{"status":"ok","message-type":"work","message-version":"1.0.0","message":{"indexed":{"date-parts":[[2026,3,11]],"date-time":"2026-03-11T01:34:08Z","timestamp":1773192848162,"version":"3.50.1"},"publisher-location":"New York, NY, USA","reference-count":46,"publisher":"ACM","license":[{"start":{"date-parts":[[2017,10,30]],"date-time":"2017-10-30T00:00:00Z","timestamp":1509321600000},"content-version":"vor","delay-in-days":0,"URL":"https:\/\/www.acm.org\/publications\/policies\/copyright_policy#Background"}],"funder":[{"DOI":"10.13039\/100000001","name":"National Science Foundation","doi-asserted-by":"publisher","award":["CNS-0831300, CNS-1017265, DGE-1500084, CCF-1548856, CNS-1563848,SFS-1565523, CRI-1629851, and CNS-1704701"],"award-info":[{"award-number":["CNS-0831300, CNS-1017265, DGE-1500084, CCF-1548856, CNS-1563848,SFS-1565523, CRI-1629851, and CNS-1704701"]}],"id":[{"id":"10.13039\/100000001","id-type":"DOI","asserted-by":"publisher"}]},{"DOI":"10.13039\/100000006","name":"Office of Naval Research","doi-asserted-by":"publisher","award":["N000140911042 and N000141512162"],"award-info":[{"award-number":["N000140911042 and N000141512162"]}],"id":[{"id":"10.13039\/100000006","id-type":"DOI","asserted-by":"publisher"}]},{"DOI":"10.13039\/501100003696","name":"Electronics and Telecommunications Research Institute","doi-asserted-by":"publisher","award":["IITP\/KEIT[B0101-17-0644]"],"award-info":[{"award-number":["IITP\/KEIT[B0101-17-0644]"]}],"id":[{"id":"10.13039\/501100003696","id-type":"DOI","asserted-by":"publisher"}]},{"DOI":"10.13039\/100000185","name":"Defense Advanced Research Projects Agency","doi-asserted-by":"publisher","award":["FA8650-15-C-7556 and HR0011-16-C-0059"],"award-info":[{"award-number":["FA8650-15-C-7556 and HR0011-16-C-0059"]}],"id":[{"id":"10.13039\/100000185","id-type":"DOI","asserted-by":"publisher"}]},{"DOI":"10.13039\/501100003725","name":"National Research Foundation of Korea","doi-asserted-by":"publisher","award":["2017R1A6A3A03002506"],"award-info":[{"award-number":["2017R1A6A3A03002506"]}],"id":[{"id":"10.13039\/501100003725","id-type":"DOI","asserted-by":"publisher"}]}],"content-domain":{"domain":["dl.acm.org"],"crossmark-restriction":true},"short-container-title":[],"published-print":{"date-parts":[[2017,10,30]]},"DOI":"10.1145\/3133956.3134045","type":"proceedings-article","created":{"date-parts":[[2017,10,27]],"date-time":"2017-10-27T12:48:18Z","timestamp":1509108498000},"page":"377-390","update-policy":"https:\/\/doi.org\/10.1145\/crossmark-policy","source":"Crossref","is-referenced-by-count":74,"title":["RAIN"],"prefix":"10.1145","author":[{"given":"Yang","family":"Ji","sequence":"first","affiliation":[{"name":"Georgia Institute of Technology, Atlanta, GA, USA"}]},{"given":"Sangho","family":"Lee","sequence":"additional","affiliation":[{"name":"Georgia Institute of Technology, Atlanta, GA, USA"}]},{"given":"Evan","family":"Downing","sequence":"additional","affiliation":[{"name":"Georgia Institute of Technology, Atlanta, GA, USA"}]},{"given":"Weiren","family":"Wang","sequence":"additional","affiliation":[{"name":"Georgia Institute of Technology, Atlanta, GA, USA"}]},{"given":"Mattia","family":"Fazzini","sequence":"additional","affiliation":[{"name":"Georgia Institute of Technology, Atlanta, GA, USA"}]},{"given":"Taesoo","family":"Kim","sequence":"additional","affiliation":[{"name":"Georgia Institute of Technology, Atlanta, GA, USA"}]},{"given":"Alessandro","family":"Orso","sequence":"additional","affiliation":[{"name":"Georgia