{"status":"ok","message-type":"work","message-version":"1.0.0","message":{"indexed":{"date-parts":[[2026,2,1]],"date-time":"2026-02-01T03:15:53Z","timestamp":1769915753533,"version":"3.49.0"},"publisher-location":"New York, NY, USA","reference-count":92,"publisher":"ACM","license":[{"start":{"date-parts":[[2020,11,8]],"date-time":"2020-11-08T00:00:00Z","timestamp":1604793600000},"content-version":"vor","delay-in-days":0,"URL":"https:\/\/www.acm.org\/publications\/policies\/copyright_policy#Background"}],"content-domain":{"domain":["dl.acm.org"],"crossmark-restriction":true},"short-container-title":[],"published-print":{"date-parts":[[2020,11,8]]},"DOI":"10.1145\/3368089.3417056","type":"proceedings-article","created":{"date-parts":[[2020,12,11]],"date-time":"2020-12-11T00:45:01Z","timestamp":1607647501000},"page":"1421-1432","update-policy":"https:\/\/doi.org\/10.1145\/crossmark-policy","source":"Crossref","is-referenced-by-count":11,"title":["Improving cybersecurity hygiene through JIT patching"],"prefix":"10.1145","author":[{"given":"Frederico","family":"Araujo","sequence":"first","affiliation":[{"name":"IBM Research, USA"}],"role":[{"role":"author","vocabulary":"crossref"}]},{"given":"Teryl","family":"Taylor","sequence":"additional","affiliation":[{"name":"IBM Research, USA"}],"role":[{"role":"author","vocabulary":"crossref"}]}],"member":"320","published-online":{"date-parts":[[2020,11,8]]},"reference":[{"key":"e_1_3_2_2_1_1","unstructured":"Anomali Inc. 2014. Modern Honey Network. https:\/\/github.com\/pwnlandia\/mhn. Accessed: 2020-09-02. Anomali Inc. 2014. Modern Honey Network. https:\/\/github.com\/pwnlandia\/mhn. Accessed: 2020-09-02."},{"key":"e_1_3_2_2_2_1","unstructured":"Ansible. 2020. https:\/\/www.ansible.com\/. Accessed: 2020-09-02. Ansible. 2020. https:\/\/www.ansible.com\/. Accessed: 2020-09-02."},{"key":"e_1_3_2_2_3_1","unstructured":"Ansible Tower. 2020. https:\/\/www.ansible.com\/products\/tower. Accessed: 2020-09-02. Ansible Tower. 2020. https:\/\/www.ansible.com\/products\/tower. Accessed: 2020-09-02."},{"key":"e_1_3_2_2_4_1","unstructured":"Apache HTTP Server. 2019. https:\/\/httpd.apache.org\/. Accessed: 2019-12-08. Apache HTTP Server. 2019. https:\/\/httpd.apache.org\/. Accessed: 2019-12-08."},{"key":"e_1_3_2_2_5_1","volume-title":"Proc. Annual Computer Security Applications Conf. ACM, 245-256","author":"Araujo Frederico","year":"2019"},{"key":"e_1_3_2_2_6_1","volume-title":"Hamlen","author":"Araujo Frederico","year":"2015"},{"key":"e_1_3_2_2_7_1","doi-asserted-by":"publisher","DOI":"10.1145\/2660267.2660329"},{"key":"e_1_3_2_2_8_1","volume-title":"Proc. European Conf. Computer Systems. 187-198","author":"Arnold Jef"},{"key":"e_1_3_2_2_9_1","first-page":"82","article-title":"DKSM","author":"Bahram Sina","year":"2010","journal-title":"Subverting Virtual Machine Introspection for Fun and Profit. In Proc. IEEE Sym. Reliable Distributed Systems."