{"status":"ok","message-type":"work","message-version":"1.0.0","message":{"indexed":{"date-parts":[[2025,6,24]],"date-time":"2025-06-24T06:29:39Z","timestamp":1750746579397,"version":"3.41.0"},"publisher-location":"New York, NY, USA","reference-count":62,"publisher":"ACM","license":[{"start":{"date-parts":[[2022,12,5]],"date-time":"2022-12-05T00:00:00Z","timestamp":1670198400000},"content-version":"vor","delay-in-days":0,"URL":"https:\/\/www.acm.org\/publications\/policies\/copyright_policy#Background"}],"funder":[{"DOI":"10.13039\/100000185","name":"Defense Advanced Research Projects Agency","doi-asserted-by":"publisher","award":["HR0011-19-C-0106 and HR0011-20-C-0191"],"award-info":[{"award-number":["HR0011-19-C-0106 and HR0011-20-C-0191"]}],"id":[{"id":"10.13039\/100000185","id-type":"DOI","asserted-by":"publisher"}]},{"name":"Google Research Award"}],"content-domain":{"domain":["dl.acm.org"],"crossmark-restriction":true},"short-container-title":[],"published-print":{"date-parts":[[2022,12,5]]},"DOI":"10.1145\/3564625.3564664","type":"proceedings-article","created":{"date-parts":[[2022,12,3]],"date-time":"2022-12-03T01:01:29Z","timestamp":1670029289000},"page":"71-87","update-policy":"https:\/\/doi.org\/10.1145\/crossmark-policy","source":"Crossref","is-referenced-by-count":3,"title":["Towards Practical Application-level Support for Privilege Separation"],"prefix":"10.1145","author":[{"ORCID":"https:\/\/orcid.org\/0000-0002-8166-1200","authenticated-orcid":false,"given":"Nik","family":"Sultana","sequence":"first","affiliation":[{"name":"Illinois Institute of Technology, United States of America"}],"role":[{"role":"author","vocabulary":"crossref"}]},{"ORCID":"https:\/\/orcid.org\/0000-0002-2242-8038","authenticated-orcid":false,"given":"Henry","family":"Zhu","sequence":"additional","affiliation":[{"name":"UIUC, USA"}],"role":[{"role":"author","vocabulary":"crossref"}]},{"ORCID":"https:\/\/orcid.org\/0000-0003-3881-5646","authenticated-orcid":false,"given":"Ke","family":"Zhong","sequence":"additional","affiliation":[{"name":"University of Pennsylvania, USA"}],"role":[{"role":"author","vocabulary":"crossref"}]},{"ORCID":"https:\/\/orcid.org\/0000-0002-9735-8708","authenticated-orcid":false,"given":"Zhilei","family":"Zheng","sequence":"additional","affiliation":[{"name":"University of Pennsylvania, USA"}],"role":[{"role":"author","vocabulary":"crossref"}]},{"ORCID":"https:\/\/orcid.org\/0000-0002-0736-3109","authenticated-orcid":false,"given":"Ruijie","family":"Mao","sequence":"additional","affiliation":[{"name":"University of Pennsylvania, USA"}],"role":[{"role":"author","vocabulary":"crossref"}]},{"ORCID":"https:\/\/orcid.org\/0000-0002-6704-4329","authenticated-orcid":false,"given":"Digvijaysinh","family":"Chauhan","sequence":"additional","affiliation":[{"name":"University of Pennsylvania, USA"}],"role":[{"role":"author","vocabulary":"crossref"}]},{"ORCID":"https:\/\/orcid.org\/0000-0002-0289-2431","authenticated-orcid":false,"given":"Stephen","family":"Carrasquillo","sequence":"additional","affiliation":[{"name":"University of Pennsylvania, USA"}],"role":[{"role":"author","vocabulary":"crossref"}]},{"ORCID":"https:\/\/orcid.org\/0000-0001-5862-6127","authenticated-orcid":false,"given":"Junyong","family":"Zhao","sequence":"additional","affiliation":[{"name":"University of