{"status":"ok","message-type":"work","message-version":"1.0.0","message":{"indexed":{"date-parts":[[2025,11,18]],"date-time":"2025-11-18T09:35:01Z","timestamp":1763458501317,"version":"3.45.0"},"publisher-location":"New York, NY, USA","reference-count":53,"publisher":"ACM","license":[{"start":{"date-parts":[[2017,10,24]],"date-time":"2017-10-24T00:00:00Z","timestamp":1508803200000},"content-version":"vor","delay-in-days":365,"URL":"http:\/\/www.acm.org\/publications\/policies\/copyright_policy#Background"}],"funder":[{"DOI":"10.13039\/100000001","name":"National Science Foundation","doi-asserted-by":"publisher","award":["CNS-1253346"],"award-info":[{"award-number":["CNS-1253346"]}],"id":[{"id":"10.13039\/100000001","id-type":"DOI","asserted-by":"publisher"}]},{"DOI":"10.13039\/100000183","name":"Army Research Office","doi-asserted-by":"publisher","award":["W911NF-16-1-0299,W911NF-14-1-0537"],"award-info":[{"award-number":["W911NF-16-1-0299,W911NF-14-1-0537"]}],"id":[{"id":"10.13039\/100000183","id-type":"DOI","asserted-by":"publisher"}]},{"DOI":"10.13039\/501100004963","name":"Seventh Framework Programme","doi-asserted-by":"publisher","award":["643964"],"award-info":[{"award-number":["643964"]}],"id":[{"id":"10.13039\/501100004963","id-type":"DOI","asserted-by":"publisher"}]},{"DOI":"10.13039\/501100001659","name":"Deutsche Forschungsgemeinschaft","doi-asserted-by":"publisher","award":["CRC1119"],"award-info":[{"award-number":["CRC1119"]}],"id":[{"id":"10.13039\/501100001659","id-type":"DOI","asserted-by":"publisher"}]}],"content-domain":{"domain":["dl.acm.org"],"crossmark-restriction":true},"short-container-title":[],"published-print":{"date-parts":[[2016,10,24]]},"DOI":"10.1145\/2976749.2978336","type":"proceedings-article","created":{"date-parts":[[2016,10,25]],"date-time":"2016-10-25T08:46:35Z","timestamp":1477385195000},"page":"704-716","update-policy":"https:\/\/doi.org\/10.1145\/crossmark-policy","source":"Crossref","is-referenced-by-count":14,"title":["SandScout"],"prefix":"10.1145","author":[{"given":"Luke","family":"Deshotels","sequence":"first","affiliation":[{"name":"North Carolina State University, Raleigh, USA"}]},{"given":"Razvan","family":"Deaconescu","sequence":"additional","affiliation":[{"name":"University POLITEHNICA of Bucharest, Bucharest, Romania"}]},{"given":"Mihai","family":"Chiroiu","sequence":"additional","affiliation":[{"name":"University POLITEHNICA of Bucharest, Bucharest, Romania"}]},{"given":"Lucas","family":"Davi","sequence":"additional","affiliation":[{"name":"Technische Universitat Darmstadt, Germany, Darmstadt, Germany"}]},{"given":"William","family":"Enck","sequence":"additional","affiliation":[{"name":"North Carolina State University, Raleigh, USA"}]},{"given":"Ahmad-Reza","family":"Sadeghi","sequence":"additional","affiliation":[{"name":"Technische Universitat Darmstadt, Germany, Darmstadt, Germany"}]}],"member":"320","published-online":{"date-parts":[[2016,10,24]]},"reference":[{"volume-title":"First iOS Trojan Exploiting Apple DRM Design Flaws to Infect Any iOS Device","key":"e_1_3_2_1_1_1","unstructured":"AceDeceiver: First iOS Trojan Exploiting Apple DRM Design Flaws to Infect Any iOS Device. http:\/\/researchcenter.paloaltonetworks.com\/2016\/03\/acedeceiver-first-ios-trojan-exploiting-apple-drm-design-flaws-to-infect-any-ios-device\/. Accessed: 2016-05-05."