{"status":"ok","message-type":"work","message-version":"1.0.0","message":{"indexed":{"date-parts":[[2025,12,22]],"date-time":"2025-12-22T22:17:44Z","timestamp":1766441864176,"version":"3.48.0"},"publisher-location":"New York, NY, USA","reference-count":83,"publisher":"ACM","content-domain":{"domain":["dl.acm.org"],"crossmark-restriction":true},"short-container-title":[],"published-print":{"date-parts":[[2025,11,19]]},"DOI":"10.1145\/3719027.3765217","type":"proceedings-article","created":{"date-parts":[[2025,11,22]],"date-time":"2025-11-22T23:33:16Z","timestamp":1763854396000},"page":"3900-3914","update-policy":"https:\/\/doi.org\/10.1145\/crossmark-policy","source":"Crossref","is-referenced-by-count":0,"title":["Windows plays Jenga: Uncovering Design Weaknesses in Windows File System Security"],"prefix":"10.1145","author":[{"ORCID":"https:\/\/orcid.org\/0009-0003-8663-0731","authenticated-orcid":false,"given":"Dong-uk","family":"Kim","sequence":"first","affiliation":[{"name":"KAIST, Daejeon, Republic of Korea"}]},{"ORCID":"https:\/\/orcid.org\/0009-0001-2165-5810","authenticated-orcid":false,"given":"JunYoung","family":"Park","sequence":"additional","affiliation":[{"name":"KAIST, Daejeon, Republic of Korea"}]},{"ORCID":"https:\/\/orcid.org\/0000-0002-5047-5683","authenticated-orcid":false,"given":"Sanghak","family":"Oh","sequence":"additional","affiliation":[{"name":"Sungkyunkwan University, Suwon, Republic of Korea"}]},{"ORCID":"https:\/\/orcid.org\/0000-0002-1605-3866","authenticated-orcid":false,"given":"Hyoungshick","family":"Kim","sequence":"additional","affiliation":[{"name":"Sungkyunkwan University, Suwon, Republic of Korea"}]},{"ORCID":"https:\/\/orcid.org\/0000-0001-8931-2833","authenticated-orcid":false,"given":"Insu","family":"Yun","sequence":"additional","affiliation":[{"name":"KAIST, Daejeon, Republic of Korea"}]}],"member":"320","published-online":{"date-parts":[[2025,11,22]]},"reference":[{"key":"e_1_3_2_1_1_1","doi-asserted-by":"publisher","DOI":"10.1109\/SP.2017.52"},{"key":"e_1_3_2_1_2_1","unstructured":"Anysphere. 2023. Cursor. https:\/\/cursor.com. Accessed: 2025-09-09."},{"key":"e_1_3_2_1_3_1","doi-asserted-by":"publisher","DOI":"10.1145\/3290605.3300519"},{"key":"e_1_3_2_1_4_1","unstructured":"Luca Barile. 2021. Exploiting TOCTOU Vulnerability Using OpLock and Junctions. https:\/\/lucabarile.github.io\/Blog\/toctou\/index.html. Accessed: 2025-09-09."},{"key":"e_1_3_2_1_5_1","volume-title":"Proceedings of the 21st USENIX Conference on File and Storage Technologies (FAST)","author":"Basu Aditya","year":"2023","unstructured":"Aditya Basu, John Sampson, Zhiyun Qian, and Trent Jaeger. 2023. Unsafe at Any Copy: Name Collisions from Mixing Case Sensitivities. In Proceedings of the 21st USENIX Conference on File and Storage Technologies (FAST). Santa Clara, CA."},{"key":"e_1_3_2_1_6_1","volume-title":"Proceedings of the 17th Annual Network and Distributed System Security Symposium (NDSS)","author":"Chari Suresh","year":"2010","unstructured":"Suresh Chari, Shai Halevi, and Wietse Z Venema. 