Arizona, USA"}],"role":[{"role":"author","vocabulary":"crossref"}]},{"ORCID":"https:\/\/orcid.org\/0000-0002-3398-0004","authenticated-orcid":false,"given":"Lei","family":"Shi","sequence":"additional","affiliation":[{"name":"University of Pennsylvania, USA"}],"role":[{"role":"author","vocabulary":"crossref"}]},{"ORCID":"https:\/\/orcid.org\/0000-0001-7347-298X","authenticated-orcid":false,"given":"Nikos","family":"Vasilakis","sequence":"additional","affiliation":[{"name":"Brown University, USA"}],"role":[{"role":"author","vocabulary":"crossref"}]},{"ORCID":"https:\/\/orcid.org\/0000-0002-4757-1746","authenticated-orcid":false,"given":"Boon Thau","family":"Loo","sequence":"additional","affiliation":[{"name":"University of Pennsylvania, USA"}],"role":[{"role":"author","vocabulary":"crossref"}]}],"member":"320","published-online":{"date-parts":[[2022,12,5]]},"reference":[{"key":"e_1_3_2_1_1_1","unstructured":"About FreeBSD Ports. https:\/\/www.freebsd.org\/ports\/.  About FreeBSD Ports. https:\/\/www.freebsd.org\/ports\/."},{"key":"e_1_3_2_1_2_1","unstructured":"Apache Thrift. https:\/\/thrift.apache.org\/.  Apache Thrift. https:\/\/thrift.apache.org\/."},{"key":"e_1_3_2_1_3_1","unstructured":"C serialization library. http:\/\/www.happyponyland.net\/cserialization\/readme.html.  C serialization library. http:\/\/www.happyponyland.net\/cserialization\/readme.html."},{"key":"e_1_3_2_1_4_1","unstructured":"Clang: a C language family frontend for LLVM. https:\/\/clang.llvm.org\/.  Clang: a C language family frontend for LLVM. https:\/\/clang.llvm.org\/."},{"key":"e_1_3_2_1_5_1","unstructured":"CVE-2018-0492. https:\/\/nvd.nist.gov\/vuln\/detail\/CVE-2018-0492.  CVE-2018-0492. https:\/\/nvd.nist.gov\/vuln\/detail\/CVE-2018-0492."},{"key":"e_1_3_2_1_6_1","unstructured":"CVE Details for ncurses. https:\/\/www.cvedetails.com\/google-search-results.php?q=ncurses.  CVE Details for ncurses. https:\/\/www.cvedetails.com\/google-search-results.php?q=ncurses."},{"key":"e_1_3_2_1_7_1","unstructured":"CVE Details for vitetris. https:\/\/www.cvedetails.com\/google-search-results.php?q=vitetris.  CVE Details for vitetris. https:\/\/www.cvedetails.com\/google-search-results.php?q=vitetris."},{"key":"e_1_3_2_1_8_1","unstructured":"Evince document viewer. https:\/\/wiki.gnome.org\/Apps\/Evince.  Evince document viewer. https:\/\/wiki.gnome.org\/Apps\/Evince."},{"key":"e_1_3_2_1_9_1","unstructured":"FlatBuffers. https:\/\/github.com\/google\/flatbuffers.  FlatBuffers. https:\/\/github.com\/google\/flatbuffers."},{"key":"e_1_3_2_1_10_1","unstructured":"GhostScript CVEs. https:\/\/www.cvedetails.com\/vulnerability-list.php?vendor_id=7640&product_id=0.  GhostScript CVEs. https:\/\/www.cvedetails.com\/vulnerability-list.php?vendor_id=7640&product_id=0."},{"key":"e_1_3_2_1_11_1","unstructured":"git CVE-2010-2542. https:\/\/www.cvedetails.com\/cve\/CVE-2010-2542\/.  git CVE-2010-2542. https:\/\/www.cvedetails.com\/cve\/CVE-2010-2542\/."},{"key":"e_1_3_2_1_12_1","unstructured":"Holey Beep. https:\/\/holeybeep.ninja\/.  Holey Beep. https:\/\/holeybeep.ninja\/."},{"key":"e_1_3_2_1_13_1","unstructured":"ioquake3. https:\/\/ioquake3.org\/.  ioquake3. https:\/\/ioquake3.org\/."},{"key":"e_1_3_2_1_14_1","unstructured":"libtiff CVEs. https:\/\/www.cvedetails.com\/product\/3881\/Libtiff-Libtiff.html?vendor_id=2224.  libtiff CVEs. https:\/\/www.cvedetails.com\/product\/3881\/Libtiff-Libtiff.html?vendor_id=2224."