{"status":"ok","message-type":"work","message-version":"1.0.0","message":{"indexed":{"date-parts":[[2025,12,4]],"date-time":"2025-12-04T07:56:51Z","timestamp":1764835011821,"version":"3.46.0"},"reference-count":23,"publisher":"IEEE","license":[{"start":{"date-parts":[[2025,8,26]],"date-time":"2025-08-26T00:00:00Z","timestamp":1756166400000},"content-version":"stm-asf","delay-in-days":0,"URL":"https:\/\/doi.org\/10.15223\/policy-029"},{"start":{"date-parts":[[2025,8,26]],"date-time":"2025-08-26T00:00:00Z","timestamp":1756166400000},"content-version":"stm-asf","delay-in-days":0,"URL":"https:\/\/doi.org\/10.15223\/policy-037"}],"content-domain":{"domain":[],"crossmark-restriction":false},"short-container-title":[],"published-print":{"date-parts":[[2025,8,26]]},"DOI":"10.1109\/pst65910.2025.11268879","type":"proceedings-article","created":{"date-parts":[[2025,12,3]],"date-time":"2025-12-03T18:40:04Z","timestamp":1764787204000},"page":"1-10","source":"Crossref","is-referenced-by-count":0,"title":["Houdini: Benchmarking Container Security Confinement"],"prefix":"10.1109","author":[{"given":"Huzaifa","family":"Patel","sequence":"first","affiliation":[{"name":"Carleton University,School of Computer Science,Ottawa,Canada"}]},{"given":"David","family":"Barrera","sequence":"additional","affiliation":[{"name":"Carleton University,School of Computer Science,Ottawa,Canada"}]},{"given":"Anil","family":"Somayaji","sequence":"additional","affiliation":[{"name":"Carleton University,School of Computer Science,Ottawa,Canada"}]}],"member":"263","reference":[{"journal-title":"CIS Docker Benchmark","article-title":"Cis docker benchmark","year":"2024","key":"ref1"},{"key":"ref2","doi-asserted-by":"publisher","DOI":"10.1109\/2.869367"},{"key":"ref3","doi-asserted-by":"publisher","DOI":"10.1007\/978-3-642-18206-8_1"},{"key":"ref4","article-title":"Clair: Vulnerability static analysis for containers"},{"key":"ref5","article-title":"Bpfcontain: Fixing the soft underbelly of container security","author":"Findlay","year":"2021","journal-title":"arXiv preprint arXiv:2102.06972"},{"volume-title":"Buildroot: Making Embedded Linux Easy","year":"2024","key":"ref6"},{"first-page":"2024","article-title":"Open Containers Maintainers. runc: File descriptor leak leading to container breakout (CVE-2024-21626)","year":"2024","key":"ref7"},{"volume-title":"Trivy: A simple and comprehensive vulnerability scanner for containers and other artifacts","key":"ref8"},{"key":"ref9","article-title":"Docker bench for security: A security testing tool for docker"},{"key":"ref10","article-title":"Kube-bench: Checks whether kubernetes is deployed securely"},{"year":"2025","key":"ref11","article-title":"Continuous integration and delivery platform"},{"key":"ref12","doi-asserted-by":"publisher","DOI":"10.1145\/3029806.3029832"},{"issue":"1","key":"ref13","first-page":"61","article-title":"A novel venom attack identification mechanism in cloud virtualization environment. Communications of the CCISA","volume":"24","author":"Abdoul-Kader","year":"2018"},{"year":"2018","key":"ref14","article-title":"Vmware virtual machine escape vulnerabilities: Cve-2018-6981 and cve-2018-6982"},{"year":"2017","key":"ref15","article-title":"10 new vm escape vulnerabilities discovered in virtualbox"},{"key":"ref16","article-title":"MDS: Microarchitectural Data Sampling","author":"Lipp","year":"2019","journal-title":"IEEE S&P"},{"article-title":"SEVered: Subverting AMD\u2019s Virtual Machine Encryption","volume-title":"USENIX Security Symposium","author":"D\u00f6rre","key":"ref17"},{"volume-title":"Heckler Attack: Breaking AMD SEV-SNP and Intel TDX with Non-Timer Interrupts.","year":"2024","author":"Amit","key":"ref18"},{"article-title":"Analysis of a chrome zero day: Cve-2019-5786","year":"2019","author":"Laulheret","key":"ref19"},{"article-title":"Uncovering a macOS App Sandbox Escape Vulnerability: A Deep Dive into CVE-2022-26706","year":"2022","author":"Or","key":"ref20"},{"article-title":"Escaping the Sandbox: A Bug That Speaks for Itself","year":"2023","author":"Forshaw","key":"ref21"},{"article-title":"Sandbox Escape Vulnerabilities in Judge0 Expose Systems to Complete Takeover","year":"2024","author":"Lakshmanan","key":"ref22"},{"journal-title":"Vm2 sandbox escape vulnerability - outbreak alert","year":"2023","key":"ref23"}],"event":{"name":"2025 22nd Annual International Conference on Privacy, Security, and Trust (PST)","start":{"date-parts":[[2025,8,26]]},"location":"Fredericton, NB, Canada","end":{"date-parts":[[2025,8,28]]}},"container-title":["2025 22nd Annual International Conference on Privacy, Security, and Trust (PST)"],"original-title":[],"link":[{"URL":"http:\/\/xplorestaging.ieee.org\/ielx8\/11268482\/11268814\/11268879.pdf?arnumber=11268879","content-type":"unspecified","content-version":"vor","intended-application":"similarity-checking"}],"deposited":{"date-parts":[[2025,12,4]],"date-time":"2025-12-04T07:50:55Z","timestamp":1764834655000},"score":1,"resource":{"primary":{"URL":"https:\/\/ieeexplore.ieee.org\/document\/11268879\/"}},"subtitle":[],"short-title":[],"issued":{"date-parts":[[2025,8,26]]},"references-count":23,"URL":"https:\/\/doi.org\/10.1109\/pst65910.2025.11268879","relation":{},"subject":[],"published":{"date-parts":[[2025,8,26]]}}}