{"status":"ok","message-type":"work","message-version":"1.0.0","message":{"indexed":{"date-parts":[[2026,6,2]],"date-time":"2026-06-02T11:24:17Z","timestamp":1780399457686,"version":"3.54.1"},"publisher-location":"New York, NY, USA","reference-count":55,"publisher":"ACM","license":[{"start":{"date-parts":[[2024,12,2]],"date-time":"2024-12-02T00:00:00Z","timestamp":1733097600000},"content-version":"vor","delay-in-days":0,"URL":"https:\/\/creativecommons.org\/licenses\/by\/4.0\/"}],"funder":[{"name":"Orange Innovation"},{"DOI":"10.13039\/501100000266","name":"Engineering and Physical Sciences Research Council","doi-asserted-by":"publisher","award":["EP\/V012134\/1"],"award-info":[{"award-number":["EP\/V012134\/1"]}],"id":[{"id":"10.13039\/501100000266","id-type":"DOI","asserted-by":"publisher"}]},{"DOI":"10.13039\/501100000266","name":"Engineering and Physical Sciences Research Council","doi-asserted-by":"publisher","award":["EP\/V000225\/1"],"award-info":[{"award-number":["EP\/V000225\/1"]}],"id":[{"id":"10.13039\/501100000266","id-type":"DOI","asserted-by":"publisher"}]},{"DOI":"10.13039\/501100000266","name":"Engineering and Physical Sciences Research Council","doi-asserted-by":"publisher","award":["EP\/X015610\/1"],"award-info":[{"award-number":["EP\/X015610\/1"]}],"id":[{"id":"10.13039\/501100000266","id-type":"DOI","asserted-by":"publisher"}]},{"name":"UK Industrial Strategy Challenge Fund","award":["10017512"],"award-info":[{"award-number":["10017512"]}]},{"name":"UK Industrial Strategy Challenge Fund","award":["75243"],"award-info":[{"award-number":["75243"]}]}],"content-domain":{"domain":["dl.acm.org"],"crossmark-restriction":true},"short-container-title":[],"published-print":{"date-parts":[[2024,12,2]]},"DOI":"10.1145\/3652892.3700761","type":"proceedings-article","created":{"date-parts":[[2024,11,27]],"date-time":"2024-11-27T19:36:13Z","timestamp":1732736173000},"page":"225-237","update-policy":"https:\/\/doi.org\/10.1145\/crossmark-policy","source":"Crossref","is-referenced-by-count":2,"title":["B-Side: Binary-Level Static System Call Identification"],"prefix":"10.1145","author":[{"ORCID":"https:\/\/orcid.org\/0009-0008-6632-4530","authenticated-orcid":false,"given":"Gaspard","family":"Th\u00e9venon","sequence":"first","affiliation":[{"name":"ENS Lyon, Lyon, France"}],"role":[{"vocabulary":"crossref","role":"author"}]},{"ORCID":"https:\/\/orcid.org\/0009-0008-8740-2809","authenticated-orcid":false,"given":"Kevin","family":"Nguetchouang","sequence":"additional","affiliation":[{"name":"Grenoble INP, Grenoble, France"}],"role":[{"vocabulary":"crossref","role":"author"}]},{"ORCID":"https:\/\/orcid.org\/0009-0003-7344-8113","authenticated-orcid":false,"given":"Kahina","family":"Lazri","sequence":"additional","affiliation":[{"name":"Orange Innovation, Paris, France"}],"role":[{"vocabulary":"crossref","role":"author"}]},{"ORCID":"https:\/\/orcid.org\/0000-0002-6015-0292","authenticated-orcid":false,"given":"Alain","family":"Tchana","sequence":"additional","affiliation":[{"name":"Grenoble INP, Grenoble, France"}],"role":[{"vocabulary":"crossref","role":"author"}]},{"ORCID":"https:\/\/orcid.org\/0000-0001-7781-1299","authenticated-orcid":false,"given":"Pierre","family":"Olivier","sequence":"additional","affiliation":[{"name":"The University of Manchester, Manchester, United Kingdom"}],"role":[{"vocabulary":"crossref","role":"author"}]}],"member":"320","published-online":{"date-parts":[[2024,12,2]]},"reference":[{"key":"e_1_3_2_1_1_1","volume-title":"principles, techniques. Addison wesley 7, 8","author":"Aho Alfred V","year":"1986","unstructured":"Alfred V Aho, Ravi Sethi, and Jeffrey D Ullman. 