},{"key":"e_1_3_2_2_10_1","doi-asserted-by":"publisher","DOI":"10.1145\/2808117.2808122"},{"key":"e_1_3_2_2_11_1","unstructured":"Bind. 2019. https:\/\/www.isc.org\/bind\/. Accessed: 2019-12-02. Bind. 2019. https:\/\/www.isc.org\/bind\/. Accessed: 2019-12-02."},{"key":"e_1_3_2_2_12_1","doi-asserted-by":"publisher","DOI":"10.1007\/978-3-030-34647-8_12"},{"key":"e_1_3_2_2_13_1","article-title":"Malware Forensics: Discovery of the Intent of Deception","volume":"5","author":"Brand Murray","year":"2010","journal-title":"J. Digital Forensics, Security and Law"},{"key":"e_1_3_2_2_14_1","doi-asserted-by":"publisher","DOI":"10.5815\/ijcnis.2012.10.07"},{"key":"e_1_3_2_2_15_1","doi-asserted-by":"publisher","DOI":"10.1109\/ICSE.2007.65"},{"key":"e_1_3_2_2_16_1","doi-asserted-by":"publisher","DOI":"10.1109\/TSE.2010.79"},{"key":"e_1_3_2_2_17_1","volume-title":"Proc. IEEE\/IFIP Int. Conf. Dependable Systems and Networks. 177-186","author":"Chen Xu","year":"2008"},{"key":"e_1_3_2_2_18_1","first-page":"1253","article-title":"Adaptive Android Kernel Live Patching","author":"Chen Yue","year":"2017","journal-title":"Proc. USENIX Security Sym."},{"key":"e_1_3_2_2_19_1","volume-title":"The Heartbleed Bug"},{"key":"e_1_3_2_2_20_1","doi-asserted-by":"crossref","first-page":"95","DOI":"10.1145\/2535813.2535824","article-title":"Booby Trapping Software","author":"Crane Stephen","year":"2013","journal-title":"Proc. New Security Paradigms Work."},{"key":"e_1_3_2_2_21_1","doi-asserted-by":"publisher","DOI":"10.1145\/3192366.3192396"},{"key":"e_1_3_2_2_22_1","volume-title":"T-Pot: DTAG Community Honeypot Project","author":"Deutsche Telekom AG."},{"key":"e_1_3_2_2_23_1","unstructured":"DNSPerf. 2019. https:\/\/www.dns-oarc.net\/tools\/dnsperf. Accessed: 2019-11-28. DNSPerf. 2019. https:\/\/www.dns-oarc.net\/tools\/dnsperf. Accessed: 2019-11-28."},{"key":"e_1_3_2_2_24_1","unstructured":"Docker. 2020. https:\/\/www.docker.com\/. Accessed: 2020-09-01. Docker. 2020. https:\/\/www.docker.com\/. Accessed: 2020-09-01."},{"key":"e_1_3_2_2_26_1","unstructured":"Edgescan. 2019. Vulnerability Statistics Report. Edgescan. 2019. Vulnerability Statistics Report."},{"key":"e_1_3_2_2_27_1","doi-asserted-by":"publisher","DOI":"10.1007\/978-3-642-02812-0_17"},{"key":"e_1_3_2_2_28_1","unstructured":"Fluentd. 2019. http:\/\/www.fluentd.org\/. Accessed: 2019-12-06. Fluentd. 2019. http:\/\/www.fluentd.org\/. Accessed: 2019-12-06."},{"key":"e_1_3_2_2_29_1","article-title":"Tactical Deception in Air-land Warfare","volume":"18","author":"Fowler Charles A.","year":"1995","journal-title":"J. Electronic Defense"},{"key":"e_1_3_2_2_30_1","unstructured":"ftpbench. 2019. https:\/\/pypi.python.org\/pypi\/ftpbench\/1.0. Accessed: 2019-12-10. ftpbench. 2019. https:\/\/pypi.python.org\/pypi\/ftpbench\/1.0. Accessed: 2019-12-10."},{"key":"e_1_3_2_2_31_1","doi-asserted-by":"publisher","DOI":"10.1145\/2451116.2451147"},{"key":"e_1_3_2_2_32_1","unstructured":"Glastopf. 