{"id":"https://openalex.org/W4309346687","doi":"https://doi.org/10.1109/cns56114.2022.9947248","title":"SysCap: Profiling and Crosschecking Syscall and Capability Configurations for Docker Images","display_name":"SysCap: Profiling and Crosschecking Syscall and Capability Configurations for Docker Images","publication_year":2022,"publication_date":"2022-10-03","ids":{"openalex":"https://openalex.org/W4309346687","doi":"https://doi.org/10.1109/cns56114.2022.9947248"},"language":"en","primary_location":{"id":"doi:10.1109/cns56114.2022.9947248","is_oa":false,"landing_page_url":"https://doi.org/10.1109/cns56114.2022.9947248","pdf_url":null,"source":null,"license":null,"license_id":null,"version":"publishedVersion","is_accepted":true,"is_published":true,"raw_source_name":"2022 IEEE Conference on Communications and Network Security (CNS)","raw_type":"proceedings-article"},"type":"article","indexed_in":["crossref"],"open_access":{"is_oa":false,"oa_status":"closed","oa_url":null,"any_repository_has_fulltext":false},"authorships":[{"author_position":"first","author":{"id":"https://openalex.org/A5021740010","display_name":"Yunlong Xing","orcid":"https://orcid.org/0000-0002-3844-2467"},"institutions":[{"id":"https://openalex.org/I162714631","display_name":"George Mason University","ror":"https://ror.org/02jqj7156","country_code":"US","type":"education","lineage":["https://openalex.org/I162714631"]}],"countries":["US"],"is_corresponding":true,"raw_author_name":"Yunlong Xing","raw_affiliation_strings":["George Mason University,Fairfax,VA,USA","George Mason University, Fairfax, VA, USA"],"affiliations":[{"raw_affiliation_string":"George Mason University,Fairfax,VA,USA","institution_ids":["https://openalex.org/I162714631"]},{"raw_affiliation_string":"George Mason University, Fairfax, VA, USA","institution_ids":["https://openalex.org/I162714631"]}]},{"author_position":"middle","author":{"id":"https://openalex.org/A5046947918","display_name":"Jiahao Cao","orcid":"https://orcid.org/0000-0001-7139-376X"},"institutions":[{"id":"https://openalex.org/I99065089","display_name":"Tsinghua University","ror":"https://ror.org/03cve4549","country_code":"CN","type":"education","lineage":["https://openalex.org/I99065089"]}],"countries":["CN"],"is_corresponding":false,"raw_author_name":"Jiahao Cao","raw_affiliation_strings":["Tsinghua University,Beijing,China","Tsinghua University, Beijing, China"],"affiliations":[{"raw_affiliation_string":"Tsinghua University,Beijing,China","institution_ids":["https://openalex.org/I99065089"]},{"raw_affiliation_string":"Tsinghua University, Beijing, China","institution_ids":["https://openalex.org/I99065089"]}]},{"author_position":"middle","author":{"id":"https://openalex.org/A5102758573","display_name":"Xinda Wang","orcid":"https://orcid.org/0009-0003-1463-432X"},"institutions":[{"id":"https://openalex.org/I162714631","display_name":"George Mason University","ror":"https://ror.org/02jqj7156","country_code":"US","type":"education","lineage":["https://openalex.org/I162714631"]}],"countries":["US"],"is_corresponding":false,"raw_author_name":"Xinda Wang","raw_affiliation_strings":["George Mason University,Fairfax,VA,USA","George Mason University, Fairfax, VA, USA"],"affiliations":[{"raw_affiliation_string":"George Mason University,Fairfax,VA,USA","institution_ids":["https://openalex.org/I162714631"]},{"raw_affiliation_string":"George Mason University, Fairfax, VA, USA","institution_ids":["https://openalex.org/I162714631"]}]},{"author_position":"middle","author":{"id":"https://openalex.org/A5048698954","display_name":"Sadegh