Institute of Technology, Atlanta, GA, USA"}]},{"given":"Wenke","family":"Lee","sequence":"additional","affiliation":[{"name":"Georgia Institute of Technology, Atlanta, GA, USA"}]}],"member":"320","published-online":{"date-parts":[[2017,10,30]]},"reference":[{"key":"e_1_3_2_2_1_1","volume-title":"X-ray: automating root-cause diagnosis of performance anomalies in production software Proceedings of the 10th USENIX Symposium on Operating Systems Design and Implementation (OSDI)","author":"Attariyan Mona","unstructured":"Mona Attariyan, Michael Chow, and Jason Flinn 2012. X-ray: automating root-cause diagnosis of performance anomalies in production software Proceedings of the 10th USENIX Symposium on Operating Systems Design and Implementation (OSDI). Hollywood, CA."},{"key":"e_1_3_2_2_2_1","doi-asserted-by":"crossref","unstructured":"Adam Bates Kevin Butler Andreas Haeberlen Micah Sherr and Wenchao Zhou 2014. Let SDN be your eyes: Secure forensics in data center networks 2014 NDSS Workshop on Security of Emerging Network Technologies (SENT).","DOI":"10.14722\/sent.2014.23002"},{"key":"e_1_3_2_2_3_1","volume-title":"Trustworthy Whole-System Provenance for the Linux Kernel Proceedings of the 24th USENIX Security Symposium (Security)","author":"Bates Adam","year":"2015","unstructured":"Adam Bates, Dave (Jing) Tian, Kevin R.B. Butler, and Thomas Moyer 2015. Trustworthy Whole-System Provenance for the Linux Kernel Proceedings of the 24th USENIX Security Symposium (Security). Washington, DC."},{"key":"e_1_3_2_2_4_1","volume-title":"On the StrongPity Waterhole Attacks Targeting Italian and Belgian Encryption Users. (Oct","author":"Baumgartner Kurt","year":"2017","unstructured":"Kurt Baumgartner. 2017. On the StrongPity Waterhole Attacks Targeting Italian and Belgian Encryption Users. (Oct. 2017). shownotehttps:\/\/securelist.com\/blog\/research\/76147."},{"key":"e_1_3_2_2_5_1","volume-title":"Detecting Covert Timing Channels with Time-Deterministic Replay Proceedings of the 11th USENIX Symposium on Operating Systems Design and Implementation (OSDI)","author":"Chen Ang","year":"2014","unstructured":"Ang Chen, W. Brad Moore, Hanjun Xiao, Andreas Haeberlen, Linh Thi Xuan Phan, Micah Sherr, and Wenchao Zhou 2014. Detecting Covert Timing Channels with Time-Deterministic Replay Proceedings of the 11th USENIX Symposium on Operating Systems Design and Implementation (OSDI). Broomfield, Colorado."},{"key":"e_1_3_2_2_6_1","volume-title":"Boon Thau Loo, and Wenchao Zhou","author":"Chen Ang","year":"2017","unstructured":"Ang Chen, Yang Wu, Andreas Haeberlen, Boon Thau Loo, and Wenchao Zhou 2017. Data Provenance at Internet Scale: Architecture, Experiences, and the Road Ahead Conference on Innovative Data Systems Research (CIDR'17)."},{"key":"e_1_3_2_2_7_1","doi-asserted-by":"publisher","DOI":"10.1145\/2934872.2934910"},{"key":"e_1_3_2_2_8_1","volume-title":"Chen","author":"Chow Jim","year":"2008","unstructured":"Jim Chow, Tal Garfinkel, and Peter M. Chen 2008. Decoupling dynamic program analysis from execution in virtual environments Proceedings of the 2008 USENIX Annual Technical Conference (ATC). Boston, MA."},{"key":"e_1_3_2_2_9_1","doi-asserted-by":"publisher","DOI":"10.1145\/1273463.1273490"},{"key":"e_1_3_2_2_10_1","volume-title":"Eidetic systems Proceedings of the 11th USENIX Symposium on Operating Systems Design and Implementation (OSDI)","author":"Devecsery David","unstructured":"David Devecsery, Michael Chow, Xianzheng Dou, Jason Flinn, and Peter M Chen 2014. Eidetic systems Proceedings of the 11th USENIX Symposium on Operating Systems Design and Implementation (OSDI). Broomfield, Colorado."