{"status":"ok","message-type":"work","message-version":"1.0.0","message":{"indexed":{"date-parts":[[2025,6,19]],"date-time":"2025-06-19T04:19:40Z","timestamp":1750306780903,"version":"3.41.0"},"publisher-location":"New York, NY, USA","reference-count":41,"publisher":"ACM","license":[{"start":{"date-parts":[[2013,12,9]],"date-time":"2013-12-09T00:00:00Z","timestamp":1386547200000},"content-version":"vor","delay-in-days":0,"URL":"https:\/\/www.acm.org\/publications\/policies\/copyright_policy#Background"}],"funder":[{"DOI":"10.13039\/100000144","name":"Division of Computer and Network Systems","doi-asserted-by":"publisher","award":["CNS-0916732, CNS-0964647"],"award-info":[{"award-number":["CNS-0916732, CNS-0964647"]}],"id":[{"id":"10.13039\/100000144","id-type":"DOI","asserted-by":"publisher"}]}],"content-domain":{"domain":["dl.acm.org"],"crossmark-restriction":true},"short-container-title":[],"published-print":{"date-parts":[[2013,12,9]]},"DOI":"10.1145\/2523649.2523663","type":"proceedings-article","created":{"date-parts":[[2014,1,6]],"date-time":"2014-01-06T20:44:07Z","timestamp":1389041047000},"page":"329-338","update-policy":"https:\/\/doi.org\/10.1145\/crossmark-policy","source":"Crossref","is-referenced-by-count":5,"title":["SilverLine"],"prefix":"10.1145","author":[{"given":"Yogesh","family":"Mundada","sequence":"first","affiliation":[{"name":"School of Computer Science, Georgia Tech"}]},{"given":"Anirudh","family":"Ramachandran","sequence":"additional","affiliation":[{"name":"Nouvou"}]},{"given":"Nick","family":"Feamster","sequence":"additional","affiliation":[{"name":"School of Computer Science, Georgia Tech"}]}],"member":"320","published-online":{"date-parts":[[2013,12,9]]},"reference":[{"key":"e_1_3_2_1_1_1","unstructured":"Amazon Relational Database Service. http:\/\/aws.amazon.com\/rds\/.  Amazon Relational Database Service. http:\/\/aws.amazon.com\/rds\/."},{"key":"e_1_3_2_1_2_1","volume-title":"http:\/\/attrition.org\/security\/rant\/sony_aka_sownage.html","author":"Sownage Absolute","year":"2011","unstructured":"Attrition.net. Absolute Sownage . http:\/\/attrition.org\/security\/rant\/sony_aka_sownage.html , 2011 . Attrition.net. Absolute Sownage. http:\/\/attrition.org\/security\/rant\/sony_aka_sownage.html, 2011."},{"key":"e_1_3_2_1_3_1","volume-title":"WebApps","author":"Burket J.","year":"2011","unstructured":"J. Burket , P. Mutchler , M. Weaver , M. Zaveri , and D. Evans . Guardrails: A data-centric web application security framework . In WebApps , 2011 . J. Burket, P. Mutchler, M. Weaver, M. Zaveri, and D. Evans. Guardrails: A data-centric web application security framework. In WebApps, 2011."},{"key":"e_1_3_2_1_4_1","unstructured":"V. Business. Verizon Data Breach Investigations Report. http:\/\/www.verizonbusiness.com\/resources\/reports\/rp_data-breach-investigations-report-2011_en_xg.pdf 2011.  V. Business. Verizon Data Breach Investigations Report. http:\/\/www.verizonbusiness.com\/resources\/reports\/rp_data-breach-investigations-report-2011_en_xg.pdf 2011."},{"key":"e_1_3_2_1_5_1","doi-asserted-by":"publisher","DOI":"10.1145\/800213.806532"},{"key":"e_1_3_2_1_6_1","volume-title":"18th Usenix Security Symposium","author":"Dalton M.","year":"2009","unstructured":"M. Dalton , N. Zeldovich , and C. Kozyrakis . Nemesis: Preventing authentication & access control vulnerabilities in web applications . In 18th Usenix Security Symposium , 2009 . M. Dalton, N. Zeldovich, and C. Kozyrakis. Nemesis: Preventing authentication & access control vulnerabilities in web applications. In 18th Usenix Security Symposium, 2009."