{"status":"ok","message-type":"work","message-version":"1.0.0","message":{"indexed":{"date-parts":[[2025,9,17]],"date-time":"2025-09-17T16:11:20Z","timestamp":1758125480788,"version":"3.41.0"},"publisher-location":"New York, NY, USA","reference-count":41,"publisher":"ACM","license":[{"start":{"date-parts":[[2021,5,24]],"date-time":"2021-05-24T00:00:00Z","timestamp":1621814400000},"content-version":"vor","delay-in-days":0,"URL":"https:\/\/www.acm.org\/publications\/policies\/copyright_policy#Background"}],"funder":[{"DOI":"10.13039\/100000001","name":"NSF (National Science Foundation)","doi-asserted-by":"publisher","award":["NSF CNS-1814679, NSF CNS-1816282, and NSF CNS-2019340"],"award-info":[{"award-number":["NSF CNS-1814679, NSF CNS-1816282, and NSF CNS-2019340"]}],"id":[{"id":"10.13039\/100000001","id-type":"DOI","asserted-by":"publisher"}]},{"DOI":"10.13039\/100000183","name":"Army Research Office","doi-asserted-by":"publisher","award":["911NF-13-1-0421(MURI)"],"award-info":[{"award-number":["911NF-13-1-0421(MURI)"]}],"id":[{"id":"10.13039\/100000183","id-type":"DOI","asserted-by":"publisher"}]}],"content-domain":{"domain":["dl.acm.org"],"crossmark-restriction":true},"short-container-title":[],"published-print":{"date-parts":[[2021,5,24]]},"DOI":"10.1145\/3433210.3453078","type":"proceedings-article","created":{"date-parts":[[2021,6,4]],"date-time":"2021-06-04T15:26:39Z","timestamp":1622820399000},"page":"393-406","update-policy":"https:\/\/doi.org\/10.1145\/crossmark-policy","source":"Crossref","is-referenced-by-count":8,"title":["Analyzing the Overhead of File Protection by Linux Security Modules"],"prefix":"10.1145","author":[{"given":"Wenhui","family":"Zhang","sequence":"first","affiliation":[{"name":"The Pennsylvania State University, State College, PA, USA"}],"role":[{"role":"author","vocabulary":"crossref"}]},{"given":"Peng","family":"Liu","sequence":"additional","affiliation":[{"name":"The Pennsylvania State University, State College, PA, USA"}],"role":[{"role":"author","vocabulary":"crossref"}]},{"given":"Trent","family":"Jaeger","sequence":"additional","affiliation":[{"name":"The Pennsylvania State University, State College, PA, USA"}],"role":[{"role":"author","vocabulary":"crossref"}]}],"member":"320","published-online":{"date-parts":[[2021,6,4]]},"reference":[{"key":"e_1_3_2_2_1_1","doi-asserted-by":"publisher","DOI":"10.1145\/2901318.2901350"},{"key":"e_1_3_2_2_2_1","volume-title":"Kevin RB Butler, and Thomas Moyer.","author":"Bates Adam","year":"2015","unstructured":"Adam Bates , Dave Jing Tian , Kevin RB Butler, and Thomas Moyer. 2015 . Trustworthy whole-system provenance for the linux kernel. In 24th $$USENIX$$ Security Symposium ($$USENIX$$ Security 15). 319--334. Adam Bates, Dave Jing Tian, Kevin RB Butler, and Thomas Moyer. 2015. Trustworthy whole-system provenance for the linux kernel. In 24th $$USENIX$$ Security Symposium ($$USENIX$$ Security 15). 319--334."},{"key":"e_1_3_2_2_3_1","first-page":"13","article-title":"Paranoid penguin: an introduction to Novell AppArmor","volume":"2006","author":"Bauer Mick","year":"2006","unstructured":"Mick Bauer . 