2009. Web Application Honeypot. https:\/\/github.com\/mushorg\/glastopf. Accessed: 2020-09-01. Glastopf. 2009. Web Application Honeypot. https:\/\/github.com\/mushorg\/glastopf. Accessed: 2020-09-01."},{"key":"e_1_3_2_2_33_1","unstructured":"Andy Greenberg. 2018. The untold story of NotPetya the most devastating cyberattack in history. Wired ( 2018 ). Andy Greenberg. 2018. The untold story of NotPetya the most devastating cyberattack in history. Wired ( 2018 )."},{"key":"e_1_3_2_2_34_1","unstructured":"Ravit Greister and Daniel Goldberg. 2017. SambaCry the Seven Year Old Samba Vulnerability is the Next Big Threat (for now). https:\/\/www.guardicore.com\/ 2017 \/05\/samba\/. Accessed: 2019-12-12. Ravit Greister and Daniel Goldberg. 2017. SambaCry the Seven Year Old Samba Vulnerability is the Next Big Threat (for now). https:\/\/www.guardicore.com\/ 2017 \/05\/samba\/. Accessed: 2019-12-12."},{"key":"e_1_3_2_2_35_1","unstructured":"Nadav Grossman. 2017. EternalBlue-Everything There Is To Know. Nadav Grossman. 2017. EternalBlue-Everything There Is To Know."},{"key":"e_1_3_2_2_36_1","volume-title":"Tsow","author":"Heckman Kristin E.","year":"2015"},{"key":"e_1_3_2_2_37_1","volume-title":"Herber","author":"Heckman Kristin E.","year":"2013"},{"key":"e_1_3_2_2_38_1","first-page":"51","volume-title":"Proc. IEEE Int. Conf. Computer Software and Applications Conference","volume":"2","author":"Huang Hai","year":"2005"},{"key":"e_1_3_2_2_39_1","volume-title":"Proc. Conf. on USENIX Windows NT Sym. USENIX Association.","author":"Hunt Galen","year":"1999"},{"key":"e_1_3_2_2_40_1","first-page":"329","article-title":"TxBox: Building secure, eficient sandboxes with system transactions","author":"Jana Suman","year":"2011","journal-title":"Proc. IEEE Sym. Security and Privacy."},{"key":"e_1_3_2_2_41_1","doi-asserted-by":"publisher","DOI":"10.1145\/1315245.1315262"},{"key":"e_1_3_2_2_42_1","unstructured":"Kippo. 2009. SSH honeypot. https:\/\/github.com\/desaster\/kippo. Accessed: 2020-09-01. Kippo. 2009. SSH honeypot. https:\/\/github.com\/desaster\/kippo. Accessed: 2020-09-01."},{"key":"e_1_3_2_2_43_1","unstructured":"kpatch. 2020. kpatch: dynamic kernel patching. https:\/\/github.com\/dynup\/kpatch. Accessed: 2020-05-19. kpatch. 2020. kpatch: dynamic kernel patching. https:\/\/github.com\/dynup\/kpatch. Accessed: 2020-05-19."},{"key":"e_1_3_2_2_44_1","doi-asserted-by":"publisher","DOI":"10.1109\/MSECP.2004.1264861"},{"key":"e_1_3_2_2_45_1","volume-title":"Proc. IEEE Int. Multi-Disciplinary Conf. Cognitive Methods in Situation Awareness and Decision Support. 56-59","author":"Lawson Jamie"},{"key":"e_1_3_2_2_46_1","volume-title":"Proc. USENIX Annual Technical Conf.","author":"Li Yanlin","year":"2014"},{"key":"e_1_3_2_2_47_1","volume-title":"capabilities-overview of Linux capabilities","author":"Manual Linux Programmer's"},{"key":"e_1_3_2_2_48_1","volume-title":"cgroups-Linux control groups","author":"Manual Linux Programmer's"},{"key":"e_1_3_2_2_49_1","volume-title":"namespaces: Overview of Linux Namespaces","author":"Manual Linux Programmer's"},{"key":"e_1_3_2_2_50_1","unstructured":"LLVM. 2019. http:\/\/www.llvm.org\/. Accessed: 2019-12-13. LLVM. 2019. http:\/\/www.llvm.org\/. Accessed: 2019-12-13."