{"status":"ok","message-type":"work","message-version":"1.0.0","message":{"indexed":{"date-parts":[[2026,2,23]],"date-time":"2026-02-23T14:42:24Z","timestamp":1771857744728,"version":"3.50.1"},"reference-count":127,"publisher":"Association for Computing Machinery (ACM)","issue":"3","license":[{"start":{"date-parts":[[2016,10,12]],"date-time":"2016-10-12T00:00:00Z","timestamp":1476230400000},"content-version":"vor","delay-in-days":0,"URL":"https:\/\/www.acm.org\/publications\/policies\/copyright_policy#Background"}],"funder":[{"name":"National Security Agency under the Science of Security Lablet at North Carolina State University"}],"content-domain":{"domain":["dl.acm.org"],"crossmark-restriction":true},"short-container-title":["ACM Comput. Surv."],"published-print":{"date-parts":[[2017,9,30]]},"abstract":"<jats:p>Security isolation is a foundation of computing systems that enables resilience to different forms of attacks. This article seeks to understand existing security isolation techniques by systematically classifying different approaches and analyzing their properties. We provide a hierarchical classification structure for grouping different security isolation techniques. At the top level, we consider two principal aspects: mechanism and policy. Each aspect is broken down into salient dimensions that describe key properties. We break the mechanism into two dimensions, enforcement location and isolation granularity, and break the policy aspect down into three dimensions: policy generation, policy configurability, and policy lifetime. We apply our classification to a set of representative articles that cover a breadth of security isolation techniques and discuss tradeoffs among different design choices and limitations of existing approaches.<\/jats:p>","DOI":"10.1145\/2988545","type":"journal-article","created":{"date-parts":[[2016,10,12]],"date-time":"2016-10-12T18:33:55Z","timestamp":1476297235000},"page":"1-37","update-policy":"https:\/\/doi.org\/10.1145\/crossmark-policy","source":"Crossref","is-referenced-by-count":26,"title":["A Study of Security Isolation Techniques"],"prefix":"10.1145","volume":"49","author":[{"given":"Rui","family":"Shu","sequence":"first","affiliation":[{"name":"North Carolina State University, Raleigh, NC"}]},{"given":"Peipei","family":"Wang","sequence":"additional","affiliation":[{"name":"North Carolina State University, Raleigh, NC"}]},{"given":"Sigmund A","family":"Gorski III","sequence":"additional","affiliation":[{"name":"North Carolina State University, Raleigh, NC"}]},{"given":"Benjamin","family":"Andow","sequence":"additional","affiliation":[{"name":"North Carolina State University, Raleigh, NC"}]},{"given":"Adwait","family":"Nadkarni","sequence":"additional","affiliation":[{"name":"North Carolina State University, Raleigh, NC"}]},{"given":"Luke","family":"Deshotels","sequence":"additional","affiliation":[{"name":"North Carolina State University, Raleigh, NC"}]},{"given":"Jason","family":"Gionta","sequence":"additional","affiliation":[{"name":"North Carolina State University, Raleigh, NC"}]},{"given":"William","family":"Enck","sequence":"additional","affiliation":[{"name":"North Carolina State University, Raleigh, NC"}]},{"given":"Xiaohui","family":"Gu","sequence":"additional","affiliation":[{"name":"North