},{"key":"e_1_3_2_2_11_1","doi-asserted-by":"publisher","DOI":"10.1145\/2843859.2843867"},{"key":"e_1_3_2_2_12_1","volume-title":"Chen","author":"Dunlap George W.","year":"2002","unstructured":"George W. Dunlap, Samuel T. King, Sukru Cinar, Murtaza A. Basrai, and Peter M. Chen. 2002. ReVirt: Enabling Intrusion Analysis through Virtual-Machine Logging and Replay Proceedings of the 5th USENIX Symposium on Operating Systems Design and Implementation (OSDI). Boston, MA."},{"key":"e_1_3_2_2_13_1","volume-title":"TaintDroid: An Information-Flow Tracking System for Realtime Privacy Monitoring on Smartphones Proceedings of the 9th USENIX Symposium on Operating Systems Design and Implementation (OSDI)","author":"Enck William","unstructured":"William Enck, Peter Gilbert, Byung-Gon Chun, Landon P. Cox, Jaeyeon Jung, Patrick McDaniel, and Anmol N. Sheth 2010. TaintDroid: An Information-Flow Tracking System for Realtime Privacy Monitoring on Smartphones Proceedings of the 9th USENIX Symposium on Operating Systems Design and Implementation (OSDI). Vancouver, Canada."},{"key":"e_1_3_2_2_14_1","volume-title":"FlowFence: Practical Data Protection for Emerging IoT Application Frameworks Proceedings of the 25th USENIX Security Symposium (Security)","author":"Fernandes Earlence","year":"2016","unstructured":"Earlence Fernandes, Justin Paupore, Amir Rahmati, Daniel Simionato, Mauro Conti, and Atul Prakash. 2016. FlowFence: Practical Data Protection for Emerging IoT Application Frameworks Proceedings of the 25th USENIX Security Symposium (Security). Austin, TX."},{"key":"e_1_3_2_2_15_1","volume-title":"SPADE: support for provenance auditing in distributed environments Proceedings of the 13th International Middleware Conference (Middleware)","author":"Gehani Ashish","unstructured":"Ashish Gehani and Dawood Tariq 2012. SPADE: support for provenance auditing in distributed environments Proceedings of the 13th International Middleware Conference (Middleware)."},{"key":"e_1_3_2_2_16_1","volume-title":"Ensuring Operating System Kernel Integrity with OSck Proceedings of the 16th ACM International Conference on Architectural Support for Programming Languages and Operating Systems (ASPLOS)","author":"Hofmann Owen S.","year":"2011","unstructured":"Owen S. Hofmann, Alan M. Dunn, Sangman Kim, Indrajit Roy, and Emmett Witchel 2011. Ensuring Operating System Kernel Integrity with OSck Proceedings of the 16th ACM International Conference on Architectural Support for Programming Languages and Operating Systems (ASPLOS). Newport Beach, CA."},{"key":"e_1_3_2_2_17_1","volume-title":"Gyrus: A Framework for User-Intent Monitoring of Text-based Networked Applications Proceedings of the 2014 Annual Network and Distributed System Security Symposium (NDSS)","author":"Jang Yeongjin","year":"2014","unstructured":"Yeongjin Jang, Simon P Chung, Bryan D Payne, and Wenke Lee. 2014. Gyrus: A Framework for User-Intent Monitoring of Text-based Networked Applications Proceedings of the 2014 Annual Network and Distributed System Security Symposium (NDSS). San Diego, CA."