},{"key":"e_1_3_2_1_2_1","unstructured":"Antid0te 2.0 - aslr in ios. http:\/\/conference.hackinthebox.org\/hitbsecconf2011ams\/materials\/D1T1%20-%20Stefan%20Esser%20-%20Antid0te%202.0%20-%20ASLR%20in%20iOS.pdf. Accessed: 2016-02--15."},{"key":"e_1_3_2_1_3_1","unstructured":"The apple sandbox. https:\/\/media.blackhat.com\/bh-dc-11\/Blazakis\/BlackHat_DC_2011_Blazakis_Apple%20Sandbox-Slides.pdf. Accessed: 2016-02--15."},{"key":"e_1_3_2_1_4_1","unstructured":"Download. https:\/\/developer.apple.com\/\/ios\/download\/. Accessed: 2016-04--20."},{"key":"e_1_3_2_1_5_1","unstructured":"dsc\\_extractor.cpp. https:\/\/opensource.apple.com\/source\/dyld\/dyld-195.6\/launch-cache\/dsc\\_extractor.cpp. Accessed: 2016-05--19."},{"key":"e_1_3_2_1_6_1","unstructured":"Firmware Keys. https:\/\/www.theiphonewiki.com\/wiki\/Firmware_Keys. Accessed: 2016-04--19."},{"key":"e_1_3_2_1_7_1","unstructured":"iTunes Preview. https:\/\/itunes.apple.com\/us\/genre\/ios\/id36?mt=8. Accessed: 2016-05-04."},{"key":"e_1_3_2_1_8_1","unstructured":"Joker. http:\/\/newosxbook.com\/tools\/joker.html. Accessed: 2016-05--19."},{"key":"e_1_3_2_1_9_1","unstructured":"Lekensteyn\/dmg2img. https:\/\/github.com\/Lekensteyn\/dmg2img. Accessed: 2016-05--19."},{"key":"e_1_3_2_1_10_1","unstructured":"lzssdec.cpp. http:\/\/nah6.com\/~itsme\/cvs-xdadevtools\/iphone\/tools\/lzssdec.cpp. Accessed: 2016-05--19."},{"key":"e_1_3_2_1_11_1","unstructured":"Multiple iOS apps found to be harvesting Snapchat user credentials. http:\/\/9to5mac.com\/2016\/03\/08\/ios-apps-snapchat-harvest-credentials\/. Accessed: 2016-05-05."},{"key":"e_1_3_2_1_12_1","unstructured":"Package \"regex\". http:\/\/www.swi-prolog.org\/pack\/list?p=regex. Accessed: 2016-05--19."},{"key":"e_1_3_2_1_13_1","unstructured":"Pirated App Store client for iOS found on Apple's App Store. https:\/\/www.helpnetsecurity.com\/2016\/02\/22\/pirated-app-store-client-ios-found-apples-app-store\/. Accessed: 2016-05-05."},{"key":"e_1_3_2_1_14_1","unstructured":"PLY (Python Lex-Yacc). http:\/\/www.dabeaz.com\/ply\/. Accessed: 2016-05--17."},{"key":"e_1_3_2_1_15_1","unstructured":"Smart phones overtake client PCs in 2011. http:\/\/www.canalys.com\/newsroom\/smart-phones-overtake-client-pcs-2011. Accessed: 2016-05--18."},{"key":"e_1_3_2_1_16_1","unstructured":"Smartphone OS Market Share 2015 Q2. http:\/\/www.idc.com\/prodserv\/smartphone-os-market-share.jsp. Accessed: 2016-05--18."},{"key":"e_1_3_2_1_17_1","unstructured":"SWI Prolog. http:\/\/www.swi-prolog.org\/. Accessed: 2016-05--19."},{"key":"e_1_3_2_1_18_1","unstructured":"Trustedbsd mandatory access control (mac) framework. http:\/\/www.trustedbsd.org\/mac.html. Accessed: 2015--11-06."},{"key":"e_1_3_2_1_19_1","unstructured":"VFDecrypt. https:\/\/www.theiphonewiki.com\/wiki\/VFDecrypt. Accessed: 2016-05--19."},{"key":"e_1_3_2_1_20_1","doi-asserted-by":"publisher","DOI":"10.1145\/1368310.1368345"},{"key":"e_1_3_2_1_21_1","volume-title":"VA","author":"Blazakis D.","year":"2011","unstructured":"D. Blazakis. The apple sandbox. Arlington, VA, January, 2011."