{"status":"ok","message-type":"work","message-version":"1.0.0","message":{"indexed":{"date-parts":[[2025,12,24]],"date-time":"2025-12-24T12:42:27Z","timestamp":1766580147499,"version":"3.41.0"},"publisher-location":"New York, NY, USA","reference-count":67,"publisher":"ACM","license":[{"start":{"date-parts":[[2022,11,8]],"date-time":"2022-11-08T00:00:00Z","timestamp":1667865600000},"content-version":"vor","delay-in-days":0,"URL":"https:\/\/www.acm.org\/publications\/policies\/copyright_policy#Background"}],"funder":[{"DOI":"10.13039\/501100000266","name":"Engineering and Physical Sciences Research Council","doi-asserted-by":"publisher","award":["EP\/P00881X\/1"],"award-info":[{"award-number":["EP\/P00881X\/1"]}],"id":[{"id":"10.13039\/501100000266","id-type":"DOI","asserted-by":"publisher"}]}],"content-domain":{"domain":["dl.acm.org"],"crossmark-restriction":true},"short-container-title":[],"published-print":{"date-parts":[[2022,11,11]]},"DOI":"10.1145\/3560835.3564550","type":"proceedings-article","created":{"date-parts":[[2022,11,9]],"date-time":"2022-11-09T02:38:26Z","timestamp":1667961506000},"page":"51-61","update-policy":"https:\/\/doi.org\/10.1145\/crossmark-policy","source":"Crossref","is-referenced-by-count":12,"title":["Exorcist"],"prefix":"10.1145","author":[{"given":"Frederick","family":"Barr-Smith","sequence":"first","affiliation":[{"name":"University of Oxford, Oxford, United Kingdom"}]},{"given":"Tim","family":"Blazytko","sequence":"additional","affiliation":[{"name":"Emproof B.V., Eindhoven, Netherlands"}]},{"given":"Richard","family":"Baker","sequence":"additional","affiliation":[{"name":"University of Oxford, Oxford, United Kingdom"}]},{"given":"Ivan","family":"Martinovic","sequence":"additional","affiliation":[{"name":"University of Oxford, Oxford, United Kingdom"}]}],"member":"320","published-online":{"date-parts":[[2022,11,8]]},"reference":[{"key":"e_1_3_2_1_1_1","doi-asserted-by":"publisher","DOI":"10.14722\/ndss.2020.24310"},{"key":"e_1_3_2_1_2_1","volume-title":"Effective Static Analysis of Concurrency Use-After-Free Bugs in Linux Device Drivers. In 2019 USENIX Annual Technical Conference (USENIX ATC 19)","author":"Bai Jia-Ju","year":"2019","unstructured":"Jia-Ju Bai, Julia Lawall, Qiu-Liang Chen, and Shi-Min Hu. 2019. Effective Static Analysis of Concurrency Use-After-Free Bugs in Linux Device Drivers. In 2019 USENIX Annual Technical Conference (USENIX ATC 19). USENIX Association, Renton, WA, 255--268. https:\/\/www.usenix.org\/conference\/atc19\/presentation\/bai"},{"key":"e_1_3_2_1_3_1","doi-asserted-by":"publisher","DOI":"10.1109\/MSP.2012.65"},{"key":"e_1_3_2_1_4_1","doi-asserted-by":"publisher","DOI":"10.1145\/2991079.2991114"},{"key":"e_1_3_2_1_5_1","doi-asserted-by":"publisher","DOI":"10.1016\/bs.adcom.2017.09.004"},{"key":"e_1_3_2_1_6_1","doi-asserted-by":"publisher","DOI":"10.1109\/SP40001.2021.00047"},{"key":"e_1_3_2_1_7_1","volume-title":"NDSS 2009, 16th Annual Network and Distributed System Security Symposium, February 8--11","author":"Bayer Ulrich","year":"2009","unstructured":"Ulrich Bayer, Paolo Milani Comparetti, Clemens Hlauschek, Christopher Kruegel, and Engin Kirda. 2009a. Scalable, behavior-based malware clustering. In NDSS 2009, 16th Annual Network and Distributed System Security Symposium, February 8--11, 2009, San Diego, USA, , ISOC (Ed.). San Diego."},{"key":"e_1_3_2_1_8_1","doi-asserted-by":"publisher","DOI":"10.5555\/1855676.1855684"},{"key":"e_1_3_2_1_9_1","unstructured":"Tim Blazytko. 2021a. Automated Detection of Control-flow Flattening. https:\/\/synthesis.to\/2021\/03\/03\/flattening_detection.html."