},{"key":"e_1_3_2_2_18_1","volume-title":"ShadowReplica: efficient parallelization of dynamic data flow tracking Proceedings of the 20th ACM Conference on Computer and Communications Security (CCS)","author":"Jee Kangkook","unstructured":"Kangkook Jee, Vasileios P Kemerlis, Angelos D Keromytis, and Georgios Portokalidis 2013. ShadowReplica: efficient parallelization of dynamic data flow tracking Proceedings of the 20th ACM Conference on Computer and Communications Security (CCS). Berlin, Germany."},{"key":"e_1_3_2_2_19_1","volume-title":"RecProv: Towards Provenance-Aware User Space Record and Replay Proceedings of the 5th International Provenance and Annotation Workshop (IPAW)","author":"Ji Yang","year":"2016","unstructured":"Yang Ji, Sangho Lee, and Wenke Lee 2016. RecProv: Towards Provenance-Aware User Space Record and Replay Proceedings of the 5th International Provenance and Annotation Workshop (IPAW). Mclean, VA."},{"key":"e_1_3_2_2_20_1","volume-title":"libdft: Practical dynamic data flow tracking for commodity systems Proceedings of the 8th ACM SIGPLAN\/SIGOPS International Conference on Virtual Execution Environments","author":"Kemerlis Vasileios P","unstructured":"Vasileios P Kemerlis, Georgios Portokalidis, Kangkook Jee, and Angelos D Keromytis. 2012. libdft: Practical dynamic data flow tracking for commodity systems Proceedings of the 8th ACM SIGPLAN\/SIGOPS International Conference on Virtual Execution Environments. London, UK."},{"key":"e_1_3_2_2_21_1","volume-title":"Recovering from intrusions in distributed systems with DARE Proceedings of the 3rd Asia-Pacific Workshop on Systems (APSys)","author":"Kim Taesoo","unstructured":"Taesoo Kim, Ramesh Chandra, and Nickolai Zeldovich. 2012. Recovering from intrusions in distributed systems with DARE Proceedings of the 3rd Asia-Pacific Workshop on Systems (APSys). Seoul, South Korea."},{"key":"e_1_3_2_2_22_1","volume-title":"Proceedings of the 9th USENIX Symposium on Operating Systems Design and Implementation (OSDI)","author":"Kim Taesoo","year":"2010","unstructured":"Taesoo Kim, Xi Wang, Nickolai Zeldovich, and M Frans Kaashoek 2010. Intrusion Recovery Using Selective Re-execution. Proceedings of the 9th USENIX Symposium on Operating Systems Design and Implementation (OSDI). Vancouver, Canada."},{"key":"e_1_3_2_2_23_1","volume-title":"KI-Mon: A Hardware-assisted Event-triggered Monitoring Platform for Mutable Kernel Object Proceedings of the 22th USENIX Security Symposium (Security)","author":"Lee Hojoon","year":"2013","unstructured":"Hojoon Lee, HyunGon Moon, DaeHee Jang, Kihwan Kim, Jihoon Lee, Yunheung Paek, and Brent ByungHoon Kang 2013. KI-Mon: A Hardware-assisted Event-triggered Monitoring Platform for Mutable Kernel Object Proceedings of the 22th USENIX Security Symposium (Security). Washington, DC."},{"key":"e_1_3_2_2_24_1","volume-title":"High Accuracy Attack Provenance via Binary-based Execution Partition Proceedings of the 20th Annual Network and Distributed System Security Symposium (NDSS)","author":"Lee Kyu Hyung","unstructured":"Kyu Hyung Lee, Xiangyu Zhang, and Dongyan Xu. 2013. High Accuracy Attack Provenance via Binary-based Execution Partition Proceedings of the 20th Annual Network and Distributed System Security Symposium (NDSS). San Diego, CA."},{"key":"e_1_3_2_2_25_1","volume-title":"ProTracer: towards practical provenance tracing by alternating between logging and tainting Proceedings of the 2016 Annual Network and Distributed System Security Symposium (NDSS)","author":"Ma Shiqing","unstructured":"Shiqing Ma, Xiangyu Zhang, and Dongyan Xu 2016. ProTracer: towards practical provenance tracing by alternating between logging and tainting Proceedings of the 2016 Annual Network and Distributed System Security Symposium (NDSS). San Diego, CA."