},{"key":"e_1_3_2_1_22_1","doi-asserted-by":"publisher","DOI":"10.1145\/2714576.2714629"},{"key":"e_1_3_2_1_23_1","unstructured":"S. Byford. Apple removes malware-infected App Store apps after major security breach. The Verge Sept. 15. http:\/\/www.theverge.com\/2015\/9\/20\/9362585\/xcodeghost-malware-app-store-security."},{"key":"e_1_3_2_1_24_1","first-page":"11","volume-title":"NDSS","author":"Chen H.","year":"2009","unstructured":"H. Chen, N. Li, and Z. Mao. Analyzing and comparing the protection quality of security enhanced operating systems. In NDSS, pages 11--16, 2009."},{"key":"e_1_3_2_1_25_1","volume-title":"Black Hat USA","author":"Dai~Zovi D. A.","year":"2011","unstructured":"D. A. Dai~Zovi. Apple ios 4 security evaluation. Black Hat USA, 2011."},{"key":"e_1_3_2_1_26_1","volume-title":"NDSS","author":"Davi L.","year":"2012","unstructured":"L. Davi, A. Dmitrienko, M. Egele, T. Fischer, T. Holz, R. Hund, S. N\u00fcrnberger, and A.-R. Sadeghi. Mocfi: A framework to mitigate control-flow attacks on smartphones. In NDSS, 2012."},{"key":"e_1_3_2_1_27_1","unstructured":"R. Deaconescu L. Deshotels M. Bucicoiu W. Enck L. Davi and A.-R. Sadeghi. Sandblaster: Reversing the apple sandbox. Technical Report arXiv:1608.04303 Aug 2016."},{"key":"e_1_3_2_1_28_1","doi-asserted-by":"publisher","DOI":"10.1145\/2810103.2813675"},{"key":"e_1_3_2_1_29_1","volume-title":"NDSS","author":"Egele M.","year":"2011","unstructured":"M. Egele, C. Kruegel, E. Kirda, and G. Vigna. Pios: Detecting privacy leaks in ios applications. In NDSS, 2011."},{"key":"e_1_3_2_1_30_1","unstructured":"W. Enck M. Ongtang and P. McDaniel. Mitigating Android Software Misuse Before It Happens. Technical Report NAS-TR-0094--2008 Network and Security Research Center Department of Computer Science and Engineering Pennsylvania State University University Park PA USA Sep 2008."},{"key":"e_1_3_2_1_31_1","unstructured":"S. Esser. ios8 containers sandboxes and entitlements. http:\/\/www.slideshare.net\/i0n1c\/ruxcon-2014-stefan-esser-ios8-containers-sandboxes-and-entitlements. Accessed: 2015--11--6."},{"key":"e_1_3_2_1_32_1","unstructured":"fG! Apple's sandbox guide v 1.0. http:\/\/reverse.put.as\/wp-content\/uploads\/2011\/09\/Apple-Sandbox-Guide-v1.0.pdf. Accessed: 2015-02-04."},{"key":"e_1_3_2_1_33_1","doi-asserted-by":"publisher","DOI":"10.1007\/978-3-642-38980-1_17"},{"key":"e_1_3_2_1_34_1","doi-asserted-by":"publisher","DOI":"10.1007\/978-3-642-38980-1_17"},{"key":"e_1_3_2_1_35_1","volume-title":"Comparing mobile privacy protection through cross-platform applications","author":"Han J.","year":"2013","unstructured":"J. Han, Q. Yan, D. Gao, J. Zhou, and R. Deng. Comparing mobile privacy protection through cross-platform applications. 2013."},{"key":"e_1_3_2_1_36_1","doi-asserted-by":"publisher","DOI":"10.1145\/1805874.1805982"},{"key":"e_1_3_2_1_37_1","doi-asserted-by":"publisher","DOI":"10.1145\/1805874.1805982"},{"key":"e_1_3_2_1_38_1","unstructured":"V. Iozzo. A sandbox odyssey. https:\/\/prezi.com\/lxljhvzem6js\/a-sandbox-odyssey-infiltrate-2012\/. Accessed: 2015--11--7."