Torabi","orcid":"https://orcid.org/0000-0003-2811-3536"},"institutions":[{"id":"https://openalex.org/I162714631","display_name":"George Mason University","ror":"https://ror.org/02jqj7156","country_code":"US","type":"education","lineage":["https://openalex.org/I162714631"]}],"countries":["US"],"is_corresponding":false,"raw_author_name":"Sadegh Torabi","raw_affiliation_strings":["George Mason University,Fairfax,VA,USA","George Mason University, Fairfax, VA, USA"],"affiliations":[{"raw_affiliation_string":"George Mason University,Fairfax,VA,USA","institution_ids":["https://openalex.org/I162714631"]},{"raw_affiliation_string":"George Mason University, Fairfax, VA, USA","institution_ids":["https://openalex.org/I162714631"]}]},{"author_position":"middle","author":{"id":"https://openalex.org/A5026728546","display_name":"Kun Sun","orcid":"https://orcid.org/0000-0003-4152-2107"},"institutions":[{"id":"https://openalex.org/I162714631","display_name":"George Mason University","ror":"https://ror.org/02jqj7156","country_code":"US","type":"education","lineage":["https://openalex.org/I162714631"]}],"countries":["US"],"is_corresponding":false,"raw_author_name":"Kun Sun","raw_affiliation_strings":["George Mason University,Fairfax,VA,USA","George Mason University, Fairfax, VA, USA"],"affiliations":[{"raw_affiliation_string":"George Mason University,Fairfax,VA,USA","institution_ids":["https://openalex.org/I162714631"]},{"raw_affiliation_string":"George Mason University, Fairfax, VA, USA","institution_ids":["https://openalex.org/I162714631"]}]},{"author_position":"middle","author":{"id":"https://openalex.org/A5101649813","display_name":"Fei Yan","orcid":"https://orcid.org/0000-0003-0492-3278"},"institutions":[{"id":"https://openalex.org/I37461747","display_name":"Wuhan University","ror":"https://ror.org/033vjfk17","country_code":"CN","type":"education","lineage":["https://openalex.org/I37461747"]}],"countries":["CN"],"is_corresponding":false,"raw_author_name":"Fei Yan","raw_affiliation_strings":["Wuhan University,Wuhan,China","Wuhan University, Wuhan, China"],"affiliations":[{"raw_affiliation_string":"Wuhan University,Wuhan,China","institution_ids":["https://openalex.org/I37461747"]},{"raw_affiliation_string":"Wuhan University, Wuhan, China","institution_ids":["https://openalex.org/I37461747"]}]},{"author_position":"last","author":{"id":"https://openalex.org/A5100350165","display_name":"Qi Li","orcid":"https://orcid.org/0000-0001-8776-8730"},"institutions":[{"id":"https://openalex.org/I99065089","display_name":"Tsinghua University","ror":"https://ror.org/03cve4549","country_code":"CN","type":"education","lineage":["https://openalex.org/I99065089"]}],"countries":["CN"],"is_corresponding":false,"raw_author_name":"Qi Li","raw_affiliation_strings":["Tsinghua University,Beijing,China","Tsinghua University, Beijing, China"],"affiliations":[{"raw_affiliation_string":"Tsinghua University,Beijing,China","institution_ids":["https://openalex.org/I99065089"]},{"raw_affiliation_string":"Tsinghua University, Beijing, China","institution_ids":["https://openalex.org/I99065089"]}]}],"institutions":[],"countries_distinct_count":2,"institutions_distinct_count":7,"corresponding_author_ids":["https://openalex.org/A5021740010"],"corresponding_institution_ids":["https://openalex.org/I162714631"],"apc_list":null,"apc_paid":null,"fwci":0.5966,"has_fulltext":false,"cited_by_count":4,"citation_normalized_percentile":{"value":0.65209761,"is_in_top_1_percent":false,"is_in_top_10_percent":false},"cited_by_percentile_year":{"min":97,"max":98},"biblio":{"volume":null,"issue":null,"first_page":"236","last_page":"244"},"is_retracted":false,"is_paratext":false,"is_xpac":false,"primary_topic":{"id":"https://openalex.org/T11241","display_name":"Advanced