2010. Where Do You Want to Go Today? Escalating Privileges by Pathname Manipulation. In Proceedings of the 17th Annual Network and Distributed System Security Symposium (NDSS). San Diego, CA."},{"key":"e_1_3_2_1_7_1","unstructured":"@clavoillotte. 2019. An Introduction to Privileged File Operation Abuse on Windows. https:\/\/offsec.almond.consulting\/intro-to-file-operation-abuse-on-Windows.html. Accessed: 2025-09-09."},{"key":"e_1_3_2_1_8_1","unstructured":"Jonathan Corbet. 2015. Optional Mandatory Locking. https:\/\/lwn.net\/Articles\/667210. Accessed: 2025-09-09."},{"key":"e_1_3_2_1_9_1","unstructured":"The MITRE Corporation. 2018. CAPEC-233: Privilege Escalation. https:\/\/capec.mitre.org\/data\/definitions\/233.html. Accessed: 2025-09-09."},{"key":"e_1_3_2_1_10_1","first-page":"2020","volume":"202","unstructured":"SSD Disclosure. 2020. CVE-2020-16902. https:\/\/ssd-disclosure.com\/ssd-advisory-windows-installer-elevation-of-privileges-vulnerability\/. Accessed: 2025-09-09.","journal-title":"SSD Disclosure."},{"key":"e_1_3_2_1_11_1","unstructured":"James Forshaw. 2015a. Between a Rock and a Hard Link. https:\/\/googleprojectzero.blogspot.com\/2015\/12\/between-rock-and-hard-link.html. Accessed: 2025-09-09."},{"key":"e_1_3_2_1_12_1","unstructured":"James Forshaw. 2015b. A Link to the Past. https:\/\/infocon.org\/cons\/SyScan\/SyScan%202015%20Singapore\/SyScan%202015%20Singapore%20presentations\/SyScan15%20James%20Forshaw%20-%20A%20Link%20to%20the%20Past.pdf. Accessed: 2025-09-09."},{"key":"e_1_3_2_1_13_1","unstructured":"James Forshaw. 2015c. symboliclink-testing-tools. https:\/\/github.com\/googleprojectzero\/symboliclink-testing-tools. Accessed: 2025-09-09."},{"key":"e_1_3_2_1_14_1","unstructured":"James Forshaw. 2015 d. Windows 10^H^H Symbolic Link Mitigations. https:\/\/googleprojectzero.blogspot.com\/2015\/08\/windows-10hh-symbolic-link-mitigations.html. Accessed: 2025-09-09."},{"key":"e_1_3_2_1_15_1","unstructured":"James Forshaw. 2015 e. Windows Drivers are True'ly Tricky. https:\/\/googleprojectzero.blogspot.com\/2015\/10\/windows-drivers-are-truely-tricky.html. Accessed: 2025-09-09."},{"key":"e_1_3_2_1_16_1","unstructured":"James Forshaw. 2018. Windows Exploitation Tricks: Exploiting Arbitrary Object Directory Creation for Local Elevation of Privilege. https:\/\/googleprojectzero.blogspot.com\/2018\/08\/windows-exploitation-tricks-exploiting.html. Accessed: 2025-09-09."},{"key":"e_1_3_2_1_17_1","volume-title":"Windows: System Drive Replacement During Impersonation EoP. https:\/\/project-zero.issues.chromium.org\/issues\/42451595. Accessed: 2025-09-09.","author":"Forshaw James","year":"2023","unstructured":"James Forshaw. 2023. Windows: System Drive Replacement During Impersonation EoP. https:\/\/project-zero.issues.chromium.org\/issues\/42451595. Accessed: 2025-09-09."