{"status":"ok","message-type":"work","message-version":"1.0.0","message":{"indexed":{"date-parts":[[2026,4,10]],"date-time":"2026-04-10T10:02:05Z","timestamp":1775815325522,"version":"3.50.1"},"publisher-location":"New York, NY, USA","reference-count":78,"publisher":"ACM","license":[{"start":{"date-parts":[[2024,11,21]],"date-time":"2024-11-21T00:00:00Z","timestamp":1732147200000},"content-version":"vor","delay-in-days":372,"URL":"http:\/\/www.acm.org\/publications\/policies\/copyright_policy#Background"}],"funder":[{"name":"Key Research and Development Program of Hubei Province of China","award":["2023BAB017, 2023BAB079"],"award-info":[{"award-number":["2023BAB017, 2023BAB079"]}]},{"DOI":"10.13039\/501100001809","name":"National Natural Science Foundation of China","doi-asserted-by":"publisher","award":["62302181, 62172009, 62072046"],"award-info":[{"award-number":["62302181, 62172009, 62072046"]}],"id":[{"id":"10.13039\/501100001809","id-type":"DOI","asserted-by":"publisher"}]},{"DOI":"10.13039\/501100012166","name":"National Key Research and Development Program of China","doi-asserted-by":"publisher","award":["2021YFB2701000"],"award-info":[{"award-number":["2021YFB2701000"]}],"id":[{"id":"10.13039\/501100012166","id-type":"DOI","asserted-by":"publisher"}]},{"name":"Hong Kong RGC Project","award":["PolyU15219319"],"award-info":[{"award-number":["PolyU15219319"]}]},{"DOI":"10.13039\/100000001","name":"National Science Foundation","doi-asserted-by":"publisher","award":["CNS-2028748"],"award-info":[{"award-number":["CNS-2028748"]}],"id":[{"id":"10.13039\/100000001","id-type":"DOI","asserted-by":"publisher"}]}],"content-domain":{"domain":["dl.acm.org"],"crossmark-restriction":true},"short-container-title":[],"published-print":{"date-parts":[[2023,11,15]]},"DOI":"10.1145\/3576915.3616580","type":"proceedings-article","created":{"date-parts":[[2023,11,21]],"date-time":"2023-11-21T12:35:13Z","timestamp":1700570113000},"page":"2396-2410","update-policy":"https:\/\/doi.org\/10.1145\/crossmark-policy","source":"Crossref","is-referenced-by-count":23,"title":["Are we there yet? An Industrial Viewpoint on Provenance-based Endpoint Detection and Response Tools"],"prefix":"10.1145","author":[{"ORCID":"https:\/\/orcid.org\/0000-0001-7091-2169","authenticated-orcid":false,"given":"Feng","family":"Dong","sequence":"first","affiliation":[{"name":"Huazhong University of Science and Technology, Wuhan, China"}]},{"ORCID":"https:\/\/orcid.org\/0009-0001-6530-5935","authenticated-orcid":false,"given":"Shaofei","family":"Li","sequence":"additional","affiliation":[{"name":"Peking University, Beijing, China"}]},{"ORCID":"https:\/\/orcid.org\/0000-0002-2613-5224","authenticated-orcid":false,"given":"Peng","family":"Jiang","sequence":"additional","affiliation":[{"name":"Peking University, Beijing, China"}]},{"ORCID":"https:\/\/orcid.org\/0000-0001-7558-9137","authenticated-orcid":false,"given":"Ding","family":"Li","sequence":"additional","affiliation":[{"name":"Peking University, Beijing, China"}]},{"ORCID":"https:\/\/orcid.org\/0000-0003-1100-8633","authenticated-orcid":false,"given":"Haoyu","family":"Wang","sequence":"additional","affiliation":[{"name":"Huazhong University of Science