{"status":"ok","message-type":"work","message-version":"1.0.0","message":{"indexed":{"date-parts":[[2026,3,17]],"date-time":"2026-03-17T20:26:41Z","timestamp":1773779201094,"version":"3.50.1"},"reference-count":17,"publisher":"Institute of Electrical and Electronics Engineers (IEEE)","issue":"2","license":[{"start":{"date-parts":[[2021,3,1]],"date-time":"2021-03-01T00:00:00Z","timestamp":1614556800000},"content-version":"vor","delay-in-days":0,"URL":"https:\/\/ieeexplore.ieee.org\/Xplorehelp\/downloads\/license-information\/IEEE.html"},{"start":{"date-parts":[[2021,3,1]],"date-time":"2021-03-01T00:00:00Z","timestamp":1614556800000},"content-version":"am","delay-in-days":0,"URL":"https:\/\/ieeexplore.ieee.org\/Xplorehelp\/downloads\/license-information\/IEEE.html"},{"start":{"date-parts":[[2021,3,1]],"date-time":"2021-03-01T00:00:00Z","timestamp":1614556800000},"content-version":"stm-asf","delay-in-days":0,"URL":"https:\/\/doi.org\/10.15223\/policy-009"},{"start":{"date-parts":[[2021,3,1]],"date-time":"2021-03-01T00:00:00Z","timestamp":1614556800000},"content-version":"stm-asf","delay-in-days":0,"URL":"https:\/\/doi.org\/10.15223\/policy-001"}],"funder":[{"DOI":"10.13039\/501100000780","name":"European Commission","doi-asserted-by":"publisher","award":["830929; 952647"],"award-info":[{"award-number":["830929; 952647"]}],"id":[{"id":"10.13039\/501100000780","id-type":"DOI","asserted-by":"publisher"}]},{"name":"U.S. Army Combat Capabilities Development Command Army Research Laboratory","award":["W911NF-13-2-0045"],"award-info":[{"award-number":["W911NF-13-2-0045"]}]},{"DOI":"10.13039\/100000001","name":"National Science Foundation","doi-asserted-by":"publisher","award":["CNS-1801534; CNS-1801601"],"award-info":[{"award-number":["CNS-1801534; CNS-1801601"]}],"id":[{"id":"10.13039\/100000001","id-type":"DOI","asserted-by":"publisher"}]}],"content-domain":{"domain":[],"crossmark-restriction":false},"short-container-title":["IEEE Secur. Privacy"],"published-print":{"date-parts":[[2021,3]]},"DOI":"10.1109\/msec.2021.3050433","type":"journal-article","created":{"date-parts":[[2021,3,22]],"date-time":"2021-03-22T20:27:48Z","timestamp":1616444868000},"page":"14-19","source":"Crossref","is-referenced-by-count":17,"title":["SolarWinds and the Challenges of Patching: Can We Ever Stop Dancing With the Devil?"],"prefix":"10.1109","volume":"19","author":[{"ORCID":"https:\/\/orcid.org\/0000-0002-1091-8486","authenticated-orcid":false,"given":"Fabio","family":"Massacci","sequence":"first","affiliation":[],"role":[{"role":"author","vocabulary":"crossref"}]},{"given":"Trent","family":"Jaeger","sequence":"additional","affiliation":[],"role":[{"role":"author","vocabulary":"crossref"}]},{"ORCID":"https:\/\/orcid.org\/0000-0003-3566-9719","authenticated-orcid":false,"given":"Sean","family":"Peisert","sequence":"additional","affiliation":[],"role":[{"role":"author","vocabulary":"crossref"}]}],"member":"263","reference":[{"key":"ref10","first-page":"1805","article-title":"CONFIRM: Evaluating compatibility and relevance of control-flow integrity protections for modern software","author":"xu","year":"0","journal-title":"Proc 28th USENIX Security Symp (USENIX Security)"},{"key":"ref11","year":"2020","journal-title":"macOS Big Sur"},{"key":"ref12","article-title":"Preventing privilege escalation","author":"provos","year":"0","journal-title":"Proc Usenix Security Symp"},{"key":"ref13","doi-asserted-by":"publisher","DOI":"10.1145\/3133956.3134066"},{"key":"ref14","doi-asserted-by":"publisher","DOI":"10.1145\/3319535.3354218"},{"key":"ref15","doi-asserted-by":"publisher","DOI":"10.1109\/SP.2019.00071"},{"key":"ref16","year":"2020","journal-title":"Highly evasive attacker leverages solarwinds supply chain to compromise multiple global victims with SUNBURST backdoor"},{"key":"ref17","doi-asserted-by":"publisher","DOI":"10.1145\/3368860.3368862"},{"key":"ref4","doi-asserted-by":"publisher","DOI":"10.1007\/s10664-015-9408-2"},{"key":"ref3","year":"0","journal-title":"Orion platform release notes"},{"key":"ref6","doi-asserted-by":"publisher","DOI":"10.1109\/SSCI.2016.7849908"},{"key":"ref5","doi-asserted-by":"publisher","DOI":"10.1109\/TSE.2018.2816033"},{"key":"ref8","doi-asserted-by":"publisher","DOI":"10.1145\/2093548.2093572"},{"key":"ref7","doi-asserted-by":"publisher","DOI":"10.1109\/DSN.2007.46"},{"key":"ref2","year":"0","journal-title":"Emergency directive 21-01"},{"key":"ref1","year":"0","journal-title":"Alert (AA20-352A) Advanced persistent threat compromise of government agencies critical infrastructure and private sector organizations"},{"key":"ref9","doi-asserted-by":"publisher","DOI":"10.1109\/TDSC.2015.2433252"}],"container-title":["IEEE Security & Privacy"],"original-title":[],"link":[{"URL":"https:\/\/ieeexplore.ieee.org\/ielam\/8013\/9382368\/9382358-aam.pdf","content-type":"application\/pdf","content-version":"am","intended-application":"syndication"},{"URL":"http:\/\/xplorestaging.ieee.org\/ielx7\/8013\/9382368\/09382358.pdf?arnumber=9382358","content-type":"unspecified","content-version":"vor","intended-application":"similarity-checking"}],"deposited":{"date-parts":[[2022,5,10]],"date-time":"2022-05-10T14:52:23Z","timestamp":1652194343000},"score":1,"resource":{"primary":{"URL":"https:\/\/ieeexplore.ieee.org\/document\/9382358\/"}},"subtitle":[],"short-title":[],"issued":{"date-parts":[[2021,3]]},"references-count":17,"journal-issue":{"issue":"2"},"URL":"https:\/\/doi.org\/10.1109\/msec.2021.3050433","relation":{},"ISSN":["1540-7993","1558-4046"],"issn-type":[{"value":"1540-7993","type":"print"},{"value":"1558-4046","type":"electronic"}],"subject":[],"published":{"date-parts":[[2021,3]]}}}