2006 . Paranoid penguin: an introduction to Novell AppArmor . Linux Journal , Vol. 2006 , 148 (2006), 13 . Mick Bauer. 2006. Paranoid penguin: an introduction to Novell AppArmor. Linux Journal, Vol. 2006, 148 (2006), 13.","journal-title":"Linux Journal"},{"key":"e_1_3_2_2_4_1","volume-title":"Linux Symposium","volume":"1","author":"Chen Tim","year":"2007","unstructured":"Tim Chen , Leonid I Ananiev , and Alexander V Tikhonov . 2007 . Keeping kernel performance from regressions . In Linux Symposium , Vol. 1 . 93--102. Tim Chen, Leonid I Ananiev, and Alexander V Tikhonov. 2007. Keeping kernel performance from regressions. In Linux Symposium, Vol. 1. 93--102."},{"key":"e_1_3_2_2_5_1","volume-title":"Last Accessed","author":"Edge Jake","year":"2019","unstructured":"Jake Edge . 2019 . LSM stacking and the future. https:\/\/lwn.net\/Articles\/804906\/ . Last Accessed May. 21, 2020. Jake Edge. 2019. LSM stacking and the future. https:\/\/lwn.net\/Articles\/804906\/. Last Accessed May. 21, 2020."},{"key":"e_1_3_2_2_6_1","doi-asserted-by":"publisher","DOI":"10.1145\/586110.586141"},{"key":"e_1_3_2_2_7_1","doi-asserted-by":"publisher","DOI":"10.1145\/1095809.1095813"},{"key":"e_1_3_2_2_8_1","doi-asserted-by":"publisher","DOI":"10.1109\/ICSE.2007.54"},{"key":"e_1_3_2_2_9_1","doi-asserted-by":"publisher","DOI":"10.1007\/978-3-642-54833-8_10"},{"key":"e_1_3_2_2_10_1","volume-title":"Last Accessed","author":"Inc. Gentoo Foundation.","year":"2019","unstructured":"Inc. Gentoo Foundation. 2019 . Extended Verification Module. https:\/\/wiki.gentoo.org\/wiki\/Extended_Verification_Module . Last Accessed May. 21, 2020. Inc. Gentoo Foundation. 2019. Extended Verification Module. https:\/\/wiki.gentoo.org\/wiki\/Extended_Verification_Module. Last Accessed May. 21, 2020."},{"key":"e_1_3_2_2_11_1","volume-title":"Linux Conference","volume":"2005","author":"Harada Toshiharu","year":"2005","unstructured":"Toshiharu Harada , Takashi Horie , and Kazuo Tanaka . 2005 . Towards a manageable Linux security . In Linux Conference , Vol. 2005 . Toshiharu Harada, Takashi Horie, and Kazuo Tanaka. 2005. Towards a manageable Linux security. In Linux Conference, Vol. 2005."},{"key":"e_1_3_2_2_12_1","doi-asserted-by":"publisher","DOI":"10.2200\/S00126ED1V01Y200808SPT001"},{"key":"e_1_3_2_2_13_1","doi-asserted-by":"publisher","DOI":"10.1145\/1133058.1133063"},{"key":"e_1_3_2_2_14_1","doi-asserted-by":"publisher","DOI":"10.1145\/1323293.1294293"},{"key":"e_1_3_2_2_15_1","volume-title":"USENIX Annual Technical Conference, FREENIX Track. 29--42","author":"Loscocco Peter","year":"2001","unstructured":"Peter Loscocco and Stephen Smalley . 2001 . Integrating Flexible Support for Security Policies into the Linux Operating System . In USENIX Annual Technical Conference, FREENIX Track. 29--42 . Peter Loscocco and Stephen Smalley. 2001. Integrating Flexible Support for Security Policies into the Linux Operating System. In USENIX Annual Technical Conference, FREENIX Track. 29--42."