and Technology, Wuhan, China"}]},{"ORCID":"https:\/\/orcid.org\/0000-0003-0845-3293","authenticated-orcid":false,"given":"Liangyi","family":"Huang","sequence":"additional","affiliation":[{"name":"Arizona State University, Phoenix, AZ, USA"}]},{"ORCID":"https:\/\/orcid.org\/0000-0003-4797-4294","authenticated-orcid":false,"given":"Xusheng","family":"Xiao","sequence":"additional","affiliation":[{"name":"Arizona State University, Phoenix, AZ, USA"}]},{"ORCID":"https:\/\/orcid.org\/0009-0002-9656-7310","authenticated-orcid":false,"given":"Jiedong","family":"Chen","sequence":"additional","affiliation":[{"name":"Sangfor Technologies Inc., Shenzhen, China"}]},{"ORCID":"https:\/\/orcid.org\/0000-0002-9082-3208","authenticated-orcid":false,"given":"Xiapu","family":"Luo","sequence":"additional","affiliation":[{"name":"The Hong Kong Polytechnic University, Hong Kong, Hong Kong"}]},{"ORCID":"https:\/\/orcid.org\/0000-0001-5064-5286","authenticated-orcid":false,"given":"Yao","family":"Guo","sequence":"additional","affiliation":[{"name":"Peking University, Beijing, China"}]},{"ORCID":"https:\/\/orcid.org\/0000-0002-7366-5906","authenticated-orcid":false,"given":"Xiangqun","family":"Chen","sequence":"additional","affiliation":[{"name":"Peking University, Beijing, China"}]}],"member":"320","published-online":{"date-parts":[[2023,11,21]]},"reference":[{"key":"e_1_3_2_1_1_1","volume-title":"Top Cybersecurity Companies for","year":"2022","unstructured":"2022. Top Cybersecurity Companies for 2022. https:\/\/www.esecurityplanet.com\/products\/top-cybersecurity-companies\/."},{"key":"e_1_3_2_1_2_1","volume-title":"Top Cybersecurity Companies in China for","year":"2022","unstructured":"2022. Top Cybersecurity Companies in China for 2022. https:\/\/www.maigoo.com\/maigoo\/9400wlaq_index.html\/."},{"key":"e_1_3_2_1_3_1","unstructured":"2023. An Empirical Study of Provenance-based Endpoint Detection and Response Tools. https:\/\/github.com\/EmpiricalStudy2023\/EDREmpiricalStudy."},{"key":"e_1_3_2_1_4_1","unstructured":"2023. LinkedIn. https:\/\/www.linkedin.com\/."},{"key":"e_1_3_2_1_5_1","unstructured":"2023. MaiMai. https:\/\/maimai.cn\/."},{"key":"e_1_3_2_1_6_1","unstructured":"2023. NSFOCUS. https:\/\/www.nsfocus.com\/."},{"key":"e_1_3_2_1_7_1","unstructured":"2023. Rising. http:\/\/www.rising.com.cn\/."},{"key":"e_1_3_2_1_8_1","unstructured":"2023. Sangfor. https:\/\/www.sangfor.com\/."},{"key":"e_1_3_2_1_9_1","unstructured":"2023. Tencent Security. https:\/\/s.tencent.com\/."},{"key":"e_1_3_2_1_10_1","unstructured":"2023. Top 8 Challenges With Designing Accurate Surveys. https:\/\/surveytown.com\/top-8-challenges-with-designing-accurate-surveys\/."},{"key":"e_1_3_2_1_11_1","unstructured":"2023. Trend Micro. https:\/\/www.trendmicro.com\/en_hk\/business.html."},{"key":"e_1_3_2_1_12_1","doi-asserted-by":"publisher","DOI":"10.1109\/SP46214.2022.9833745"},{"key":"e_1_3_2_1_13_1","volume-title":"Proceedings of the 31st USENIX Security Symposium","author":"Alahmadi Bushra A","year":"2022","unstructured":"Bushra A Alahmadi, Louise Axon, and Ivan Martinovic. 2022. 99% False Positives: A Qualitative Study of SOC Analysts' Perspectives on Security Alarms. In Proceedings of the 31st USENIX Security Symposium, Boston, MA, USA. 10--12."