},{"key":"e_1_3_2_1_7_1","volume-title":"Proceedings of the USENIX Conference on Web Applications","author":"Davis B.","year":"2010","unstructured":"B. Davis and H. Chen . Dbtaint: Cross-application information flow tracking via databases . In Proceedings of the USENIX Conference on Web Applications , June 2010 . B. Davis and H. Chen. Dbtaint: Cross-application information flow tracking via databases. In Proceedings of the USENIX Conference on Web Applications, June 2010."},{"key":"e_1_3_2_1_8_1","doi-asserted-by":"publisher","DOI":"10.1145\/360051.360056"},{"key":"e_1_3_2_1_9_1","unstructured":"L. Dignan. Sony's data breach costs. http:\/\/www.zdnet.com\/blog\/btl\/sonys-data-breach-costs-likely-to-scream-higher\/49161 2011.  L. Dignan. Sony's data breach costs. http:\/\/www.zdnet.com\/blog\/btl\/sonys-data-breach-costs-likely-to-scream-higher\/49161 2011."},{"key":"e_1_3_2_1_10_1","volume-title":"Symposium on Operating Systems Principles (SOSP)","author":"Enck W.","year":"2010","unstructured":"W. Enck , P. Gilbert , B. gon Chun , L. P. Cox , J. Jung , P. McDaniel , and A. N. Sheth . Taintdroid: An information-flow tracking system for realtime privacy monitoring on smartphones . In Symposium on Operating Systems Principles (SOSP) , Oct. 2010 . W. Enck, P. Gilbert, B. gon Chun, L. P. Cox, J. Jung, P. McDaniel, and A. N. Sheth. Taintdroid: An information-flow tracking system for realtime privacy monitoring on smartphones. In Symposium on Operating Systems Principles (SOSP), Oct. 2010."},{"key":"e_1_3_2_1_11_1","unstructured":"Floodlight OpenFlow Controller. http:\/\/floodlight.openflowhub.org\/.  Floodlight OpenFlow Controller. http:\/\/floodlight.openflowhub.org\/."},{"key":"e_1_3_2_1_12_1","volume-title":"Proceedings of the USENIX Annual Technical Conference","author":"Hicks B.","year":"2007","unstructured":"B. Hicks , S. Rueda , T. Jaeger , and P. McDaniel . From Trusted to Secure: Building Applications that Enforce System Security . In Proceedings of the USENIX Annual Technical Conference , Santa Clara, CA , June 2007 . B. Hicks, S. Rueda, T. Jaeger, and P. McDaniel. From Trusted to Secure: Building Applications that Enforce System Security. In Proceedings of the USENIX Annual Technical Conference, Santa Clara, CA, June 2007."},{"key":"e_1_3_2_1_13_1","unstructured":"InformationWeek. Stanford Hospital Breach Exposes 20 000 ER Records. http:\/\/www.informationweek.com\/news\/security\/attacks\/231601110 2011.  InformationWeek. Stanford Hospital Breach Exposes 20 000 ER Records. http:\/\/www.informationweek.com\/news\/security\/attacks\/231601110 2011."},{"key":"e_1_3_2_1_14_1","unstructured":"T. Inquirer. Citibank Hacked by altering URLs. http:\/\/www.theinquirer.net\/inquirer\/news\/2079431\/citibank-hacked-altering-urls 2011.  T. Inquirer. Citibank Hacked by altering URLs. http:\/\/www.theinquirer.net\/inquirer\/news\/2079431\/citibank-hacked-altering-urls 2011."},{"key":"e_1_3_2_1_15_1","doi-asserted-by":"publisher","DOI":"10.1109\/ICDCS.2006.69"},{"key":"e_1_3_2_1_16_1","doi-asserted-by":"publisher","DOI":"10.1145\/1455770.1455806"},{"key":"e_1_3_2_1_17_1","volume-title":"In Proceedings of WOWCS","author":"Kohler E.","year":"2008","unstructured":"E. Kohler . Hot crap! In In Proceedings of WOWCS , Apr. 2008 . E. Kohler. Hot crap! In In Proceedings of WOWCS, Apr. 2008."},{"key":"e_1_3_2_1_18_1","doi-asserted-by":"publisher","DOI":"10.1145\/1294261.1294293"},{"key":"e_1_3_2_1_19_1","volume-title":"USENIX NSDI","author":"Monsanto C.","year":"2013","unstructured":"C. Monsanto , J. Reich , N. Foster , J. Rexford , and D. Walker . Composing Software-Defined Networks . In USENIX NSDI , 2013 . C. Monsanto, J. Reich, N. Foster, J. Rexford, and D. Walker. Composing Software-Defined Networks. In USENIX NSDI, 2013."