},{"key":"e_1_3_2_2_16_1","doi-asserted-by":"publisher","DOI":"10.1111\/j.1553-2712.2004.tb01379.x"},{"key":"e_1_3_2_2_17_1","volume-title":"URL: http:\/\/www. nfsv4bat. org\/Documents\/nasconf\/2004\/filebench. pdf (Cited on page 56.)","author":"McDougall Richard","year":"2005","unstructured":"Richard McDougall and Jim Mauro . 2005. FileBench. URL: http:\/\/www. nfsv4bat. org\/Documents\/nasconf\/2004\/filebench. pdf (Cited on page 56.) ( 2005 ). Richard McDougall and Jim Mauro. 2005. FileBench. URL: http:\/\/www. nfsv4bat. org\/Documents\/nasconf\/2004\/filebench. pdf (Cited on page 56.) (2005)."},{"key":"e_1_3_2_2_18_1","unstructured":"Larry W McVoy Carl Staelin etal 1996. lmbench: Portable tools for performance analysis.. In USENIX annual technical conference. San Diego CA USA 279--294.  Larry W McVoy Carl Staelin et al. 1996. lmbench: Portable tools for performance analysis.. In USENIX annual technical conference. San Diego CA USA 279--294."},{"key":"e_1_3_2_2_19_1","volume-title":"Linux Symposium Proceedings .","author":"Morris James","year":"2008","unstructured":"James Morris . 2008 . Have you driven an SELinux lately . In Linux Symposium Proceedings . James Morris. 2008. Have you driven an SELinux lately. In Linux Symposium Proceedings ."},{"key":"e_1_3_2_2_20_1","volume-title":"USENIX Security Symposium. ACM Berkeley, CA, 17--31","author":"Morris James","year":"2002","unstructured":"James Morris , Stephen Smalley , and Greg Kroah-Hartman . 2002 . Linux security modules: General security support for the linux kernel . In USENIX Security Symposium. ACM Berkeley, CA, 17--31 . James Morris, Stephen Smalley, and Greg Kroah-Hartman. 2002. Linux security modules: General security support for the linux kernel. In USENIX Security Symposium. ACM Berkeley, CA, 17--31."},{"key":"e_1_3_2_2_21_1","volume-title":"19th ACM Conference on Computer and Commumications Security .","author":"Muthukumaran D","year":"2012","unstructured":"D Muthukumaran , T Jaeger , and V Ganapathy . 2012 . Leveraging'choice'in authorization hook placement . In 19th ACM Conference on Computer and Commumications Security . D Muthukumaran, T Jaeger, and V Ganapathy. 2012. Leveraging'choice'in authorization hook placement. In 19th ACM Conference on Computer and Commumications Security ."},{"key":"e_1_3_2_2_22_1","doi-asserted-by":"publisher","DOI":"10.1007\/978-3-319-15618-7_14"},{"key":"e_1_3_2_2_23_1","doi-asserted-by":"publisher","DOI":"10.1145\/3322431.3325102"},{"key":"e_1_3_2_2_25_1","unstructured":"OpenBenchmarking.org. 2020. FS-Mark. https:\/\/openbenchmarking.org\/test\/pts\/fs-mark  OpenBenchmarking.org. 2020. FS-Mark. https:\/\/openbenchmarking.org\/test\/pts\/fs-mark"},{"key":"e_1_3_2_2_26_1","doi-asserted-by":"publisher","DOI":"10.1145\/2638548"},{"key":"e_1_3_2_2_27_1","doi-asserted-by":"publisher","DOI":"10.1145\/3341301.3359640"},{"key":"e_1_3_2_2_28_1","doi-asserted-by":"publisher","DOI":"10.1145\/1542476.1542484"},{"key":"e_1_3_2_2_29_1","volume-title":"Proceedings of the 13th Conference on USENIX Security Symposium -","volume":"13","author":"Sailer Reiner","year":"2004","unstructured":"Reiner Sailer , Xiaolan Zhang , Trent Jaeger , and Leendert van Doorn . 