},{"key":"e_1_3_2_1_14_1","volume-title":"ATLAS: A Sequence-based Learning Approach for Attack Investigation. In 30th USENIX Security Symposium (USENIX Security 21)","author":"Alsaheel Abdulellah","year":"2021","unstructured":"Abdulellah Alsaheel, Yuhong Nan, Shiqing Ma, Le Yu, Gregory Walkup, Z. Berkay Celik, Xiangyu Zhang, and Dongyan Xu. 2021. ATLAS: A Sequence-based Learning Approach for Attack Investigation. In 30th USENIX Security Symposium (USENIX Security 21). USENIX Association, 3005--3022."},{"key":"e_1_3_2_1_15_1","first-page":"865","article-title":"Cyber kill chain-based taxonomy of advanced persistent threat actors: Analogy of tactics, techniques, and procedures","volume":"15","author":"Bahrami Pooneh Nikkhah","year":"2019","unstructured":"Pooneh Nikkhah Bahrami, Ali Dehghantanha, Tooska Dargahi, Reza M Parizi, Kim-Kwang Raymond Choo, and Hamid HS Javadi. 2019. Cyber kill chain-based taxonomy of advanced persistent threat actors: Analogy of tactics, techniques, and procedures. Journal of information processing systems, Vol. 15, 4 (2019), 865--889.","journal-title":"Journal of information processing systems"},{"key":"e_1_3_2_1_16_1","unstructured":"Gianluca Borello. 2015. System and application monitoring and troubleshooting with sysdig. (2015)."},{"key":"e_1_3_2_1_17_1","volume-title":"Proceedings of the Annual Conference on USENIX Annual Technical Conference","author":"Cantrill Bryan M.","unstructured":"Bryan M. Cantrill, Michael W. Shapiro, and Adam H. Leventhal. 2004. Dynamic Instrumentation of Production Systems. In Proceedings of the Annual Conference on USENIX Annual Technical Conference (Boston, MA) (ATEC '04). USENIX Association, USA, 2."},{"key":"e_1_3_2_1_18_1","doi-asserted-by":"publisher","DOI":"10.1109\/SERVICES-I.2009.54"},{"key":"e_1_3_2_1_19_1","volume-title":"Patrol: Revealing Zero-Day Attack Paths through Network-Wide System Object Dependencies. In Computer Security - ESORICS","author":"Dai Jun","year":"2013","unstructured":"Jun Dai, Xiaoyan Sun, and Peng Liu. 2013. Patrol: Revealing Zero-Day Attack Paths through Network-Wide System Object Dependencies. In Computer Security - ESORICS 2013, Jason Crampton, Sushil Jajodia, and Keith Mayes (Eds.). Springer Berlin Heidelberg, Berlin, Heidelberg, 536--555."},{"key":"e_1_3_2_1_20_1","unstructured":"LORIS DEGIOANNI. 2014. Sysdig vs DTrace vs Strace: A technical discussion. https:\/\/sysdig.com\/blog\/sysdig-vs-dtrace-vs-strace-a-technical-discussion\/."},{"key":"e_1_3_2_1_21_1","volume-title":"Linux symposium","volume":"101","author":"Desnoyers Mathieu","year":"2008","unstructured":"Mathieu Desnoyers and Michel Dagenais. 2008. LTTng: Tracing across execution layers, from the hypervisor to user-space. In Linux symposium, Vol. 101."},{"key":"e_1_3_2_1_22_1","unstructured":"DOMARS. 2021. Event Tracing for Windows (ETW). https:\/\/learn.microsoft.com\/en-us\/windows-hardware\/drivers\/devtest\/event-tracing-for-windows-etw-."},{"key":"e_1_3_2_1_23_1","unstructured":"Frank C Eigler Vara Prasad Will Cohen Hien Nguyen Martin Hunt Jim Keniston and Brad Chen. 2005. Architecture of systemtap: a Linux trace\/probe tool. (2005)."