{"status":"ok","message-type":"work","message-version":"1.0.0","message":{"indexed":{"date-parts":[[2026,2,1]],"date-time":"2026-02-01T02:27:25Z","timestamp":1769912845138,"version":"3.49.0"},"publisher-location":"New York, NY, USA","reference-count":96,"publisher":"ACM","license":[{"start":{"date-parts":[[2019,9,23]],"date-time":"2019-09-23T00:00:00Z","timestamp":1569196800000},"content-version":"vor","delay-in-days":0,"URL":"https:\/\/www.acm.org\/publications\/policies\/copyright_policy#Background"}],"funder":[{"DOI":"10.13039\/100000001","name":"National Science Foundation","doi-asserted-by":"publisher","award":["CNS-1801534, CNS-1801601"],"award-info":[{"award-number":["CNS-1801534, CNS-1801601"]}],"id":[{"id":"10.13039\/100000001","id-type":"DOI","asserted-by":"publisher"}]},{"name":"ARL Cyber Security CRA","award":["W911NF-13-2-0045"],"award-info":[{"award-number":["W911NF-13-2-0045"]}]}],"content-domain":{"domain":["dl.acm.org"],"crossmark-restriction":true},"short-container-title":[],"published-print":{"date-parts":[[2019,9,23]]},"DOI":"10.1145\/3368860.3368862","type":"proceedings-article","created":{"date-parts":[[2020,1,15]],"date-time":"2020-01-15T19:41:45Z","timestamp":1579117305000},"page":"16-30","update-policy":"https:\/\/doi.org\/10.1145\/crossmark-policy","source":"Crossref","is-referenced-by-count":16,"title":["Employing attack graphs for intrusion detection"],"prefix":"10.1145","author":[{"given":"Frank","family":"Capobianco","sequence":"first","affiliation":[{"name":"Penn State University"}]},{"given":"Rahul","family":"George","sequence":"additional","affiliation":[{"name":"Penn State University"}]},{"given":"Kaiming","family":"Huang","sequence":"additional","affiliation":[{"name":"Penn State University"}]},{"given":"Trent","family":"Jaeger","sequence":"additional","affiliation":[{"name":"Penn State University"}]},{"given":"Srikanth","family":"Krishnamurthy","sequence":"additional","affiliation":[{"name":"UC Riverside"}]},{"given":"Zhiyun","family":"Qian","sequence":"additional","affiliation":[{"name":"UC Riverside"}]},{"given":"Mathias","family":"Payer","sequence":"additional","affiliation":[{"name":"Ecole Polytechnique F\u00e9d\u00e9rale de Lausanne"}]},{"given":"Paul","family":"Yu","sequence":"additional","affiliation":[{"name":"U.S. Army Combat Capabilities Development Command Army Research Laboratory"}]}],"member":"320","published-online":{"date-parts":[[2020,1,15]]},"reference":[{"key":"e_1_3_2_1_1_1","volume-title":"Proceedings of the 12th ACM Conference on Computer and Communications Security (CCS","author":"Abadi Martin","year":"2005","unstructured":"Martin Abadi , Mihai Budiu , Ulfar Erlingsson , and Jay Ligatti . 2005 . Control-Flow Integrity: Principles, Implementations and Applications . In Proceedings of the 12th ACM Conference on Computer and Communications Security (CCS 2005). Martin Abadi, Mihai Budiu, Ulfar Erlingsson, and Jay Ligatti. 2005. Control-Flow Integrity: Principles, Implementations and Applications. In Proceedings of the 12th ACM Conference on Computer and Communications Security (CCS 2005)."},{"key":"e_1_3_2_1_2_1","doi-asserted-by":"publisher","DOI":"10.1109\/DSN.2012.6263942"},{"key":"e_1_3_2_1_3_1","volume-title":"Proceedings of the International Conference on Security and Cryptography. 322--340","author":"Albanese Massimiliano","year":"2013","unstructured":"Massimiliano Albanese , Sushil Jajodia , Anoop Singhal , and Lingyu Wang . 2013 . An Efficient Approach to Assessing the Risk of Zero-Day Vulnerabilities . In Proceedings of the International Conference on Security and Cryptography. 322--340 . Massimiliano Albanese, Sushil Jajodia, Anoop Singhal, and Lingyu Wang. 2013. An Efficient Approach to Assessing the Risk of Zero-Day Vulnerabilities. In Proceedings of the International Conference on Security and Cryptography. 322--340."},{"key":"e_1_3_2_1_4_1","doi-asserted-by":"publisher","DOI":"10.1145\/586110.586140"},{"key":"e_1_3_2_1_5_1","doi-asserted-by":"publisher","DOI":"10.1145\/3143361.3143399"},{"key":"e_1_3_2_1_6_1","volume-title":"Proceedings of the 2011 Network and Distributed Systems Symposium.","author":"Avgerinos Thanassis","year":"2011","unstructured":"Thanassis Avgerinos , Sang Kil Cha , Brent Lim Tze Hao , and David Brumley . 