{"status":"ok","message-type":"work","message-version":"1.0.0","message":{"indexed":{"date-parts":[[2026,2,25]],"date-time":"2026-02-25T18:01:50Z","timestamp":1772042510755,"version":"3.50.1"},"publisher-location":"New York, NY, USA","reference-count":54,"publisher":"ACM","license":[{"start":{"date-parts":[[2022,10,26]],"date-time":"2022-10-26T00:00:00Z","timestamp":1666742400000},"content-version":"vor","delay-in-days":0,"URL":"https:\/\/www.acm.org\/publications\/policies\/copyright_policy#Background"}],"funder":[{"name":"ONR","award":["N00014-17-1-2891"],"award-info":[{"award-number":["N00014-17-1-2891"]}]},{"name":"NSF","award":["2104148 1749895"],"award-info":[{"award-number":["2104148 1749895"]}]}],"content-domain":{"domain":["dl.acm.org"],"crossmark-restriction":true},"short-container-title":[],"published-print":{"date-parts":[[2022,10,26]]},"DOI":"10.1145\/3545948.3545978","type":"proceedings-article","created":{"date-parts":[[2022,10,17]],"date-time":"2022-10-17T11:21:49Z","timestamp":1666005709000},"page":"395-408","update-policy":"https:\/\/doi.org\/10.1145\/crossmark-policy","source":"Crossref","is-referenced-by-count":11,"title":["Decap: Deprivileging Programs by Reducing Their Capabilities"],"prefix":"10.1145","author":[{"given":"Md Mehedi","family":"Hasan","sequence":"first","affiliation":[{"name":"Stony Brook University, United States of America"}]},{"given":"Seyedhamed","family":"Ghavamnia","sequence":"additional","affiliation":[{"name":"Stony Brook University, United States of America"}]},{"given":"Michalis","family":"Polychronakis","sequence":"additional","affiliation":[{"name":"Stony Brook University, United States of America"}]}],"member":"320","published-online":{"date-parts":[[2022,10,26]]},"reference":[{"key":"e_1_3_2_1_1_1","doi-asserted-by":"publisher","DOI":"10.1145\/3359789.3359823"},{"key":"e_1_3_2_1_2_1","volume-title":"Proceedings of the 24th USENIX Security Symposium. 691\u2013706","author":"Backes Michael","year":"2015","unstructured":"Michael Backes , Sven Bugiel , Christian Hammer , Oliver Schranz , and Philipp von Styp-Rekowsky . 2015 . Boxify: Full-fledged app sandboxing for stock Android . In Proceedings of the 24th USENIX Security Symposium. 691\u2013706 . Michael Backes, Sven Bugiel, Christian Hammer, Oliver Schranz, and Philipp von Styp-Rekowsky. 2015. Boxify: Full-fledged app sandboxing for stock Android. In Proceedings of the 24th USENIX Security Symposium. 691\u2013706."},{"key":"e_1_3_2_1_3_1","volume-title":"Bovet and Marco Cesati","author":"P.","year":"2002","unstructured":"Daniel\u00a0 P. Bovet and Marco Cesati . 2002 . Understanding the Linux Kernel. O\u2019Reilly . Daniel\u00a0P. Bovet and Marco Cesati. 2002. Understanding the Linux Kernel. O\u2019Reilly."},{"key":"e_1_3_2_1_4_1","volume-title":"Proceedings of the 13th USENIX Security Symposium.","author":"Brumley David","year":"2004","unstructured":"David Brumley and Dawn Song . 2004 . Privtrans: Automatically Partitioning Programs for Privilege Separation . In Proceedings of the 13th USENIX Security Symposium. David Brumley and Dawn Song. 2004. Privtrans: Automatically Partitioning Programs for Privilege Separation. In Proceedings of the 13th USENIX Security Symposium."