},{"key":"e_1_3_2_1_24_1","volume-title":"Proceedings of the USENIX Security Symposium.","author":"Fang Pengcheng","year":"2022","unstructured":"Pengcheng Fang, Peng Gao, Changlin Liu, Erman Ayday, Kangkook Jee, Ting Wang, Yanfang Ye, Zhuotao Liu, and Xusheng Xiao. 2022. Back-Propagating System Dependency Impact for Attack Investigation. In Proceedings of the USENIX Security Symposium."},{"key":"e_1_3_2_1_25_1","doi-asserted-by":"crossref","unstructured":"Rayees Farooq. 2018. How to design and frame a questionnaire. In Innovations in measuring and evaluating scientific information. IGI Global 50--60.","DOI":"10.4018\/978-1-5225-3457-0.ch004"},{"key":"e_1_3_2_1_26_1","unstructured":"Athenas Jimenez Gabriela Cervantes. 2022. Go Benchmarks. https:\/\/openbenchmarking.org\/test\/pts\/go-benchmark."},{"key":"e_1_3_2_1_27_1","volume-title":"Unicorn: Runtime provenance-based detector for advanced persistent threats.","author":"Han Xueyuan","year":"2020","unstructured":"Xueyuan Han, Thomas Pasquier, Adam Bates, James Mickens, and Margo Seltzer. 2020. Unicorn: Runtime provenance-based detector for advanced persistent threats. (2020)."},{"key":"e_1_3_2_1_28_1","volume-title":"10th USENIX Workshop on the Theory and Practice of Provenance (TaPP","author":"Han Xueyuan","year":"2018","unstructured":"Xueyuan Han, Thomas Pasquier, and Margo Seltzer. 2018. Provenance-based intrusion detection: opportunities and challenges. In 10th USENIX Workshop on the Theory and Practice of Provenance (TaPP 2018)."},{"key":"e_1_3_2_1_29_1","doi-asserted-by":"publisher","DOI":"10.1109\/SP40000.2020.00096"},{"key":"e_1_3_2_1_30_1","doi-asserted-by":"publisher","DOI":"10.14722\/ndss.2019.23349"},{"key":"e_1_3_2_1_31_1","volume-title":"Faster Yet Safer: Logging System Via Fixed-Key Blockcipher. In 31st USENIX Security Symposium (USENIX Security 22)","author":"Hoang Viet Tung","year":"2022","unstructured":"Viet Tung Hoang, Cong Wu, and Xin Yuan. 2022. Faster Yet Safer: Logging System Via Fixed-Key Blockcipher. In 31st USENIX Security Symposium (USENIX Security 22). USENIX Association, Boston, MA, 2389--2406. https:\/\/www.usenix.org\/conference\/usenixsecurity22\/presentation\/hoang"},{"key":"e_1_3_2_1_32_1","volume-title":"26th USENIX Security Symposium (USENIX Security 17)","author":"Hossain Md Nahid","year":"2017","unstructured":"Md Nahid Hossain, Sadegh M Milajerdi, Junao Wang, Birhanu Eshete, Rigel Gjomemo, R Sekar, Scott Stoller, and VN Venkatakrishnan. 2017. {SLEUTH}: Real-time attack scenario reconstruction from {COTS} audit data. In 26th USENIX Security Symposium (USENIX Security 17). 487--504."},{"key":"e_1_3_2_1_33_1","doi-asserted-by":"publisher","DOI":"10.1109\/SP40000.2020.00064"},{"key":"e_1_3_2_1_34_1","volume-title":"Proceedings of the USENIX Security Symposium. 1723--1740","author":"Hossain Md Nahid","unstructured":"Md Nahid Hossain, Jun Ao Wang, R. Sekar, and Scott D. Stoller. 2018. Dependence-Preserving Data Compaction for Scalable Forensic Analysis. In Proceedings of the USENIX Security Symposium. 1723--1740."},{"key":"e_1_3_2_1_35_1","volume-title":"2023 2023 IEEE Symposium on Security and Privacy (SP) (SP). IEEE Computer Society","author":"Inam M.","unstructured":"M. Inam, Y. Chen, A. Goyal, J. Liu, J. Mink, N. Michael, S. Gaur, A. Bates, and W. Ul Hassan. 