},{"key":"e_1_3_2_2_26_1","volume-title":"Fast Memory-efficient Anomaly Detection in Streaming Heterogeneous Graphs Proceedings of the 22nd ACM SIGKDD Knowledge Discovery and Data Mining (KDD)","author":"Manzoor Emaad A","year":"2016","unstructured":"Emaad A Manzoor, Sadegh Momeni, and Leman Akoglu. 2016. Fast Memory-efficient Anomaly Detection in Streaming Heterogeneous Graphs Proceedings of the 22nd ACM SIGKDD Knowledge Discovery and Data Mining (KDD). San Francisco, CA."},{"key":"e_1_3_2_2_27_1","volume-title":"StraightTaint: decoupled offline symbolic taint analysis Proceedings of the 31st IEEE\/ACM International Conference on Automated Software Engineering (ASE)","author":"Ming Jiang","unstructured":"Jiang Ming, Dinghao Wu, Jun Wang, Gaoyao Xiao, and Peng Liu 2016. StraightTaint: decoupled offline symbolic taint analysis Proceedings of the 31st IEEE\/ACM International Conference on Automated Software Engineering (ASE). Singapore."},{"key":"e_1_3_2_2_28_1","volume-title":"Proceedings of the 24th USENIX Security Symposium (Security)","author":"Ming Jiang","year":"2015","unstructured":"Jiang Ming, Dinghao Wu, Gaoyao Xiao, Jun Wang, and Peng Liu 2015. TaintPipe: pipelined symbolic taint analysis. In Proceedings of the 24th USENIX Security Symposium (Security). Washington, DC."},{"key":"e_1_3_2_2_29_1","volume-title":"Vigilare: Toward Snoop-based Kernel integrity Monitor Proceedings of the 19th ACM Conference on Computer and Communications Security (CCS)","author":"Moon Hyungon","unstructured":"Hyungon Moon, Hojoon Lee, Jihoon Lee, Kihwan Kim, Yunheung Paek, and Brent Byunghoon Kang 2012. Vigilare: Toward Snoop-based Kernel integrity Monitor Proceedings of the 19th ACM Conference on Computer and Communications Security (CCS). Raleigh, NC."},{"key":"e_1_3_2_2_30_1","doi-asserted-by":"publisher","DOI":"10.5555\/1855807.1855817"},{"key":"e_1_3_2_2_31_1","volume-title":"Proceedings of the 2006 USENIX Annual Technical Conference (ATC)","author":"Muniswamy-Reddy Kiran-Kumar","year":"2006","unstructured":"Kiran-Kumar Muniswamy-Reddy, David A. Holland, Uri Braun, and Margo Seltzer 2006. Provenance-Aware Storage Systems. In Proceedings of the 2006 USENIX Annual Technical Conference (ATC). Boston, MA."},{"key":"e_1_3_2_2_32_1","volume-title":"Proceedings of the 12th Annual Network and Distributed System Security Symposium (NDSS)","author":"Newsome James","year":"2005","unstructured":"James Newsome and Dawn Song 2005. Dynamic taint analysis for automatic detection, analysis, and signature generation of exploits on commodity software. In Proceedings of the 12th Annual Network and Distributed System Security Symposium (NDSS). San Diego, CA."},{"key":"e_1_3_2_2_33_1","doi-asserted-by":"publisher","DOI":"10.1145\/1772954.1772958"},{"key":"e_1_3_2_2_34_1","volume-title":"Copilot - a Coprocessor-based Kernel Runtime Integrity Monitor Proceedings of the 13th USENIX Security Symposium (Security)","author":"Petroni Nick L","unstructured":"Nick L Petroni Jr, Timothy Fraser, Jesus Molina, and William A Arbaugh 2004. Copilot - a Coprocessor-based Kernel Runtime Integrity Monitor Proceedings of the 13th USENIX Security Symposium (Security). San Diego, CA."