1986. Compilers, principles, techniques. Addison wesley 7, 8 (1986), 9."},{"key":"e_1_3_2_1_2_1","unstructured":"Angr Contributors. 2023. Angr Documentation - Control-flow Graph Recovery (CFG). https:\/\/docs.angr.io\/en\/latest\/analyses\/cfg.html."},{"key":"e_1_3_2_1_3_1","volume-title":"23rd USENIX Security Symposium (USENIX Security 14)","author":"Bao Tiffany","year":"2014","unstructured":"Tiffany Bao, Jonathan Burket, Maverick Woo, Rafael Turner, and David Brumley. 2014. BYTEWEIGHT: Learning to recognize functions in binary code. In 23rd USENIX Security Symposium (USENIX Security 14). 845--860."},{"key":"e_1_3_2_1_4_1","volume-title":"Saphire: Sandboxing PHP Applications with Tailored System Call Allowlists. In 30th USENIX Security Symposium (USENIX Security 21)","author":"Bulekov Alexander","year":"2021","unstructured":"Alexander Bulekov, Rasoul Jahanshahi, and Manuel Egele. 2021. Saphire: Sandboxing PHP Applications with Tailored System Call Allowlists. In 30th USENIX Security Symposium (USENIX Security 21). 2881--2898."},{"key":"e_1_3_2_1_5_1","volume-title":"SFIP: Coarse-Grained Syscall-Flow-Integrity Protection in Modern Systems. arXiv preprint arXiv:2202.13716","author":"Canella Claudio","year":"2022","unstructured":"Claudio Canella, Sebastian Dorn, Daniel Gruss, and Michael Schwarz. 2022. SFIP: Coarse-Grained Syscall-Flow-Integrity Protection in Modern Systems. arXiv preprint arXiv:2202.13716 (2022)."},{"key":"e_1_3_2_1_6_1","doi-asserted-by":"publisher","DOI":"10.1145\/3474123.3486762"},{"key":"e_1_3_2_1_7_1","volume-title":"Black Hat Asia","author":"Canella Claudio","year":"2021","unstructured":"Claudio Canella, Mario Werner, and Michael Schwarz. 2021. Enter Sandbox. Black Hat Asia 2021. https:\/\/www.blackhat.com\/asia-21\/briefings\/schedule\/index.html."},{"key":"e_1_3_2_1_8_1","unstructured":"Capstone Contributors. 2022. Capstone Disassembler Website. https:\/\/www.capstone-engine.org\/."},{"key":"e_1_3_2_1_9_1","volume-title":"Proposal: Register-based Go calling convention. https:\/\/go.googlesource.com\/proposal\/+\/refs\/changes\/78\/248178\/1\/design\/40724-register-calling.md.","author":"Clements Austin","year":"2020","unstructured":"Austin Clements. 2020. Proposal: Register-based Go calling convention. https:\/\/go.googlesource.com\/proposal\/+\/refs\/changes\/78\/248178\/1\/design\/40724-register-calling.md."},{"key":"e_1_3_2_1_10_1","volume-title":"May 25","author":"Corbet Jonathan","year":"2009","unstructured":"Jonathan Corbet. 2009. Seccomp and sandboxing. LWN. net, May 25 (2009)."},{"key":"e_1_3_2_1_11_1","volume-title":"23rd International Symposium on Research in Attacks, Intrusions and Defenses (RAID)","author":"DeMarinis Nicholas","year":"2020","unstructured":"Nicholas DeMarinis, Kent Williams-King, Di Jin, Rodrigo Fonseca, and Vasileios P Kemerlis. 2020. Sysfilter: Automated system call filtering for commodity software. In 23rd International Symposium on Research in Attacks, Intrusions and Defenses (RAID) 2020. 