Malware Detection Techniques","score":0.9991000294685364,"subfield":{"id":"https://openalex.org/subfields/1711","display_name":"Signal Processing"},"field":{"id":"https://openalex.org/fields/17","display_name":"Computer Science"},"domain":{"id":"https://openalex.org/domains/3","display_name":"Physical Sciences"}},"topics":[{"id":"https://openalex.org/T11241","display_name":"Advanced Malware Detection Techniques","score":0.9991000294685364,"subfield":{"id":"https://openalex.org/subfields/1711","display_name":"Signal Processing"},"field":{"id":"https://openalex.org/fields/17","display_name":"Computer Science"},"domain":{"id":"https://openalex.org/domains/3","display_name":"Physical Sciences"}},{"id":"https://openalex.org/T11424","display_name":"Security and Verification in Computing","score":0.9990000128746033,"subfield":{"id":"https://openalex.org/subfields/1702","display_name":"Artificial Intelligence"},"field":{"id":"https://openalex.org/fields/17","display_name":"Computer Science"},"domain":{"id":"https://openalex.org/domains/3","display_name":"Physical Sciences"}},{"id":"https://openalex.org/T12127","display_name":"Software System Performance and Reliability","score":0.9923999905586243,"subfield":{"id":"https://openalex.org/subfields/1705","display_name":"Computer Networks and Communications"},"field":{"id":"https://openalex.org/fields/17","display_name":"Computer Science"},"domain":{"id":"https://openalex.org/domains/3","display_name":"Physical Sciences"}}],"keywords":[{"id":"https://openalex.org/keywords/computer-science","display_name":"Computer science","score":0.8124467134475708},{"id":"https://openalex.org/keywords/system-call","display_name":"System call","score":0.6915441155433655},{"id":"https://openalex.org/keywords/operating-system","display_name":"Operating system","score":0.6787169575691223},{"id":"https://openalex.org/keywords/profiling","display_name":"Profiling (computer programming)","score":0.6778483390808105},{"id":"https://openalex.org/keywords/linux-kernel","display_name":"Linux kernel","score":0.6653708219528198},{"id":"https://openalex.org/keywords/container","display_name":"Container (type theory)","score":0.5777654647827148},{"id":"https://openalex.org/keywords/software-deployment","display_name":"Software deployment","score":0.518578052520752},{"id":"https://openalex.org/keywords/software","display_name":"Software","score":0.4802575409412384},{"id":"https://openalex.org/keywords/kernel","display_name":"Kernel (algebra)","score":0.46795713901519775},{"id":"https://openalex.org/keywords/embedded-system","display_name":"Embedded system","score":0.462785542011261},{"id":"https://openalex.org/keywords/distributed-computing","display_name":"Distributed computing","score":0.3462256193161011}],"concepts":[{"id":"https://openalex.org/C41008148","wikidata":"https://www.wikidata.org/wiki/Q21198","display_name":"Computer science","level":0,"score":0.8124467134475708},{"id":"https://openalex.org/C2778579508","wikidata":"https://www.wikidata.org/wiki/Q722192","display_name":"System call","level":2,"score":0.6915441155433655},{"id":"https://openalex.org/C111919701","wikidata":"https://www.wikidata.org/wiki/Q9135","display_name":"Operating system","level":1,"score":0.6787169575691223},{"id":"https://openalex.org/C187191949","wikidata":"https://www.wikidata.org/wiki/Q1138496","display_name":"Profiling (computer programming)","level":2,"score":0.6778483390808105},{"id":"https://openalex.org/C553261973","wikidata":"https://www.wikidata.org/wiki/Q14579","display_name":"Linux