Carolina State University, Raleigh, NC"}]}],"member":"320","published-online":{"date-parts":[[2016,10,12]]},"reference":[{"key":"e_1_2_1_1_1","volume-title":"Proceedings of the 9th Conference on USENIX Security Symposium-Volume 9. USENIX Association, 1--1.","author":"Acharya Anurag","year":"2000"},{"key":"e_1_2_1_2_1","volume-title":"Secure virtual machine architecture reference manual. AMD Publication 33047","year":"2005"},{"key":"e_1_2_1_3_1","doi-asserted-by":"publisher","DOI":"10.1145\/1254810.1254817"},{"key":"e_1_2_1_4_1","volume-title":"Computer Security Technology Planning Study. ESDTR-73-51. Air Force Electronic Systems Division","author":"Anderson J. P."},{"key":"e_1_2_1_5_1","unstructured":"Apple Inc. 2015. System Integrity Protection Guide. Retrieved from https:\/\/developer.apple.com\/library\/mac\/documentation\/Security\/Conceptual\/System_Integrity_Protection_Guide\/Introduction\/Introduction.html#\/\/apple_ref\/doc\/uid\/TP40016462-CH1-DontLinkElementID_15.  Apple Inc. 2015. System Integrity Protection Guide. Retrieved from https:\/\/developer.apple.com\/library\/mac\/documentation\/Security\/Conceptual\/System_Integrity_Protection_Guide\/Introduction\/Introduction.html#\/\/apple_ref\/doc\/uid\/TP40016462-CH1-DontLinkElementID_15."},{"key":"e_1_2_1_6_1","doi-asserted-by":"publisher","DOI":"10.1145\/2046707.2046752"},{"key":"e_1_2_1_7_1","volume-title":"Proceedings of the 24th USENIX Security Symposium (USENIX Security 15)","author":"Backes Michael","year":"2015"},{"key":"e_1_2_1_8_1","doi-asserted-by":"publisher","DOI":"10.1145\/1165389.945462"},{"key":"e_1_2_1_9_1","doi-asserted-by":"publisher","DOI":"10.1145\/2465351.2465375"},{"key":"e_1_2_1_10_1","volume-title":"Proceedings of the USENIX Symposium on Operating Systems Design and Implementation (OSDI).","author":"Baumann Andrew","year":"2014"},{"key":"e_1_2_1_11_1","volume-title":"Proceedings of the USENIX Annual Technical Conference, FREENIX Track. 41--46","author":"Bellard Fabrice","year":"2005"},{"key":"e_1_2_1_12_1","first-page":"423","article-title":"The turtles project: Design and implementation of nested virtualization","volume":"10","author":"Ben-Yehuda Muli","year":"2010","journal-title":"OSDI"},{"key":"e_1_2_1_13_1","doi-asserted-by":"publisher","DOI":"10.1145\/224057.224077"},{"key":"e_1_2_1_14_1","doi-asserted-by":"publisher","DOI":"10.1145\/75277.75295"},{"key":"e_1_2_1_15_1","unstructured":"Benjie Chen and Robert Morris. 2003. Certifying program execution with secure processors. In HotOS. 133--138.   Benjie Chen and Robert Morris. 2003. Certifying program execution with secure processors. In HotOS. 133--138."},{"key":"e_1_2_1_16_1","doi-asserted-by":"crossref","unstructured":"Haibo Chen Fengzhe Zhang Cheng Chen Ziye Yang Rong Chen Binyu Zang and Wenbo Mao. 2007. Tamper-resistant execution in an untrusted operating system using a virtual machine monitor.  Haibo Chen Fengzhe Zhang Cheng Chen Ziye Yang Rong Chen Binyu Zang and Wenbo Mao. 2007. Tamper-resistant execution in an untrusted operating system using a virtual machine monitor.","DOI":"10.1145\/1134760.1134767"},{"key":"e_1_2_1_17_1","doi-asserted-by":"publisher","DOI":"10.1145\/1346281.1346284"},{"key":"e_1_2_1_19_1","unstructured":"Chris Clayton. 