{"status":"ok","message-type":"work","message-version":"1.0.0","message":{"indexed":{"date-parts":[[2024,2,4]],"date-time":"2024-02-04T00:24:07Z","timestamp":1707006247893},"reference-count":14,"publisher":"Institute of Electronics, Information and Communications Engineers (IEICE)","issue":"2","content-domain":{"domain":[],"crossmark-restriction":false},"short-container-title":["IEICE Trans. Inf. & Syst."],"published-print":{"date-parts":[[2024,2,1]]},"DOI":"10.1587\/transinf.2023edl8039","type":"journal-article","created":{"date-parts":[[2024,1,31]],"date-time":"2024-01-31T22:14:48Z","timestamp":1706739288000},"page":"229-233","source":"Crossref","is-referenced-by-count":0,"title":["Understanding File System Operations of a Secure Container Runtime Using System Call Tracing Technique"],"prefix":"10.1587","volume":"E107.D","author":[{"given":"Sunwoo","family":"JANG","sequence":"first","affiliation":[{"name":"Amazon Korea"}],"role":[{"role":"author","vocabulary":"crossref"}]},{"given":"Young-Kyoon","family":"SUH","sequence":"additional","affiliation":[{"name":"School of Computer Science and Engineering, Kyungpook National University"}],"role":[{"role":"author","vocabulary":"crossref"}]},{"given":"Byungchul","family":"TAK","sequence":"additional","affiliation":[{"name":"School of Computer Science and Engineering, Kyungpook National University"}],"role":[{"role":"author","vocabulary":"crossref"}]}],"member":"532","reference":[{"key":"1","unstructured":"[1] \u201cgVisor,\u201d https:\/\/gvisor.dev\/, 2023. accessed Feb. 18. 2023."},{"key":"2","unstructured":"[2] \u201cKata Containers,\u201d https:\/\/katacontainers.io\/. accessed Feb. 18. 2023."},{"key":"3","unstructured":"[3] \u201cSysbox,\u201d https:\/\/www.nestybox.com\/sysbox\/. accessed Feb. 18. 2023."},{"key":"4","doi-asserted-by":"crossref","unstructured":"[4] Z. Shen, Z. Sun, G.E. Sela, E. Bagdasaryan, C. Delimitrou, R. Van Renesse, and H. Weatherspoon, \u201cX-containers: Breaking down barriers to improve performance and isolation of cloud-native containers,\u201d The 24th ASPLOS 2019, pp.121-135, 2019. 10.1145\/3297858.3304016","DOI":"10.1145\/3297858.3304016"},{"key":"5","doi-asserted-by":"crossref","unstructured":"[5] H. Tazaki, A. Moroo, Y. Kuga, and R. Nakamura, \u201cHow to design a library os for practical containers?,\u201d Proceedings of the 17th ACM VEE, pp.15-28, 2021. 10.1145\/3453933.3454011","DOI":"10.1145\/3453933.3454011"},{"key":"6","unstructured":"[6] S. Arnautov, B. Trach, F. Gregor, T. Knauth, A. Martin, C. Priebe, J. Lind, D. Muthukumaran, D. O'keeffe, M.L. Stillwell, et al., \u201cScone: Secure linux containers with intel sgx,\u201d 12th USENIX OSDI 16, pp.689-703, 2016."},{"key":"7","unstructured":"[7] Z. Li, J. Cheng, Q. Chen, E. Guan, Z. Bian, Y. Tao, B. Zha, Q. Wang, W. Han, and M. Guo, \u201cRunD: A lightweight secure container runtime for high-density deployment and high-concurrency startup in serverless computing,\u201d 2022 USENIX Annual Technical Conference, Carlsbad, CA, pp.53-68, July 2022."},{"key":"8","unstructured":"[8] E.G. Young, P. Zhu, T. Caraza-Harter, A.C. Arpaci-Dusseau, and R.H. Arpaci-Dusseau, \u201cThe true cost of containing: A gvisor case study,\u201d 11th USENIX HotCloud 2019, 2019."},{"key":"9","unstructured":"[9] \u201cContainers Matrix,\u201d https:\/\/attack.mitre.org\/matrices\/enterprise\/containers\/, accessed Feb. 18. 2023."},{"key":"10","doi-asserted-by":"crossref","unstructured":"[10] S. Forrest, S. Hofmeyr, and A. Somayaji, \u201cThe evolution of system-call monitoring,\u201d 2008 annual computer security applications conference (acsac), pp.418-430, IEEE, 2008. 10.1109\/acsac.2008.54","DOI":"10.1109\/ACSAC.2008.54"},{"key":"11","unstructured":"[11] S. Forrest, S.A. Hofmeyr, A. Somayaji, and T.A. Longstaff, \u201cA sense of self for unix processes,\u201d Proceedings 1996 IEEE Symposium on Security and Privacy, pp.120-128, IEEE, 1996. 10.1109\/secpri.1996.502675"},{"key":"12","unstructured":"[12] L. Lu, A.C. Arpaci-Dusseau, R.H. Arpaci-Dusseau, and S. Lu, \u201cA study of linux file system evolution,\u201d 11th USENIX Conference on File and Storage Technologies (FAST 13), pp.31-44, 2013."},{"key":"13","doi-asserted-by":"crossref","unstructured":"[13] X. Lin, L. Lei, Y. Wang, J. Jing, K. Sun, and Q. Zhou, \u201cA measurement study on linux container security: Attacks and countermeasures,\u201d Proceedings of the 34th ACSAC, pp.418-429, 2018. 10.1145\/3274694.3274720","DOI":"10.1145\/3274694.3274720"},{"key":"14","unstructured":"[14] S. Ghavamnia, T. Palit, A. Benameur, and M. Polychronakis, \u201cConfine: Automated system call policy generation for container attack surface reduction,\u201d 23rd International Symposium on Research in Attacks, Intrusions and Defenses (RAID), Oct. 2020."}],"container-title":["IEICE Transactions on Information and Systems"],"original-title":[],"language":"en","link":[{"URL":"https:\/\/www.jstage.jst.go.jp\/article\/transinf\/E107.D\/2\/E107.D_2023EDL8039\/_pdf","content-type":"unspecified","content-version":"vor","intended-application":"similarity-checking"}],"deposited":{"date-parts":[[2024,2,3]],"date-time":"2024-02-03T04:17:09Z","timestamp":1706933829000},"score":1,"resource":{"primary":{"URL":"https:\/\/www.jstage.jst.go.jp\/article\/transinf\/E107.D\/2\/E107.D_2023EDL8039\/_article"}},"subtitle":[],"short-title":[],"issued":{"date-parts":[[2024,2,1]]},"references-count":14,"journal-issue":{"issue":"2","published-print":{"date-parts":[[2024]]}},"URL":"https:\/\/doi.org\/10.1587\/transinf.2023edl8039","relation":{},"ISSN":["0916-8532","1745-1361"],"issn-type":[{"value":"0916-8532","type":"print"},{"value":"1745-1361","type":"electronic"}],"subject":[],"published":{"date-parts":[[2024,2,1]]},"article-number":"2023EDL8039"}}