},{"key":"e_1_3_2_1_5_1","doi-asserted-by":"publisher","DOI":"10.1109\/DSN.2019.00065"},{"key":"e_1_3_2_1_6_1","unstructured":"cvedetails.com. 2003. Vulnerability Details CVE-2003-0144. https:\/\/www.cvedetails.com\/cve\/CVE-2003-0144\/  cvedetails.com. 2003. Vulnerability Details CVE-2003-0144. https:\/\/www.cvedetails.com\/cve\/CVE-2003-0144\/"},{"key":"e_1_3_2_1_7_1","unstructured":"cve.mitre.org. 2022. CVE List. https:\/\/cve.mitre.org\/  cve.mitre.org. 2022. CVE List. https:\/\/cve.mitre.org\/"},{"key":"e_1_3_2_1_8_1","volume-title":"Proceedings of the International Conference on Research in Attacks, Intrusions, and Defenses (RAID).","author":"DeMarinis Nicholas","year":"2020","unstructured":"Nicholas DeMarinis , Kent Williams-King , Di Jin , Rodrigo Fonseca , and Vasileios\u00a0 P. Kemerlis . 2020 . Sysfilter: Automated System Call Filtering for Commodity Software . In Proceedings of the International Conference on Research in Attacks, Intrusions, and Defenses (RAID). Nicholas DeMarinis, Kent Williams-King, Di Jin, Rodrigo Fonseca, and Vasileios\u00a0P. Kemerlis. 2020. Sysfilter: Automated System Call Filtering for Commodity Software. In Proceedings of the International Conference on Research in Attacks, Intrusions, and Defenses (RAID)."},{"key":"e_1_3_2_1_9_1","doi-asserted-by":"publisher","DOI":"10.1145\/3319535.3345665"},{"key":"e_1_3_2_1_10_1","volume-title":"Proceedings of the International Conference on Research in Attacks, Intrusions, and Defenses (RAID).","author":"Ghavamnia Seyedhamed","year":"2020","unstructured":"Seyedhamed Ghavamnia , Tapti Palit , Azzedine Benameur , and Michalis Polychronakis . 2020 . Confine: Automated System Call Policy Generation for Container Attack Surface Reduction . In Proceedings of the International Conference on Research in Attacks, Intrusions, and Defenses (RAID). Seyedhamed Ghavamnia, Tapti Palit, Azzedine Benameur, and Michalis Polychronakis. 2020. Confine: Automated System Call Policy Generation for Container Attack Surface Reduction. In Proceedings of the International Conference on Research in Attacks, Intrusions, and Defenses (RAID)."},{"key":"e_1_3_2_1_11_1","doi-asserted-by":"publisher","DOI":"10.5555\/3489212.3489311"},{"key":"e_1_3_2_1_12_1","unstructured":"Brendan Gregg. 2016. Linux bcc Tracing Security Capabilities. https:\/\/www.brendangregg.com\/blog\/2016-10-01\/linux-bcc-security-capabilities.html  Brendan Gregg. 2016. Linux bcc Tracing Security Capabilities. https:\/\/www.brendangregg.com\/blog\/2016-10-01\/linux-bcc-security-capabilities.html"},{"key":"e_1_3_2_1_13_1","unstructured":"Heino\u00a0Sass Hallik. 2019. Linux privilege Escalation using the SUID Bit. https:\/\/materials.rangeforce.com\/tutorial\/2019\/11\/07\/Linux-PrivEsc-SUID-Bit\/  Heino\u00a0Sass Hallik. 2019. Linux privilege Escalation using the SUID Bit. https:\/\/materials.rangeforce.com\/tutorial\/2019\/11\/07\/Linux-PrivEsc-SUID-Bit\/"},{"key":"e_1_3_2_1_14_1","doi-asserted-by":"publisher","DOI":"10.1109\/SP.2013.11"},{"key":"e_1_3_2_1_15_1","doi-asserted-by":"publisher","DOI":"10.1145\/3243734.3243838"},{"key":"e_1_3_2_1_16_1","doi-asserted-by":"publisher","DOI":"10.1109\/SecDev.2018.00014"},{"key":"e_1_3_2_1_17_1","doi-asserted-by":"publisher","DOI":"10.1145\/2592798.2592811"},{"key":"e_1_3_2_1_18_1","doi-asserted-by":"publisher","DOI":"10.1145\/3292006.3300028"},{"key":"e_1_3_2_1_19_1","doi-asserted-by":"publisher","DOI":"10.1109\/IEMTRONICS52119.2021.9422529"},{"key":"e_1_3_2_1_20_1","unstructured":"kernel.org. 2012. Seccomp BPF (SECure COMPuting with filters). https:\/\/www.kernel.org\/doc\/html\/v4.16\/userspace-api\/seccomp_filter.html  kernel.org. 2012. Seccomp BPF (SECure COMPuting with filters). https:\/\/www.kernel.org\/doc\/html\/v4.16\/userspace-api\/seccomp_filter.html"},{"key":"e_1_3_2_1_21_1","unstructured":"Michael Kerrisk. 2010. The Linux Programming Interface. No Starch Press.  Michael Kerrisk. 