},{"key":"e_1_3_2_1_10_1","unstructured":"Tim Blazytko. 2021b. Automated Detection of Obfuscated Code. https:\/\/synthesis.to\/2021\/08\/10\/obfuscation_detection.htmll."},{"key":"e_1_3_2_1_11_1","unstructured":"Juriaan Bremer. 2022. ignore.c @ github.com. https:\/\/github.com\/cuckoosandbox\/monitor\/blob\/master\/src\/ignore.c"},{"key":"e_1_3_2_1_12_1","doi-asserted-by":"publisher","DOI":"10.1145\/2976749.2978395"},{"key":"e_1_3_2_1_13_1","doi-asserted-by":"publisher","DOI":"10.1145\/3243734.3243771"},{"key":"e_1_3_2_1_14_1","volume-title":"Obfuscation-Resilient Executable Payload Extraction From Packed Malware. In 30th USENIX Security Symposium (USENIX Security 21)","author":"Cheng Binlin","year":"2021","unstructured":"Binlin Cheng, Jiang Ming, Erika A Leal, Haotian Zhang, Jianming Fu, Guojun Peng, and Jean-Yves Marion. 2021. Obfuscation-Resilient Executable Payload Extraction From Packed Malware. In 30th USENIX Security Symposium (USENIX Security 21). USENIX Association, 3451--3468. https:\/\/www.usenix.org\/conference\/usenixsecurity21\/presentation\/cheng-binlin"},{"key":"e_1_3_2_1_15_1","unstructured":"Christian Collberg Sam Martin Jonathan Myers and Bill Zimmerman. 2014. The Tigress diversifying C virtualizer. http:\/\/tigress.cs.arizona.edu\/"},{"key":"e_1_3_2_1_17_1","doi-asserted-by":"publisher","DOI":"10.5555\/2671225.2671232"},{"key":"e_1_3_2_1_18_1","volume-title":"Simulation of Built-in PHP Features for Precise Static Code Analysis. In 21st Annual Network and Distributed System Security Symposium, NDSS 2014","author":"Dahse Johannes","year":"2014","unstructured":"Johannes Dahse and Thorsten Holz. 2014a. Simulation of Built-in PHP Features for Precise Static Code Analysis. In 21st Annual Network and Distributed System Security Symposium, NDSS 2014, San Diego, California, USA, February 23--26, 2014. The Internet Society. https:\/\/www.ndss-symposium.org\/ndss2014\/simulation-built-php-features-precise-static-code-analysis"},{"key":"e_1_3_2_1_19_1","volume-title":"Proceedings of the 23rd USENIX Security Symposium","author":"Dahse Johannes","year":"2014","unstructured":"Johannes Dahse and Thorsten Holz. 2014b. Static detection of second-order vulnerabilities in web applications. Proceedings of the 23rd USENIX Security Symposium (2014), 989--1003. https:\/\/www.usenix.org\/system\/files\/conference\/usenixsecurity14\/sec14-paper-dahse.pdf"},{"key":"e_1_3_2_1_20_1","volume-title":"Towards Measuring Supply Chain Attacks on Package Managers for Interpreted Languages. In 28th Annual Network and Distributed System Security Symposium, NDSS 2021","author":"Duan Ruian","year":"2021","unstructured":"Ruian Duan, Omar Alrawi, Ranjita Pai Kasturi, Ryan Elder, Brendan Saltaformaggio, and Wenke Lee. 2021. Towards Measuring Supply Chain Attacks on Package Managers for Interpreted Languages. In 28th Annual Network and Distributed System Security Symposium, NDSS 2021, virtually, February 21--25, 2021. The Internet Society. https:\/\/www.ndss-symposium.org\/ndss-paper\/towards-measuring-supply-chain-attacks-on-package-managers-for-interpreted-languages\/"},{"key":"e_1_3_2_1_21_1","volume-title":"DeepBinDiff: Learning Program-Wide Code Representations for Binary Diffing. In 27th Annual Network and Distributed System Security Symposium, NDSS 2020","author":"Duan Yue","year":"2020","unstructured":"Yue Duan, Xuezixiang Li, Jinghan Wang, and Heng Yin. 2020. DeepBinDiff: Learning Program-Wide Code Representations for Binary Diffing. In 27th Annual Network and Distributed System Security Symposium, NDSS 2020, San Diego, California, USA, February 23--26, 2020. The Internet Society. https:\/\/www.ndss-symposium.org\/ndss-paper\/deepbindiff-learning-program-wide-code-representations-for-binary-diffing\/"},{"key":"e_1_3_2_1_22_1","volume-title":"CCleanup: A Vast Number of Machines at Risk","author":"Brumaghin Edmund","year":"2017","unstructured":"Edmund Brumaghin, Ross Gibb, Warren Mercer, Matthew Molyett, and Craig Williams. 