kernel","level":2,"score":0.6653708219528198},{"id":"https://openalex.org/C2781018962","wikidata":"https://www.wikidata.org/wiki/Q5164884","display_name":"Container (type theory)","level":2,"score":0.5777654647827148},{"id":"https://openalex.org/C105339364","wikidata":"https://www.wikidata.org/wiki/Q2297740","display_name":"Software deployment","level":2,"score":0.518578052520752},{"id":"https://openalex.org/C2777904410","wikidata":"https://www.wikidata.org/wiki/Q7397","display_name":"Software","level":2,"score":0.4802575409412384},{"id":"https://openalex.org/C74193536","wikidata":"https://www.wikidata.org/wiki/Q574844","display_name":"Kernel (algebra)","level":2,"score":0.46795713901519775},{"id":"https://openalex.org/C149635348","wikidata":"https://www.wikidata.org/wiki/Q193040","display_name":"Embedded system","level":1,"score":0.462785542011261},{"id":"https://openalex.org/C120314980","wikidata":"https://www.wikidata.org/wiki/Q180634","display_name":"Distributed computing","level":1,"score":0.3462256193161011},{"id":"https://openalex.org/C114614502","wikidata":"https://www.wikidata.org/wiki/Q76592","display_name":"Combinatorics","level":1,"score":0.0},{"id":"https://openalex.org/C78519656","wikidata":"https://www.wikidata.org/wiki/Q101333","display_name":"Mechanical engineering","level":1,"score":0.0},{"id":"https://openalex.org/C33923547","wikidata":"https://www.wikidata.org/wiki/Q395","display_name":"Mathematics","level":0,"score":0.0},{"id":"https://openalex.org/C127413603","wikidata":"https://www.wikidata.org/wiki/Q11023","display_name":"Engineering","level":0,"score":0.0}],"mesh":[],"locations_count":1,"locations":[{"id":"doi:10.1109/cns56114.2022.9947248","is_oa":false,"landing_page_url":"https://doi.org/10.1109/cns56114.2022.9947248","pdf_url":null,"source":null,"license":null,"license_id":null,"version":"publishedVersion","is_accepted":true,"is_published":true,"raw_source_name":"2022 IEEE Conference on Communications and Network Security (CNS)","raw_type":"proceedings-article"}],"best_oa_location":null,"sustainable_development_goals":[{"id":"https://metadata.un.org/sdg/8","display_name":"Decent work and economic growth","score":0.4699999988079071}],"awards":[{"id":"https://openalex.org/G6621162956","display_name":null,"funder_award_id":"CNS-1815650","funder_id":"https://openalex.org/F4320306076","funder_display_name":"National Science Foundation"},{"id":"https://openalex.org/G7155321176","display_name":null,"funder_award_id":"62132011","funder_id":"https://openalex.org/F4320321001","funder_display_name":"National Natural Science Foundation of China"}],"funders":[{"id":"https://openalex.org/F4320306076","display_name":"National Science Foundation","ror":"https://ror.org/021nxhr62"},{"id":"https://openalex.org/F4320321001","display_name":"National Natural Science Foundation of China","ror":"https://ror.org/01h0zpd94"}],"has_content":{"grobid_xml":false,"pdf":false},"content_urls":null,"referenced_works_count":31,"referenced_works":["https://openalex.org/W1429241971","https://openalex.org/W1457363419","https://openalex.org/W1516211918","https://openalex.org/W2067617772","https://openalex.org/W2247002685","https://openalex.org/W2297774820","https://openalex.org/W2343875716","https://openalex.org/W2530894209","https://openalex.org/W2574017551","https://openalex.org/W2614983068","https://openalex.org/W2620081107","https://openalex.org/W2621197600","https://openalex.org/W2741175893","https://openalex.org/W2955949247","https://openalex.org/W2962200727","https://openalex.org/W2962715466","https://openalex.org/W2968152713","https://openalex.org/W