},{"key":"e_1_3_2_1_39_1","doi-asserted-by":"publisher","DOI":"10.5555\/1251353.1251358"},{"key":"e_1_3_2_1_40_1","doi-asserted-by":"publisher","DOI":"10.1515\/popets-2015-0027"},{"key":"e_1_3_2_1_41_1","unstructured":"M. Kydyraliev. Mining mach services within os x sandbox. http:\/\/2013.zeronights.org\/includes\/docs\/Meder_Kydyraliev_-_Mining_Mach_Services_within_OS_X_Sandbox.pdf. Accessed: 2015--11--6."},{"key":"e_1_3_2_1_42_1","doi-asserted-by":"publisher","DOI":"10.5555\/2378748"},{"key":"e_1_3_2_1_43_1","doi-asserted-by":"publisher","DOI":"10.5555\/1496711.1496733"},{"key":"e_1_3_2_1_44_1","doi-asserted-by":"publisher","DOI":"10.1109\/CSFW.2006.22"},{"key":"e_1_3_2_1_45_1","doi-asserted-by":"publisher","DOI":"10.1145\/1054972.1054999"},{"key":"e_1_3_2_1_46_1","doi-asserted-by":"publisher","DOI":"10.5555\/2831143.2831166"},{"key":"e_1_3_2_1_47_1","doi-asserted-by":"publisher","DOI":"10.5555\/2671225.2671231"},{"key":"e_1_3_2_1_48_1","doi-asserted-by":"publisher","DOI":"10.5555\/2534766.2534814"},{"key":"e_1_3_2_1_49_1","doi-asserted-by":"publisher","DOI":"10.5555\/647054.715753"},{"key":"e_1_3_2_1_50_1","doi-asserted-by":"publisher","DOI":"10.1145\/2484313.2484316"},{"key":"e_1_3_2_1_51_1","unstructured":"C. Xiao. Yispecter. http:\/\/researchcenter.paloaltonetworks.com\/2015\/10\/yispecter-first-ios-malware-attacks-non-jailbroken-ios-devices-by-abusing-private-apis\/. Accessed: 2015--10--21."},{"key":"e_1_3_2_1_52_1","doi-asserted-by":"publisher","DOI":"10.1145\/2810103.2813609"},{"key":"e_1_3_2_1_53_1","doi-asserted-by":"publisher","DOI":"10.1145\/990036.990059"}],"event":{"name":"CCS'16: 2016 ACM SIGSAC Conference on Computer and Communications Security","sponsor":["SIGSAC ACM Special Interest Group on Security, Audit, and Control"],"location":"Vienna Austria","acronym":"CCS'16"},"container-title":["Proceedings of the 2016 ACM SIGSAC Conference on Computer and Communications Security"],"original-title":[],"link":[{"URL":"https:\/\/dl.acm.org\/doi\/10.1145\/2976749.2978336","content-type":"unspecified","content-version":"vor","intended-application":"text-mining"},{"URL":"https:\/\/dl.acm.org\/doi\/pdf\/10.1145\/2976749.2978336","content-type":"application\/pdf","content-version":"vor","intended-application":"syndication"},{"URL":"https:\/\/dl.acm.org\/doi\/pdf\/10.1145\/2976749.2978336","content-type":"unspecified","content-version":"vor","intended-application":"similarity-checking"}],"deposited":{"date-parts":[[2025,11,18]],"date-time":"2025-11-18T09:26:29Z","timestamp":1763457989000},"score":1,"resource":{"primary":{"URL":"https:\/\/dl.acm.org\/doi\/10.1145\/2976749.2978336"}},"subtitle":["Automatic Detection of Flaws in iOS Sandbox Profiles"],"short-title":[],"issued":{"date-parts":[[2016,10,24]]},"references-count":53,"alternative-id":["10.1145\/2976749.2978336","10.1145\/2976749"],"URL":"https:\/\/doi.org\/10.1145\/2976749.2978336","relation":{},"subject":[],"published":{"date-parts":[[2016,10,24]]},"assertion":[{"value":"2016-10-24","order":3,"name":"published","label":"Published","group":{"name":"publication_history","label":"Publication History"}}]}}