{"status":"ok","message-type":"work","message-version":"1.0.0","message":{"indexed":{"date-parts":[[2025,11,18]],"date-time":"2025-11-18T12:13:10Z","timestamp":1763467990259},"publisher-location":"Berlin, Heidelberg","reference-count":24,"publisher":"Springer Berlin Heidelberg","isbn-type":[{"type":"print","value":"9783540231233"},{"type":"electronic","value":"9783540301431"}],"content-domain":{"domain":[],"crossmark-restriction":false},"short-container-title":[],"published-print":{"date-parts":[[2004]]},"DOI":"10.1007\/978-3-540-30143-1_1","type":"book-chapter","created":{"date-parts":[[2010,9,18]],"date-time":"2010-09-18T23:59:24Z","timestamp":1284854364000},"page":"1-20","source":"Crossref","is-referenced-by-count":25,"title":["Automatic Extraction of Accurate Application-Specific Sandboxing Policy"],"prefix":"10.1007","author":[{"given":"Lap Chung","family":"Lam","sequence":"first","affiliation":[]},{"given":"Tzi-cker","family":"Chiueh","sequence":"additional","affiliation":[]}],"member":"297","reference":[{"key":"1_CR1","unstructured":"Acharya, A., Mandar, R.: Mapbox: Using parameterized behavior classes to confine untrusted applications. In: Proceedings of the Tenth USENIX Security Symposium (2000)"},{"key":"1_CR2","unstructured":"Alexandrov, A., Kmiec, P., Schauser, K.: Consh: A confined execution environment for internet computations. In: USENIX Ann. Technical Conf. (1999)"},{"key":"1_CR3","unstructured":"Balfanz, D., Simon, D.R.: Windowbox: a simple security model for the connected desktop. In: Proceedings of the 4th USENIX Windows Systems Symposium, pp. 37\u201348 (2000)"},{"key":"1_CR4","unstructured":"CERT Corrdingation Center. Cert summary cs-2003-01, \n                    \n                      http:\/\/www.cert.org\/summaries\/\n                    \n                    \n                   (2003)"},{"key":"1_CR5","unstructured":"cker Chiueh, T., Hsu, F.-H.: Rad: A compiler time solution to buffer overflow attacks. In: Proceedings of International Conference on Distributed Computing Systems (ICDCS), Phoenix, Arizona (April 2001)"},{"key":"1_CR6","unstructured":"Cowan, C., Pu, C., Maier, D., Hinton, H., Walpole, J., Bakke, P., Beattie, S., Grier, A., Wagle, P., Zhang, Q.: Stackguard: Automatic adaptive detection and prevention of buffer-overflow attacks. In: Proceedings of the Seventh USENIX Security Symposium, San Antonio, Texas, January 1998, pp. 63\u201378 (1998)"},{"key":"1_CR7","unstructured":"Etho, H.: Gcc extension for protecting applications from stack-smashing attacks, \n                    \n                      http:\/\/www.trl.ibm.com\/projects\/security\/ssp\/"},{"key":"1_CR8","first-page":"62","volume-title":"Proceedings of the IEEE Symposium on Security and Privacy","author":"H.H. Feng","year":"2003","unstructured":"Feng, H.H., Kolesnikov, O.M., Fogla, P., Lee, W., Gong, W.: Anomaly detection using call stack information. In: Proceedings of the IEEE Symposium on Security and Privacy, Berkeley, CA, May 2003, pp. 62\u201376. IEEE Press, Los Alamitos (2003)"},{"key":"1_CR9","unstructured":"Giffin, J.T., Jha, S., Miller, B.P.: Detecting manipulated remote call streams. In: USENIX Security Symposium (August 2002)"},{"key":"1_CR10","unstructured":"Giffin, J.T., Jha, S., Miller, B.P.: Efficient context-sensitive intrusion detection. In: 11th Annual Network and Distributed System Security Symposium (February 2004)"},{"key":"1_CR11","unstructured":"Goldberg, I., Wagner, D., Thomas, R., Brewer, E.A.: A secure environment for untrusted helper applications. In: Proceedings of the 6th Usenix Security Symposium, San Jose, CA, USA (1996)"},{"key":"1_CR12","unstructured":"Hastings, R., Joyce, B.: Purify: Fast detection of memory leaks and access errors. In: Proceedings of the Winter USENIX Conference, pp. 125\u2013136 (1992)"},{"key":"1_CR13","doi-asserted-by":"crossref","unstructured":"Hofmeyr, S., Forrest, S., Somayaji, A.: Intrusion detection using sequences of system calls. Journal of Computer Security\u00a06(3) (1998)","DOI":"10.3233\/JCS-980109"},{"key":"1_CR14","unstructured":"Kiriansky, V., Bruening, D., Amarasinghe, S.: Secure execution via program shepherding. In: 11th USENIX Security Symposium (August 2002)"},{"key":"1_CR15","doi-asserted-by":"crossref","unstructured":"Nguyen, N., Reiher, P., Kuenning, G.H.: Detecting insider threats by monitoring system call activity. In: IEEE Information Assurance Workshop, United States Military Academy West Point, New York (June 2003)","DOI":"10.1109\/SMCSIA.2003.1232400"},{"key":"1_CR16","unstructured":"Prasad, M., cker Chiueh, T.: A binary rewriting approach to stack-based buffer overflow attacks. In: Proceedings of 2003 USENIX Conference (June 2003)"},{"key":"1_CR17","unstructured":"Prevelakis, V., Spinellis, D.: Sandboxing applications. In: Proceedings of the FREENIX Track: 2001 USENIX Annual Technical Conference, Berkeley, CA, June 2001, pp. 119\u2013126. USENIX Association (2001)"},{"key":"1_CR18","doi-asserted-by":"crossref","unstructured":"Sekar, R., Bendre, M., Bollineni, P., Dhurjati, D.: A fast automaton-based method for detecting anomalous program behaviors. IEEE Symposium on Security and Privacy, 144\u2013155 (2001)","DOI":"10.1109\/SECPRI.2001.924295"},{"key":"1_CR19","unstructured":"Solar Designer. Non-executable user stack, \n                    \n                      http:\/\/www.false.com\/security\/linux-stack\/"},{"key":"1_CR20","unstructured":"TESO Security. x86\/linux wu ftpd remote root exploit, \n                    \n                      http:\/\/packetstormsecurity.nl\/0205-exploits\/7350wurm.c"},{"key":"1_CR21","unstructured":"Vendicator. Stackshield: A \u201cstack smashing\u201d technique protection tool for linux, \n                    \n                      http:\/\/www.angelfire.com\/sk\/stackshield\/"},{"key":"1_CR22","first-page":"156","volume-title":"Proceedings of the IEEE Symposium on Security and Privacy","author":"D. Wagner","year":"2001","unstructured":"Wagner, D., Dean, D.: Intrusion detection via static analysis. In: Proceedings of the IEEE Symposium on Security and Privacy, Oakland, CA, May 2001, pp. 156\u2013169. IEEE Press, Los Alamitos (2001)"},{"key":"1_CR23","doi-asserted-by":"crossref","unstructured":"Wagner, D., Soto, P.: Mimicry attacks on host-based intrusion detection systems. In: Proceedings of the 9th ACM Conference on Computer and Communications Security (November 2002)","DOI":"10.1145\/586110.586145"},{"key":"1_CR24","unstructured":"Warrender, C., Forrest, S., Pearlmutter, B.: Detecting intrusions using system calls: Alternative data models (May 1999)"}],"container-title":["Lecture Notes in Computer Science","Recent Advances in Intrusion Detection"],"original-title":[],"link":[{"URL":"http:\/\/link.springer.com\/content\/pdf\/10.1007\/978-3-540-30143-1_1.pdf","content-type":"unspecified","content-version":"vor","intended-application":"similarity-checking"}],"deposited":{"date-parts":[[2021,5,3]],"date-time":"2021-05-03T03:52:20Z","timestamp":1620013940000},"score":1,"resource":{"primary":{"URL":"http:\/\/link.springer.com\/10.1007\/978-3-540-30143-1_1"}},"subtitle":[],"short-title":[],"issued":{"date-parts":[[2004]]},"ISBN":["9783540231233","9783540301431"],"references-count":24,"URL":"https:\/\/doi.org\/10.1007\/978-3-540-30143-1_1","relation":{},"ISSN":["0302-9743","1611-3349"],"issn-type":[{"type":"print","value":"0302-9743"},{"type":"electronic","value":"1611-3349"}],"subject":[],"published":{"date-parts":[[2004]]}}}