},{"key":"e_1_3_2_2_51_1","volume-title":"Proc. USENIX Annual Technical Conf. 397-410","author":"Makris Kristis"},{"key":"e_1_3_2_2_52_1","doi-asserted-by":"publisher","DOI":"10.1109\/MSECP.2003.1253575"},{"key":"e_1_3_2_2_53_1","first-page":"143","article-title":"TrustVisor: Eficient TCB reduction and attestation","author":"McCune Jonathan M","year":"2010","journal-title":"Proc. IEEE Sym. Security and Privacy. IEEE"},{"key":"e_1_3_2_2_54_1","unstructured":"Microsoft IIS. 2019. https:\/\/www.iis.net\/. Accessed: 2019-11-25. Microsoft IIS. 2019. https:\/\/www.iis.net\/. Accessed: 2019-11-25."},{"key":"e_1_3_2_2_55_1","doi-asserted-by":"publisher","DOI":"10.1145\/1133981.1133991"},{"key":"e_1_3_2_2_56_1","unstructured":"NGINX. 2019. https:\/\/www.nginx.com\/. Accessed: 2019-12-01. NGINX. 2019. https:\/\/www.nginx.com\/. Accessed: 2019-12-01."},{"key":"e_1_3_2_2_57_1","unstructured":"NIST. 2002. Special Publication (SP) 800-40 Procedures for Handling Security Patches. NIST ( 2002 ). NIST. 2002. Special Publication (SP) 800-40 Procedures for Handling Security Patches. NIST ( 2002 )."},{"key":"e_1_3_2_2_58_1","unstructured":"NIST. 2005. Special Publication (SP) 800-40 Revision 2 Creating a Patch and Vulnerability Management Program. NIST ( 2005 ). NIST. 2005. Special Publication (SP) 800-40 Revision 2 Creating a Patch and Vulnerability Management Program. NIST ( 2005 )."},{"key":"e_1_3_2_2_59_1","unstructured":"NIST. 2013. Special Publication (SP) 800-184 Guide for Cybersecurity Event Recovery. NIST ( 2013 ). NIST. 2013. Special Publication (SP) 800-184 Guide for Cybersecurity Event Recovery. NIST ( 2013 )."},{"key":"e_1_3_2_2_60_1","unstructured":"NIST. 2013. Special Publication (SP) 800-40 Revision 3 Guide to Enterprise Patch Management Technologies. NIST ( 2013 ). NIST. 2013. Special Publication (SP) 800-40 Revision 3 Guide to Enterprise Patch Management Technologies. NIST ( 2013 )."},{"key":"e_1_3_2_2_61_1","unstructured":"NIST. 2014. The Shellshock Bash Vulnerability. https:\/\/web.nvd.nist.gov\/view\/ vuln\/detail?vulnId=CVE-2014-6271. Accessed: 2020-09-02. NIST. 2014. The Shellshock Bash Vulnerability. https:\/\/web.nvd.nist.gov\/view\/ vuln\/detail?vulnId=CVE-2014-6271. Accessed: 2020-09-02."},{"key":"e_1_3_2_2_62_1","unstructured":"NIST. 2020. Common Vulnerability Scoring System. https:\/\/nvd.nist.gov\/vulnmetrics\/cvss. Accessed: 2020-09-05. NIST. 2020. Common Vulnerability Scoring System. https:\/\/nvd.nist.gov\/vulnmetrics\/cvss. Accessed: 2020-09-05."},{"key":"e_1_3_2_2_63_1","volume-title":"F\u00e9lix G\u00f3mez M\u00e1rmol, and Gregorio Mart\u00ednez P\u00e9rez","author":"Pastor-Galindo Javier","year":"2020"},{"key":"e_1_3_2_2_64_1","doi-asserted-by":"publisher","DOI":"10.1109\/PST.2013.6596048"},{"key":"e_1_3_2_2_66_1","first-page":"1","article-title":"A Virtual Honeypot Framework","author":"Provos Niels","year":"2004","journal-title":"Proc. USENIX Security Sym."