},{"key":"e_1_3_2_1_15_1","unstructured":"Netpbm home page. http:\/\/netpbm.sourceforge.net\/.  Netpbm home page. http:\/\/netpbm.sourceforge.net\/."},{"key":"e_1_3_2_1_16_1","unstructured":"Protocol Buffers. https:\/\/developers.google.com\/protocol-buffers\/.  Protocol Buffers. https:\/\/developers.google.com\/protocol-buffers\/."},{"key":"e_1_3_2_1_17_1","unstructured":"Revised OpenSSH Security Advisory. https:\/\/www.openssh.com\/txt\/preauth.adv.  Revised OpenSSH Security Advisory. https:\/\/www.openssh.com\/txt\/preauth.adv."},{"key":"e_1_3_2_1_18_1","unstructured":"seccomp API. https:\/\/github.com\/torvalds\/linux\/blob\/master\/Documentation\/userspace-api\/seccomp_filter.rst.  seccomp API. https:\/\/github.com\/torvalds\/linux\/blob\/master\/Documentation\/userspace-api\/seccomp_filter.rst."},{"key":"e_1_3_2_1_19_1","unstructured":"Seccomp BPF (SECure COMPuting with filters). https:\/\/www.kernel.org\/doc\/html\/latest\/userspace-api\/seccomp_filter.html.  Seccomp BPF (SECure COMPuting with filters). https:\/\/www.kernel.org\/doc\/html\/latest\/userspace-api\/seccomp_filter.html."},{"key":"e_1_3_2_1_20_1","unstructured":"SLOCCount. https:\/\/dwheeler.com\/sloccount\/.  SLOCCount. https:\/\/dwheeler.com\/sloccount\/."},{"key":"e_1_3_2_1_21_1","unstructured":"spkr-beep project. https:\/\/github.com\/spkr-beep\/beep.  spkr-beep project. https:\/\/github.com\/spkr-beep\/beep."},{"key":"e_1_3_2_1_22_1","unstructured":"The Chromium Projects: Process Models. https:\/\/www.chromium.org\/developers\/design-documents\/process-models.  The Chromium Projects: Process Models. https:\/\/www.chromium.org\/developers\/design-documents\/process-models."},{"key":"e_1_3_2_1_23_1","unstructured":"TPL\n  : easily store and retrieve binary data in C. http:\/\/troydhanson.github.io\/tpl\/.  TPL: easily store and retrieve binary data in C. http:\/\/troydhanson.github.io\/tpl\/."},{"key":"e_1_3_2_1_24_1","unstructured":"VITETRIS - Virtual terminal *tris clone. https:\/\/github.com\/vicgeralds\/vitetris.  VITETRIS - Virtual terminal *tris clone. https:\/\/github.com\/vicgeralds\/vitetris."},{"volume-title":"Civet: An Efficient Java Partitioning Framework for Hardware Enclaves. In 29th USENIX Security Symposium (USENIX Security 20)","key":"e_1_3_2_1_25_1","unstructured":"2020. Civet: An Efficient Java Partitioning Framework for Hardware Enclaves. In 29th USENIX Security Symposium (USENIX Security 20) . USENIX Association, Boston, MA. https:\/\/www.usenix.org\/conference\/usenixsecurity20\/presentation\/tsai 2020. Civet: An Efficient Java Partitioning Framework for Hardware Enclaves. In 29th USENIX Security Symposium (USENIX Security 20). USENIX Association, Boston, MA. https:\/\/www.usenix.org\/conference\/usenixsecurity20\/presentation\/tsai"},{"key":"e_1_3_2_1_26_1","doi-asserted-by":"publisher","DOI":"10.1080\/2165347X.2015.1024298"},{"key":"e_1_3_2_1_27_1","doi-asserted-by":"publisher","DOI":"10.1145\/2901318.2901350"},{"key":"e_1_3_2_1_28_1","doi-asserted-by":"publisher","DOI":"10.1145\/1018203.1018205"},{"key":"e_1_3_2_1_29_1","doi-asserted-by":"publisher","DOI":"10.1145\/1646353.1646374"},{"key":"e_1_3_2_1_30_1","volume-title":"Wedge: Splitting Applications into Reduced-Privilege Compartments. In NSDI, Vol.\u00a08. 