},{"key":"e_1_3_2_1_18_1","unstructured":"S\u00f8ren Fritzb\u00f8ger. 2020. CVE-2020-1088 -- Yet Another Arbitrary Delete EoP. https:\/\/medium.com\/csis-techblog\/cve-2020-1088-yet-another-arbitrary-delete-eop-a00b97d8c3e2. Accessed: 2025-09-09."},{"key":"e_1_3_2_1_19_1","unstructured":"GitHub. 2021. GitHub Copilot. https:\/\/github.com\/features\/copilot. Accessed: 2025-09-09."},{"key":"e_1_3_2_1_20_1","unstructured":"Google. 2025. Chrome GPU Link Mitigation. https:\/\/chromium.googlesource.com\/chromium\/src\/\/master\/content\/browser\/gpu\/gpu_data_manager_impl_private.cc#125. Accessed: 2025-09-09."},{"key":"e_1_3_2_1_21_1","unstructured":"Hex-Rays. 2025a. FLIRT. https:\/\/docs.hex-rays.com\/user-guide\/signatures\/flirt. Accessed: 2025-09-09."},{"key":"e_1_3_2_1_22_1","unstructured":"Hex-Rays. 2025b. IDAPython. https:\/\/docs.hex-rays.com\/developer-guide\/idapython. Accessed: 2025-09-09."},{"key":"e_1_3_2_1_23_1","unstructured":"Hex-Rays. 2025c. Lumina. https:\/\/hex-rays.com\/lumina. Accessed: 2025-09-09."},{"key":"e_1_3_2_1_24_1","doi-asserted-by":"publisher","DOI":"10.1145\/3372297.3420014"},{"key":"e_1_3_2_1_25_1","unstructured":"HWCert-Migrated. 2019. Driver Signing Changes in Windows 10. https:\/\/techcommunity.microsoft.com\/blog\/windowshardwarecertification\/driver-signing-changes-in-windows-10\/364859. Accessed: 2025-09-09."},{"key":"e_1_3_2_1_26_1","unstructured":"The IEEE and The Open Group. 2024a. chmod. https:\/\/pubs.opengroup.org\/onlinepubs\/9799919799\/functions\/chmod.html. Accessed: 2025-09-09."},{"key":"e_1_3_2_1_27_1","unstructured":"The IEEE and The Open Group. 2024b. open. https:\/\/pubs.opengroup.org\/onlinepubs\/9799919799\/functions\/open.html. Accessed: 2025-09-09."},{"key":"e_1_3_2_1_28_1","doi-asserted-by":"publisher","DOI":"10.1109\/SP.2019.00060"},{"key":"e_1_3_2_1_29_1","unstructured":"Jonas L. 2020. From Directory Deletion to SYSTEM Shell. https:\/\/secret.club\/2020\/04\/23\/directory-deletion-shell.html. Accessed: 2025-09-09."},{"key":"e_1_3_2_1_30_1","unstructured":"Cl\u00e9ment Labro. 2020. PrivescCheck. https:\/\/github.com\/itm4n\/PrivescCheck. Accessed: 2025-09-09."},{"key":"e_1_3_2_1_31_1","unstructured":"Cl\u00e9ment Lavoillotte. 2019. Abusing Privileged File Operations. https:\/\/troopers.de\/downloads\/troopers19\/TROOPERS19_AD_Abusing_privileged_file_operations.pdf. Accessed: 2025-09-09."},{"key":"e_1_3_2_1_32_1","unstructured":"Jeff Layton. 2021. fs: Remove Mandatory File Locking Support. https:\/\/web.git.kernel.org\/pub\/scm\/linux\/kernel\/git\/stable\/linux.git\/commit\/?h=linux-5.15.y&id=f7e33bdbd6d1bdf9c3df8bba5abcf3399f957ac3. Accessed: 2025-09-09."},{"key":"e_1_3_2_1_33_1","volume-title":"Static Detection of Filesystem Vulnerabilities in Android Systems. arXiv preprint arXiv:2407.11279","author":"Lee Yu-Tsung","year":"2024","unstructured":"Yu-Tsung Lee, Hayawardh Vijayakumar, Zhiyun Qian, and Trent Jaeger. 2024. Static Detection of Filesystem Vulnerabilities in Android Systems. arXiv preprint arXiv:2407.11279 (2024)."