},{"key":"e_1_3_2_2_67_1","volume-title":"Virtual Honeypots: From Botnet Tracking to Intrusion Detection","author":"Provos Niels","year":"2007"},{"key":"e_1_3_2_2_68_1","doi-asserted-by":"publisher","DOI":"10.1109\/ARES.2010.112"},{"key":"e_1_3_2_2_69_1","unstructured":"Ole Andr\u00e9 V. Ravn\u00e5s. 2019. Frida. https:\/\/www.frida.re\/. Accessed: 2019-12-13. Ole Andr\u00e9 V. Ravn\u00e5s. 2019. Frida. https:\/\/www.frida.re\/. Accessed: 2019-12-13."},{"key":"e_1_3_2_2_70_1","doi-asserted-by":"publisher","DOI":"10.1007\/978-3-642-24864-1_1"},{"key":"e_1_3_2_2_71_1","doi-asserted-by":"publisher","DOI":"10.1109\/SASOW.2015.23"},{"key":"e_1_3_2_2_72_1","doi-asserted-by":"publisher","DOI":"10.1145\/3365137.3365404"},{"key":"e_1_3_2_2_73_1","doi-asserted-by":"publisher","DOI":"10.1109\/MASSUR.2004.1368414"},{"key":"e_1_3_2_2_74_1","volume-title":"Proc. Int. Conf. Information Warfare and Security.","author":"Rowe Neil C.","year":"2006"},{"key":"e_1_3_2_2_75_1","first-page":"223","article-title":"Fake Honeypots : A Defensive Tactic for Cyberspace","author":"Rowe Neil C.","year":"2006","journal-title":"Proc. IEEE Information Assurance Work."},{"key":"e_1_3_2_2_76_1","unstructured":"Samba. 2019. https:\/\/www.samba.org\/. Accessed: 2019-12-10. Samba. 2019. https:\/\/www.samba.org\/. Accessed: 2019-12-10."},{"key":"e_1_3_2_2_77_1","unstructured":"Sendmail. 2019. http:\/\/www.postfix.org\/sendmail.1.html. Accessed: 2019-11-29. Sendmail. 2019. http:\/\/www.postfix.org\/sendmail.1.html. Accessed: 2019-11-29."},{"key":"e_1_3_2_2_78_1","volume-title":"Proc. Sym. Network and Distributed System Security.","author":"Sharif Monirul I.","year":"2008"},{"key":"e_1_3_2_2_79_1","unstructured":"Steve Souders. 2007. High Performance Web Sites: Essential Knowledge for FrontEnd Engineers. O'Reilly. Steve Souders. 2007. High Performance Web Sites: Essential Knowledge for FrontEnd Engineers. O'Reilly."},{"key":"e_1_3_2_2_80_1","unstructured":"Murugiah Souppaya Kevin Stine Mark Simos Sean Sweeney and Karen Scarfone. 2020. Critical Cybersecurity Hygiene: Patching the Enterprise. NIST NCCoE (March 2020 ). Murugiah Souppaya Kevin Stine Mark Simos Sean Sweeney and Karen Scarfone. 2020. Critical Cybersecurity Hygiene: Patching the Enterprise. NIST NCCoE (March 2020 )."},{"key":"e_1_3_2_2_81_1","volume-title":"Honeypots: Tracking Hackers","author":"Spitzner Lance","year":"2002"},{"key":"e_1_3_2_2_82_1","volume-title":"The Honeynet Project: Trapping the Hackers","author":"Spitzner Lance","year":"2003"},{"key":"e_1_3_2_2_83_1","volume-title":"The Ethics of Information Warfare","author":"Sullins John P."},{"key":"e_1_3_2_2_84_1","unstructured":"Sysdig. 2019. http:\/\/www.sysdig.org\/. Accessed: 2019-12-07. Sysdig. 2019. http:\/\/www.sysdig.org\/. Accessed: 2019-12-07."