2017. CCleanup: A Vast Number of Machines at Risk. Cisco's Talos Intelligence Group Blog (2017). http:\/\/blog.talosintelligence.com\/2017\/09\/avast-distributes-malware.html"},{"key":"e_1_3_2_1_23_1","volume-title":"Proceedings of the 23rd USENIX Security Symposium, 303--317","author":"Egele Manuel","year":"2014","unstructured":"Manuel Egele, Maverick Woo, Peter Chapman, and David Brumley. 2014. Blanket execution: Dynamic similarity testing for program binaries and components. Proceedings of the 23rd USENIX Security Symposium, 303--317. https:\/\/www.usenix.org\/system\/files\/conference\/usenixsecurity14\/sec14-paper-egele.pdf"},{"key":"e_1_3_2_1_24_1","doi-asserted-by":"publisher","DOI":"10.1109\/MSEC.2022.3142338"},{"key":"e_1_3_2_1_26_1","volume-title":"For Good Measure: Counting Broken Links: A Quant's View of Software Supply Chain Security. login Usenix Mag","author":"Geer Dan","year":"2020","unstructured":"Dan Geer, Bentz Tozer, and John Speed Meyers. 2020. For Good Measure: Counting Broken Links: A Quant's View of Software Supply Chain Security. login Usenix Mag. , Vol. 45, 4 (2020). https:\/\/www.usenix.org\/publications\/login\/winter2020\/geer"},{"key":"e_1_3_2_1_27_1","volume-title":"Proceedings of the 24th USENIX Security Symposium","author":"Graziano Mariano","year":"2015","unstructured":"Mariano Graziano, Davide Canali, Leyla Bilge, Andrea Lanzi, and Davide Balzarotti. 2015. Needles in a haystack: Mining information from public dynamic analysis sandboxes for malware intelligence. Proceedings of the 24th USENIX Security Symposium (2015), 1057--1072. http:\/\/www.s3.eurecom.fr\/docs\/usenixsec15_graziano.pdf"},{"key":"e_1_3_2_1_28_1","unstructured":"Andy Greenberg. 2018. The Untold Story of NotPetya the Most Devastating Cyberattack in History."},{"key":"e_1_3_2_1_29_1","volume-title":"RAID 2019 Proceedings - 22nd International Symposium on Research in Attacks, Intrusions and Defenses (2019","author":"Gustafson Eric","year":"2019","unstructured":"Eric Gustafson, Marius Muench, Chad Spensky, Nilo Redini, Aravind Machiry, Yanick Fratantonio, Aur\u00e9 lien Francillon, Davide Balzarotti, Yung Ryn Choe, Christopher Kruegel, and Giovanni Vigna. 2019. Toward the analysis of embedded firmware through automated re-hosting. RAID 2019 Proceedings - 22nd International Symposium on Research in Attacks, Intrusions and Defenses (2019), 135--150. https:\/\/www.usenix.org\/system\/files\/raid2019-gustafson.pdf"},{"key":"e_1_3_2_1_30_1","volume-title":"Unicorn: Runtime Provenance-Based Detector for Advanced Persistent Threats. In 27th Annual Network and Distributed System Security Symposium, NDSS 2020","author":"Han Xueyuan","year":"2020","unstructured":"Xueyuan Han, Thomas F. J.-M. Pasquier, Adam Bates 0001, James Mickens, and Margo Seltzer. 2020. Unicorn: Runtime Provenance-Based Detector for Advanced Persistent Threats. In 27th Annual Network and Distributed System Security Symposium, NDSS 2020, San Diego, California, USA, February 23--26, 2020. The Internet Society. https:\/\/www.ndss-symposium.org\/ndss-paper\/unicorn-runtime-provenance-based-detector-for-advanced-persistent-threats\/"},{"key":"e_1_3_2_1_31_1","doi-asserted-by":"publisher","DOI":"10.1109\/SP40000.2020.00096"},{"key":"e_1_3_2_1_32_1","doi-asserted-by":"publisher","DOI":"10.1145\/3196494.3196511"},{"key":"e_1_3_2_1_33_1","volume-title":"Software Distribution Transparency and Auditability. CoRR","author":"Hof Benjamin","year":"2017","unstructured":"Benjamin Hof and Georg Carle. 