2011 . Automatic Exploit Generation . In Proceedings of the 2011 Network and Distributed Systems Symposium. Thanassis Avgerinos, Sang Kil Cha, Brent Lim Tze Hao, and David Brumley. 2011. Automatic Exploit Generation. In Proceedings of the 2011 Network and Distributed Systems Symposium."},{"key":"e_1_3_2_1_7_1","doi-asserted-by":"publisher","DOI":"10.1145\/319709.319710"},{"key":"e_1_3_2_1_8_1","doi-asserted-by":"publisher","DOI":"10.1145\/319709.319710"},{"key":"e_1_3_2_1_9_1","doi-asserted-by":"publisher","DOI":"10.1109\/SP.2008.22"},{"key":"e_1_3_2_1_10_1","volume-title":"Iodine: Fast Dynamic Taint Tracking Using Rollback-free Optimistic Hybrid Analysis. In 2019 IEEE Symposium on Security and Privacy (SP). IEEE, 490--504","author":"Banerjee Subarno","year":"2019","unstructured":"Subarno Banerjee , David Devecsery , Peter M Chen , and Satish Narayanasamy . 2019 . Iodine: Fast Dynamic Taint Tracking Using Rollback-free Optimistic Hybrid Analysis. In 2019 IEEE Symposium on Security and Privacy (SP). IEEE, 490--504 . Subarno Banerjee, David Devecsery, Peter M Chen, and Satish Narayanasamy. 2019. Iodine: Fast Dynamic Taint Tracking Using Rollback-free Optimistic Hybrid Analysis. In 2019 IEEE Symposium on Security and Privacy (SP). IEEE, 490--504."},{"key":"e_1_3_2_1_11_1","doi-asserted-by":"publisher","DOI":"10.5555\/2831143.2831164"},{"key":"e_1_3_2_1_12_1","doi-asserted-by":"publisher","DOI":"10.1007\/978-3-319-66332-6_6"},{"key":"e_1_3_2_1_13_1","first-page":"2","article-title":"Checking for Race Conditions in File Accesses","volume":"9","author":"Bishop Matt","year":"1996","unstructured":"Matt Bishop and Michael Digler . 1996 . Checking for Race Conditions in File Accesses . Computer Systems 9 , 2 (Spring 1996). Matt Bishop and Michael Digler. 1996. Checking for Race Conditions in File Accesses. Computer Systems 9, 2 (Spring 1996).","journal-title":"Computer Systems"},{"key":"e_1_3_2_1_14_1","volume-title":"Proceedings of the 20th International Symposium on Research in Attacks, Intrusions, and Defenses.","author":"Buyukkayhan Ahmet Salih","unstructured":"Ahmet Salih Buyukkayhan , Alina Oprea , Zhou Li , and William K. Robertson . 2017. Lens on the Endpoint: Hunting for Malicious Software Through Endpoint Data Analysis . In Proceedings of the 20th International Symposium on Research in Attacks, Intrusions, and Defenses. Ahmet Salih Buyukkayhan, Alina Oprea, Zhou Li, and William K. Robertson. 2017. Lens on the Endpoint: Hunting for Malicious Software Through Endpoint Data Analysis. In Proceedings of the 20th International Symposium on Research in Attacks, Intrusions, and Defenses."},{"key":"e_1_3_2_1_15_1","doi-asserted-by":"publisher","DOI":"10.1109\/SP.2009.10"},{"key":"e_1_3_2_1_16_1","volume-title":"Wagner","author":"Carlini Nicholas","year":"2016","unstructured":"Nicholas Carlini and David A . Wagner . 2016 . Towards Evaluating the Robustness of Neural Networks. CoRR abs\/1608.04644 (2016). arXiv:1608.04644 http:\/\/arxiv.org\/abs\/1608.04644 Nicholas Carlini and David A. Wagner. 2016. Towards Evaluating the Robustness of Neural Networks. CoRR abs\/1608.04644 (2016). arXiv:1608.04644 http:\/\/arxiv.org\/abs\/1608.04644"},{"key":"e_1_3_2_1_17_1","doi-asserted-by":"publisher","DOI":"10.1145\/3134600.3134638"},{"key":"e_1_3_2_1_18_1","volume-title":"Proceedings of the 2009 Network and Distributed Systems Symposium.","author":"Chen Hong","year":"2009","unstructured":"Hong Chen , Ninghui Li , and Ziqing Mao . 2009 . Analyzing and Comparing the Protection Quality of Security Enhanced Operating Systems . In Proceedings of the 2009 Network and Distributed Systems Symposium. Hong Chen, Ninghui Li, and Ziqing Mao. 2009. Analyzing and Comparing the Protection Quality of Security Enhanced Operating Systems. In Proceedings of the 2009 Network and Distributed Systems Symposium."},{"key":"e_1_3_2_1_19_1","unstructured":"Daniel B. Cid. 2008. OSSEC. http:\/\/www.ossec.net\/  Daniel B. Cid. 2008. OSSEC. http:\/\/www.ossec.net\/"},{"key":"e_1_3_2_1_20_1","unstructured":"Cisco. 