},{"volume-title":"Exploring Windows Redirection Trust Mitigation","author":"Leon Gal De","key":"e_1_3_2_1_34_1","unstructured":"Gal De Leon. 2022. Exploring Windows Redirection Trust Mitigation. http:\/\/unit42.paloaltonetworks.com\/junctions-windows-redirection-trust-mitigation\/. Accessed: 2025-09-09."},{"key":"e_1_3_2_1_35_1","volume-title":"Exploiting Errors in Windows Error Reporting","author":"Li Xuefeng","year":"2022","unstructured":"Xuefeng Li and Zhiniang Peng. 2022. Exploiting Errors in Windows Error Reporting in 2022. https:\/\/powerofcommunity.net\/assets\/v0\/poc2022\/XuefengLi.pdf. Accessed: 2025-09-09."},{"key":"e_1_3_2_1_36_1","unstructured":"Linux man-pages project. 2024a. chmod(2) \u2014 Linux Manual Page. https:\/\/man7.org\/linux\/man-pages\/man2\/chmod.2.html. Accessed: 2025-09-09."},{"key":"e_1_3_2_1_37_1","unstructured":"Linux man-pages project. 2024b. fcntl(2) \u2014 Linux Manual Page. https:\/\/man7.org\/linux\/man-pages\/man2\/fcntl.2.html. Accessed: 2025-09-09."},{"key":"e_1_3_2_1_38_1","unstructured":"Linux man-pages project. 2024c. flock(2) \u2014 Linux Manual Page. https:\/\/man7.org\/linux\/man-pages\/man2\/flock.2.html. Accessed: 2025-09-09."},{"key":"e_1_3_2_1_39_1","unstructured":"Linux man-pages project. 2024d. open(2) \u2014 Linux Manual Page. https:\/\/man7.org\/linux\/man-pages\/man2\/open.2.html. Accessed: 2025-09-09."},{"key":"e_1_3_2_1_40_1","unstructured":"Linux man-pages project. 2024 e. remove(3) \u2014 Linux Manual Page. https:\/\/man7.org\/linux\/man-pages\/man3\/remove.3.html. Accessed: 2025-09-09."},{"key":"e_1_3_2_1_41_1","unstructured":"Linux man-pages project. 2024 f. rename(1) \u2014 Linux Manual Page. https:\/\/man7.org\/linux\/man-pages\/man1\/rename.1.html. Accessed: 2025-09-09."},{"key":"e_1_3_2_1_42_1","unstructured":"lordgreg. 2024. winget-pkgs: Issue #188562. https:\/\/github.com\/microsoft\/winget-pkgs\/issues\/188562. Accessed: 2025-09-09."},{"key":"e_1_3_2_1_43_1","unstructured":"Microsoft. 2008. Security Policy Settings New for Windows Vista. https:\/\/learn.microsoft.com\/en-us\/previous-versions\/windows\/it-pro\/windows-vista\/cc766301(v=ws.10). Accessed: 2025-09-09."},{"key":"e_1_3_2_1_44_1","unstructured":"Microsoft. 2015. Visual Studio Code. https:\/\/code.visualstudio.com. Accessed: 2025-09-09."},{"key":"e_1_3_2_1_45_1","unstructured":"Microsoft. 2021a. Access Control Entries. https:\/\/learn.microsoft.com\/en-us\/windows\/win32\/secauthz\/access-control-entries. Accessed: 2025-09-09."},{"key":"e_1_3_2_1_46_1","unstructured":"Microsoft. 2021b. Defining an MS-DOS Device Name. https:\/\/learn.microsoft.com\/en-us\/windows\/win32\/fileio\/defining-an-ms-dos-device-name. Accessed: 2025-09-09."},{"key":"e_1_3_2_1_47_1","unstructured":"Microsoft. 2021c. File Security and Access Rights. https:\/\/learn.microsoft.com\/en-us\/windows\/win32\/fileio\/file-security-and-access-rights. Accessed: 2025-09-09."},{"key":"e_1_3_2_1_48_1","unstructured":"Microsoft. 