459--474."},{"key":"e_1_3_2_1_12_1","unstructured":"Docker-slim Contributors. 2021. Docker-slim. https:\/\/github.com\/docker-slim\/docker-slim."},{"key":"e_1_3_2_1_13_1","unstructured":"Firejail Contributors. 2022. Firejail Seccomp Filtering Rule. https:\/\/github.com\/netblue30\/firejail\/blob\/master\/src\/include\/seccomp.h."},{"key":"e_1_3_2_1_14_1","unstructured":"Firejail Contributors. 2022. Firejail Security Sandbox. https:\/\/firejail.wordpress.com\/."},{"key":"e_1_3_2_1_15_1","unstructured":"Flatpak Contributors. 2022. Flatpak Seccomp Filtering Rule. https:\/\/github.com\/flatpak\/flatpak\/blob\/main\/data\/flatpak-docker-seccomp.json."},{"key":"e_1_3_2_1_16_1","volume-title":"23rd International Symposium on Research in Attacks, Intrusions and Defenses (RAID)","author":"Ghavamnia Seyedhamed","year":"2020","unstructured":"Seyedhamed Ghavamnia, Tapti Palit, Azzedine Benameur, and Michalis Polychronakis. 2020. Confine: Automated system call policy generation for container attack surface reduction. In 23rd International Symposium on Research in Attacks, Intrusions and Defenses (RAID) 2020). 443--458."},{"key":"e_1_3_2_1_17_1","volume-title":"29th USENIX Security Symposium (USENIX Security 20)","author":"Ghavamnia Seyedhamed","year":"2020","unstructured":"Seyedhamed Ghavamnia, Tapti Palit, Shachee Mishra, and Michalis Polychronakis. 2020. Temporal system call specialization for attack surface reduction. In 29th USENIX Security Symposium (USENIX Security 20). 1749--1766."},{"key":"e_1_3_2_1_18_1","doi-asserted-by":"publisher","DOI":"10.1145\/3548606.3559366"},{"key":"e_1_3_2_1_19_1","volume-title":"Chromium Documentation: Linux Sandboxing. https:\/\/chromium.googlesource.com\/chromium\/src\/+\/0e94f26e8\/docs\/linux_sandboxing.md.","year":"2022","unstructured":"Google. 2022. Chromium Documentation: Linux Sandboxing. https:\/\/chromium.googlesource.com\/chromium\/src\/+\/0e94f26e8\/docs\/linux_sandboxing.md."},{"key":"e_1_3_2_1_20_1","unstructured":"Google. 2023. What is gVisor? https:\/\/gvisor.dev\/docs\/."},{"key":"e_1_3_2_1_21_1","doi-asserted-by":"publisher","DOI":"10.1109\/DSN.2014.52"},{"key":"e_1_3_2_1_22_1","doi-asserted-by":"publisher","DOI":"10.5555\/1298081.1298084"},{"key":"e_1_3_2_1_23_1","doi-asserted-by":"publisher","DOI":"10.1145\/3582016.3582066"},{"key":"e_1_3_2_1_24_1","volume-title":"Programmable System Call Security with eBPF. arXiv preprint arXiv:2302.10366","author":"Jia Jinghao","year":"2023","unstructured":"Jinghao Jia, YiFei Zhu, Dan Williams, Andrea Arcangeli, Claudio Canella, Hubertus Franke, Tobin Feldman-Fitzthum, Dimitrios Skarlatos, Daniel Gruss, and Tianyin Xu. 2023. Programmable System Call Security with eBPF. arXiv preprint arXiv:2302.10366 (2023)."},{"key":"e_1_3_2_1_25_1","doi-asserted-by":"publisher","DOI":"10.1145\/360248.360252"},{"key":"e_1_3_2_1_26_1","unstructured":"Anil Kurmus Reinhard Tartler Daniela Dorneanu Bernhard Heinloth Valentin Rothberg Andreas Ruprecht Wolfgang Schr\u00f6der-Preikschat Daniel Lohmann and R\u00fcdiger Kapitza. 2013. Attack Surface Metrics and Automated Compile-Time OS Kernel Tailoring.. In NDSS."},{"key":"e_1_3_2_1_27_1","unstructured":"Paul Lawrence. 2017. Seccomp filter in Android O. https:\/\/android-developers.googleblog.com\/2017\/07\/seccomp-filter-in-android-o.html."