},{"key":"e_1_3_2_2_85_1","doi-asserted-by":"publisher","DOI":"10.1016\/j.diin.2008.05.012"},{"key":"e_1_3_2_2_86_1","doi-asserted-by":"publisher","DOI":"10.1109\/CYCON.2014.6916397"},{"key":"e_1_3_2_2_87_1","unstructured":"vsftpd. 2019. https:\/\/security.appspot.com\/vsftpd.html. Accessed: 2019-12-10. vsftpd. 2019. https:\/\/security.appspot.com\/vsftpd.html. Accessed: 2019-12-10."},{"key":"e_1_3_2_2_88_1","article-title":"Honeypot Detection in Advanced Botnet","volume":"4","author":"Wang Ping","year":"2010","journal-title":"Attacks. Int. J. Information and Computer Security"},{"key":"e_1_3_2_2_89_1","volume-title":"Proc. Int. Conf. Cyber Security, Cyber Peacefare and Digital Forensic. 170-179","author":"Whitham Ben","year":"2013"},{"key":"e_1_3_2_2_90_1","volume-title":"Proc. Australian Information Warfare Conf. 20-30","author":"Whitham Ben","year":"2014"},{"key":"e_1_3_2_2_91_1","first-page":"367","article-title":"Shufler","author":"Williams-King David","year":"2016","journal-title":"Fast and Deployable Continuous Code Rerandomization. In Proc. USENIX Sym. Operating Systems Design and Implementation."},{"key":"e_1_3_2_2_92_1","doi-asserted-by":"publisher","DOI":"10.1145\/2810103.2813716"},{"key":"e_1_3_2_2_93_1","first-page":"79","article-title":"Native client: A sandbox for portable, untrusted x86 native code","author":"Yee Bennet","year":"2009","journal-title":"Proc. IEEE Sym. Security and Privacy."},{"key":"e_1_3_2_2_94_1","doi-asserted-by":"publisher","DOI":"10.1109\/BWCCA.2010.85"}],"event":{"name":"ESEC\/FSE '20: 28th ACM Joint European Software Engineering Conference and Symposium on the Foundations of Software Engineering","location":"Virtual Event USA","acronym":"ESEC\/FSE '20","sponsor":["SIGSOFT ACM Special Interest Group on Software Engineering"]},"container-title":["Proceedings of the 28th ACM Joint Meeting on European Software Engineering Conference and Symposium on the Foundations of Software Engineering"],"original-title":[],"link":[{"URL":"https:\/\/dl.acm.org\/doi\/10.1145\/3368089.3417056","content-type":"unspecified","content-version":"vor","intended-application":"text-mining"},{"URL":"https:\/\/dl.acm.org\/doi\/pdf\/10.1145\/3368089.3417056","content-type":"unspecified","content-version":"vor","intended-application":"similarity-checking"}],"deposited":{"date-parts":[[2025,6,17]],"date-time":"2025-06-17T22:01:58Z","timestamp":1750197718000},"score":1,"resource":{"primary":{"URL":"https:\/\/dl.acm.org\/doi\/10.1145\/3368089.3417056"}},"subtitle":[],"short-title":[],"issued":{"date-parts":[[2020,11,8]]},"references-count":92,"alternative-id":["10.1145\/3368089.3417056","10.1145\/3368089"],"URL":"https:\/\/doi.org\/10.1145\/3368089.3417056","relation":{},"subject":[],"published":{"date-parts":[[2020,11,8]]},"assertion":[{"value":"2020-11-08","order":2,"name":"published","label":"Published","group":{"name":"publication_history","label":"Publication History"}}]}}