2010. The Linux Programming Interface. No Starch Press."},{"key":"e_1_3_2_1_22_1","unstructured":"Michael Kerrisk. 2012. CAP_SYS_ADMIN: the new root. https:\/\/lwn.net\/Articles\/486306\/  Michael Kerrisk. 2012. CAP_SYS_ADMIN: the new root. https:\/\/lwn.net\/Articles\/486306\/"},{"key":"e_1_3_2_1_23_1","volume-title":"Proceedings of the USENIX Annual Technical Conference, FREENIX Track. 273\u2013284","author":"Kilpatrick Douglas","year":"2003","unstructured":"Douglas Kilpatrick . 2003 . Privman: A Library for Partitioning Applications .. In Proceedings of the USENIX Annual Technical Conference, FREENIX Track. 273\u2013284 . Douglas Kilpatrick. 2003. Privman: A Library for Partitioning Applications.. In Proceedings of the USENIX Annual Technical Conference, FREENIX Track. 273\u2013284."},{"key":"e_1_3_2_1_24_1","doi-asserted-by":"publisher","DOI":"10.14722\/ndss.2020.24018"},{"key":"e_1_3_2_1_25_1","doi-asserted-by":"publisher","DOI":"10.1145\/3301417.3312501"},{"key":"e_1_3_2_1_26_1","unstructured":"Vickie Li. 2020. Becoming Root Through An SUID Executable. https:\/\/vickieli.medium.com\/becoming-root-through-an-suid-executable-47473173a6ec  Vickie Li. 2020. Becoming Root Through An SUID Executable. https:\/\/vickieli.medium.com\/becoming-root-through-an-suid-executable-47473173a6ec"},{"key":"e_1_3_2_1_27_1","unstructured":"man7.org. 1999. Capabilities(7) - Linux Programmer\u2019s Manual. http:\/\/man7.org\/linux\/man-pages\/man7\/capabilities.7.html.  man7.org. 1999. Capabilities(7) - Linux Programmer\u2019s Manual. http:\/\/man7.org\/linux\/man-pages\/man7\/capabilities.7.html."},{"key":"e_1_3_2_1_28_1","unstructured":"Alois Micard. 2020. Privilege escalation using setuid. https:\/\/blog.creekorful.org\/2020\/09\/setuid-privilege-escalation\/  Alois Micard. 2020. Privilege escalation using setuid. https:\/\/blog.creekorful.org\/2020\/09\/setuid-privilege-escalation\/"},{"key":"e_1_3_2_1_29_1","doi-asserted-by":"publisher","DOI":"10.1145\/3274694.3274703"},{"key":"e_1_3_2_1_30_1","doi-asserted-by":"publisher","DOI":"10.1109\/EuroSP48549.2020.00010"},{"key":"e_1_3_2_1_31_1","unstructured":"nvd.nist.gov. 2006. Vulnerability Details CVE-2006-3378. https:\/\/nvd.nist.gov\/vuln\/detail\/CVE-2006-3378  nvd.nist.gov. 2006. Vulnerability Details CVE-2006-3378. https:\/\/nvd.nist.gov\/vuln\/detail\/CVE-2006-3378"},{"key":"e_1_3_2_1_32_1","unstructured":"nvd.nist.gov. 2019. Vulnerability Details CVE-2019-0211. https:\/\/nvd.nist.gov\/vuln\/detail\/CVE-2019-0211  nvd.nist.gov. 2019. Vulnerability Details CVE-2019-0211. https:\/\/nvd.nist.gov\/vuln\/detail\/CVE-2019-0211"},{"key":"e_1_3_2_1_33_1","unstructured":"nvd.nist.gov. 2022. CVE-2022-0563 - chfn and chsh. https:\/\/nvd.nist.gov\/vuln\/detail\/CVE-2022-0563  nvd.nist.gov. 2022. CVE-2022-0563 - chfn and chsh. https:\/\/nvd.nist.gov\/vuln\/detail\/CVE-2022-0563"},{"key":"e_1_3_2_1_34_1","doi-asserted-by":"publisher","DOI":"10.1145\/2414456.2414498"},{"key":"e_1_3_2_1_35_1","unstructured":"IO\u00a0Visor Project. 2015. BPF Compiler Collection (BCC). https:\/\/github.com\/iovisor\/bcc  IO\u00a0Visor Project. 2015. BPF Compiler Collection (BCC). https:\/\/github.com\/iovisor\/bcc"},{"key":"e_1_3_2_1_36_1","volume-title":"Proceedings of the 12th USENIX Security Symposium.","author":"Provos Niels","year":"2003","unstructured":"Niels Provos . 2003 . Improving Host Security with System Call Policies . In Proceedings of the 12th USENIX Security Symposium. Niels Provos. 2003. Improving Host Security with System Call Policies. In Proceedings of the 12th USENIX Security Symposium."