2015. Vulnerability-Focused Threat Detection: Protect Against the Unknown. https:\/\/www.cisco.com\/c\/en\/us\/products\/collateral\/security\/ips-4200-series-sensors\/white_paper_c11-470178.html  Cisco. 2015. Vulnerability-Focused Threat Detection: Protect Against the Unknown. https:\/\/www.cisco.com\/c\/en\/us\/products\/collateral\/security\/ips-4200-series-sensors\/white_paper_c11-470178.html"},{"key":"e_1_3_2_1_21_1","unstructured":"CVSS 2019. Common Vulnerability Scoring System SIG. https:\/\/www.first.org\/cvss\/.  CVSS 2019. Common Vulnerability Scoring System SIG. https:\/\/www.first.org\/cvss\/."},{"key":"e_1_3_2_1_22_1","doi-asserted-by":"publisher","DOI":"10.1007\/3-540-58618-0_72"},{"key":"e_1_3_2_1_23_1","volume-title":"Information Systems Security: Facing the Information Society of the 21st Century","author":"Dacier Marc","unstructured":"Marc Dacier , Yves Deswarte , and Mohamed Ka\u00e2niche . 1996. Models and Tools for Quantitative Assessment of Operational Security . In Information Systems Security: Facing the Information Society of the 21st Century . Springer US , Boston, MA , 177--186. Marc Dacier, Yves Deswarte, and Mohamed Ka\u00e2niche. 1996. Models and Tools for Quantitative Assessment of Operational Security. In Information Systems Security: Facing the Information Society of the 21st Century. Springer US, Boston, MA, 177--186."},{"key":"e_1_3_2_1_24_1","doi-asserted-by":"publisher","DOI":"10.1145\/360051.360056"},{"key":"e_1_3_2_1_25_1","volume-title":"Proceedings of the 2017 Network and Distributed Systems Symposium.","author":"Duck Gregory J.","unstructured":"Gregory J. Duck , Roland H. C. Yap , and Lorenzo Cavallaro. 2017. Stack Bounds Protection with Low Fat Pointers . In Proceedings of the 2017 Network and Distributed Systems Symposium. Gregory J. Duck, Roland H. C. Yap, and Lorenzo Cavallaro. 2017. Stack Bounds Protection with Low Fat Pointers. In Proceedings of the 2017 Network and Distributed Systems Symposium."},{"key":"e_1_3_2_1_26_1","volume-title":"W32.Stuxnet Dossier, Version 1.4. (Feb.","author":"Falliere Nicolas","year":"2011","unstructured":"Nicolas Falliere , Liam O Murchu , and Eric Chien . 2011. Symantec Security Response , W32.Stuxnet Dossier, Version 1.4. (Feb. 2011 ). Nicolas Falliere, Liam O Murchu, and Eric Chien. 2011. Symantec Security Response, W32.Stuxnet Dossier, Version 1.4. (Feb. 2011)."},{"key":"e_1_3_2_1_27_1","doi-asserted-by":"publisher","DOI":"10.1145\/2002259.2002284"},{"key":"e_1_3_2_1_28_1","volume-title":"Proceedings of the 26th USENIX Security Symposium. 1129--1144","author":"Gasparis Ioannis","unstructured":"Ioannis Gasparis , Zhiyun Qian , Chengyu Song , and Srikanth V. Krishnamurthy . 2017. Detecting Android Root Exploits by Learning from Root Providers . In Proceedings of the 26th USENIX Security Symposium. 1129--1144 . Ioannis Gasparis, Zhiyun Qian, Chengyu Song, and Srikanth V. Krishnamurthy. 2017. Detecting Android Root Exploits by Learning from Root Providers. In Proceedings of the 26th USENIX Security Symposium. 1129--1144."},{"key":"e_1_3_2_1_29_1","unstructured":"Pierce Gibbs. 2017. Intrusion Detection Evasion Techniques and Case Studies. STI Graduate Student Research in SANS. https:\/\/www.sans.org\/reading-room\/whitepapers\/detection\/paper\/37527  Pierce Gibbs. 2017. Intrusion Detection Evasion Techniques and Case Studies. STI Graduate Student Research in SANS. https:\/\/www.sans.org\/reading-room\/whitepapers\/detection\/paper\/37527"},{"key":"e_1_3_2_1_30_1","volume-title":"Proceedings of the 3rd International Conference on Learning Representations (ICLR","author":"Goodfellow Ian J.","year":"2015","unstructured":"Ian J. Goodfellow , Jonathon Shlens , and Christian Szegedy . 2015 . Explaining and Harnessing Adversarial Examples . In Proceedings of the 3rd International Conference on Learning Representations (ICLR 2015). Ian J. Goodfellow, Jonathon Shlens, and Christian Szegedy. 2015. Explaining and Harnessing Adversarial Examples. In Proceedings of the 3rd International Conference on Learning Representations (ICLR 2015)."},{"key":"e_1_3_2_1_31_1","volume-title":"Proceedings of the 10th USENIX Workshop on the Theory and Practice of Provenance (TaPP","author":"Han Xueyuan","year":"2018","unstructured":"Xueyuan Han , Thomas Pasquier , and Margo Seltzer . 