2017. Software Distribution Transparency and Auditability. CoRR , Vol. abs\/1711.07278 (2017). showeprint[arXiv]1711.07278 http:\/\/arxiv.org\/abs\/1711.07278"},{"key":"e_1_3_2_1_34_1","doi-asserted-by":"publisher","DOI":"10.1145\/3133956.3133958"},{"key":"e_1_3_2_1_35_1","volume-title":"Proceedings of the 27th USENIX Security Symposium","author":"Kim Doowon","year":"2018","unstructured":"Doowon Kim, Bum Jun Kwon, Kristi\u00e1 n Koz\u00e1 k, Christopher Gates, and Tudor Dumitra?. 2018. The broken Shield: Measuring revocation effectiveness in the windows code-signing PKI. Proceedings of the 27th USENIX Security Symposium (2018), 851--868. https:\/\/www.usenix.org\/system\/files\/conference\/usenixsecurity18\/sec18-kim.pdf"},{"key":"e_1_3_2_1_36_1","doi-asserted-by":"publisher","DOI":"10.5555\/1855768.1855790"},{"key":"e_1_3_2_1_37_1","doi-asserted-by":"publisher","DOI":"10.1145\/3052973.3053035"},{"key":"e_1_3_2_1_38_1","volume-title":"To Kill a Centrifuge","author":"Langner Ralph","year":"2013","unstructured":"Ralph Langner and Bruce Schneier. 2013. To Kill a Centrifuge. The Langner Group November (2013), 1--37. www.langner.com"},{"key":"e_1_3_2_1_39_1","doi-asserted-by":"publisher","DOI":"10.1109\/MSP.2007.48"},{"key":"e_1_3_2_1_40_1","unstructured":"Mandiant. 2014. Tracking Malware with Import Hashing. https:\/\/www.fireeye.com\/blog\/threat-research\/2014\/01\/tracking-malware-import-hashing.html"},{"key":"e_1_3_2_1_41_1","volume-title":"Prevalence and Impact of Low-Entropy Packing Schemes in the Malware Ecosystem. In 27th Annual Network and Distributed System Security Symposium, NDSS 2020","author":"Mantovani Alessandro","year":"2020","unstructured":"Alessandro Mantovani, Simone Aonzo, Xabier Ugarte-Pedrero, Alessio Merlo, and Davide Balzarotti. 2020. Prevalence and Impact of Low-Entropy Packing Schemes in the Malware Ecosystem. In 27th Annual Network and Distributed System Security Symposium, NDSS 2020, San Diego, California, USA, February 23--26, 2020. https:\/\/www.ndss-symposium.org\/ndss-paper\/prevalence-and-impact-of-low-entropy-packing-schemes-in-the-malware-ecosystem\/"},{"key":"e_1_3_2_1_42_1","unstructured":"Microsoft Threat Intelligence Center. 2021. HAFNIUM targeting Exchange Servers with 0-day exploits. https:\/\/www.microsoft.com\/security\/blog\/2021\/03\/02\/hafnium-targeting-exchange-servers\/"},{"key":"e_1_3_2_1_43_1","volume-title":"Proceedings of the 26th USENIX Security Symposium","author":"Ming Jiang","year":"2017","unstructured":"Jiang Ming, Dongpeng Xu, Yufei Jiang, and Dinghao Wu. 2017. BinSIM: Trace-based semantic binary diffing via system call sliced segment equivalence checking. Proceedings of the 26th USENIX Security Symposium (2017), 253--270. https:\/\/www.usenix.org\/system\/files\/conference\/usenixsecurity17\/sec17-ming.pdf"},{"key":"e_1_3_2_1_44_1","doi-asserted-by":"publisher","DOI":"10.1109\/ACSAC.2007.21"},{"key":"e_1_3_2_1_45_1","doi-asserted-by":"publisher","DOI":"10.1145\/3471621.3471848"},{"volume-title":"Detection of Intrusions and Malware, and Vulnerability Assessment, , Cl\u00e9 mentine Maurice","author":"Ohm Marc","key":"e_1_3_2_1_46_1","unstructured":"Marc Ohm, Henrik Plate, Arnold Sykosch, and Michael Meier. 