},{"key":"e_1_3_2_2_35_1","volume-title":"JetStream: Cluster-scale parallelization of information flow queries Proceedings of the 12th USENIX Symposium on Operating Systems Design and Implementation (OSDI)","author":"Quinn Andrew","unstructured":"Andrew Quinn, Dave Devecsery, Peter M. Chen, and Jason Flinn 2016. JetStream: Cluster-scale parallelization of information flow queries Proceedings of the 12th USENIX Symposium on Operating Systems Design and Implementation (OSDI). Savannah, GA."},{"key":"e_1_3_2_2_36_1","volume-title":"Proceedings of the 2016 USENIX Annual Technical Conference (ATC)","author":"Ren Shiru","year":"2016","unstructured":"Shiru Ren, Le Tan, Chunqi Li, Zhen Xiao, and Weijia Song 2016. Samsara: Efficient Deterministic Replay in Multiprocessor Environments with Hardware Virtualization Extensions. In Proceedings of the 2016 USENIX Annual Technical Conference (ATC). Denver, CO."},{"key":"e_1_3_2_2_37_1","doi-asserted-by":"crossref","unstructured":"Christos Sakalis Carl Leonardsson Stefanos Kaxiras and Alberto Ros 2016. Splash-3: A properly synchronized benchmark suite for contemporary research IEEE International Symposium On Performance Analysis of Systems and Software (ISPASS'16).","DOI":"10.1109\/ISPASS.2016.7482078"},{"key":"e_1_3_2_2_38_1","volume-title":"SecVisor: A Tiny Hypervisor to Provide Lifetime Kernel Code Integirty for Commodity OSes Proceedings of the 21st ACM Symposium on Operating Systems Principles (SOSP)","author":"Seshadri Arvind","unstructured":"Arvind Seshadri, Mark Luk, Ning Qu, and Adrian Perrig. 2007. SecVisor: A Tiny Hypervisor to Provide Lifetime Kernel Code Integirty for Commodity OSes Proceedings of the 21st ACM Symposium on Operating Systems Principles (SOSP). Stevenson, WA."},{"key":"e_1_3_2_2_39_1","volume-title":"Flashback: A Lightweight Extension for Rollback and Deterministic Replay for Software Debugging Proceedings of the 2004 USENIX Annual Technical Conference (ATC)","author":"Srinivasan Sudarshan M","year":"2004","unstructured":"Sudarshan M Srinivasan, Srikanth Kandula, Christopher R Andrews, and Yuanyuan Zhou 2004. Flashback: A Lightweight Extension for Rollback and Deterministic Replay for Software Debugging Proceedings of the 2004 USENIX Annual Technical Conference (ATC). Boston, MA."},{"key":"e_1_3_2_2_40_1","volume-title":"Looking inside the black-box: capturing data provenance using dynamic instrumentation Proceedings of the 5th International Provenance and Annotation Workshop (IPAW)","author":"Stamatogiannakis Manolis","unstructured":"Manolis Stamatogiannakis, Paul Groth, and Herbert Bos. 2014. Looking inside the black-box: capturing data provenance using dynamic instrumentation Proceedings of the 5th International Provenance and Annotation Workshop (IPAW). Cologne, Germany."},{"key":"e_1_3_2_2_41_1","volume-title":"Decoupling Provenace Capture and Analysis from Execution Proceedings of the 7th USENIX Workshop on the Theory and Practice on Provenance (TaPP)","author":"Stamatogiannakis Manolis","unstructured":"Manolis Stamatogiannakis, Paul Groth, and Herbert Bos. 2015. Decoupling Provenace Capture and Analysis from Execution Proceedings of the 7th USENIX Workshop on the Theory and Practice on Provenance (TaPP). Edinburgh, Scotland."},{"key":"e_1_3_2_2_42_1","volume-title":"Secure Program Execution via Dynamic Information Flow Tracking Proceedings of the 11th ACM International Conference on Architectural Support for Programming Languages and Operating Systems (ASPLOS)","author":"Suh G. Edward","unstructured":"G. Edward Suh, Jae W. Lee, and Srinivas Devadas. 