2018 . Provenance-based Intrusion Detection: Opportunities and Challenges . In Proceedings of the 10th USENIX Workshop on the Theory and Practice of Provenance (TaPP 2018). Xueyuan Han, Thomas Pasquier, and Margo Seltzer. 2018. Provenance-based Intrusion Detection: Opportunities and Challenges. In Proceedings of the 10th USENIX Workshop on the Theory and Practice of Provenance (TaPP 2018)."},{"key":"e_1_3_2_1_32_1","doi-asserted-by":"publisher","DOI":"10.1145\/54289.871709"},{"key":"e_1_3_2_1_33_1","volume-title":"Ullman","author":"Harrison Michael","year":"1976","unstructured":"Michael Harrison , Walter Ruzzo , and Jeffrey D . Ullman . 1976 . Protection in Operating Systems. Commun. ACM 19 (Aug. 1976). Issue 8. Michael Harrison, Walter Ruzzo, and Jeffrey D. Ullman. 1976. Protection in Operating Systems. Commun. ACM 19 (Aug. 1976). Issue 8."},{"key":"e_1_3_2_1_34_1","volume-title":"A Logical Specification and Analysis for SELinux MLS Policy. ACM Transactions on Information and System Security (TISSEC) 13 (July","author":"Hicks Boniface","year":"2010","unstructured":"Boniface Hicks , Sandra Rueda , Luke St. Clair , Trent Jaeger , and Patrick McDaniel . 2010. A Logical Specification and Analysis for SELinux MLS Policy. ACM Transactions on Information and System Security (TISSEC) 13 (July 2010 ). Boniface Hicks, Sandra Rueda, Luke St. Clair, Trent Jaeger, and Patrick McDaniel. 2010. A Logical Specification and Analysis for SELinux MLS Policy. ACM Transactions on Information and System Security (TISSEC) 13 (July 2010)."},{"key":"e_1_3_2_1_35_1","volume-title":"Bellekens","author":"Hindy Hanan","year":"2018","unstructured":"Hanan Hindy , David Brosset , Ethan Bayne , Amar Seeam , Christos Tachtatzis , Robert C. Atkinson , and Xavier J. A . Bellekens . 2018 . A Taxonomy and Survey of Intrusion Detection System Design Techniques, Network Threats and Datasets. CoRR abs\/1806.03517 (2018). Hanan Hindy, David Brosset, Ethan Bayne, Amar Seeam, Christos Tachtatzis, Robert C. Atkinson, and Xavier J. A. Bellekens. 2018. A Taxonomy and Survey of Intrusion Detection System Design Techniques, Network Threats and Datasets. CoRR abs\/1806.03517 (2018)."},{"key":"e_1_3_2_1_36_1","volume-title":"Proceedings of Workshop on Advanced Developments in Software and Systems Security.","author":"Howard Michael","year":"2003","unstructured":"Michael Howard , Jon Pincus , and Jeannette Wing . 2003 . Measuring Relative Attack Surfaces . In Proceedings of Workshop on Advanced Developments in Software and Systems Security. Michael Howard, Jon Pincus, and Jeannette Wing. 2003. Measuring Relative Attack Surfaces. In Proceedings of Workshop on Advanced Developments in Software and Systems Security."},{"key":"e_1_3_2_1_37_1","doi-asserted-by":"publisher","DOI":"10.1109\/SP.2016.62"},{"key":"e_1_3_2_1_38_1","first-page":"80","article-title":"Intelligence-Driven Computer Network Defense Informed by Analysis of Adversary Campaigns and Intrusion Kill Chains","volume":"1","author":"Hutchins Eric M","year":"2011","unstructured":"Eric M Hutchins , Michael J Cloppert , and Rohan M Amin . 2011 . Intelligence-Driven Computer Network Defense Informed by Analysis of Adversary Campaigns and Intrusion Kill Chains . Leading Issues in Information Warfare & Security Research 1 , 1 (2011), 80 . Eric M Hutchins, Michael J Cloppert, and Rohan M Amin. 2011. Intelligence-Driven Computer Network Defense Informed by Analysis of Adversary Campaigns and Intrusion Kill Chains. Leading Issues in Information Warfare & Security Research 1, 1 (2011), 80.","journal-title":"Leading Issues in Information Warfare & Security Research"},{"key":"e_1_3_2_1_39_1","doi-asserted-by":"publisher","DOI":"10.1145\/3243734.3243739"},{"key":"e_1_3_2_1_40_1","volume-title":"Proceedings of the 12th USENIX Security Symposium.","author":"Jaeger Trent","year":"2003","unstructured":"Trent Jaeger , Reiner Sailer , and Xiaolan Zhang . 2003 . Analyzing Integrity Protection in the SELinux Example Policy . In Proceedings of the 12th USENIX Security Symposium. Trent Jaeger, Reiner Sailer, and Xiaolan Zhang. 