2013. Understanding Application Domains. Retrieved from https:\/\/blogs.msdn.microsoft.com\/cclayton\/2013\/05\/21\/understanding-application-domains\/. (2013).  Chris Clayton. 2013. Understanding Application Domains. Retrieved from https:\/\/blogs.msdn.microsoft.com\/cclayton\/2013\/05\/21\/understanding-application-domains\/. (2013)."},{"key":"e_1_2_1_20_1","doi-asserted-by":"publisher","DOI":"10.1145\/2043556.2043575"},{"key":"e_1_2_1_21_1","doi-asserted-by":"publisher","DOI":"10.1145\/1463891.1463912"},{"key":"e_1_2_1_22_1","volume-title":"May","author":"Corbet Jonathan","year":"2009"},{"key":"e_1_2_1_23_1","first-page":"10","article-title":"The Coq Proof Assistant Reference Manual","volume":"5","author":"Cornes Cristina","year":"1995","journal-title":"Version"},{"key":"e_1_2_1_24_1","volume-title":"Proeedings of the 1999 ACM SIGPLAN Workshop on Compiler Support for System Software. 25--35","author":"Crary K."},{"key":"e_1_2_1_25_1","doi-asserted-by":"publisher","DOI":"10.1145\/360051.360056"},{"key":"e_1_2_1_26_1","unstructured":"Jeff Dike and others. 2001. User mode linux. (2001).  Jeff Dike and others. 2001. User mode linux. (2001)."},{"key":"e_1_2_1_27_1","volume-title":"Presented as Part of the 10th USENIX Symposium on Operating Systems Design and Implementation (OSDI 12). 61--75.","author":"Dunn Alan M."},{"key":"e_1_2_1_28_1","doi-asserted-by":"publisher","DOI":"10.1109\/MSP.2009.26"},{"key":"e_1_2_1_29_1","doi-asserted-by":"publisher","DOI":"10.1145\/224057.224076"},{"key":"e_1_2_1_31_1","volume-title":"USENIX Annual Technical Conference","author":"Ford Bryan","year":"2008"},{"key":"e_1_2_1_32_1","doi-asserted-by":"publisher","DOI":"10.1145\/238721.238769"},{"key":"e_1_2_1_33_1","first-page":"465","article-title":"KeyKOS-asecure, high-performanceenvironmentforS\/370","volume":"70","author":"Frantz Bill","year":"1988","journal-title":"Proc. of SHARE"},{"key":"e_1_2_1_34_1","doi-asserted-by":"publisher","DOI":"10.1145\/1165389.945464"},{"key":"e_1_2_1_35_1","volume-title":"Hails: Protecting data privacy in untrusted web applications. In OSDI. 47--60.","author":"Giffin Daniel B.","year":"2012"},{"key":"e_1_2_1_36_1","doi-asserted-by":"publisher","DOI":"10.1145\/1866307.1866340"},{"key":"e_1_2_1_37_1","doi-asserted-by":"publisher","DOI":"10.1007\/978-3-642-05089-3_49"},{"key":"e_1_2_1_38_1","volume-title":"11th USENIX Symposium on Operating Systems Design and Implementation (OSDI 14)","author":"Hawblitzel Chris","year":"2014"},{"key":"e_1_2_1_39_1","volume-title":"LXC: Linux container tools. IBM devloperWorks Technical Library","author":"Helsley Matt","year":"2009"},{"key":"e_1_2_1_40_1","volume-title":"Proceedings of the USENIX Annual Technical Conference","volume":"7","author":"Hicks Boniface","year":"2007"},{"key":"e_1_2_1_41_1","doi-asserted-by":"publisher","DOI":"10.1145\/2557547.2557563"},{"key":"e_1_2_1_42_1","doi-asserted-by":"publisher","DOI":"10.1145\/2490301.2451146"},{"key":"e_1_2_1_43_1","doi-asserted-by":"publisher","DOI":"10.1109\/32.588521"},{"key":"e_1_2_1_44_1","volume-title":"Douceur","author":"Howell Jon","year":"2013"},{"key":"e_1_2_1_45_1","doi-asserted-by":"publisher","DOI":"10.1145\/1272998.1273032"},{"key":"e_1_2_1_46_1","doi-asserted-by":"publisher","DOI":"10.1145\/1243418.1243424"},{"key":"e_1_2_1_47_1","unstructured":"Intel. 