},{"key":"e_1_3_2_1_28_1","unstructured":"Hugo Lefeuvre Gaulthier Gain Daniel Dinca Alexander Jung Simon Kuenzer Vlad-Andrei Badoiu Razvan Deaconescu Laurent Mathy Costin Raiciu Pierre Olivier et al. 2021. Unikraft and The Coming of Age of Unikernels. login; The Usenix Magazine (2021)."},{"key":"e_1_3_2_1_29_1","volume-title":"USENIX Security Symposium","volume":"12","author":"Liao Yihua","year":"2002","unstructured":"Yihua Liao and V Rao Vemuri. 2002. Using text categorization techniques for intrusion detection.. In USENIX Security Symposium, Vol. 12. 51--59."},{"key":"e_1_3_2_1_30_1","unstructured":"Hong jiu Lu Michael Matz Milind Girkar Jan Hubicka Andreas Jaeger and Mark Mitchell. 2018. System V Application Binary Interface - AMD64 Architecture Processor Supplement (With LP64 and ILP32 Programming Models). https:\/\/github.com\/hjl-tools\/x86-psABI\/wiki\/x86-64-psABI-1.0.pdf."},{"key":"e_1_3_2_1_31_1","doi-asserted-by":"publisher","DOI":"10.1145\/3492321.3519586"},{"key":"e_1_3_2_1_32_1","unstructured":"Scott Michael. 2019. Oracle Linux Blog - What it means to be a maintainer of Linux seccomp. https:\/\/blogs.oracle.com\/linux\/being-a-seccomp-maintainer."},{"key":"e_1_3_2_1_33_1","volume-title":"Mozilla Wiki: Security\/Sandbox\/Seccomp. https:\/\/wiki.mozilla.org\/Security\/Sandbox\/Seccomp.","year":"2016","unstructured":"Mozilla. 2016. Mozilla Wiki: Security\/Sandbox\/Seccomp. https:\/\/wiki.mozilla.org\/Security\/Sandbox\/Seccomp."},{"key":"e_1_3_2_1_34_1","doi-asserted-by":"publisher","DOI":"10.1145\/1127345.1127348"},{"key":"e_1_3_2_1_35_1","doi-asserted-by":"publisher","DOI":"10.1145\/3313808.3313817"},{"key":"e_1_3_2_1_36_1","unstructured":"OpenSSH Contributors. 2022. OpenSSH Release Notes. https:\/\/www.openssh.com\/releasenotes.html."},{"key":"e_1_3_2_1_37_1","doi-asserted-by":"publisher","DOI":"10.1145\/3428203"},{"key":"e_1_3_2_1_38_1","volume-title":"SoK: All You Ever Wanted to Know About x86\/x64 Binary Disassembly But Were Afraid to Ask. arXiv preprint arXiv:2007.14266","author":"Pang Chengbin","year":"2020","unstructured":"Chengbin Pang, Ruotong Yu, Yaohui Chen, Eric Koskinen, Georgios Portokalidis, Bing Mao, and Jun Xu. 2020. SoK: All You Ever Wanted to Know About x86\/x64 Binary Disassembly But Were Afraid to Ask. arXiv preprint arXiv:2007.14266 (2020)."},{"key":"e_1_3_2_1_39_1","volume-title":"Qemu Documentation: Security, Isolation Mechanisms. https:\/\/www.qemu.org\/docs\/master\/system\/security.html#isolation-mechanisms.","author":"Contributors Qemu","year":"2022","unstructured":"Qemu Contributors. 2022. Qemu Documentation: Security, Isolation Mechanisms. https:\/\/www.qemu.org\/docs\/master\/system\/security.html#isolation-mechanisms."},{"key":"e_1_3_2_1_40_1","doi-asserted-by":"publisher","DOI":"10.1145\/3576915.3623207"},{"key":"e_1_3_2_1_41_1","doi-asserted-by":"publisher","DOI":"10.1145\/3106237.3106271"},{"key":"e_1_3_2_1_42_1","doi-asserted-by":"publisher","DOI":"10.1145\/3141235.3141241"},{"key":"e_1_3_2_1_43_1","volume-title":"VSFTPD: Bug in Seccomp Sandbox. https:\/\/bugs.archlinux.org\/task\/62889.","author":"Schaefer Paul","year":"2016","unstructured":"Paul Schaefer. 2016. VSFTPD: Bug in Seccomp Sandbox. https:\/\/bugs.archlinux.org\/task\/62889."