2003. Analyzing Integrity Protection in the SELinux Example Policy. In Proceedings of the 12th USENIX Security Symposium."},{"key":"e_1_3_2_1_41_1","volume-title":"Topological Analysis of Network Attack Vulnerability","author":"Jajodia Sushil","unstructured":"Sushil Jajodia , Steven Noel , and Brian O'Berry . 2005. Topological Analysis of Network Attack Vulnerability . Springer US , 247--266. Sushil Jajodia, Steven Noel, and Brian O'Berry. 2005. Topological Analysis of Network Attack Vulnerability. Springer US, 247--266."},{"key":"e_1_3_2_1_42_1","doi-asserted-by":"publisher","DOI":"10.1007\/978-3-319-66332-6_5"},{"key":"e_1_3_2_1_43_1","doi-asserted-by":"publisher","DOI":"10.1145\/1294261.1294293"},{"key":"e_1_3_2_1_44_1","volume-title":"Proceedings of the 20th Network and Distributed System Security Symposium, NDSS 2013.","author":"Lee Kyu Hyung","year":"2013","unstructured":"Kyu Hyung Lee , Xiangyu Zhang , and Dongyan Xu . 2013 . High Accuracy Attack Provenance via Binary-based Execution Partition . In Proceedings of the 20th Network and Distributed System Security Symposium, NDSS 2013. Kyu Hyung Lee, Xiangyu Zhang, and Dongyan Xu. 2013. High Accuracy Attack Provenance via Binary-based Execution Partition. In Proceedings of the 20th Network and Distributed System Security Symposium, NDSS 2013."},{"key":"e_1_3_2_1_45_1","doi-asserted-by":"publisher","DOI":"10.1145\/1543135.1542485"},{"key":"e_1_3_2_1_46_1","volume-title":"Threat Detection: It\u00e2\u0102Źs About 'Time\u00e2\u0102ŹA. https:\/\/www.csoonline.com\/article\/3304252\/threat-detection-it-s-about-time.html","author":"MacFarlane Druce","year":"2018","unstructured":"Druce MacFarlane . 2018 . Threat Detection: It\u00e2\u0102Źs About 'Time\u00e2\u0102ŹA. https:\/\/www.csoonline.com\/article\/3304252\/threat-detection-it-s-about-time.html Druce MacFarlane. 2018. Threat Detection: It\u00e2\u0102Źs About 'Time\u00e2\u0102ŹA. https:\/\/www.csoonline.com\/article\/3304252\/threat-detection-it-s-about-time.html"},{"key":"e_1_3_2_1_47_1","doi-asserted-by":"publisher","DOI":"10.1109\/TSE.2010.60"},{"key":"e_1_3_2_1_48_1","volume-title":"Operating system integrity in OS\/VS2. IBM Systems Journal 13 (September","author":"McPhee William S.","year":"1974","unstructured":"William S. McPhee . 1974. Operating system integrity in OS\/VS2. IBM Systems Journal 13 (September 1974 ), 230--252. Issue 3. William S. McPhee. 1974. Operating system integrity in OS\/VS2. IBM Systems Journal 13 (September 1974), 230--252. Issue 3."},{"key":"e_1_3_2_1_49_1","doi-asserted-by":"publisher","DOI":"10.1007\/978-3-030-00470-5_6"},{"key":"e_1_3_2_1_50_1","unstructured":"Trend Micro. 2014. Summary of Shellshock-Related Stories and Materials. https:\/\/blog.trendmicro.com\/trendlabs-security-intelligence\/summary-of-shellshock-related-stories-and-materials\/  Trend Micro. 2014. Summary of Shellshock-Related Stories and Materials. https:\/\/blog.trendmicro.com\/trendlabs-security-intelligence\/summary-of-shellshock-related-stories-and-materials\/"},{"key":"e_1_3_2_1_51_1","unstructured":"MITRE. 2014. Shellshock CVE 6271. https:\/\/cve.mitre.org\/cgi-bin\/cvename.cgi?name=CVE-2014-6271  MITRE. 2014. Shellshock CVE 6271. https:\/\/cve.mitre.org\/cgi-bin\/cvename.cgi?name=CVE-2014-6271"},{"key":"e_1_3_2_1_52_1","doi-asserted-by":"publisher","DOI":"10.1145\/2420950.2420991"},{"key":"e_1_3_2_1_53_1","volume-title":"Lupu","author":"Mu\u00c3\u015boz-Gonz\u00c3\u0105lez Luis","year":"2016","unstructured":"Luis Mu\u00c3\u015boz-Gonz\u00c3\u0105lez , Daniele Sgandurra , Andrea Paudice , and Emil C . Lupu . 2016 . Efficient Attack Graph Analysis through Approximate Inference . arXiv'19: https:\/\/arxiv.org\/abs\/1606.07025. Luis Mu\u00c3\u015boz-Gonz\u00c3\u0105lez, Daniele Sgandurra, Andrea Paudice, and Emil C. Lupu. 2016. Efficient Attack Graph Analysis through Approximate Inference. arXiv'19: https:\/\/arxiv.org\/abs\/1606.07025."},{"key":"e_1_3_2_1_54_1","doi-asserted-by":"publisher","DOI":"10.1145\/292540.292561"},{"key":"e_1_3_2_1_55_1","volume-title":"Proceedings of the 16th ACM Symposium on Operating System Principles.","author":"Andrew","unstructured":"Andrew C. Myers and Barbara Liskov. 