2020a. Backstabber's Knife Collection: A Review of Open Source Software Supply Chain Attacks. In Detection of Intrusions and Malware, and Vulnerability Assessment, , Cl\u00e9 mentine Maurice, Leyla Bilge, Gianluca Stringhini, and Nuno Neves (Eds.). Springer International Publishing, Cham, 23--43."},{"key":"e_1_3_2_1_47_1","doi-asserted-by":"publisher","DOI":"10.1145\/3407023.3409183"},{"key":"e_1_3_2_1_48_1","doi-asserted-by":"publisher","DOI":"10.1109\/MSEC.2021.3051235"},{"key":"e_1_3_2_1_49_1","doi-asserted-by":"publisher","DOI":"10.1145\/2810103.2813604"},{"key":"e_1_3_2_1_50_1","unstructured":"Daniel Plohmann. 2022. Top 100 Windows API functions \/ DLLs observed (413 families .NET excluded). https:\/\/malpedia.caad.fkie.fraunhofer.de\/stats\/api_dll_frequencies"},{"key":"e_1_3_2_1_51_1","unstructured":"Ramin Nafisi. 2021. FoggyWeb: Targeted NOBELIUM malware leads to persistent backdoor. https:\/\/www.microsoft.com\/security\/blog\/2021\/09\/27\/foggyweb-targeted-nobelium-malware-leads-to-persistent-backdoor\/"},{"key":"e_1_3_2_1_52_1","unstructured":"Paul Rascagneres. 2017. Disassembler and Runtime Analysis. https:\/\/blog.talosintelligence.com\/2017\/10\/disassembler-and-runtime-analysis.html"},{"key":"e_1_3_2_1_53_1","doi-asserted-by":"publisher","DOI":"10.5555\/1855876.1855877"},{"key":"e_1_3_2_1_54_1","volume-title":"Loki: Hardening Code Obfuscation Against Automated Attacks. In 31st USENIX Security Symposium (USENIX Security 22)","author":"Schloegel Moritz","year":"2022","unstructured":"Moritz Schloegel, Tim Blazytko, Moritz Contag, Cornelius Aschermann, Julius Basler, Thorsten Holz, and Ali Abbasi. 2022. Loki: Hardening Code Obfuscation Against Automated Attacks. In 31st USENIX Security Symposium (USENIX Security 22). USENIX Association, Boston, MA, 3055--3073. https:\/\/www.usenix.org\/conference\/usenixsecurity22\/presentation\/schloegel"},{"key":"e_1_3_2_1_55_1","doi-asserted-by":"publisher","DOI":"10.1002\/j.1538--7305.1948.tb01338.x"},{"key":"e_1_3_2_1_56_1","doi-asserted-by":"publisher","DOI":"10.1145\/3139292"},{"key":"e_1_3_2_1_57_1","doi-asserted-by":"crossref","unstructured":"Yan Shoshitaishvili Ruoyu Wang Christophe Hauser Christopher Kruegel and Giovanni Vigna. 2015. Firmalice - Automatic Detection of Authentication Bypass Vulnerabilities in Binary Firmware. (2015). https:\/\/www.ndss-symposium.org\/ndss2015\/firmalice-automatic-detection-authentication-bypass-vulnerabilities-binary-firmware","DOI":"10.14722\/ndss.2015.23294"},{"key":"e_1_3_2_1_58_1","unstructured":"Microsoft 365 Defender Research Team. 2020. Analyzing Solorigate the compromised DLL file that started a sophisticated cyberattack and how Microsoft Defender helps protect customers. https:\/\/www.microsoft.com\/security\/blog\/2020\/12\/18\/analyzing-solorigate-the-compromised-dll-file-that-started-a-sophisticated-cyberattack-and-how-microsoft-defender-helps-protect\/"},{"key":"e_1_3_2_1_59_1","volume-title":"Backdoors: Definition, Deniability and Detection. In Research in Attacks","author":"Thomas Sam L","year":"2018","unstructured":"Sam L Thomas and Aur\u00e9 lien Francillon. 2018. Backdoors: Definition, Deniability and Detection. In Research in Attacks, Intrusions, and Defenses, Michael Bailey, Thorsten Holz, Manolis Stamatogiannakis, and Sotiris Ioannidis (Eds.). Springer International Publishing, Cham, 92--113."},{"key":"e_1_3_2_1_60_1","doi-asserted-by":"crossref","unstructured":"Xabier Ugarte-Pedrero Davide Balzarotti Igor Santos and Pablo Bringas. 