2004 . Design and Implementation of a TCG-Based Integrity Measurement Architecture . In Proceedings of the 13th Conference on USENIX Security Symposium - Volume 13 (SSYM'04). USENIX Association, USA, 16. Reiner Sailer, Xiaolan Zhang, Trent Jaeger, and Leendert van Doorn. 2004. Design and Implementation of a TCG-Based Integrity Measurement Architecture. In Proceedings of the 13th Conference on USENIX Security Symposium - Volume 13 (SSYM'04). USENIX Association, USA, 16."},{"key":"e_1_3_2_2_30_1","volume-title":"The simplified mandatory access control kernel. White Paper","author":"Schaufler Casey","year":"2008","unstructured":"Casey Schaufler . 2008a. The simplified mandatory access control kernel. White Paper ( 2008 ), 1--11. Casey Schaufler. 2008a. The simplified mandatory access control kernel. White Paper (2008), 1--11."},{"key":"e_1_3_2_2_31_1","volume-title":"Proc. Ottawa Linux Symposium. 23","author":"Schaufler Casey","year":"2008","unstructured":"Casey Schaufler . 2008 b. Smack in embedded computing . In Proc. Ottawa Linux Symposium. 23 . Casey Schaufler. 2008b. Smack in embedded computing. In Proc. Ottawa Linux Symposium. 23."},{"key":"e_1_3_2_2_32_1","volume-title":"Linux Plumbers Container MC","author":"Schaufler Casey","year":"2018","unstructured":"Casey Schaufler . 2018 . Stacking & LSM Namespacing Redux. https:\/\/www.linuxplumbersconf.org\/event\/2\/contributions\/203\/attachments\/123\/155\/Namespacing_and_Stacking_the_LSM-2018.pdf . Linux Plumbers Container MC 2018. Casey Schaufler. 2018. Stacking & LSM Namespacing Redux. https:\/\/www.linuxplumbersconf.org\/event\/2\/contributions\/203\/attachments\/123\/155\/Namespacing_and_Stacking_the_LSM-2018.pdf. Linux Plumbers Container MC 2018."},{"key":"e_1_3_2_2_33_1","volume-title":"LSM: Module stacking for all. https:\/\/lwn.net\/Articles\/786307\/","author":"Schaufler Casey","year":"2019","unstructured":"Casey Schaufler . 2019 . LSM: Module stacking for all. https:\/\/lwn.net\/Articles\/786307\/ Casey Schaufler. 2019. LSM: Module stacking for all. https:\/\/lwn.net\/Articles\/786307\/"},{"key":"e_1_3_2_2_35_1","volume-title":"Byte-unixbench: A Unix benchmark suite. Technical report","author":"Smith Ben","year":"2011","unstructured":"Ben Smith , Rick Grehan , Tom Yager , and DC Niemi . 2011 . Byte-unixbench: A Unix benchmark suite. Technical report (2011). Ben Smith, Rick Grehan, Tom Yager, and DC Niemi. 2011. Byte-unixbench: A Unix benchmark suite. Technical report (2011)."},{"key":"e_1_3_2_2_36_1","doi-asserted-by":"publisher","DOI":"10.1145\/2901318.2901341"},{"key":"e_1_3_2_2_37_1","doi-asserted-by":"publisher","DOI":"10.1145\/1314299.1314302"},{"key":"e_1_3_2_2_38_1","doi-asserted-by":"publisher","DOI":"10.1145\/210308.210315"},{"key":"e_1_3_2_2_39_1","volume-title":"Ottawa Linux Symposium","volume":"8032","author":"Wright Chris","year":"2002","unstructured":"Chris Wright , Crispin Cowan , James Morris , Stephen Smalley , and Greg Kroah-Hartman . 2002 . Linux security module framework . In Ottawa Linux Symposium , Vol. 8032 . 6--16. Chris Wright, Crispin Cowan, James Morris, Stephen Smalley, and Greg Kroah-Hartman. 2002. Linux security module framework. In Ottawa Linux Symposium, Vol. 8032. 6--16."