{"status":"ok","message-type":"work","message-version":"1.0.0","message":{"indexed":{"date-parts":[[2025,11,18]],"date-time":"2025-11-18T12:17:52Z","timestamp":1763468272649,"version":"3.41.0"},"publisher-location":"New York, NY, USA","reference-count":28,"publisher":"ACM","license":[{"start":{"date-parts":[[2015,10,12]],"date-time":"2015-10-12T00:00:00Z","timestamp":1444608000000},"content-version":"vor","delay-in-days":0,"URL":"https:\/\/www.acm.org\/publications\/policies\/copyright_policy#Background"}],"funder":[{"DOI":"10.13039\/100000001","name":"National Science Foundation","doi-asserted-by":"publisher","award":["CNS-1117106"],"award-info":[{"award-number":["CNS-1117106"]}],"id":[{"id":"10.13039\/100000001","id-type":"DOI","asserted-by":"publisher"}]}],"content-domain":{"domain":["dl.acm.org"],"crossmark-restriction":true},"short-container-title":[],"published-print":{"date-parts":[[2015,10,12]]},"DOI":"10.1145\/2810103.2813609","type":"proceedings-article","created":{"date-parts":[[2015,10,6]],"date-time":"2015-10-06T15:22:12Z","timestamp":1444144932000},"page":"31-43","update-policy":"https:\/\/doi.org\/10.1145\/crossmark-policy","source":"Crossref","is-referenced-by-count":22,"title":["Cracking App Isolation on Apple"],"prefix":"10.1145","author":[{"given":"Luyi","family":"Xing","sequence":"first","affiliation":[{"name":"Indiana University Bloomington, Bloomington, IN, USA"}]},{"given":"Xiaolong","family":"Bai","sequence":"additional","affiliation":[{"name":"Indiana University Bloomington, Tsinghua University, Bloomington, IN, USA"}]},{"given":"Tongxin","family":"Li","sequence":"additional","affiliation":[{"name":"Peking University, Beijing, China"}]},{"given":"XiaoFeng","family":"Wang","sequence":"additional","affiliation":[{"name":"Indiana University Bloomington, Bloomington, IN, USA"}]},{"given":"Kai","family":"Chen","sequence":"additional","affiliation":[{"name":"Indiana University Bloomington, Chinese Academy of Science, Bloomington, IN, USA"}]},{"given":"Xiaojing","family":"Liao","sequence":"additional","affiliation":[{"name":"Georgia Institute of Technology, Atlanta, USA"}]},{"given":"Shi-Min","family":"Hu","sequence":"additional","affiliation":[{"name":"Tsinghua University, Beijing, China"}]},{"given":"Xinhui","family":"Han","sequence":"additional","affiliation":[{"name":"Peking University, Beijing, China"}]}],"member":"320","published-online":{"date-parts":[[2015,10,12]]},"reference":[{"key":"e_1_3_2_1_1_1","unstructured":"1Password - Password Manager and Secure Wallet. https:\/\/itunes.apple.com\/us\/app\/1password-password-manager\/id443987910?mt=12.  1Password - Password Manager and Secure Wallet. https:\/\/itunes.apple.com\/us\/app\/1password-password-manager\/id443987910?mt=12."},{"key":"e_1_3_2_1_2_1","unstructured":"Clutch. https:\/\/github.com\/KJCracks\/Clutch.  Clutch. https:\/\/github.com\/KJCracks\/Clutch."},{"key":"e_1_3_2_1_3_1","unstructured":"CocoaHTTPServer. https:\/\/github.com\/robbiehanson\/CocoaHTTPServer.  CocoaHTTPServer. https:\/\/github.com\/robbiehanson\/CocoaHTTPServer."},{"key":"e_1_3_2_1_4_1","unstructured":"Code Signing Services Reference. https:\/\/developer.apple.com\/library\/mac\/documentation\/Security\/Reference\/CodeSigningRef\/index.html#\/\/apple_ref\/doc\/constant_group\/Attribute_Selector_Dictionary_Keys.  Code Signing Services Reference. https:\/\/developer.apple.com\/library\/mac\/documentation\/Security\/Reference\/CodeSigningRef\/index.html#\/\/apple_ref\/doc\/constant_group\/Attribute_Selector_Dictionary_Keys."},{"key":"e_1_3_2_1_5_1","unstructured":"CWE-283: Unverified Ownership. https:\/\/cwe.mitre.org\/data\/definitions\/283.html.  CWE-283: Unverified Ownership. https:\/\/cwe.mitre.org\/data\/definitions\/283.html."},{"key":"e_1_3_2_1_6_1","unstructured":"CWE-377: Insecure Temporary File. https:\/\/cwe.mitre.org\/data\/definitions\/377.html.  CWE-377: Insecure Temporary File. https:\/\/cwe.mitre.org\/data\/definitions\/377.html."},{"key":"e_1_3_2_1_7_1","unstructured":"DTRACE. https:\/\/developer.apple.com\/library\/mac\/documentation\/Darwin\/Reference\/ManPages\/man1\/dtrace.1.html.  