2015. SoK: Deep Packer Inspection: A Longitudinal Study of the Complexity of Run-Time Packers. https:\/\/ieeexplore.ieee.org\/stamp\/stamp.jsp?tp=&arnumber=7163053","DOI":"10.1109\/SP.2015.46"},{"key":"e_1_3_2_1_61_1","doi-asserted-by":"publisher","DOI":"10.1016\/j.fsidi.2020.300917"},{"key":"e_1_3_2_1_62_1","doi-asserted-by":"publisher","DOI":"10.1109\/SP.2011.27"},{"key":"e_1_3_2_1_63_1","doi-asserted-by":"publisher","DOI":"10.14722\/ndss.2020.24167"},{"key":"e_1_3_2_1_64_1","volume-title":"29th USENIX Security Symposium (USENIX Security 20)","author":"Xiao Yang","year":"2020","unstructured":"Yang Xiao, Bihuan Chen, Chendong Yu, Zhengzi Xu, Zimu Yuan, Feng Li, Binghong Liu, Yang Liu, Wei Huo, Wei Zou, and Wenchang Shi. 2020. MVP: Detecting Vulnerabilities using Patch-Enhanced Vulnerability Signatures. In 29th USENIX Security Symposium (USENIX Security 20). USENIX Association, 1165--1182. https:\/\/www.usenix.org\/conference\/usenixsecurity20\/presentation\/xiao"},{"key":"e_1_3_2_1_65_1","doi-asserted-by":"publisher","DOI":"10.1145\/1644893.1644896"},{"key":"e_1_3_2_1_66_1","doi-asserted-by":"publisher","DOI":"10.1145\/2523649.2523661"},{"key":"e_1_3_2_1_67_1","doi-asserted-by":"publisher","DOI":"10.5555\/1784964.1784971"},{"key":"e_1_3_2_1_68_1","volume-title":"Measuring and Modeling the Label Dynamics of Online Anti-Malware Engines. In 29th USENIX Security Symposium (USENIX Security 20)","author":"Zhu Shuofei","year":"2020","unstructured":"Shuofei Zhu, Jianjun Shi, Limin Yang, Boqin Qin, Ziyi Zhang, Linhai Song, and Gang Wang. 2020. Measuring and Modeling the Label Dynamics of Online Anti-Malware Engines. In 29th USENIX Security Symposium (USENIX Security 20). USENIX Association, 2361--2378. https:\/\/www.usenix.org\/conference\/usenixsecurity20\/presentation\/zhu"},{"key":"e_1_3_2_1_69_1","volume-title":"28th USENIX Security Symposium (USENIX Security 19)","author":"Zimmermann Markus","year":"2019","unstructured":"Markus Zimmermann, Cristian-Alexandru Staicu, Cam Tenny, and Michael Pradel. 2019. Small World with High Risks: A Study of Security Threats in the npm Ecosystem. In 28th USENIX Security Symposium (USENIX Security 19). USENIX Association, Santa Clara, CA, 995--1010. https:\/\/www.usenix.org\/conference\/usenixsecurity19\/presentation\/zimmerman"}],"event":{"name":"CCS '22: 2022 ACM SIGSAC Conference on Computer and Communications Security","sponsor":["SIGSAC ACM Special Interest Group on Security, Audit, and Control"],"location":"Los Angeles CA USA","acronym":"CCS '22"},"container-title":["Proceedings of the 2022 ACM Workshop on Software Supply Chain Offensive Research and Ecosystem Defenses"],"original-title":[],"link":[{"URL":"https:\/\/dl.acm.org\/doi\/10.1145\/3560835.3564550","content-type":"unspecified","content-version":"vor","intended-application":"text-mining"},{"URL":"https:\/\/dl.acm.org\/doi\/pdf\/10.1145\/3560835.3564550","content-type":"unspecified","content-version":"vor","intended-application":"similarity-checking"}],"deposited":{"date-parts":[[2025,6,17]],"date-time":"2025-06-17T17:49:09Z","timestamp":1750182549000},"score":1,"resource":{"primary":{"URL":"https:\/\/dl.acm.org\/doi\/10.1145\/3560835.3564550"}},"subtitle":["Automated Differential Analysis to Detect Compromises in Closed-Source Software Supply Chains"],"short-title":[],"issued":{"date-parts":[[2022,11,8]]},"references-count":67,"alternative-id":["10.1145\/3560835.3564550","10.1145\/3560835"],"URL":"https:\/\/doi.org\/10.1145\/3560835.3564550","relation":{},"subject":[],"published":{"date-parts":[[2022,11,8]]},"assertion":[{"value":"2022-11-08","order":2,"name":"published","label":"Published","group":{"name":"publication_history","label":"Publication History"}}]}}