2023. SoK: History is a Vast Early Warning System: Auditing the Provenance of System Intrusions. In 2023 2023 IEEE Symposium on Security and Privacy (SP) (SP). IEEE Computer Society, Los Alamitos, CA, USA, 307--325."},{"key":"e_1_3_2_1_36_1","volume-title":"IBM Redbook","volume":"116","author":"Jacob Bart","year":"2008","unstructured":"Bart Jacob, Paul Larson, B Leitao, and SAMM Da Silva. 2008. SystemTap: instrumenting the Linux kernel for analyzing performance and functional problems. IBM Redbook, Vol. 116 (2008)."},{"key":"e_1_3_2_1_37_1","doi-asserted-by":"publisher","DOI":"10.1145\/3133956.3134045"},{"key":"e_1_3_2_1_38_1","volume-title":"Enabling Refinable Cross-Host Attack Investigation with Efficient Data Flow Tagging and Tracking. In USENIX Security Symposium.","author":"Ji Yang","year":"2018","unstructured":"Yang Ji, Sangho Lee, Mattia Fazzini, Joey Allen, Evan Downing, Taesoo Kim, Alessandro Orso, and Wenke Lee. 2018. Enabling Refinable Cross-Host Attack Investigation with Efficient Data Flow Tagging and Tracking. In USENIX Security Symposium."},{"key":"e_1_3_2_1_39_1","volume-title":"Postmark: A new file system benchmark. TR3022","author":"Katcher Jeffrey","year":"1997","unstructured":"Jeffrey Katcher. 1997. Postmark: A new file system benchmark. TR3022 (1997)."},{"key":"e_1_3_2_1_40_1","doi-asserted-by":"publisher","DOI":"10.1145\/945445.945467"},{"key":"e_1_3_2_1_41_1","volume-title":"MCI: Modeling-based Causality Inference in Audit Logging for Attack Investigation. In Network and Distributed System Security Symposium.","author":"Kwon Yonghwi","year":"2018","unstructured":"Yonghwi Kwon, Fei Wang, Weihang Wang, Kyu Hyung Lee, Wen-Chuan Lee, Shiqing Ma, X. Zhang, Dongyan Xu, Somesh Jha, Gabriela F. Cretu-Ciocarlie, Ashish Gehani, and Vinod Yegneswaran. 2018. MCI: Modeling-based Causality Inference in Audit Logging for Attack Investigation. In Network and Distributed System Security Symposium."},{"key":"e_1_3_2_1_42_1","unstructured":"Michael Larabel. 2022. PyPerformance Benchmark. https:\/\/openbenchmarking.org\/test\/pts\/pyperformance."},{"key":"e_1_3_2_1_43_1","volume-title":"Phoronix test suite. Phoronix Media, [Online]. Available: http:\/\/www.phoronix-test-suite.com\/. [Accessed","author":"Larabel Michael","year":"2022","unstructured":"Michael Larabel and Matthew Tippett. 2011. Phoronix test suite. Phoronix Media, [Online]. Available: http:\/\/www.phoronix-test-suite.com\/. [Accessed October 2022] (2011)."},{"key":"e_1_3_2_1_44_1","unstructured":"Kyu Hyung Lee Xiangyu Zhang and Dongyan Xu. 2013. LogGC: garbage collecting audit log. In CCS."},{"key":"e_1_3_2_1_45_1","doi-asserted-by":"publisher","DOI":"10.1016\/j.cose.2021.102282"},{"key":"e_1_3_2_1_46_1","doi-asserted-by":"publisher","DOI":"10.1145\/3564625.3567997"},{"key":"e_1_3_2_1_47_1","doi-asserted-by":"crossref","unstructured":"Yushan Liu Mu Zhang Ding Li Kangkook Jee Zhichun Li Zhenyu Wu Junghwan Rhee and Prateek Mittal. 2018a. Towards a Timely Causality Analysis for Enterprise Security.. In NDSS.","DOI":"10.14722\/ndss.2018.23254"},{"key":"e_1_3_2_1_48_1","doi-asserted-by":"crossref","unstructured":"Yushan Liu Mu Zhang Ding Li Kangkook Jee Zhichun Li Zhenyu Wu Junghwan Rhee and Prateek Mittal. 