},{"key":"e_1_3_2_1_20_1","doi-asserted-by":"publisher","DOI":"10.1145\/292540.292561"},{"key":"e_1_3_2_1_21_1","unstructured":"MySQL Proxy. http:\/\/forge.mysql.com\/wiki\/MySQL_Proxy.  MySQL Proxy. http:\/\/forge.mysql.com\/wiki\/MySQL_Proxy."},{"key":"e_1_3_2_1_22_1","volume-title":"Proceedings of the Network and Distributed System Security Symposium (NDSS)","author":"Newsome J.","year":"2005","unstructured":"J. Newsome and D. X. Song . Dynamic Taint Analysis for Automatic Detection, Analysis, and Signature Generation of Exploits on Commodity Software . In Proceedings of the Network and Distributed System Security Symposium (NDSS) , San Diego, CA , 2005 . J. Newsome and D. X. Song. Dynamic Taint Analysis for Automatic Detection, Analysis, and Signature Generation of Exploits on Commodity Software. In Proceedings of the Network and Distributed System Security Symposium (NDSS), San Diego, CA, 2005."},{"key":"e_1_3_2_1_23_1","volume-title":"http:\/\/www.openflowswitch.org\/","author":"OpenFlow Switch Consortium","year":"2008","unstructured":"OpenFlow Switch Consortium . http:\/\/www.openflowswitch.org\/ , 2008 . OpenFlow Switch Consortium. http:\/\/www.openflowswitch.org\/, 2008."},{"key":"e_1_3_2_1_24_1","unstructured":"osCommerce: Open Source online shop e-commerce solution. http:\/\/www.oscommerce.com\/.  osCommerce: Open Source online shop e-commerce solution. http:\/\/www.oscommerce.com\/."},{"key":"e_1_3_2_1_25_1","volume-title":"OWASP Top 10 Application Security Risks -","author":"OWASP.","year":"2010","unstructured":"OWASP. OWASP Top 10 Application Security Risks - 2010 . https:\/\/www.owasp.org\/index.php\/Top_10_2010-Main, 2010. OWASP. OWASP Top 10 Application Security Risks - 2010. https:\/\/www.owasp.org\/index.php\/Top_10_2010-Main, 2010."},{"key":"e_1_3_2_1_26_1","volume-title":"2nd USENIX Conference on Web Application Development (WebApps)","author":"Papagiannis I.","year":"2011","unstructured":"I. Papagiannis , M. Migliavacca , and P. Pietzuch . Php aspis: Using partial taint tracking to protect against injection attacks . In 2nd USENIX Conference on Web Application Development (WebApps) , June 2011 . I. Papagiannis, M. Migliavacca, and P. Pietzuch. Php aspis: Using partial taint tracking to protect against injection attacks. In 2nd USENIX Conference on Web Application Development (WebApps), June 2011."},{"key":"e_1_3_2_1_27_1","doi-asserted-by":"publisher","DOI":"10.1109\/SP.2009.21"},{"key":"e_1_3_2_1_28_1","volume-title":"Proc. 12th USENIX Security Symposium","author":"Broadwell P.","year":"2003","unstructured":"P. Broadwell , M. Harren , N. Sastry . Scrash : A system for generating security crash information . In Proc. 12th USENIX Security Symposium , Washington, DC , Aug. 2003 . P. Broadwell, M. Harren, N. Sastry. Scrash: A system for generating security crash information. In Proc. 12th USENIX Security Symposium, Washington, DC, Aug. 2003."},{"key":"e_1_3_2_1_29_1","doi-asserted-by":"publisher","DOI":"10.1145\/2043556.2043566"},{"key":"e_1_3_2_1_30_1","unstructured":"POX OpenFlow controller. http:\/\/www.noxrepo.org\/pox\/about-pox\/.  POX OpenFlow controller. http:\/\/www.noxrepo.org\/pox\/about-pox\/."},{"key":"e_1_3_2_1_31_1","unstructured":"Redis. http:\/\/redis.io\/.  Redis. http:\/\/redis.io\/."},{"key":"e_1_3_2_1_32_1","unstructured":"Redis Benchmarks. https:\/\/code.google.com\/p\/redis\/wiki\/Benchmarks.  Redis Benchmarks. https:\/\/code.google.com\/p\/redis\/wiki\/Benchmarks."