2007. Intel Trusted Execution Technology. Retrieved from http:\/\/www.intel.com\/content\/www\/us\/en\/architecture-and-technology\/trusted-execution-technology\/trusted-execution-technology-security-paper.html. (2007).  Intel. 2007. Intel Trusted Execution Technology. Retrieved from http:\/\/www.intel.com\/content\/www\/us\/en\/architecture-and-technology\/trusted-execution-technology\/trusted-execution-technology-security-paper.html. (2007)."},{"key":"e_1_2_1_48_1","doi-asserted-by":"publisher","DOI":"10.1145\/2592798.2592811"},{"key":"e_1_2_1_49_1","doi-asserted-by":"publisher","DOI":"10.1109\/SP.2011.33"},{"key":"e_1_2_1_50_1","doi-asserted-by":"publisher","DOI":"10.1145\/2797022.2797040"},{"key":"e_1_2_1_51_1","volume-title":"Proceedings of the 2nd International SANE Conference","volume":"43","author":"Kamp Poul-Henning"},{"key":"e_1_2_1_52_1","unstructured":"Taesoo Kim and Nickolai Zeldovich. 2013. Practical and effective sandboxing for non-root users. In Presented as Part of the 2013 USENIX Annual Technical Conference. USENIX 139--144.   Taesoo Kim and Nickolai Zeldovich. 2013. Practical and effective sandboxing for non-root users. In Presented as Part of the 2013 USENIX Annual Technical Conference. USENIX 139--144."},{"key":"e_1_2_1_53_1","volume-title":"Proceedings of the USENIX Security Symposium","volume":"92","author":"Kiriansky Vladimir"},{"key":"e_1_2_1_54_1","doi-asserted-by":"publisher","DOI":"10.1145\/1629575.1629596"},{"key":"e_1_2_1_55_1","volume-title":"OpenVZ","author":"Kolyshkin Kirill","year":"2006"},{"key":"e_1_2_1_56_1","doi-asserted-by":"publisher","DOI":"10.1109\/SP.2009.23"},{"key":"e_1_2_1_57_1","doi-asserted-by":"publisher","DOI":"10.1145\/1294261.1294293"},{"key":"e_1_2_1_58_1","volume-title":"Proceedings of the 2014 USENIX Annual Technical Conference.","author":"Li Yanlin","year":"2014"},{"key":"e_1_2_1_59_1","doi-asserted-by":"publisher","DOI":"10.1145\/1629575.1629606"},{"key":"e_1_2_1_60_1","volume-title":"Proceedings of the 11th USENIX Conference on Operating Systems Design and Implementation. USENIX Association, 81--96","author":"Lu Lanyue"},{"key":"e_1_2_1_61_1","doi-asserted-by":"publisher","DOI":"10.1145\/2499368.2451167"},{"key":"e_1_2_1_62_1","unstructured":"Stephen McCamant and Greg Morrisett. 2006. Evaluating SFI for a CISC architecture. In Usenix Security. 15.   Stephen McCamant and Greg Morrisett. 2006. Evaluating SFI for a CISC architecture. In Usenix Security. 15."},{"key":"e_1_2_1_63_1","volume-title":"Proceedings of the USENIX","author":"McCanne Steven","year":"1993"},{"key":"e_1_2_1_64_1","doi-asserted-by":"publisher","DOI":"10.1109\/SP.2010.17"},{"key":"e_1_2_1_65_1","doi-asserted-by":"publisher","DOI":"10.1109\/SP.2007.27"},{"key":"e_1_2_1_66_1","doi-asserted-by":"publisher","DOI":"10.1145\/1357010.1352625"},{"key":"e_1_2_1_67_1","doi-asserted-by":"publisher","DOI":"10.1145\/2487726.2488368"},{"key":"e_1_2_1_68_1","unstructured":"Paul Menage. 2004. Control Groups. Retrieved from https:\/\/www.kernel.org\/doc\/Documentation\/cgroups\/cgroups.txt. (2004).  Paul Menage. 