DTRACE. https:\/\/developer.apple.com\/library\/mac\/documentation\/Darwin\/Reference\/ManPages\/man1\/dtrace.1.html."},{"key":"e_1_3_2_1_8_1","unstructured":"Hopper V3 the OSX and Linux Disassembler. http:\/\/www.hopperapp.com\/.  Hopper V3 the OSX and Linux Disassembler. http:\/\/www.hopperapp.com\/."},{"key":"e_1_3_2_1_9_1","unstructured":"Insecure Handling of URL Schemes in Apple's iOS. http:\/\/software-security.sans.org\/blog\/2010\/11\/08\/insecure-handling-url-schemes-apples-ios\/.  Insecure Handling of URL Schemes in Apple's iOS. http:\/\/software-security.sans.org\/blog\/2010\/11\/08\/insecure-handling-url-schemes-apples-ios\/."},{"key":"e_1_3_2_1_10_1","unstructured":"iOS Masque Attack Revived: Bypassing Prompt for Trust and App URL Scheme Hijacking. https:\/\/www.fireeye.com\/blog\/threat-research\/2015\/02\/ios_masque_attackre.html.  iOS Masque Attack Revived: Bypassing Prompt for Trust and App URL Scheme Hijacking. https:\/\/www.fireeye.com\/blog\/threat-research\/2015\/02\/ios_masque_attackre.html."},{"key":"e_1_3_2_1_11_1","unstructured":"Keychain Services Reference. https:\/\/developer.apple.com\/library\/mac\/documentation\/Security\/Reference\/keychainservices\/index.html#\/\/apple_ref\/c\/func\/SecKeychainItemDelete.  Keychain Services Reference. https:\/\/developer.apple.com\/library\/mac\/documentation\/Security\/Reference\/keychainservices\/index.html#\/\/apple_ref\/c\/func\/SecKeychainItemDelete."},{"key":"e_1_3_2_1_12_1","unstructured":"OS X ABI Mach-O File Format Reference. https:\/\/developer.apple.com\/library\/mac\/documentation\/DeveloperTools\/Conceptual\/MachORuntime\/index.html#\/\/apple_ref\/doc\/uid\/TP40000895.  OS X ABI Mach-O File Format Reference. https:\/\/developer.apple.com\/library\/mac\/documentation\/DeveloperTools\/Conceptual\/MachORuntime\/index.html#\/\/apple_ref\/doc\/uid\/TP40000895."},{"key":"e_1_3_2_1_13_1","unstructured":"OS X Keychain Services Tasks. https:\/\/developer.apple.com\/library\/ios\/documentation\/Security\/Conceptual\/keychainServConcepts\/03tasks\/tasks.html#\/\/apple_ref\/doc\/uid\/TP30000897-CH205-TP9.  OS X Keychain Services Tasks. https:\/\/developer.apple.com\/library\/ios\/documentation\/Security\/Conceptual\/keychainServConcepts\/03tasks\/tasks.html#\/\/apple_ref\/doc\/uid\/TP30000897-CH205-TP9."},{"key":"e_1_3_2_1_14_1","unstructured":"QtWebKit. http:\/\/qt-project.org\/wiki\/QtWebSockets.  QtWebKit. http:\/\/qt-project.org\/wiki\/QtWebSockets."},{"key":"e_1_3_2_1_15_1","unstructured":"Supporting materials. https:\/\/sites.google.com\/site\/xarasubmission\/.  Supporting materials. https:\/\/sites.google.com\/site\/xarasubmission\/."},{"key":"e_1_3_2_1_16_1","unstructured":"The WebSocket API. http:\/\/www.w3.org\/TR\/websockets\/.  The WebSocket API. http:\/\/www.w3.org\/TR\/websockets\/."},{"key":"e_1_3_2_1_17_1","doi-asserted-by":"publisher","DOI":"10.1145\/1999995.2000018"},{"key":"e_1_3_2_1_18_1","doi-asserted-by":"publisher","DOI":"10.5555\/1949317.1949356"},{"key":"e_1_3_2_1_19_1","volume-title":"Proceedings of the Network and Distributed System Security Symposium (NDSS)","author":"Egele M.","year":"2011","unstructured":"M. Egele , C. Kruegel , E. Kirda , and G. Vigna . PiOS: Detecting Privacy Leaks in iOS Applications . In Proceedings of the Network and Distributed System Security Symposium (NDSS) , San Diego, CA , February 2011 . M. Egele, C. Kruegel, E. Kirda, and G. Vigna. PiOS: Detecting Privacy Leaks in iOS Applications. In Proceedings of the Network and Distributed System Security Symposium (NDSS), San Diego, CA, February 2011."},{"key":"e_1_3_2_1_20_1","volume-title":"USENIX Security Symposium","author":"Felt A. P.","year":"2011","unstructured":"A. P. Felt , H. J. Wang , A. Moshchuk , S. Hanna , and E. Chin . Permission re-delegation: Attacks and defenses . In USENIX Security Symposium , 2011 . A. P. Felt, H. J. Wang, A. Moshchuk, S. Hanna, and E. Chin. Permission re-delegation: Attacks and defenses. In USENIX Security Symposium, 2011."