},{"key":"e_1_3_2_1_33_1","volume-title":"Proc. 10th USENIX Security Symposium","author":"Shankar U.","year":"2001","unstructured":"U. Shankar , K. Talwar , J. Foster , D. Wagner . Detecting format string vulnerabilities with type qualifiers . In Proc. 10th USENIX Security Symposium , Washington, DC , Aug. 2001 . U. Shankar, K. Talwar, J. Foster, D. Wagner. Detecting format string vulnerabilities with type qualifiers. In Proc. 10th USENIX Security Symposium, Washington, DC, Aug. 2001."},{"key":"e_1_3_2_1_34_1","doi-asserted-by":"publisher","DOI":"10.1145\/1314299.1314302"},{"key":"e_1_3_2_1_35_1","doi-asserted-by":"publisher","DOI":"10.1145\/174613.174614"},{"key":"e_1_3_2_1_36_1","volume-title":"Proc. 11th USENIX Security Symposium","author":"Wright C.","year":"2002","unstructured":"C. Wright , C. Cowan , S. Smalley , J. Morris , and G. Kroah-Hartman . Linux Security Modules: General Security Support for the Linux Kernel . In Proc. 11th USENIX Security Symposium , San Francisco, CA , Aug. 2002 . C. Wright, C. Cowan, S. Smalley, J. Morris, and G. Kroah-Hartman. Linux Security Modules: General Security Support for the Linux Kernel. In Proc. 11th USENIX Security Symposium, San Francisco, CA, Aug. 2002."},{"key":"e_1_3_2_1_37_1","doi-asserted-by":"publisher","DOI":"10.1145\/1315245.1315261"},{"key":"e_1_3_2_1_38_1","doi-asserted-by":"publisher","DOI":"10.1145\/1629575.1629604"},{"key":"e_1_3_2_1_39_1","volume-title":"Proc. 7th USENIX OSDI","author":"Zeldovich N.","year":"2006","unstructured":"N. Zeldovich , S. Boyd-Wickizer , E. Kohler , and D. Mazieres . Making Information Flow Explicit in HiStar . In Proc. 7th USENIX OSDI , Seattle, WA , Nov. 2006 . N. Zeldovich, S. Boyd-Wickizer, E. Kohler, and D. Mazieres. Making Information Flow Explicit in HiStar. In Proc. 7th USENIX OSDI, Seattle, WA, Nov. 2006."},{"key":"e_1_3_2_1_40_1","volume-title":"Proc. 5th USENIX NSDI","author":"Zeldovich N.","year":"2008","unstructured":"N. Zeldovich , S. Boyd-Wickizer , and D. Mazieres . Securing Distributed Systems with Information Flow Control . In Proc. 5th USENIX NSDI , San Francisco, CA , Apr. 2008 . N. Zeldovich, S. Boyd-Wickizer, and D. Mazieres. Securing Distributed Systems with Information Flow Control. In Proc. 5th USENIX NSDI, San Francisco, CA, Apr. 2008."},{"key":"e_1_3_2_1_41_1","doi-asserted-by":"publisher","DOI":"10.1145\/1735997.1736008"}],"event":{"name":"ACSAC '13: Annual Computer Security Applications Conference","sponsor":["ACSA Applied Computing Security Assoc"],"location":"New Orleans Louisiana USA","acronym":"ACSAC '13"},"container-title":["Proceedings of the 29th Annual Computer Security Applications Conference"],"original-title":[],"link":[{"URL":"https:\/\/dl.acm.org\/doi\/10.1145\/2523649.2523663","content-type":"unspecified","content-version":"vor","intended-application":"text-mining"},{"URL":"https:\/\/dl.acm.org\/doi\/pdf\/10.1145\/2523649.2523663","content-type":"unspecified","content-version":"vor","intended-application":"similarity-checking"}],"deposited":{"date-parts":[[2025,6,18]],"date-time":"2025-06-18T07:34:03Z","timestamp":1750232043000},"score":1,"resource":{"primary":{"URL":"https:\/\/dl.acm.org\/doi\/10.1145\/2523649.2523663"}},"subtitle":["preventing data leaks from compromised web applications"],"short-title":[],"issued":{"date-parts":[[2013,12,9]]},"references-count":41,"alternative-id":["10.1145\/2523649.2523663","10.1145\/2523649"],"URL":"https:\/\/doi.org\/10.1145\/2523649.2523663","relation":{},"subject":[],"published":{"date-parts":[[2013,12,9]]},"assertion":[{"value":"2013-12-09","order":2,"name":"published","label":"Published","group":{"name":"publication_history","label":"Publication History"}}]}}