},{"key":"e_1_3_2_1_37_1","volume-title":"Proceedings of the 12th USENIX Security Symposium.","author":"Provos Niels","year":"2003","unstructured":"Niels Provos , Markus Friedl , and Peter Honeyman . 2003 . Preventing Privilege Escalation . In Proceedings of the 12th USENIX Security Symposium. Niels Provos, Markus Friedl, and Peter Honeyman. 2003. Preventing Privilege Escalation. In Proceedings of the 12th USENIX Security Symposium."},{"key":"e_1_3_2_1_38_1","volume-title":"Proceedings of the 28th USENIX Security Symposium.","author":"Qian Chenxiong","year":"2019","unstructured":"Chenxiong Qian , Hong Hu , Mansour Alharthi , Pak\u00a0Ho Chung , Taesoo Kim , and Wenke Lee . 2019 . RAZOR: A Framework for Post-deployment Software Debloating . In Proceedings of the 28th USENIX Security Symposium. Chenxiong Qian, Hong Hu, Mansour Alharthi, Pak\u00a0Ho Chung, Taesoo Kim, and Wenke Lee. 2019. RAZOR: A Framework for Post-deployment Software Debloating. In Proceedings of the 28th USENIX Security Symposium."},{"key":"e_1_3_2_1_39_1","doi-asserted-by":"publisher","DOI":"10.1145\/3372297.3417866"},{"key":"e_1_3_2_1_40_1","doi-asserted-by":"publisher","DOI":"10.5555\/3277203.3277269"},{"key":"e_1_3_2_1_41_1","doi-asserted-by":"publisher","DOI":"10.1109\/TDSC.2006.41"},{"key":"e_1_3_2_1_42_1","first-page":"135","article-title":"Protection of Data File Contents","volume":"4","author":"Ritchie M.","year":"1979","unstructured":"Dennis\u00a0 M. Ritchie . 1979 . Protection of Data File Contents . US Patent 4 , 135 ,240. Dennis\u00a0M. Ritchie. 1979. Protection of Data File Contents. US Patent 4,135,240.","journal-title":"US Patent"},{"key":"e_1_3_2_1_43_1","doi-asserted-by":"publisher","DOI":"10.1145\/3471621.3471839"},{"key":"e_1_3_2_1_44_1","unstructured":"Bob Rudis. 2019. Apache Httpd Server Privilege Escalation (CVE-2019-0211): What You Need to Know. https:\/\/www.rapid7.com\/blog\/post\/2019\/04\/03\/apache-http-server-privilege-escalation-cve-2019-0211-what-you-need-to-know\/  Bob Rudis. 2019. Apache Httpd Server Privilege Escalation (CVE-2019-0211): What You Need to Know. https:\/\/www.rapid7.com\/blog\/post\/2019\/04\/03\/apache-http-server-privilege-escalation-cve-2019-0211-what-you-need-to-know\/"},{"key":"e_1_3_2_1_45_1","doi-asserted-by":"publisher","DOI":"10.1109\/PROC.1975.9939"},{"key":"e_1_3_2_1_46_1","doi-asserted-by":"publisher","DOI":"10.14722\/ndss.2016.23485"},{"key":"e_1_3_2_1_47_1","volume-title":"Implementing a secure setuid program. Parallel and Distributed Computing and Networks","author":"Shinagawa Takahiro","year":"2004","unstructured":"Takahiro Shinagawa and Kenji Kono . 2004. Implementing a secure setuid program. Parallel and Distributed Computing and Networks ( 2004 ). Takahiro Shinagawa and Kenji Kono. 2004. Implementing a secure setuid program. Parallel and Distributed Computing and Networks (2004)."},{"key":"e_1_3_2_1_48_1","unstructured":"Gurkirat Singh. 2021. Exploiting SUID Binaries to Get Root User Shell. https:\/\/tbhaxor.com\/exploiting-suid-binaries-to-get-root-user-shell\/  Gurkirat Singh. 2021. Exploiting SUID Binaries to Get Root User Shell. https:\/\/tbhaxor.com\/exploiting-suid-binaries-to-get-root-user-shell\/"},{"key":"e_1_3_2_1_49_1","unstructured":"Brad Spengler. 2011. False Boundaries and Arbitrary Code Execution. https:\/\/grsecurity.net\/false_boundaries_and_arbitrary_code_execution.  Brad Spengler. 2011. False Boundaries and Arbitrary Code Execution. https:\/\/grsecurity.net\/false_boundaries_and_arbitrary_code_execution."