309\u2013322.","author":"Bittau Andrea","year":"2008","unstructured":"Andrea Bittau , Petr Marchenko , Mark Handley , and Brad Karp . 2008 . Wedge: Splitting Applications into Reduced-Privilege Compartments. In NSDI, Vol.\u00a08. 309\u2013322. Andrea Bittau, Petr Marchenko, Mark Handley, and Brad Karp. 2008. Wedge: Splitting Applications into Reduced-Privilege Compartments. In NSDI, Vol.\u00a08. 309\u2013322."},{"key":"e_1_3_2_1_31_1","doi-asserted-by":"publisher","DOI":"10.1145\/3302424.3303952"},{"key":"e_1_3_2_1_32_1","volume-title":"Firefox takes the next step toward rolling out multi-process to everyone. (Dec","author":"Bright Peter","year":"2016","unstructured":"Peter Bright . 2016. Firefox takes the next step toward rolling out multi-process to everyone. (Dec 2016 ). Peter Bright. 2016. Firefox takes the next step toward rolling out multi-process to everyone. (Dec 2016)."},{"key":"e_1_3_2_1_33_1","volume-title":"USENIX Security Symposium. 57\u201372","author":"Brumley David","year":"2004","unstructured":"David Brumley and Dawn Song . 2004 . Privtrans: Automatically partitioning programs for privilege separation . In USENIX Security Symposium. 57\u201372 . David Brumley and Dawn Song. 2004. Privtrans: Automatically partitioning programs for privilege separation. In USENIX Security Symposium. 57\u201372."},{"volume-title":"Programming with POSIX threads","author":"Butenhof R","key":"e_1_3_2_1_34_1","unstructured":"David\u00a0 R Butenhof . 1997. Programming with POSIX threads . Addison-Wesley Professional . David\u00a0R Butenhof. 1997. Programming with POSIX threads. Addison-Wesley Professional."},{"key":"e_1_3_2_1_35_1","doi-asserted-by":"publisher","DOI":"10.1145\/3052973.3052983"},{"key":"e_1_3_2_1_36_1","unstructured":"Brian Caswell James\u00a0C. Foster Ryan Russell Jay Beale and Jeffrey Posluns. 2003. Snort 2.0 Intrusion Detection. Syngress Publishing.  Brian Caswell James\u00a0C. Foster Ryan Russell Jay Beale and Jeffrey Posluns. 2003. Snort 2.0 Intrusion Detection. Syngress Publishing."},{"key":"e_1_3_2_1_37_1","doi-asserted-by":"publisher","DOI":"10.1145\/2500727.2500747"},{"key":"e_1_3_2_1_38_1","doi-asserted-by":"publisher","DOI":"10.1145\/1327452.1327492"},{"key":"e_1_3_2_1_39_1","doi-asserted-by":"publisher","DOI":"10.1145\/1353535.1346295"},{"key":"e_1_3_2_1_40_1","volume-title":"Confine: Automated System Call Policy Generation for Container Attack Surface Reduction. In 23rd International Symposium on Research in Attacks, Intrusions and Defenses (RAID 2020","author":"Ghavamnia Seyedhamed","year":"2020","unstructured":"Seyedhamed Ghavamnia , Tapti Palit , Azzedine Benameur , and Michalis Polychronakis . 2020 . Confine: Automated System Call Policy Generation for Container Attack Surface Reduction. In 23rd International Symposium on Research in Attacks, Intrusions and Defenses (RAID 2020 ). USENIX Association, San Sebastian, 443\u2013458. https:\/\/www.usenix.org\/conference\/raid 2020\/presentation\/ghavanmnia Seyedhamed Ghavamnia, Tapti Palit, Azzedine Benameur, and Michalis Polychronakis. 2020. Confine: Automated System Call Policy Generation for Container Attack Surface Reduction. In 23rd International Symposium on Research in Attacks, Intrusions and Defenses (RAID 2020). USENIX Association, San Sebastian, 443\u2013458. https:\/\/www.usenix.org\/conference\/raid2020\/presentation\/ghavanmnia"},{"key":"e_1_3_2_1_41_1","volume-title":"The year-long rash of supply chain attacks against open source is getting worse. (Aug","author":"Goodin Dan","year":"2019","unstructured":"Dan Goodin . 