1997. A Decentralized Model for Information Flow Control . In Proceedings of the 16th ACM Symposium on Operating System Principles. Andrew C. Myers and Barbara Liskov. 1997. A Decentralized Model for Information Flow Control. In Proceedings of the 16th ACM Symposium on Operating System Principles."},{"key":"e_1_3_2_1_56_1","volume-title":"Proceedings of the 1998 IEEE Symposium on Security and Privacy.","author":"Andrew","unstructured":"Andrew C. Myers and Barbara Liskov. 1998. Complete, Safe Information Flow with Decentralized Labels . In Proceedings of the 1998 IEEE Symposium on Security and Privacy. Andrew C. Myers and Barbara Liskov. 1998. Complete, Safe Information Flow with Decentralized Labels. In Proceedings of the 1998 IEEE Symposium on Security and Privacy."},{"key":"e_1_3_2_1_57_1","doi-asserted-by":"publisher","DOI":"10.1145\/1542476.1542504"},{"key":"e_1_3_2_1_58_1","doi-asserted-by":"publisher","DOI":"10.1145\/503272.503286"},{"key":"e_1_3_2_1_59_1","unstructured":"Palo Alto Networks. 2019. What Is An Intrusion Prevention System? https:\/\/www.paloaltonetworks.com\/cyberpedia\/what-is-an-intrusion-prevention-system-ips  Palo Alto Networks. 2019. What Is An Intrusion Prevention System? https:\/\/www.paloaltonetworks.com\/cyberpedia\/what-is-an-intrusion-prevention-system-ips"},{"key":"e_1_3_2_1_60_1","doi-asserted-by":"publisher","DOI":"10.1007\/s10922-008-9109-x"},{"key":"e_1_3_2_1_61_1","doi-asserted-by":"publisher","DOI":"10.1109\/CSAC.2003.1254313"},{"key":"e_1_3_2_1_62_1","doi-asserted-by":"publisher","DOI":"10.1109\/CSAC.2004.11"},{"key":"e_1_3_2_1_63_1","unstructured":"Open Information Security Foundation (OISF). 2010. Suricata. https:\/\/suricata-ids.org\/  Open Information Security Foundation (OISF). 2010. Suricata. https:\/\/suricata-ids.org\/"},{"key":"e_1_3_2_1_64_1","volume-title":"Proceedings of the 13th ACM Conference on Computer and Communications Security. 336--345","author":"Ou Xinming","unstructured":"Xinming Ou , Wayne F. Boyer , and Miles A . McQueen. 2006. A scalable approach to attack graph generation . In Proceedings of the 13th ACM Conference on Computer and Communications Security. 336--345 . Xinming Ou, Wayne F. Boyer, and Miles A. McQueen. 2006. A scalable approach to attack graph generation. In Proceedings of the 13th ACM Conference on Computer and Communications Security. 336--345."},{"key":"e_1_3_2_1_65_1","doi-asserted-by":"publisher","DOI":"10.1109\/EuroSP.2016.36"},{"key":"e_1_3_2_1_66_1","doi-asserted-by":"publisher","DOI":"10.1016\/S1389-1286(99)00112-7"},{"key":"e_1_3_2_1_67_1","doi-asserted-by":"publisher","DOI":"10.1145\/310889.310919"},{"key":"e_1_3_2_1_68_1","doi-asserted-by":"publisher","DOI":"10.1145\/3368860.3368868"},{"key":"e_1_3_2_1_69_1","doi-asserted-by":"publisher","DOI":"10.1145\/2420950.2420989"},{"key":"e_1_3_2_1_70_1","doi-asserted-by":"publisher","DOI":"10.1109\/TDSC.2011.34"},{"key":"e_1_3_2_1_71_1","unstructured":"Quadrantsec. 2015. Sagan. https:\/\/quadrantsec.com\/  Quadrantsec. 2015. Sagan. https:\/\/quadrantsec.com\/"},{"key":"e_1_3_2_1_72_1","doi-asserted-by":"publisher","DOI":"10.1145\/2068816.2068820"},{"key":"e_1_3_2_1_73_1","doi-asserted-by":"publisher","DOI":"10.5555\/1039834.1039864"},{"key":"e_1_3_2_1_74_1","volume-title":"Proceedings of the 17th USENIX Security Symposium. 321--334","author":"Rueda Sandra","year":"2008","unstructured":"Sandra Rueda , David H. King , and Trent Jaeger . 2008 . Verifying Compliance of Trusted Programs . In Proceedings of the 17th USENIX Security Symposium. 321--334 . Sandra Rueda, David H. King, and Trent Jaeger. 2008. Verifying Compliance of Trusted Programs. In Proceedings of the 17th USENIX Security Symposium. 321--334."},{"key":"e_1_3_2_1_75_1","volume-title":"Digital Security in a Networked World","author":"Schneier Bruce","unstructured":"Bruce Schneier . 2000. Secrets & Lies : Digital Security in a Networked World ( 1 st ed.). John Wiley & Sons, Inc. , New York, NY, USA . Bruce Schneier. 2000. Secrets & Lies: Digital Security in a Networked World (1st ed.). John Wiley & Sons, Inc., New York, NY, USA.","edition":"1"},{"key":"e_1_3_2_1_76_1","unstructured":"SELinux 2017. SELinux Project Wiki. https:\/\/selinuxproject.org\/page\/Main_Page.  