3081770884","https://openalex.org/W3092347617","https://openalex.org/W3092506792","https://openalex.org/W3102468935","https://openalex.org/W3214725335","https://openalex.org/W6628351959","https://openalex.org/W6628365534","https://openalex.org/W6630877225","https://openalex.org/W6667162432","https://openalex.org/W6749499821","https://openalex.org/W6766726536","https://openalex.org/W6782203875","https://openalex.org/W6784165801","https://openalex.org/W6784834832"],"related_works":["https://openalex.org/W2377509977","https://openalex.org/W2354398839","https://openalex.org/W23760953","https://openalex.org/W2614013133","https://openalex.org/W1970216380","https://openalex.org/W2373778029","https://openalex.org/W840375602","https://openalex.org/W2123619123","https://openalex.org/W2171038386","https://openalex.org/W2388015973"],"abstract_inverted_index":{"Due":[0],"to":[1,49,85,120,137,166,184,201],"its":[2],"advantages":[3],"of":[4,25,31,44,77,213],"faster":[5],"start-up":[6],"speed":[7],"and":[8,62,75,88,98,105,126,146,176,216,234,245],"better":[9],"resource":[10],"utilization":[11],"efficiency,":[12],"container":[13],"technology":[14],"has":[15,101],"been":[16,103],"widely":[17],"deployed":[18],"in":[19,172],"software":[20],"deployment.":[21],"However,":[22,66],"the":[23,29,35,42,58,63,94,108,144,152,162,168,173,181,186,193,198,203,227,235,248],"benefits":[24],"containers":[26],"come":[27],"at":[28],"cost":[30],"weak":[32],"isolation":[33],"for":[34,53,128,218],"underlying":[36],"shared":[37],"OS":[38],"kernel.":[39,154],"To":[40],"enhance":[41],"security":[43],"containers,":[45],"it":[46],"is":[47],"critical":[48],"customize":[50,122,209],"secure":[51,211],"configurations":[52],"each":[54,91],"specific":[55],"container,":[56],"including":[57],"system":[59,72,99,124,188,195,214],"call":[60,73,100,215],"list":[61],"capability":[64,97,217],"list.":[65],"existing":[67],"solutions":[68],"mainly":[69],"focus":[70],"on":[71,226,242],"profiling":[74,109],"most":[76],"these":[78],"approaches":[79],"still":[80],"demand":[81],"huge":[82],"human":[83],"efforts":[84],"manually":[86],"configure":[87],"successfully":[89],"run":[90],"container.":[92],"Moreover,":[93],"dependency":[95],"between":[96],"not":[102],"considered":[104],"cross-checked":[106],"during":[107],"process.":[110],"In":[111],"this":[112],"paper,":[113],"we":[114],"develop":[115],"a":[116,133,139,147,157,210,219],"toolkit":[117],"named":[118],"SysCap":[119,131,160,191,207,225,240],"automatically":[121],"required":[123,187,204],"calls":[125,196],"capabilities":[127],"Docker":[129,158,163,221,230],"images.":[130],"provides":[132],"static":[134],"analyzer":[135],"tool":[136],"construct":[138],"libc-to-syscall":[140,182],"mapping":[141,149,183,200],"via":[142,150],"analyzing":[143,151],"libc":[145],"syscall-to-capability":[148,199],"Linux":[153],"When":[155],"given":[156,220],"image,":[159],"parses":[161],"image":[164],"statically":[165],"obtain":[167,185,202],"binary-level":[169],"called":[170],"functions":[171],"target":[174],"layer":[175],"then":[177],"queries":[178,192],"them":[179],"with":[180,197],"calls.":[189],"Next,":[190],"obtained":[194],"capabilities.":[205],"Thus,":[206],"can":[208,246],"configuration":[212],"image.":[222],"We":[223],"test":[224],"top":[228],"193":[229],"images":[231,244],"from":[232],"Dockerhub,":[233],"experimental":[236],"results":[237],"show":[238],"that":[239],"works":[241],"all":[243],"reduce":[247],"attack":[249],"surface":[250],"effectively.":[251]},"counts_by_year":[{"year":2025,"cited_by_count":4}],"updated_date":"2026-03-17T09:09:15.849793","created_date":"2025-10-10T00:00:00"}