2021 d. File Streams (Local File Systems). https:\/\/learn.microsoft.com\/en-us\/windows\/win32\/fileio\/file-streams. Accessed: 2025-09-09."},{"key":"e_1_3_2_1_49_1","unstructured":"Microsoft. 2021 e. SECURITY_INFORMATION. https:\/\/learn.microsoft.com\/en-us\/windows\/win32\/secauthz\/security-information. Accessed: 2025-09-09."},{"key":"e_1_3_2_1_50_1","unstructured":"Microsoft. 2021 f. Symbolic Links. https:\/\/learn.microsoft.com\/en-us\/windows\/win32\/fileio\/symbolic-links. Accessed: 2025-09-09."},{"key":"e_1_3_2_1_51_1","unstructured":"Microsoft. 2022a. _chmod _wchmod. https:\/\/learn.microsoft.com\/en-us\/cpp\/c-runtime-library\/reference\/chmod-wchmod?view=msvc-170. Accessed: 2025-09-09."},{"key":"e_1_3_2_1_52_1","unstructured":"Microsoft. 2022b. Creating and Opening Files. https:\/\/learn.microsoft.com\/en-us\/windows\/win32\/fileio\/creating-and-opening-files. Accessed: 2025-09-09."},{"key":"e_1_3_2_1_53_1","unstructured":"Microsoft. 2022c. PROCESS_MITIGATION_REDIRECTION_TRUST_POLICY structure (winnt.h). https:\/\/learn.microsoft.com\/en-us\/windows\/win32\/api\/winnt\/ns-winnt-process-mitigation-redirection-trust-policy. Accessed: 2025-09-09."},{"key":"e_1_3_2_1_54_1","unstructured":"Microsoft. 2022 d. STRIDE Model. https:\/\/learn.microsoft.com\/en-us\/azure\/security\/develop\/threat-modeling-tool-threats. Accessed: 2025-09-09."},{"key":"e_1_3_2_1_55_1","unstructured":"Microsoft. 2023a. CreateFileA Function (fileapi.h). https:\/\/learn.microsoft.com\/en-us\/windows\/win32\/api\/fileapi\/nf-fileapi-createfilea. Accessed: 2025-09-09."},{"key":"e_1_3_2_1_56_1","unstructured":"Microsoft. 2023b. MoveFile Function (winbase.h). https:\/\/learn.microsoft.com\/en-us\/windows\/win32\/api\/winbase\/nf-winbase-movefile. Accessed: 2025-09-09."},{"key":"e_1_3_2_1_57_1","unstructured":"Microsoft. 2023c. SetNamedSecurityInfoA Function (aclapi.h). https:\/\/learn.microsoft.com\/en-us\/windows\/win32\/api\/aclapi\/nf-aclapi-setnamedsecurityinfoa. Accessed: 2025-09-09."},{"key":"e_1_3_2_1_58_1","unstructured":"Microsoft. 2024a. DeleteFileA Function (fileapi.h). https:\/\/learn.microsoft.com\/en-us\/windows\/win32\/api\/fileapi\/nf-fileapi-deletefilea. Accessed: 2025-09-09."},{"key":"e_1_3_2_1_59_1","unstructured":"Microsoft. 2024b. Hard Links and Junctions. https:\/\/learn.microsoft.com\/en-us\/windows\/win32\/fileio\/hard-links-and-junctions. Accessed: 2025-09-09."},{"key":"e_1_3_2_1_60_1","unstructured":"Microsoft. 2024c. Naming Files Paths and Namespaces. https:\/\/learn.microsoft.com\/en-us\/windows\/win32\/fileio\/naming-a-file. Accessed: 2025-09-09."},{"key":"e_1_3_2_1_61_1","unstructured":"Microsoft. 2024d. Reparse Points. https:\/\/learn.microsoft.com\/en-us\/windows\/win32\/fileio\/reparse-points. Accessed: 2025-09-09."},{"key":"e_1_3_2_1_62_1","unstructured":"Microsoft. 2025a. ACE Inheritance Rules. https:\/\/learn.microsoft.com\/en-us\/windows\/win32\/secauthz\/ace-inheritance-rules. Accessed: 2025-09-09."