2019. The year-long rash of supply chain attacks against open source is getting worse. (Aug 2019 ). Dan Goodin. 2019. The year-long rash of supply chain attacks against open source is getting worse. (Aug 2019)."},{"key":"e_1_3_2_1_42_1","doi-asserted-by":"publisher","DOI":"10.1145\/2810103.2813611"},{"key":"e_1_3_2_1_43_1","doi-asserted-by":"publisher","DOI":"10.1145\/359576.359585"},{"key":"e_1_3_2_1_44_1","volume-title":"Privman: A Library for Partitioning Applications. In USENIX Annual Technical Conference, FREENIX Track. 273\u2013284","author":"Kilpatrick Douglas","year":"2003","unstructured":"Douglas Kilpatrick . 2003 . Privman: A Library for Partitioning Applications. In USENIX Annual Technical Conference, FREENIX Track. 273\u2013284 . Douglas Kilpatrick. 2003. Privman: A Library for Partitioning Applications. In USENIX Annual Technical Conference, FREENIX Track. 273\u2013284."},{"key":"e_1_3_2_1_45_1","doi-asserted-by":"publisher","DOI":"10.1109\/CGO.2004.1281665"},{"key":"e_1_3_2_1_46_1","volume-title":"Google strengthens Chrome for Android with sandbox. (Sep","author":"Lee Michael","year":"2012","unstructured":"Michael Lee . 2012. Google strengthens Chrome for Android with sandbox. (Sep 2012 ). Michael Lee. 2012. Google strengthens Chrome for Android with sandbox. (Sep 2012)."},{"key":"e_1_3_2_1_47_1","doi-asserted-by":"publisher","DOI":"10.1109\/MSECP.2003.1203227"},{"key":"e_1_3_2_1_48_1","doi-asserted-by":"publisher","DOI":"10.1145\/3274694.3274720"},{"key":"e_1_3_2_1_49_1","volume-title":"Glamdring: Automatic Application Partitioning for Intel SGX. In 2017 USENIX Annual Technical Conference (USENIX ATC 17)","author":"Lind Joshua","year":"2017","unstructured":"Joshua Lind , Christian Priebe , Divya Muthukumaran , Dan O\u2019Keeffe , Pierre-Louis Aublin , Florian Kelbert , Tobias Reiher , David Goltzsche , David Eyers , R\u00fcdiger Kapitza , Christof Fetzer , and Peter Pietzuch . 2017 . Glamdring: Automatic Application Partitioning for Intel SGX. In 2017 USENIX Annual Technical Conference (USENIX ATC 17) . USENIX Association, Santa Clara, CA, 285\u2013298. https:\/\/www.usenix.org\/conference\/atc17\/technical-sessions\/presentation\/lind Joshua Lind, Christian Priebe, Divya Muthukumaran, Dan O\u2019Keeffe, Pierre-Louis Aublin, Florian Kelbert, Tobias Reiher, David Goltzsche, David Eyers, R\u00fcdiger Kapitza, Christof Fetzer, and Peter Pietzuch. 2017. Glamdring: Automatic Application Partitioning for Intel SGX. In 2017 USENIX Annual Technical Conference (USENIX ATC 17). USENIX Association, Santa Clara, CA, 285\u2013298. https:\/\/www.usenix.org\/conference\/atc17\/technical-sessions\/presentation\/lind"},{"key":"e_1_3_2_1_50_1","doi-asserted-by":"publisher","DOI":"10.1145\/3133956.3134066"},{"key":"e_1_3_2_1_51_1","doi-asserted-by":"publisher","DOI":"10.1145\/1543135.1542504"},{"key":"e_1_3_2_1_52_1","doi-asserted-by":"publisher","DOI":"10.1109\/SMCSIA.2003.1232400"},{"key":"e_1_3_2_1_53_1","doi-asserted-by":"publisher","DOI":"10.1016\/S1389-1286(99)00112-7"},{"key":"e_1_3_2_1_54_1","volume-title":"Proceedings of the 12th Conference on USENIX Security Symposium -","volume":"16","author":"Provos Niels","year":"2003","unstructured":"Niels Provos , Markus Friedl , and Peter Honeyman . 