},{"key":"e_1_3_2_1_50_1","unstructured":"The Ubuntu\u00a0Web Team. 2022. Ubuntu Popularity Contest. https:\/\/popcon.ubuntu.com\/  The Ubuntu\u00a0Web Team. 2022. Ubuntu Popularity Contest. https:\/\/popcon.ubuntu.com\/"},{"key":"e_1_3_2_1_51_1","unstructured":"Michael Torres. 2018. Linux Privilege Escalation - SetUID. https:\/\/micrictor.github.io\/Exploiting-Setuid-Programs\/  Michael Torres. 2018. Linux Privilege Escalation - SetUID. https:\/\/micrictor.github.io\/Exploiting-Setuid-Programs\/"},{"key":"e_1_3_2_1_52_1","volume-title":"Proceedings of the 31st USENIX Security Symposium.","author":"Wang Lun","year":"2022","unstructured":"Lun Wang , Usmann Khan , Joseph Near , Qi Pang , Jithendaraa Subramanian , Neel Somani , Peng Gao , Andrew Low , and Dawn Song . 2022 . PrivGuard: Privacy Regulation Compliance Made Easier . In Proceedings of the 31st USENIX Security Symposium. Lun Wang, Usmann Khan, Joseph Near, Qi Pang, Jithendaraa Subramanian, Neel Somani, Peng Gao, Andrew Low, and Dawn Song. 2022. PrivGuard: Privacy Regulation Compliance Made Easier. In Proceedings of the 31st USENIX Security Symposium."},{"key":"e_1_3_2_1_53_1","volume-title":"Proceedings of the 19th USENIX Security Symposium.","author":"Watson M.","unstructured":"R.\u00a0N.\u00a0 M. Watson , J. Anderson , B. Laurie , and K. Kennaway . 2010. Capsicum: Practical capabilities for UNIX . In Proceedings of the 19th USENIX Security Symposium. R.\u00a0N.\u00a0M. Watson, J. Anderson, B. Laurie, and K. Kennaway. 2010. Capsicum: Practical capabilities for UNIX. In Proceedings of the 19th USENIX Security Symposium."},{"key":"e_1_3_2_1_54_1","volume-title":"Proceedings of the 28th USENIX Security Symposium. 1205\u20131220","author":"Zhang Tong","year":"2019","unstructured":"Tong Zhang , Wenbo Shen , Dongyoon Lee , Changhee Jung , Ahmed\u00a0 M. Azab , and Ruowen Wang . 2019 . PeX: A Permission Check Analysis Framework for Linux Kernel . In Proceedings of the 28th USENIX Security Symposium. 1205\u20131220 . Tong Zhang, Wenbo Shen, Dongyoon Lee, Changhee Jung, Ahmed\u00a0M. Azab, and Ruowen Wang. 2019. PeX: A Permission Check Analysis Framework for Linux Kernel. In Proceedings of the 28th USENIX Security Symposium. 1205\u20131220."}],"event":{"name":"RAID 2022: 25th International Symposium on Research in Attacks, Intrusions and Defenses","location":"Limassol Cyprus","acronym":"RAID 2022"},"container-title":["Proceedings of the 25th International Symposium on Research in Attacks, Intrusions and Defenses"],"original-title":[],"link":[{"URL":"https:\/\/dl.acm.org\/doi\/10.1145\/3545948.3545978","content-type":"unspecified","content-version":"vor","intended-application":"text-mining"},{"URL":"https:\/\/dl.acm.org\/doi\/abs\/10.1145\/3545948.3545978","content-type":"text\/html","content-version":"vor","intended-application":"syndication"},{"URL":"https:\/\/dl.acm.org\/doi\/pdf\/10.1145\/3545948.3545978","content-type":"unspecified","content-version":"vor","intended-application":"similarity-checking"}],"deposited":{"date-parts":[[2025,6,17]],"date-time":"2025-06-17T19:30:17Z","timestamp":1750188617000},"score":1,"resource":{"primary":{"URL":"https:\/\/dl.acm.org\/doi\/10.1145\/3545948.3545978"}},"subtitle":[],"short-title":[],"issued":{"date-parts":[[2022,10,26]]},"references-count":54,"alternative-id":["10.1145\/3545948.3545978","10.1145\/3545948"],"URL":"https:\/\/doi.org\/10.1145\/3545948.3545978","relation":{},"subject":[],"published":{"date-parts":[[2022,10,26]]},"assertion":[{"value":"2022-10-26","order":2,"name":"published","label":"Published","group":{"name":"publication_history","label":"Publication History"}}]}}