},{"key":"e_1_3_2_1_44_1","volume-title":"Jenny: Securing Syscalls for PKU-based Memory Isolation Systems. In USENIX Security Symposium.","author":"Schrammel David","year":"2022","unstructured":"David Schrammel, Samuel Weiser, Richard Sadek, and Stefan Mangard. 2022. Jenny: Securing Syscalls for PKU-based Memory Isolation Systems. In USENIX Security Symposium."},{"key":"e_1_3_2_1_45_1","doi-asserted-by":"publisher","DOI":"10.1109\/SP.2016.17"},{"key":"e_1_3_2_1_46_1","doi-asserted-by":"publisher","DOI":"10.1145\/2901318.2901341"},{"key":"e_1_3_2_1_47_1","volume-title":"Proceedings 2001 IEEE Symposium on Security and Privacy. S&P","author":"Wagner David","year":"2000","unstructured":"David Wagner and R Dean. 2000. Intrusion detection via static analysis. In Proceedings 2001 IEEE Symposium on Security and Privacy. S&P 2001. IEEE, 156--168."},{"key":"e_1_3_2_1_48_1","doi-asserted-by":"publisher","DOI":"10.1007\/s10664-019-09737-2"},{"key":"e_1_3_2_1_49_1","doi-asserted-by":"publisher","DOI":"10.1109\/ICST.2017.16"},{"key":"e_1_3_2_1_50_1","volume-title":"Ramblr: Making Reassembly Great Again.. In NDSS.","author":"Wang Ruoyu","year":"2017","unstructured":"Ruoyu Wang, Yan Shoshitaishvili, Antonio Bianchi, Aravind Machiry, John Grosen, Paul Grosen, Christopher Kruegel, and Giovanni Vigna. 2017. Ramblr: Making Reassembly Great Again.. In NDSS."},{"key":"e_1_3_2_1_51_1","doi-asserted-by":"publisher","DOI":"10.1109\/SECPRI.1999.766910"},{"key":"e_1_3_2_1_52_1","doi-asserted-by":"publisher","DOI":"10.1007\/978-3-642-23808-6_34"},{"key":"e_1_3_2_1_53_1","doi-asserted-by":"publisher","DOI":"10.1007\/978-3-642-23808-6_34"},{"key":"e_1_3_2_1_54_1","doi-asserted-by":"publisher","DOI":"10.5555\/645838.670723"},{"key":"e_1_3_2_1_55_1","volume-title":"LIGHTBLUE: Automatic Profile-Aware Debloating of Bluetooth Stacks. In 30th USENIX Security Symposium (USENIX Security 21)","author":"Wu Jianliang","year":"2021","unstructured":"Jianliang Wu, Ruoyu Wu, Daniele Antonioli, Mathias Payer, Nils Ole Tippenhauer, Dongyan Xu, Dave Jing Tian, and Antonio Bianchi. 2021. LIGHTBLUE: Automatic Profile-Aware Debloating of Bluetooth Stacks. In 30th USENIX Security Symposium (USENIX Security 21). 339--356."}],"event":{"name":"Middleware '24: 25th International Middleware Conference","location":"Hong Kong Hong Kong","acronym":"Middleware '24","sponsor":["IFIP","Usenix"]},"container-title":["Proceedings of the 25th International Middleware Conference"],"original-title":[],"link":[{"URL":"https:\/\/dl.acm.org\/doi\/10.1145\/3652892.3700761","content-type":"unspecified","content-version":"vor","intended-application":"text-mining"},{"URL":"https:\/\/dl.acm.org\/doi\/pdf\/10.1145\/3652892.3700761","content-type":"unspecified","content-version":"vor","intended-application":"similarity-checking"}],"deposited":{"date-parts":[[2025,6,18]],"date-time":"2025-06-18T22:53:57Z","timestamp":1750287237000},"score":1,"resource":{"primary":{"URL":"https:\/\/dl.acm.org\/doi\/10.1145\/3652892.3700761"}},"subtitle":[],"short-title":[],"issued":{"date-parts":[[2024,12,2]]},"references-count":55,"alternative-id":["10.1145\/3652892.3700761","10.1145\/3652892"],"URL":"https:\/\/doi.org\/10.1145\/3652892.3700761","relation":{},"subject":[],"published":{"date-parts":[[2024,12,2]]},"assertion":[{"value":"2024-12-02","order":3,"name":"published","label":"Published","group":{"name":"publication_history","label":"Publication History"}}]}}