2018b. Towards a Timely Causality Analysis for Enterprise Security.. In NDSS.","DOI":"10.14722\/ndss.2018.23254"},{"key":"e_1_3_2_1_49_1","unstructured":"Redis Ltd. 2022. Redis 6.0.9. https:\/\/redis.io\/."},{"key":"e_1_3_2_1_50_1","volume-title":"The research interview. Reflective practice and reflexivity in research processes","author":"Mann Steve","year":"2016","unstructured":"Steve Mann. 2016. The research interview. Reflective practice and reflexivity in research processes (2016)."},{"key":"e_1_3_2_1_51_1","volume-title":"Fast Memory-efficient Anomaly Detection in Streaming Heterogeneous Graphs. CoRR","author":"Manzoor Emaad A.","year":"2016","unstructured":"Emaad A. Manzoor, Sadegh Momeni, Venkat N. Venkatakrishnan, and Leman Akoglu. 2016. Fast Memory-efficient Anomaly Detection in Streaming Heterogeneous Graphs. CoRR, Vol. abs\/1602.04844 (2016). showeprint[arXiv]1602.04844 http:\/\/arxiv.org\/abs\/1602.04844"},{"key":"e_1_3_2_1_52_1","doi-asserted-by":"publisher","DOI":"10.1109\/BigData.2017.8258514"},{"key":"e_1_3_2_1_53_1","doi-asserted-by":"publisher","DOI":"10.1145\/3319535.3363217"},{"key":"e_1_3_2_1_54_1","doi-asserted-by":"publisher","DOI":"10.1109\/SP.2019.00026"},{"key":"e_1_3_2_1_55_1","doi-asserted-by":"publisher","DOI":"10.5555\/1267359.1267363"},{"key":"e_1_3_2_1_56_1","unstructured":"p7zip. 2022. p7zip Version 16.02. https:\/\/www.7-zip.org\/."},{"key":"e_1_3_2_1_57_1","doi-asserted-by":"publisher","DOI":"10.1145\/3372297.3417862"},{"key":"e_1_3_2_1_58_1","doi-asserted-by":"publisher","DOI":"10.1145\/3127479.3129249"},{"key":"e_1_3_2_1_59_1","unstructured":"DARPA Transparent Computing Program. 2022. The DARPA Transparent Computing (TC) program Data Release. https:\/\/github.com\/darpa-i2o\/Transparent-Computing."},{"key":"e_1_3_2_1_60_1","unstructured":"Open Source Project. 2022a. Wrk. https:\/\/github.com\/wg\/wrk."},{"key":"e_1_3_2_1_61_1","unstructured":"The OpenSSL Project. 2022b. OpenSSL 1.1.1. https:\/\/www.openssl.org\/."},{"key":"e_1_3_2_1_62_1","unstructured":"Redhat. 2017. The Linux audit framework. https:\/\/github.com\/linux-audit\/."},{"key":"e_1_3_2_1_63_1","doi-asserted-by":"publisher","DOI":"10.5555\/1412202.1412204"},{"key":"e_1_3_2_1_64_1","doi-asserted-by":"crossref","unstructured":"Basu A Sharath S. 2013. Performance of Eucalyptus and OpenStack Clouds on FutureGrid. In International Journal of Computer Applications.","DOI":"10.5120\/13923-1831"},{"key":"e_1_3_2_1_65_1","volume-title":"International Provenance and Annotation Workshop (IPAW) international provenance and annotation workshop (ipaw) ed.) (Lecture Notes in Computer Science (LNCS)","author":"Simmhan Yogesh","unstructured":"Yogesh Simmhan, Beth Plale, Dennis Gannon, and Suresh Marru. 