SELinux 2017. SELinux Project Wiki. https:\/\/selinuxproject.org\/page\/Main_Page."},{"key":"e_1_3_2_1_77_1","unstructured":"Dave Shackleford. 2018. Intrusion Detection Evasion Techniques and Case Studies. STI Graduate Student Research in SANS. https:\/\/www.sans.org\/reading-room\/whitepapers\/detection\/paper\/38350  Dave Shackleford. 2018. Intrusion Detection Evasion Techniques and Case Studies. STI Graduate Student Research in SANS. https:\/\/www.sans.org\/reading-room\/whitepapers\/detection\/paper\/38350"},{"key":"e_1_3_2_1_78_1","volume-title":"Automated Generation and Analysis of Attack Graphs. In 2002 IEEE Symposium on Security and Privacy. 273--284","author":"Sheyner Oleg","unstructured":"Oleg Sheyner , Joshua W. Haines , Somesh Jha , Richard Lippmann , and Jeannette M. Wing . 2002 . Automated Generation and Analysis of Attack Graphs. In 2002 IEEE Symposium on Security and Privacy. 273--284 . Oleg Sheyner, Joshua W. Haines, Somesh Jha, Richard Lippmann, and Jeannette M. Wing. 2002. Automated Generation and Analysis of Attack Graphs. In 2002 IEEE Symposium on Security and Privacy. 273--284."},{"key":"e_1_3_2_1_79_1","unstructured":"SolarWinds 2019. SolarWinds. https:\/\/www.solarwinds.com\/  SolarWinds 2019. SolarWinds. https:\/\/www.solarwinds.com\/"},{"key":"e_1_3_2_1_80_1","doi-asserted-by":"publisher","DOI":"10.1109\/SP.2010.25"},{"key":"e_1_3_2_1_81_1","volume-title":"SoK: Sanitizing for Security. CoRR abs\/1806.04355","author":"Song Dokyung","year":"2018","unstructured":"Dokyung Song , Julian Lettner , Prabhu Rajasekaran , Yeoul Na , Stijn Volckaert , Per Larsen , and Michael Franz . 2018. SoK: Sanitizing for Security. CoRR abs\/1806.04355 ( 2018 ). Dokyung Song, Julian Lettner, Prabhu Rajasekaran, Yeoul Na, Stijn Volckaert, Per Larsen, and Michael Franz. 2018. SoK: Sanitizing for Security. CoRR abs\/1806.04355 (2018)."},{"key":"e_1_3_2_1_82_1","doi-asserted-by":"publisher","DOI":"10.1145\/2613087.2613107"},{"key":"e_1_3_2_1_83_1","volume-title":"Proceedings of the 5th International Symposium on Engineering Secure Software and Systems. 17--32","author":"Talele Nirupama","unstructured":"Nirupama Talele , Jason Teutsch , Trent Jaeger , and Robert F. Erbacher . 2013. Using Security Policies to Automate Placement of Network Intrusion Prevention . In Proceedings of the 5th International Symposium on Engineering Secure Software and Systems. 17--32 . Nirupama Talele, Jason Teutsch, Trent Jaeger, and Robert F. Erbacher. 2013. Using Security Policies to Automate Placement of Network Intrusion Prevention. In Proceedings of the 5th International Symposium on Engineering Secure Software and Systems. 17--32."},{"key":"e_1_3_2_1_84_1","doi-asserted-by":"publisher","DOI":"10.1109\/ICSE.2015.148"},{"key":"e_1_3_2_1_85_1","doi-asserted-by":"publisher","DOI":"10.1109\/TDSC.2004.21"},{"key":"e_1_3_2_1_86_1","volume-title":"Proceedings of the 23rd USENIX Security Symposium.","author":"Vijayakumar Hayawardh","year":"2014","unstructured":"Hayawardh Vijayakumar , Xinyang Ge , Mathias Payer , and Trent Jaeger . 2014 . JIGSAW: Protecting Resource Access by Inferring Programmer Expectations . In Proceedings of the 23rd USENIX Security Symposium. Hayawardh Vijayakumar, Xinyang Ge, Mathias Payer, and Trent Jaeger. 2014. JIGSAW: Protecting Resource Access by Inferring Programmer Expectations. In Proceedings of the 23rd USENIX Security Symposium."},{"key":"e_1_3_2_1_87_1","doi-asserted-by":"publisher","DOI":"10.1145\/2414456.2414500"},{"key":"e_1_3_2_1_88_1","volume-title":"Proceedings of the 21st USENIX Security Symposium.","author":"Vijayakumar Hayawardh","year":"2012","unstructured":"Hayawardh Vijayakumar , Joshua Schiffman , and Trent Jaeger . 2012 . STING: Finding Name Resolution Vulnerabilities in Programs . In Proceedings of the 21st USENIX Security Symposium. Hayawardh Vijayakumar, Joshua Schiffman, and Trent Jaeger. 2012. STING: Finding Name Resolution Vulnerabilities in Programs. In Proceedings of the 21st USENIX Security Symposium."},{"key":"e_1_3_2_1_89_1","doi-asserted-by":"publisher","DOI":"10.1016\/j.comcom.2006.04.001"},{"key":"e_1_3_2_1_90_1","doi-asserted-by":"publisher","DOI":"10.1109\/SP.2015.9"},{"key":"e_1_3_2_1_91_1","unstructured":"Rainer Wichmann. 