{"status":"ok","message-type":"work","message-version":"1.0.0","message":{"indexed":{"date-parts":[[2025,6,18]],"date-time":"2025-06-18T04:26:19Z","timestamp":1750220779644,"version":"3.41.0"},"publisher-location":"New York, NY, USA","reference-count":7,"publisher":"ACM","license":[{"start":{"date-parts":[[2020,10,5]],"date-time":"2020-10-05T00:00:00Z","timestamp":1601856000000},"content-version":"vor","delay-in-days":0,"URL":"https:\/\/www.acm.org\/publications\/policies\/copyright_policy#Background"}],"content-domain":{"domain":["dl.acm.org"],"crossmark-restriction":true},"short-container-title":[],"published-print":{"date-parts":[[2020,10,5]]},"DOI":"10.1145\/3320269.3405449","type":"proceedings-article","created":{"date-parts":[[2020,10,5]],"date-time":"2020-10-05T16:33:22Z","timestamp":1601915602000},"page":"934-936","update-policy":"https:\/\/doi.org\/10.1145\/crossmark-policy","source":"Crossref","is-referenced-by-count":1,"title":["POSTER: Construct macOS Cyber Range for Red\/Blue Teams"],"prefix":"10.1145","author":[{"given":"Yi-Hsien","family":"Chen","sequence":"first","affiliation":[{"name":"National Taiwan University & CyCraft Technology Corporation, Taipei, Taiwan Roc"}],"role":[{"role":"author","vocabulary":"crossref"}]},{"given":"Yen-Da","family":"Lin","sequence":"additional","affiliation":[{"name":"CyCraft Technology Corporation, Taipei, Taiwan Roc"}],"role":[{"role":"author","vocabulary":"crossref"}]},{"given":"Chung-Kuan","family":"Chen","sequence":"additional","affiliation":[{"name":"CyCraft Technology Corporation, Taipei, Taiwan Roc"}],"role":[{"role":"author","vocabulary":"crossref"}]},{"given":"Chin-Laung","family":"Lei","sequence":"additional","affiliation":[{"name":"National Taiwan University, Taipei, Taiwan Roc"}],"role":[{"role":"author","vocabulary":"crossref"}]},{"given":"Chun-Ying","family":"Huang","sequence":"additional","affiliation":[{"name":"National Chiao Tung University, Taipei, Taiwan Roc"}],"role":[{"role":"author","vocabulary":"crossref"}]}],"member":"320","published-online":{"date-parts":[[2020,10,5]]},"reference":[{"key":"e_1_3_2_1_1_1","unstructured":"Bitdefender. 2017. Dissecting the APT28 Mac OS X Payload. https:\/\/download.bitdefender.com\/resources\/files\/News\/CaseStudies\/study\/143\/Bitdefender-Whitepaper-APT-Mac-A4-en-EN-web.pdf.  Bitdefender. 2017. Dissecting the APT28 Mac OS X Payload. https:\/\/download.bitdefender.com\/resources\/files\/News\/CaseStudies\/study\/143\/Bitdefender-Whitepaper-APT-Mac-A4-en-EN-web.pdf."},{"key":"e_1_3_2_1_2_1","unstructured":"CrowdStrike Holdings Inc. 2019. AutoMacTC: Automated Mac Forensic TriageCollector. (2019). https:\/\/github.com\/CrowdStrike\/automactc.  CrowdStrike Holdings Inc. 2019. AutoMacTC: Automated Mac Forensic TriageCollector. (2019). https:\/\/github.com\/CrowdStrike\/automactc."},{"key":"e_1_3_2_1_3_1","unstructured":"DiDi Inc. 2014. An Open-Source Pre and Post Callback-Based Framework for macOS Kernel Monitoring. (2014). https:\/\/github.com\/didi\/kemon.  DiDi Inc. 2014. An Open-Source Pre and Post Callback-Based Framework for macOS Kernel Monitoring. (2014). https:\/\/github.com\/didi\/kemon."},{"key":"e_1_3_2_1_4_1","unstructured":"Objective-See. 2019. Burned by Fire(fox). https:\/\/objective-see.com\/blog\/blog_0x43.html.  Objective-See. 2019. Burned by Fire(fox). https:\/\/objective-see.com\/blog\/blog_0x43.html."},{"key":"e_1_3_2_1_5_1","unstructured":"Objective-See. 2019. Pass the AppleJeus. https:\/\/objective-see.com\/blog\/blog_0x49.html.  Objective-See. 2019. Pass the AppleJeus. https:\/\/objective-see.com\/blog\/blog_0x49.html."},{"key":"e_1_3_2_1_6_1","unstructured":"osquery Project. 2014. Performant endpoint visibility. (2014). https:\/\/osquery.io\/.  osquery Project. 2014. Performant endpoint visibility. (2014). https:\/\/osquery.io\/."},{"key":"e_1_3_2_1_7_1","unstructured":"Yelp Inc. 2018. A forensic evidence collection & analysis toolkit for OS X. (2018). http:\/\/yelp.github.io\/osxcollector.  Yelp Inc. 2018. A forensic evidence collection & analysis toolkit for OS X. (2018). http:\/\/yelp.github.io\/osxcollector."}],"event":{"name":"ASIA CCS '20: The 15th ACM Asia Conference on Computer and Communications Security","sponsor":["SIGSAC ACM Special Interest Group on Security, Audit, and Control"],"location":"Taipei Taiwan","acronym":"ASIA CCS '20"},"container-title":["Proceedings of the 15th ACM Asia Conference on Computer and Communications Security"],"original-title":[],"link":[{"URL":"https:\/\/dl.acm.org\/doi\/10.1145\/3320269.3405449","content-type":"unspecified","content-version":"vor","intended-application":"text-mining"},{"URL":"https:\/\/dl.acm.org\/doi\/pdf\/10.1145\/3320269.3405449","content-type":"unspecified","content-version":"vor","intended-application":"similarity-checking"}],"deposited":{"date-parts":[[2025,6,17]],"date-time":"2025-06-17T22:41:28Z","timestamp":1750200088000},"score":1,"resource":{"primary":{"URL":"https:\/\/dl.acm.org\/doi\/10.1145\/3320269.3405449"}},"subtitle":[],"short-title":[],"issued":{"date-parts":[[2020,10,5]]},"references-count":7,"alternative-id":["10.1145\/3320269.3405449","10.1145\/3320269"],"URL":"https:\/\/doi.org\/10.1145\/3320269.3405449","relation":{},"subject":[],"published":{"date-parts":[[2020,10,5]]},"assertion":[{"value":"2020-10-05","order":2,"name":"published","label":"Published","group":{"name":"publication_history","label":"Publication History"}}]}}