},{"key":"e_1_3_2_1_63_1","unstructured":"Microsoft. 2025b. Microsoft Vulnerability Severity Classification for Windows. https:\/\/www.microsoft.com\/en-us\/msrc\/sdlbugbar. Accessed: 2025-09-09."},{"key":"e_1_3_2_1_64_1","unstructured":"Microsoft. 2025c. Opportunistic Locks. https:\/\/learn.microsoft.com\/en-us\/windows\/win32\/fileio\/opportunistic-locks. Accessed: 2025-09-09."},{"key":"e_1_3_2_1_65_1","unstructured":"Microsoft. 2025d. Windows Storage Elevation of Privilege Vulnerability. https:\/\/msrc.microsoft.com\/update-guide\/vulnerability\/CVE-2025-21391. Accessed: 2025-09-09."},{"key":"e_1_3_2_1_66_1","unstructured":"Mozilla. 2025. Firefox Sandbox Architecture. https:\/\/wiki.mozilla.org\/index.php?title=Security\/Sandbox\/Architecture. Accessed: 2025-09-09."},{"key":"e_1_3_2_1_67_1","doi-asserted-by":"publisher","DOI":"10.1109\/SP54263.2024.00046"},{"key":"e_1_3_2_1_68_1","doi-asserted-by":"publisher","DOI":"10.1145\/2664243.2664254"},{"key":"e_1_3_2_1_69_1","unstructured":"OpenAI. 2022. OpenAI ChatGPT. https:\/\/chatgpt.com. Accessed: 2025-09-09."},{"key":"e_1_3_2_1_70_1","unstructured":"Stack Overflow. 2024. Technology | 2024 Stack Overflow Developer Survey. https:\/\/survey.stackoverflow.co\/2024\/technology#1-operating-system. Accessed: 2025-09-09."},{"key":"e_1_3_2_1_71_1","volume-title":"Root Cause and Patch Analyses of Elevation of Privilege Vulnerabilities in the Windows Operating System. In IRC Conference on Science, Engineering and Technology. Springer, 168-180","author":"Bryan Pak Tze Bin","year":"2024","unstructured":"Tze Bin Bryan Pak. 2024. What's Under the Hood? Root Cause and Patch Analyses of Elevation of Privilege Vulnerabilities in the Windows Operating System. In IRC Conference on Science, Engineering and Technology. Springer, 168-180."},{"key":"e_1_3_2_1_72_1","unstructured":"Zhiniang Peng Xuefeng Li and Lewis Lee. 2021. Diving in to spooler: Discovering LPE and RCE Vulnerabilities in Windows Printer. https:\/\/i.blackhat.com\/USA21\/Wednesday-Handouts\/us-21-Diving-Into-Spooler-Discovering-Lpe-And-Rce-Vulnerabilities-In-Windows-Printer.pdf. Accessed: 2025-09-09."},{"key":"e_1_3_2_1_73_1","doi-asserted-by":"publisher","DOI":"10.1145\/3576915.3623157"},{"key":"e_1_3_2_1_74_1","unstructured":"Mark Russinovich. 2024. Process Monitor v4.01. https:\/\/learn.microsoft.com\/en-us\/sysinternals\/downloads\/procmon. Accessed: 2025-09-09."},{"key":"e_1_3_2_1_75_1","unstructured":"Eran Shimony. 2019. Follow the Link: Exploiting Symbolic Links with Ease. https:\/\/www.cyberark.com\/resources\/threat-research-blog\/follow-the-link-exploiting-symbolic-links-with-ease. Accessed: 2025-09-09."},{"key":"e_1_3_2_1_76_1","unstructured":"Dong uk Kim Junyoung Park Sanghak Oh Hyoungshick Kim and Insu Yun. 2025. Windows plays Jenga: Uncovering Design Weaknesses in Windows File System Security. https:\/\/github.com\/kaist-hacking\/Jenga."