2004. Control Groups. Retrieved from https:\/\/www.kernel.org\/doc\/Documentation\/cgroups\/cgroups.txt. (2004)."},{"key":"e_1_2_1_69_1","first-page":"2","article-title":"Docker: Lightweight Linux containers for consistent development and deployment","volume":"239","author":"Merkel Dirk","year":"2014","journal-title":"Linux"},{"key":"e_1_2_1_70_1","doi-asserted-by":"publisher","DOI":"10.1109\/SP.2014.24"},{"key":"e_1_2_1_71_1","volume-title":"iOS Hacker\u2019s Handbook","author":"Miller Charlie"},{"key":"e_1_2_1_73_1","unstructured":"MSDN. 2012. Understanding Enhanced Protection Mode. Retrieved from http:\/\/blogs.msdn.com\/b\/ieinternals\/archive\/2012\/03\/23\/understanding-ie10-enhanced-protected-mode-network-security-addons-cookies-metro-desktop.aspx. (2012).  MSDN. 2012. Understanding Enhanced Protection Mode. Retrieved from http:\/\/blogs.msdn.com\/b\/ieinternals\/archive\/2012\/03\/23\/understanding-ie10-enhanced-protected-mode-network-security-addons-cookies-metro-desktop.aspx. (2012)."},{"key":"e_1_2_1_74_1","doi-asserted-by":"publisher","DOI":"10.1145\/2508859.2516677"},{"key":"e_1_2_1_75_1","unstructured":"National Security Agency. 2009. Security-Enhanced Linux (SELinux). Retrieved from http:\/\/www.nsa.gov\/research\/selinux. (2009).  National Security Agency. 2009. Security-Enhanced Linux (SELinux). Retrieved from http:\/\/www.nsa.gov\/research\/selinux. (2009)."},{"key":"e_1_2_1_77_1","doi-asserted-by":"publisher","DOI":"10.1145\/277650.277752"},{"key":"e_1_2_1_78_1","volume-title":"Williams","author":"Nicol David M.","year":"2012"},{"key":"e_1_2_1_79_1","doi-asserted-by":"publisher","DOI":"10.1109\/SP.2013.24"},{"key":"e_1_2_1_80_1","doi-asserted-by":"publisher","DOI":"10.1145\/1165389.945447"},{"key":"e_1_2_1_81_1","doi-asserted-by":"publisher","DOI":"10.1145\/2414456.2414498"},{"key":"e_1_2_1_82_1","doi-asserted-by":"publisher","DOI":"10.1145\/2307720.2307721"},{"key":"e_1_2_1_83_1","volume-title":"Proceedings of the UKUUG Conference","author":"Pike R."},{"key":"e_1_2_1_84_1","volume-title":"Proceedings of the 20th USENIX Conference on Security. Usenix Association, 12--12","author":"Politz Joe Gibbs","year":"2011"},{"key":"e_1_2_1_85_1","doi-asserted-by":"publisher","DOI":"10.1145\/1961296.1950399"},{"key":"e_1_2_1_86_1","first-page":"1","article-title":"Secure isolation of untrusted legacy applications","volume":"7","author":"Potter Shaya","year":"2007","journal-title":"LISA"},{"key":"e_1_2_1_87_1","volume-title":"USENIX Security","volume":"3","author":"Provos Niels","year":"2003"},{"key":"e_1_2_1_88_1","doi-asserted-by":"publisher","DOI":"10.1109\/TDSC.2006.41"},{"key":"e_1_2_1_89_1","doi-asserted-by":"publisher","DOI":"10.1145\/1653662.1653687"},{"key":"e_1_2_1_90_1","volume-title":"Black Hat Conference.","author":"Rosenberg Dan","year":"2014"},{"key":"e_1_2_1_91_1","unstructured":"Joanna Rutkowska. 2012. Introducing Qubes 1.0. Retrieved from http:\/\/theinvisiblethings.blogspot.com\/2012\/09\/introducing-qubes-10.html. (2012).  Joanna Rutkowska. 2012. Introducing Qubes 1.0. Retrieved from http:\/\/theinvisiblethings.blogspot.com\/2012\/09\/introducing-qubes-10.html. (2012)."