2006. SAMHAIN. https:\/\/la-samhna.de\/samhain\/  Rainer Wichmann. 2006. SAMHAIN. https:\/\/la-samhna.de\/samhain\/"},{"key":"e_1_3_2_1_92_1","volume-title":"The Free Encyclopedia. https:\/\/en.wikipedia.org\/wiki\/Vulnerability_(computing) [Online","author":"Wikipedia Wikipedia","year":"2019","unstructured":"Wikipedia contributors. 2019. Vulnerability (computing)--- Wikipedia , The Free Encyclopedia. https:\/\/en.wikipedia.org\/wiki\/Vulnerability_(computing) [Online ; accessed 17- November - 2019 ]. Wikipedia contributors. 2019. Vulnerability (computing)---Wikipedia, The Free Encyclopedia. https:\/\/en.wikipedia.org\/wiki\/Vulnerability_(computing) [Online; accessed 17-November-2019]."},{"key":"e_1_3_2_1_93_1","volume-title":"Proceedings of the 27th USENIX Security Symposium. 781--797","author":"Wu Wei","year":"2018","unstructured":"Wei Wu , Yueqi Chen , Jun Xu , Xinyu Xing , Xiaorui Gong , and Wei Zou . 2018 . FUZE: Towards Facilitating Exploit Generation for Kernel Use-After-Free Vulnerabilities . In Proceedings of the 27th USENIX Security Symposium. 781--797 . Wei Wu, Yueqi Chen, Jun Xu, Xinyu Xing, Xiaorui Gong, and Wei Zou. 2018. FUZE: Towards Facilitating Exploit Generation for Kernel Use-After-Free Vulnerabilities. In Proceedings of the 27th USENIX Security Symposium. 781--797."},{"key":"e_1_3_2_1_94_1","volume-title":"Proceedings of the IEEE\/IFIP International Conference on Dependable Systems and Networks (DSN). 211\u00e2\u0102\u015e--220","author":"Xie Peng","year":"2010","unstructured":"Peng Xie , Jason H. Li , Xinming Ou , Peng Liu , and Renato Levy . 2010 . Using Bayesian Networks for Cyber Security Analysis . In Proceedings of the IEEE\/IFIP International Conference on Dependable Systems and Networks (DSN). 211\u00e2\u0102\u015e--220 . Peng Xie, Jason H. Li, Xinming Ou, Peng Liu, and Renato Levy. 2010. Using Bayesian Networks for Cyber Security Analysis. In Proceedings of the IEEE\/IFIP International Conference on Dependable Systems and Networks (DSN). 211\u00e2\u0102\u015e--220."},{"key":"e_1_3_2_1_95_1","doi-asserted-by":"publisher","DOI":"10.1007\/978-3-642-03007-9_5"},{"key":"e_1_3_2_1_96_1","volume-title":"Proceedings of the USENIX Symposium on Operating Systems Design and Implementation (OSDI","author":"Zeldovich Nickolai","year":"2006","unstructured":"Nickolai Zeldovich , Silas Boyd-Wickizer , Eddie Kohler , and David Mazi\u00c3\u00cdres . 2006 . Making Information Flow Explicit in HiStar . In Proceedings of the USENIX Symposium on Operating Systems Design and Implementation (OSDI 2006). Nickolai Zeldovich, Silas Boyd-Wickizer, Eddie Kohler, and David Mazi\u00c3\u00cdres. 2006. Making Information Flow Explicit in HiStar. In Proceedings of the USENIX Symposium on Operating Systems Design and Implementation (OSDI 2006)."}],"event":{"name":"NSPW '19: New Security Paradigms Workshop","location":"San Carlos Costa Rica","acronym":"NSPW '19","sponsor":["ACSA Applied Computing Security Assoc"]},"container-title":["Proceedings of the New Security Paradigms Workshop"],"original-title":[],"link":[{"URL":"https:\/\/dl.acm.org\/doi\/10.1145\/3368860.3368862","content-type":"unspecified","content-version":"vor","intended-application":"text-mining"},{"URL":"https:\/\/dl.acm.org\/doi\/pdf\/10.1145\/3368860.3368862","content-type":"application\/pdf","content-version":"vor","intended-application":"syndication"},{"URL":"https:\/\/dl.acm.org\/doi\/pdf\/10.1145\/3368860.3368862","content-type":"unspecified","content-version":"vor","intended-application":"similarity-checking"}],"deposited":{"date-parts":[[2025,6,17]],"date-time":"2025-06-17T23:44:50Z","timestamp":1750203890000},"score":1,"resource":{"primary":{"URL":"https:\/\/dl.acm.org\/doi\/10.1145\/3368860.3368862"}},"subtitle":[],"short-title":[],"issued":{"date-parts":[[2019,9,23]]},"references-count":96,"alternative-id":["10.1145\/3368860.3368862","10.1145\/3368860"],"URL":"https:\/\/doi.org\/10.1145\/3368860.3368862","relation":{},"subject":[],"published":{"date-parts":[[2019,9,23]]},"assertion":[{"value":"2020-01-15","order":2,"name":"published","label":"Published","group":{"name":"publication_history","label":"Publication History"}}]}}