},{"key":"e_1_3_2_1_77_1","volume-title":"Proceedings of the 23rd USENIX Security Symposium (Security)","author":"Vijayakumar Hayawardh","year":"2014","unstructured":"Hayawardh Vijayakumar, Xinyang Ge, Mathias Payer, and Trent Jaeger. 2014. JIGSAW: Protecting Resource Access by Inferring Programmer Expectations. In Proceedings of the 23rd USENIX Security Symposium (Security). San Diego, CA."},{"key":"e_1_3_2_1_78_1","volume-title":"Proceedings of the 21st USENIX Security Symposium (Security)","author":"Vijayakumar Hayawardh","year":"2012","unstructured":"Hayawardh Vijayakumar, Joshua Schiffman, and Trent Jaeger. 2012. STING: Finding Name Resolution Vulnerabilities in Programs. In Proceedings of the 21st USENIX Security Symposium (Security). Bellevue, WA."},{"key":"e_1_3_2_1_79_1","unstructured":"Andy Walker. 2007. Mandatory File Locking For The Linux Operating System. https:\/\/www.kernel.org\/doc\/Documentation\/filesystems\/mandatory-locking.txt. Accessed: 2025-09-09."},{"key":"e_1_3_2_1_80_1","unstructured":"wdormann. 2022. Crassus Windows Privilege Escalation Eiscovery Tool. https:\/\/github.com\/vu-ls\/Crassus. Accessed: 2025-09-09."},{"key":"e_1_3_2_1_81_1","unstructured":"Wenxu Wu. 2019. Battle of Windows Service: A Silver Bullet to Discover File Privilege Escalation Bugs Automatically. https:\/\/i.blackhat.com\/USA-19\/Wednesday\/us-19-Wu-Battle-Of-Windows-Service-A-Silver-Bullet-To-Discover-File-Privilege-Escalation-Bugs-Automatically.pdf. Accessed: 2025-09-09."},{"key":"e_1_3_2_1_82_1","doi-asserted-by":"publisher","DOI":"10.14722\/ndss.2024.23038"},{"key":"e_1_3_2_1_83_1","unstructured":"Simon Zuckerbraun. 2022. Abusing Arbitrary File Deletes to Escalate Privilege and Other Great Tricks. https:\/\/www.zerodayinitiative.com\/blog\/2022\/3\/16\/abusing-arbitrary-file-deletes-to-escalate-privilege-and-other-great-tricks. Accessed: 2025-09-09."}],"event":{"name":"CCS '25: ACM SIGSAC Conference on Computer and Communications Security","sponsor":["SIGSAC ACM Special Interest Group on Security, Audit, and Control"],"location":"Taipei Taiwan","acronym":"CCS '25"},"container-title":["Proceedings of the 2025 ACM SIGSAC Conference on Computer and Communications Security"],"original-title":[],"link":[{"URL":"https:\/\/dl.acm.org\/doi\/pdf\/10.1145\/3719027.3765217","content-type":"unspecified","content-version":"vor","intended-application":"similarity-checking"}],"deposited":{"date-parts":[[2025,12,22]],"date-time":"2025-12-22T22:15:44Z","timestamp":1766441744000},"score":1,"resource":{"primary":{"URL":"https:\/\/dl.acm.org\/doi\/10.1145\/3719027.3765217"}},"subtitle":[],"short-title":[],"issued":{"date-parts":[[2025,11,19]]},"references-count":83,"alternative-id":["10.1145\/3719027.3765217","10.1145\/3719027"],"URL":"https:\/\/doi.org\/10.1145\/3719027.3765217","relation":{},"subject":[],"published":{"date-parts":[[2025,11,19]]},"assertion":[{"value":"2025-11-22","order":3,"name":"published","label":"Published","group":{"name":"publication_history","label":"Publication History"}}]}}