},{"key":"e_1_2_1_92_1","volume-title":"John Linwood Griffin, Stefan Berger, Reiner Sailer, Enriquillo Valdez, Trent Jaeger, and others.","author":"Sailer Reiner","year":"2005"},{"key":"e_1_2_1_93_1","doi-asserted-by":"publisher","DOI":"10.1109\/PROC.1975.9939"},{"key":"e_1_2_1_94_1","volume-title":"Middleware","author":"Santos Nuno","year":"2012"},{"key":"e_1_2_1_95_1","doi-asserted-by":"publisher","DOI":"10.1145\/353323.353382"},{"key":"e_1_2_1_96_1","volume-title":"Informatics","author":"Schneider Fred B."},{"key":"e_1_2_1_97_1","doi-asserted-by":"publisher","DOI":"10.1145\/2365864.2151036"},{"key":"e_1_2_1_98_1","doi-asserted-by":"publisher","DOI":"10.1145\/319151.319163"},{"key":"e_1_2_1_99_1","volume-title":"USENIX Security Symposium. 553--567","author":"Shekhar Shashi"},{"key":"e_1_2_1_100_1","doi-asserted-by":"publisher","DOI":"10.1145\/1218063.1217951"},{"key":"e_1_2_1_101_1","volume-title":"Proceedings of the 3rd USENIX Conference on Object-Oriented Technologies and Systems. 175--184","author":"Small Christopher","year":"1997"},{"key":"e_1_2_1_102_1","doi-asserted-by":"publisher","DOI":"10.1145\/1272998.1273025"},{"key":"e_1_2_1_103_1","doi-asserted-by":"publisher","DOI":"10.1145\/2398856.2364557"},{"key":"e_1_2_1_104_1","volume-title":"Proceedings of the USENIX Symposium on Operating Systems Design and Implementation (OSDI\u201914)","author":"Stefan Deian","year":"2014"},{"key":"e_1_2_1_105_1","doi-asserted-by":"publisher","DOI":"10.1145\/1151030.1151033"},{"key":"e_1_2_1_106_1","volume-title":"Proceedings of the 7th Symposium on Operating Systems Design and Implementation. USENIX Association, 279--292","author":"Ta-Min Richard","year":"2006"},{"key":"e_1_2_1_107_1","volume-title":"Proceedings of the USENIX Security Symposium. 371--388","author":"Louw Mike Ter"},{"key":"e_1_2_1_108_1","unstructured":"Trusted Computing Group. 2011. TPM Main Specification. Retrieved from http:\/\/www.trustedcomputinggroup.org\/resources\/tpm_main_specification. (2011).  Trusted Computing Group. 2011. TPM Main Specification. Retrieved from http:\/\/www.trustedcomputinggroup.org\/resources\/tpm_main_specification. (2011)."},{"key":"e_1_2_1_109_1","doi-asserted-by":"publisher","DOI":"10.1145\/2592798.2592812"},{"key":"e_1_2_1_110_1","doi-asserted-by":"publisher","DOI":"10.1145\/1314299.1314302"},{"key":"e_1_2_1_111_1","volume-title":"J-kernel: A capability-based operating system for java. In Secure Internet Programming","author":"Eicken Thorsten Von","year":"1999"},{"key":"e_1_2_1_112_1","unstructured":"David A. Wagner. 1999. Janus: An Approach for Confinement of Untrusted Applications. Ph.D. Dissertation. Department of Electrical Engineering and Computer Sciences University of California at Berkeley.  David A. Wagner. 1999. Janus: An Approach for Confinement of Untrusted Applications. Ph.D. Dissertation. Department of Electrical Engineering and Computer Sciences University of California at Berkeley."},{"key":"e_1_2_1_113_1","doi-asserted-by":"publisher","DOI":"10.1145\/173668.168635"},{"key":"e_1_2_1_114_1","volume-title":"Proceedings of the USENIX Security Symposium","volume":"28","author":"Wang Helen J.","year":"2009"},{"key":"e_1_2_1_115_1","volume-title":"Proceedings of the 11th USENIX Symposium on Operating Systems Design and Implementation (OSDI\u201914)","author":"Wang Xi","year":"2014"},{"key":"e_1_2_1_116_1","volume-title":"Proceedings of the USENIX Security Symposium. 