Jiang, X.: Hybrid user-level sandboxing of third-party android apps. In: Proceedings of the 10th ACM Symposium on Information, Computer and Communications Security, pp. 19\u201330. ACM, New York (2015)","DOI":"10.1145\/2714576.2714598"},{"key":"28_CR16","series-title":"IFIP Advances in Information and Communication Technology","doi-asserted-by":"publisher","first-page":"337","DOI":"10.1007\/978-3-319-33630-5_23","volume-title":"ICT Systems Security and Privacy Protection","author":"Y-Y Hong","year":"2016","unstructured":"Hong, Y.-Y., Wang, Y.-P., Yin, J.: NativeProtector: protecting android applications by isolating and intercepting third-party native libraries. In: Hoepman, J.-H., Katzenbeisser, S. (eds.) SEC 2016. IAICT, vol. 471, pp. 337\u2013351. Springer, Cham (2016). doi: 10.1007\/978-3-319-33630-5_23"},{"key":"28_CR17","unstructured":"Backes, M., Bugiel, S., Hammer, C., Schranz, O., von Styp-Rekowsky, P.: Boxify: full-fledged app sandboxing for stock android. In: 24th USENIX Security Symposium (USENIX Security 2015), pp. 691\u2013706. USENIX Association, Washington, D.C. (2015)"},{"key":"28_CR18","series-title":"Lecture Notes in Computer Science","doi-asserted-by":"publisher","first-page":"458","DOI":"10.1007\/978-3-319-45744-4_23","volume-title":"Computer Security \u2013 ESORICS 2016","author":"F Wang","year":"2016","unstructured":"Wang, F., Zhang, Y., Wang, K., Liu, P., Wang, W.: Stay in your cage! A sound sandbox for third-party libraries on android. In: Askoxylakis, I., Ioannidis, S., Katsikas, S., Meadows, C. (eds.) ESORICS 2016. LNCS, vol. 9878, pp. 458\u2013476. Springer, Cham (2016). doi: 10.1007\/978-3-319-45744-4_23"},{"key":"28_CR19","unstructured":"IBM X-Force Research. www-03.ibm.com\/security\/xforce\/"},{"key":"28_CR20","unstructured":"Weka 3: Data Mining Software in Java. cs.waikato.ac.nz\/ml\/weka\/"},{"key":"28_CR21","unstructured":"Apache JMeter. jmeter.apache.org"},{"key":"28_CR22","unstructured":"Zed Attack Proxy. owasp.org\/index.php\/OWASP_Zed_Attack_Proxy_Project"}],"container-title":["Lecture Notes in Computer Science","Computer Network Security"],"original-title":[],"link":[{"URL":"http:\/\/link.springer.com\/content\/pdf\/10.1007\/978-3-319-65127-9_28","content-type":"unspecified","content-version":"vor","intended-application":"similarity-checking"}],"deposited":{"date-parts":[[2019,10,1]],"date-time":"2019-10-01T22:14:15Z","timestamp":1569968055000},"score":1,"resource":{"primary":{"URL":"http:\/\/link.springer.com\/10.1007\/978-3-319-65127-9_28"}},"subtitle":[],"short-title":[],"issued":{"date-parts":[[2017]]},"ISBN":["9783319651262","9783319651279"],"references-count":22,"URL":"https:\/\/doi.org\/10.1007\/978-3-319-65127-9_28","relation":{},"ISSN":["0302-9743","1611-3349"],"issn-type":[{"type":"print","value":"0302-9743"},{"type":"electronic","value":"1611-3349"}],"subject":[],"published":{"date-parts":[[2017]]}}}