},{"volume-title":"Security Technology, Disaster Recovery and Business Continuity","author":"Yamamoto Kenji","key":"e_1_3_2_2_40_1","unstructured":"Kenji Yamamoto and Toshihiro Yamauchi . 2010. Evaluation of performance of secure os using performance evaluation mechanism of lsm-based lsmpmon . In Security Technology, Disaster Recovery and Business Continuity . Springer , 57--67. Kenji Yamamoto and Toshihiro Yamauchi. 2010. Evaluation of performance of secure os using performance evaluation mechanism of lsm-based lsmpmon. In Security Technology, Disaster Recovery and Business Continuity. Springer, 57--67."},{"key":"e_1_3_2_2_41_1","doi-asserted-by":"publisher","DOI":"10.1145\/2018396.2018419"},{"key":"e_1_3_2_2_42_1","volume-title":"28th USENIX Security Symposium (USENIX Security'19)","author":"Zhang Tong","year":"2019","unstructured":"Tong Zhang , Wenbo Shen , Dongyoon Lee , Changhee Jung , Ahmed M Azab , and Ruowen Wang . 2019 . PeX: a permission check analysis framework for Linux kernel . In 28th USENIX Security Symposium (USENIX Security'19) . 1205--1220. Tong Zhang, Wenbo Shen, Dongyoon Lee, Changhee Jung, Ahmed M Azab, and Ruowen Wang. 2019. PeX: a permission check analysis framework for Linux kernel. In 28th USENIX Security Symposium (USENIX Security'19). 1205--1220."},{"key":"e_1_3_2_2_43_1","volume-title":"Integrity: Linux Integrity Module(LIM). https:\/\/lwn.net\/Articles\/287790\/","author":"Zohar Mimi","year":"2008","unstructured":"Mimi Zohar . 2008 . Integrity: Linux Integrity Module(LIM). https:\/\/lwn.net\/Articles\/287790\/ Mimi Zohar. 2008. Integrity: Linux Integrity Module(LIM). https:\/\/lwn.net\/Articles\/287790\/"}],"event":{"name":"ASIA CCS '21: ACM Asia Conference on Computer and Communications Security","sponsor":["SIGSAC ACM Special Interest Group on Security, Audit, and Control"],"location":"Virtual Event Hong Kong","acronym":"ASIA CCS '21"},"container-title":["Proceedings of the 2021 ACM Asia Conference on Computer and Communications Security"],"original-title":[],"link":[{"URL":"https:\/\/dl.acm.org\/doi\/10.1145\/3433210.3453078","content-type":"unspecified","content-version":"vor","intended-application":"text-mining"},{"URL":"https:\/\/dl.acm.org\/doi\/pdf\/10.1145\/3433210.3453078","content-type":"application\/pdf","content-version":"vor","intended-application":"syndication"},{"URL":"https:\/\/dl.acm.org\/doi\/pdf\/10.1145\/3433210.3453078","content-type":"unspecified","content-version":"vor","intended-application":"similarity-checking"}],"deposited":{"date-parts":[[2025,6,17]],"date-time":"2025-06-17T20:48:11Z","timestamp":1750193291000},"score":1,"resource":{"primary":{"URL":"https:\/\/dl.acm.org\/doi\/10.1145\/3433210.3453078"}},"subtitle":[],"short-title":[],"issued":{"date-parts":[[2021,5,24]]},"references-count":41,"alternative-id":["10.1145\/3433210.3453078","10.1145\/3433210"],"URL":"https:\/\/doi.org\/10.1145\/3433210.3453078","relation":{},"subject":[],"published":{"date-parts":[[2021,5,24]]},"assertion":[{"value":"2021-06-04","order":2,"name":"published","label":"Published","group":{"name":"publication_history","label":"Publication History"}}]}}