29--46","author":"Watson Robert N. M.","year":"2010"},{"key":"e_1_2_1_117_1","doi-asserted-by":"publisher","DOI":"10.1145\/844128.844147"},{"key":"e_1_2_1_118_1","doi-asserted-by":"publisher","DOI":"10.14722\/ndss.2014.23164"},{"key":"e_1_2_1_119_1","volume-title":"Conference on Timely Results in Operating Systems (TRIOS).","author":"Wu Weiyi","year":"2015"},{"key":"e_1_2_1_120_1","volume-title":"Codejail: Application-transparent isolation of libraries with tight program interactions. In Computer Security--ESORICS","author":"Wu Yongzheng","year":"2012"},{"key":"e_1_2_1_121_1","unstructured":"Xi Xiong Donghai Tian and Peng Liu. 2011. Practical protection of kernel integrity for commodity OS from untrusted extensions. In NDSS.  Xi Xiong Donghai Tian and Peng Liu. 2011. Practical protection of kernel integrity for commodity OS from untrusted extensions. In NDSS."},{"key":"e_1_2_1_122_1","volume-title":"USENIX Security Symposium. 539--552","author":"Xu Rubin","year":"2012"},{"key":"e_1_2_1_123_1","doi-asserted-by":"publisher","DOI":"10.1145\/1346256.1346267"},{"key":"e_1_2_1_124_1","doi-asserted-by":"publisher","DOI":"10.1145\/2046707.2093515"},{"key":"e_1_2_1_125_1","doi-asserted-by":"publisher","DOI":"10.1109\/SP.2009.25"},{"key":"e_1_2_1_126_1","doi-asserted-by":"publisher","DOI":"10.5555\/1298455.1298481"},{"key":"e_1_2_1_127_1","doi-asserted-by":"publisher","DOI":"10.1109\/SP.2011.31"},{"key":"e_1_2_1_128_1","doi-asserted-by":"publisher","DOI":"10.1145\/2038642.2038687"},{"key":"e_1_2_1_129_1","doi-asserted-by":"publisher","DOI":"10.1145\/1101499.1101515"},{"key":"e_1_2_1_130_1","doi-asserted-by":"publisher","DOI":"10.1145\/2660267.2660344"},{"key":"e_1_2_1_131_1","doi-asserted-by":"publisher","DOI":"10.1109\/SP.2014.27"}],"container-title":["ACM Computing Surveys"],"original-title":[],"language":"en","link":[{"URL":"https:\/\/dl.acm.org\/doi\/10.1145\/2988545","content-type":"unspecified","content-version":"vor","intended-application":"text-mining"},{"URL":"https:\/\/dl.acm.org\/doi\/pdf\/10.1145\/2988545","content-type":"unspecified","content-version":"vor","intended-application":"similarity-checking"}],"deposited":{"date-parts":[[2025,6,18]],"date-time":"2025-06-18T03:50:41Z","timestamp":1750218641000},"score":1,"resource":{"primary":{"URL":"https:\/\/dl.acm.org\/doi\/10.1145\/2988545"}},"subtitle":[],"short-title":[],"issued":{"date-parts":[[2016,10,12]]},"references-count":127,"journal-issue":{"issue":"3","published-print":{"date-parts":[[2017,9,30]]}},"alternative-id":["10.1145\/2988545"],"URL":"https:\/\/doi.org\/10.1145\/2988545","relation":{},"ISSN":["0360-0300","1557-7341"],"issn-type":[{"value":"0360-0300","type":"print"},{"value":"1557-7341","type":"electronic"}],"subject":[],"published":{"date-parts":[[2016,10,12]]},"assertion":[{"value":"2015-09-01","order":0,"name":"received","label":"Received","group":{"name":"publication_history","label":"Publication History"}},{"value":"2016-08-01","order":1,"name":"accepted","label":"Accepted","group":{"name":"publication_history","label":"Publication History"}},{"value":"2016-10-12","order":2,"name":"published","label":"Published","group":{"name":"publication_history","label":"Publication History"}}]}}