2006. Performance Evaluation of the Karma Provenance Framework for Scientific Workflows. In International Provenance and Annotation Workshop (IPAW) international provenance and annotation workshop (ipaw) ed.) (Lecture Notes in Computer Science (LNCS), Vol. 4145). Springer, 222--236. https:\/\/www.microsoft.com\/en-us\/research\/publication\/performance-evaluation-of-the-karma-provenance-framework-for-scientific-workflows\/"},{"key":"e_1_3_2_1_66_1","doi-asserted-by":"publisher","DOI":"10.1109\/TIFS.2018.2821095"},{"key":"e_1_3_2_1_67_1","doi-asserted-by":"publisher","DOI":"10.1145\/3243734.3243763"},{"key":"e_1_3_2_1_68_1","volume-title":"Qualitative interview design. Howdy or Hello? Technical and Professional Communication","author":"Nicole Hagstrom-Schmidt Daniel W","year":"2022","unstructured":"Daniel W Turner III and Nicole Hagstrom-Schmidt. 2022. Qualitative interview design. Howdy or Hello? Technical and Professional Communication (2022)."},{"key":"e_1_3_2_1_69_1","volume-title":"30th USENIX Security Symposium (USENIX Security 21)","author":"Ujcich Benjamin E","year":"2021","unstructured":"Benjamin E Ujcich, Samuel Jero, Richard Skowyra, Adam Bates, William H Sanders, and Hamed Okhravi. 2021. Causal Analysis for {Software-Defined} Networking Attacks. In 30th USENIX Security Symposium (USENIX Security 21). 3183--3200."},{"key":"e_1_3_2_1_70_1","doi-asserted-by":"publisher","DOI":"10.14722\/ndss.2020.24167"},{"key":"e_1_3_2_1_71_1","doi-asserted-by":"publisher","DOI":"10.1186\/s42400-018-0018-3"},{"key":"e_1_3_2_1_72_1","doi-asserted-by":"publisher","DOI":"10.1109\/TDSC.2018.2867595"},{"key":"e_1_3_2_1_73_1","doi-asserted-by":"publisher","DOI":"10.1109\/TDSC.2019.2960353"},{"key":"e_1_3_2_1_74_1","doi-asserted-by":"publisher","DOI":"10.1109\/SP46214.2022.9833632"},{"key":"e_1_3_2_1_75_1","doi-asserted-by":"publisher","DOI":"10.1145\/2976749.2978378"},{"key":"e_1_3_2_1_76_1","doi-asserted-by":"publisher","DOI":"10.1145\/3460120.3484551"},{"key":"e_1_3_2_1_77_1","doi-asserted-by":"publisher","DOI":"10.14722\/ndss.2021.24549"},{"key":"e_1_3_2_1_78_1","doi-asserted-by":"publisher","DOI":"10.1109\/SP46214.2022.9833669"}],"event":{"name":"CCS '23: ACM SIGSAC Conference on Computer and Communications Security","location":"Copenhagen Denmark","acronym":"CCS '23","sponsor":["SIGSAC ACM Special Interest Group on Security, Audit, and Control"]},"container-title":["Proceedings of the 2023 ACM SIGSAC Conference on Computer and Communications Security"],"original-title":[],"link":[{"URL":"https:\/\/dl.acm.org\/doi\/10.1145\/3576915.3616580","content-type":"unspecified","content-version":"vor","intended-application":"text-mining"},{"URL":"https:\/\/dl.acm.org\/doi\/pdf\/10.1145\/3576915.3616580","content-type":"application\/pdf","content-version":"vor","intended-application":"syndication"},{"URL":"https:\/\/dl.acm.org\/doi\/pdf\/10.1145\/3576915.3616580","content-type":"unspecified","content-version":"vor","intended-application":"similarity-checking"}],"deposited":{"date-parts":[[2025,8,21]],"date-time":"2025-08-21T01:34:54Z","timestamp":1755740094000},"score":1,"resource":{"primary":{"URL":"https:\/\/dl.acm.org\/doi\/10.1145\/3576915.3616580"}},"subtitle":[],"short-title":[],"issued":{"date-parts":[[2023,11,15]]},"references-count":78,"alternative-id":["10.1145\/3576915.3616580","10.1145\/3576915"],"URL":"https:\/\/doi.org\/10.1145\/3576915.3616580","relation":{},"subject":[],"published":{"date-parts":[[2023,11,15]]},"assertion":[{"value":"2023-11-21","order":3,"name":"published","label":"Published","group":{"name":"publication_history","label":"Publication History"}}]}}