2004. Secure Program Execution via Dynamic Information Flow Tracking Proceedings of the 11th ACM International Conference on Architectural Support for Programming Languages and Operating Systems (ASPLOS). Boston, MA."},{"key":"e_1_3_2_2_43_1","volume-title":"High Fidelity Data Reduction for Big Data Security Dependency Analyses Proceedings of the 23rd ACM Conference on Computer and Communications Security (CCS)","author":"Xu Zhang","year":"2016","unstructured":"Zhang Xu, Zhenyu Wu, Zhichun Li, Kangkook Jee, Junghwan Rhee, Xusheng Xiao, Fengyuan Xu, Haining Wang, and Guofei Jiang 2016. High Fidelity Data Reduction for Big Data Security Dependency Analyses Proceedings of the 23rd ACM Conference on Computer and Communications Security (CCS). Vienna, Austria."},{"key":"e_1_3_2_2_44_1","volume-title":"ReplayConfusion: Detecting Cache-based Covert Channel Attacks Using Record and Replay Proceedings of the 49th Annual IEEE\/ACM International Symposium on Microarchitecture (MICRO)","author":"Yan Mengjia","year":"2016","unstructured":"Mengjia Yan, Yasser Shalabi, and Josep Torrellas. 2016. ReplayConfusion: Detecting Cache-based Covert Channel Attacks Using Record and Replay Proceedings of the 49th Annual IEEE\/ACM International Symposium on Microarchitecture (MICRO). Taipei, Taiwan."},{"key":"e_1_3_2_2_45_1","volume-title":"Panorama: capturing system-wide information flow for malware detection and analysis Proceedings of the 14th ACM Conference on Computer and Communications Security (CCS)","author":"Yin Heng","unstructured":"Heng Yin, Dawn Song, Manuel Egele, Christopher Kruegel, and Engin Kirda 2007. Panorama: capturing system-wide information flow for malware detection and analysis Proceedings of the 14th ACM Conference on Computer and Communications Security (CCS). Alexandria, VA."},{"key":"e_1_3_2_2_46_1","doi-asserted-by":"publisher","DOI":"10.1145\/2043556.2043584"}],"event":{"name":"CCS '17: 2017 ACM SIGSAC Conference on Computer and Communications Security","location":"Dallas Texas USA","acronym":"CCS '17","sponsor":["SIGSAC ACM Special Interest Group on Security, Audit, and Control"]},"container-title":["Proceedings of the 2017 ACM SIGSAC Conference on Computer and Communications Security"],"original-title":[],"link":[{"URL":"https:\/\/dl.acm.org\/doi\/10.1145\/3133956.3134045","content-type":"unspecified","content-version":"vor","intended-application":"text-mining"},{"URL":"https:\/\/dl.acm.org\/doi\/pdf\/10.1145\/3133956.3134045","content-type":"application\/pdf","content-version":"vor","intended-application":"syndication"},{"URL":"https:\/\/dl.acm.org\/doi\/pdf\/10.1145\/3133956.3134045","content-type":"unspecified","content-version":"vor","intended-application":"similarity-checking"}],"deposited":{"date-parts":[[2025,6,18]],"date-time":"2025-06-18T02:11:03Z","timestamp":1750212663000},"score":1,"resource":{"primary":{"URL":"https:\/\/dl.acm.org\/doi\/10.1145\/3133956.3134045"}},"subtitle":["Refinable Attack Investigation with On-demand Inter-Process Information Flow Tracking"],"short-title":[],"issued":{"date-parts":[[2017,10,30]]},"references-count":46,"alternative-id":["10.1145\/3133956.3134045","10.1145\/3133956"],"URL":"https:\/\/doi.org\/10.1145\/3133956.3134045","relation":{},"subject":[],"published":{"date-parts":[[2017,10,30]]},"assertion":[{"value":"2017-10-30","order":2,"name":"published","label":"Published","group":{"name":"publication_history","label":"Publication History"}}]}}