2003 . Preventing Privilege Escalation . In Proceedings of the 12th Conference on USENIX Security Symposium - Volume 12(SSYM\u201903). USENIX Association, Berkeley, CA, USA, 16\u2013 16 . http:\/\/dl.acm.org\/citation.cfm?id=1251353.1251369 Niels Provos, Markus Friedl, and Peter Honeyman. 2003. Preventing Privilege Escalation. In Proceedings of the 12th Conference on USENIX Security Symposium - Volume 12(SSYM\u201903). USENIX Association, Berkeley, CA, USA, 16\u201316. http:\/\/dl.acm.org\/citation.cfm?id=1251353.1251369"},{"key":"e_1_3_2_1_55_1","doi-asserted-by":"publisher","DOI":"10.1145\/1030083.1030125"},{"key":"e_1_3_2_1_56_1","doi-asserted-by":"publisher","DOI":"10.1109\/PROC.1975.9939"},{"key":"e_1_3_2_1_57_1","doi-asserted-by":"publisher","DOI":"10.1145\/3273045.3273046"},{"key":"e_1_3_2_1_58_1","doi-asserted-by":"publisher","DOI":"10.1145\/3314221.3314631"},{"key":"e_1_3_2_1_59_1","volume-title":"Proceedings of the 19th USENIX Conference on Security(USENIX Security\u201910)","author":"Watson Robert","year":"2010","unstructured":"Robert N.\u00a0M. Watson , Jonathan Anderson , Ben Laurie , and Kris Kennaway . 2010 . Capsicum: Practical Capabilities for UNIX . In Proceedings of the 19th USENIX Conference on Security(USENIX Security\u201910) . USENIX Association, Berkeley, CA, USA, 3\u20133. http:\/\/dl.acm.org\/citation.cfm?id= 1929820.1929824 Robert N.\u00a0M. Watson, Jonathan Anderson, Ben Laurie, and Kris Kennaway. 2010. Capsicum: Practical Capabilities for UNIX. In Proceedings of the 19th USENIX Conference on Security(USENIX Security\u201910). USENIX Association, Berkeley, CA, USA, 3\u20133. http:\/\/dl.acm.org\/citation.cfm?id=1929820.1929824"},{"key":"e_1_3_2_1_60_1","doi-asserted-by":"publisher","DOI":"10.1016\/j.cose.2010.09.004"},{"key":"e_1_3_2_1_61_1","doi-asserted-by":"publisher","DOI":"10.1145\/3488932.3523262"},{"key":"e_1_3_2_1_62_1","doi-asserted-by":"publisher","DOI":"10.1109\/IPDPSW50202.2020.00096"}],"event":{"name":"ACSAC: Annual Computer Security Applications Conference","acronym":"ACSAC","location":"Austin TX USA"},"container-title":["Proceedings of the 38th Annual Computer Security Applications Conference"],"original-title":[],"link":[{"URL":"https:\/\/dl.acm.org\/doi\/10.1145\/3564625.3564664","content-type":"unspecified","content-version":"vor","intended-application":"text-mining"},{"URL":"https:\/\/dl.acm.org\/doi\/pdf\/10.1145\/3564625.3564664","content-type":"application\/pdf","content-version":"vor","intended-application":"syndication"},{"URL":"https:\/\/dl.acm.org\/doi\/pdf\/10.1145\/3564625.3564664","content-type":"unspecified","content-version":"vor","intended-application":"similarity-checking"}],"deposited":{"date-parts":[[2025,6,17]],"date-time":"2025-06-17T18:09:12Z","timestamp":1750183752000},"score":1,"resource":{"primary":{"URL":"https:\/\/dl.acm.org\/doi\/10.1145\/3564625.3564664"}},"subtitle":[],"short-title":[],"issued":{"date-parts":[[2022,12,5]]},"references-count":62,"alternative-id":["10.1145\/3564625.3564664","10.1145\/3564625"],"URL":"https:\/\/doi.org\/10.1145\/3564625.3564664","relation":{},"subject":[],"published":{"date-parts":[[2022,12,5]]},"assertion":[{"value":"2022-12-05","order":2,"name":"published","label":"Published","group":{"name":"publication_history","label":"Publication History"}}]}}