{"status":"ok","message-type":"work","message-version":"1.0.0","message":{"indexed":{"date-parts":[[2026,1,20]],"date-time":"2026-01-20T21:22:21Z","timestamp":1768944141083,"version":"3.49.0"},"reference-count":19,"publisher":"IEEE","license":[{"start":{"date-parts":[[2025,9,19]],"date-time":"2025-09-19T00:00:00Z","timestamp":1758240000000},"content-version":"stm-asf","delay-in-days":0,"URL":"https:\/\/doi.org\/10.15223\/policy-029"},{"start":{"date-parts":[[2025,9,19]],"date-time":"2025-09-19T00:00:00Z","timestamp":1758240000000},"content-version":"stm-asf","delay-in-days":0,"URL":"https:\/\/doi.org\/10.15223\/policy-037"}],"content-domain":{"domain":[],"crossmark-restriction":false},"short-container-title":[],"published-print":{"date-parts":[[2025,9,19]]},"DOI":"10.1109\/seeda-cecnsm68644.2025.11329724","type":"proceedings-article","created":{"date-parts":[[2026,1,19]],"date-time":"2026-01-19T20:52:03Z","timestamp":1768855923000},"page":"1-6","source":"Crossref","is-referenced-by-count":0,"title":["Beyond Container CVE Analysis: A GitOps-Based Attestation and Sandbox Framework for Container Supply Chains"],"prefix":"10.1109","author":[{"given":"Evangelos","family":"Syrmos","sequence":"first","affiliation":[{"name":"K3Y,Sofia,Studentski District,Bulgaria,1700"}]},{"given":"Panagiotis","family":"Radoglou-Grammatikis","sequence":"additional","affiliation":[{"name":"K3Y,Sofia,Studentski District,Bulgaria,1700"}]},{"given":"Efklidis","family":"Katsaros","sequence":"additional","affiliation":[{"name":"K3Y,Sofia,Studentski District,Bulgaria,1700"}]},{"given":"Jyoti Sekhar","family":"Banerjee","sequence":"additional","affiliation":[{"name":"Bengal Institute of Technology,Department of Computer Science and Engineering (AI & ML),Kolkata,India"}]},{"given":"Anastasia","family":"Kazakli","sequence":"additional","affiliation":[{"name":"K3Y,Sofia,Studentski District,Bulgaria,1700"}]},{"given":"Konstandinos","family":"Panitsidis","sequence":"additional","affiliation":[{"name":"University of Western Macedonia,Department of Management Science & Technology,Kozani,Greece,50100"}]},{"given":"Vasileios","family":"Vitsas","sequence":"additional","affiliation":[{"name":"International Hellenic University,Department of Information and Electronic Systems Engineering,Thessaloniki,Greece,57400"}]},{"given":"Panagiotis","family":"Sarigiannidis","sequence":"additional","affiliation":[{"name":"University of Western Macedonia,Department of Electrical and Computer Engineering,Kozani,Greece,50100"}]}],"member":"263","reference":[{"key":"ref1","doi-asserted-by":"publisher","DOI":"10.1109\/ACCESS.2021.3137671"},{"key":"ref2","volume-title":"Secure software development framework (ssdf)","author":"Murugiah","year":"2025"},{"key":"ref3","article-title":"International Organization for Standardization","volume-title":"ISO\/IEC 27001:2022 information security, cybersecurity and privacy protection\u2014information security management systems\u2014requirements","year":"2025"},{"key":"ref4","volume-title":"Top 10 container security issues","year":"2025"},{"key":"ref5","volume-title":"Threat alert: Supply chain attacks using container images","year":"2025"},{"key":"ref6","doi-asserted-by":"publisher","DOI":"10.1109\/SEC54971.2022.00025"},{"key":"ref7","doi-asserted-by":"publisher","DOI":"10.1109\/SIN60469.2023.10474901"},{"key":"ref8","volume-title":"Top container security vulnerabilities and how to solve them","year":"2024"},{"key":"ref9","volume-title":"Trivy a versatile security scanner","year":"2025"},{"key":"ref10","volume-title":"A vulnerability scanner for container images and filesystems","year":"2025"},{"key":"ref11","volume-title":"Clair static analysis of vulnerabilities in application containers","year":"2025"},{"key":"ref12","volume-title":"Dynamic threat analysis for container images: Uncovering hidden risks","author":"Bismut","year":"2025"},{"key":"ref13","volume-title":"Threat alert: Kinsing malware attacks targeting container environments","author":"Singer","year":"2025"},{"key":"ref14","doi-asserted-by":"publisher","DOI":"10.1109\/IOTSMS48152.2019.8939164"},{"key":"ref15","article-title":"Study of firecracker microvm","volume":"abs\/2005.12821","author":"Jain","year":"2020","journal-title":"CoRR"},{"key":"ref16","doi-asserted-by":"crossref","first-page":"104193","DOI":"10.1016\/j.cose.2024.104193","article-title":"Beyond the sandbox: Leveraging symbolic execution for evasive malware classification","volume":"149","author":"Vouvoutsis","year":"2025","journal-title":"Computers & Security"},{"key":"ref17","volume-title":"Malware detection in docker containers: An image is worth a thousand logs","author":"Nousias","year":"2025"},{"key":"ref18","volume-title":"NVD\u2014cve-2019\u20135736\u2014nvd.nist.gov","year":"2025"},{"key":"ref19","doi-asserted-by":"publisher","DOI":"10.1109\/SIN60469.2023.10474901"}],"event":{"name":"2025 10th South-East Europe Design Automation, Computer Engineering, Computer Networks and Social Media Conference (SEEDA-CECNSM)","location":"Patras, Greece","start":{"date-parts":[[2025,9,19]]},"end":{"date-parts":[[2025,9,21]]}},"container-title":["2025 10th South-East Europe Design Automation, Computer Engineering, Computer Networks and Social Media Conference (SEEDA-CECNSM)"],"original-title":[],"link":[{"URL":"http:\/\/xplorestaging.ieee.org\/ielx8\/11329446\/11329556\/11329724.pdf?arnumber=11329724","content-type":"unspecified","content-version":"vor","intended-application":"similarity-checking"}],"deposited":{"date-parts":[[2026,1,20]],"date-time":"2026-01-20T08:15:47Z","timestamp":1768896947000},"score":1,"resource":{"primary":{"URL":"https:\/\/ieeexplore.ieee.org\/document\/11329724\/"}},"subtitle":[],"short-title":[],"issued":{"date-parts":[[2025,9,19]]},"references-count":19,"URL":"https:\/\/doi.org\/10.1109\/seeda-cecnsm68644.2025.11329724","relation":{},"subject":[],"published":{"date-parts":[[2025,9,19]]}}}