},{"key":"e_1_3_2_1_21_1","volume-title":"the 19th Annual Symposium on Network and Distributed System Security","author":"Grace M.","year":"2012","unstructured":"M. Grace , Y. Zhou , Z. Wang , and X. Jiang . Systematic detection of capability leaks in stock android smartphones . In the 19th Annual Symposium on Network and Distributed System Security , 2012 . M. Grace, Y. Zhou, Z. Wang, and X. Jiang. Systematic detection of capability leaks in stock android smartphones. In the 19th Annual Symposium on Network and Distributed System Security, 2012."},{"key":"e_1_3_2_1_22_1","doi-asserted-by":"publisher","DOI":"10.1007\/978-3-642-38980-1_17"},{"volume-title":"Vijayakumar and Joshua Schiffman and Trent Jaeger. STING: Finding Name Resolution Vulnerabilities in Programs. In Proceedings of the 21st USENIX Security Symposium (USENIX Security 2012)","year":"2012","key":"e_1_3_2_1_23_1","unstructured":"Hayawardh Vijayakumar and Joshua Schiffman and Trent Jaeger. STING: Finding Name Resolution Vulnerabilities in Programs. In Proceedings of the 21st USENIX Security Symposium (USENIX Security 2012) , August 2012 . Hayawardh Vijayakumar and Joshua Schiffman and Trent Jaeger. STING: Finding Name Resolution Vulnerabilities in Programs. In Proceedings of the 21st USENIX Security Symposium (USENIX Security 2012), August 2012."},{"key":"e_1_3_2_1_24_1","doi-asserted-by":"publisher","DOI":"10.1145\/2382196.2382223"},{"key":"e_1_3_2_1_25_1","doi-asserted-by":"publisher","DOI":"10.1145\/2508859.2516727"},{"key":"e_1_3_2_1_26_1","volume-title":"23rd USENIX Security Symposium (USENIX Security 14)","author":"Wang T.","year":"2014","unstructured":"T. Wang , Y. Jang , Y. Chen , S. Chung , B. Lau , and W. Lee . On the feasibility of large-scale infections of ios devices . In 23rd USENIX Security Symposium (USENIX Security 14) , San Diego, CA , Aug. 2014 . USENIX Association. T. Wang, Y. Jang, Y. Chen, S. Chung, B. Lau, and W. Lee. On the feasibility of large-scale infections of ios devices. In 23rd USENIX Security Symposium (USENIX Security 14), San Diego, CA, Aug. 2014. USENIX Association."},{"key":"e_1_3_2_1_27_1","first-page":"559","volume-title":"Proceedings of the 22Nd USENIX Conference on Security, SEC'13","author":"Wang T.","year":"2013","unstructured":"T. Wang , K. Lu , L. Lu , S. Chung , and W. Lee . Jekyll on ios: When benign apps become evil . In Proceedings of the 22Nd USENIX Conference on Security, SEC'13 , pages 559 -- 572 , Berkeley, CA, USA , 2013 . USENIX Association. T. Wang, K. Lu, L. Lu, S. Chung, and W. Lee. Jekyll on ios: When benign apps become evil. In Proceedings of the 22Nd USENIX Conference on Security, SEC'13, pages 559--572, Berkeley, CA, USA, 2013. USENIX Association."},{"key":"e_1_3_2_1_28_1","doi-asserted-by":"publisher","DOI":"10.1109\/SP.2014.32"}],"event":{"name":"CCS'15: The 22nd ACM Conference on Computer and Communications Security","sponsor":["SIGSAC ACM Special Interest Group on Security, Audit, and Control"],"location":"Denver Colorado USA","acronym":"CCS'15"},"container-title":["Proceedings of the 22nd ACM SIGSAC Conference on Computer and Communications Security"],"original-title":[],"link":[{"URL":"https:\/\/dl.acm.org\/doi\/10.1145\/2810103.2813609","content-type":"unspecified","content-version":"vor","intended-application":"text-mining"},{"URL":"https:\/\/dl.acm.org\/doi\/pdf\/10.1145\/2810103.2813609","content-type":"unspecified","content-version":"vor","intended-application":"similarity-checking"}],"deposited":{"date-parts":[[2025,6,18]],"date-time":"2025-06-18T05:48:36Z","timestamp":1750225716000},"score":1,"resource":{"primary":{"URL":"https:\/\/dl.acm.org\/doi\/10.1145\/2810103.2813609"}},"subtitle":["Unauthorized Cross-App Resource Access on MAC OS~X and iOS"],"short-title":[],"issued":{"date-parts":[[2015,10,12]]},"references-count":28,"alternative-id":["10.1145\/2810103.2813609","10.1145\/2810103"],"URL":"https:\/\/doi.org\/10.1145\/2810103.2813609","relation":{},"subject":[],"published":{"date-parts":[[2015,10,12]]},"assertion":[{"value":"2015-10-12","order":2,"name":"published","label":"Published","group":{"name":"publication_history","label":"Publication History"}}]}}