{"id":"https://openalex.org/W4366377764","doi":"https://doi.org/10.1109/tdsc.2023.3268124","title":"A Hybrid System Call Profiling Approach for Container Protection","display_name":"A Hybrid System Call Profiling Approach for Container Protection","publication_year":2023,"publication_date":"2023-04-19","ids":{"openalex":"https://openalex.org/W4366377764","doi":"https://doi.org/10.1109/tdsc.2023.3268124"},"language":"en","primary_location":{"id":"doi:10.1109/tdsc.2023.3268124","is_oa":false,"landing_page_url":"https://doi.org/10.1109/tdsc.2023.3268124","pdf_url":null,"source":{"id":"https://openalex.org/S133795288","display_name":"IEEE Transactions on Dependable and Secure Computing","issn_l":"1545-5971","issn":["1545-5971","1941-0018","2160-9209"],"is_oa":false,"is_in_doaj":false,"is_core":true,"host_organization":"https://openalex.org/P4310320439","host_organization_name":"IEEE Computer Society","host_organization_lineage":["https://openalex.org/P4310320439","https://openalex.org/P4310319808"],"host_organization_lineage_names":["IEEE Computer Society","Institute of Electrical and Electronics Engineers"],"type":"journal"},"license":null,"license_id":null,"version":"publishedVersion","is_accepted":true,"is_published":true,"raw_source_name":"IEEE Transactions on Dependable and Secure Computing","raw_type":"journal-article"},"type":"article","indexed_in":["crossref"],"open_access":{"is_oa":false,"oa_status":"closed","oa_url":null,"any_repository_has_fulltext":false},"authorships":[{"author_position":"first","author":{"id":"https://openalex.org/A5021740010","display_name":"Yunlong Xing","orcid":"https://orcid.org/0000-0002-3844-2467"},"institutions":[{"id":"https://openalex.org/I162714631","display_name":"George Mason University","ror":"https://ror.org/02jqj7156","country_code":"US","type":"education","lineage":["https://openalex.org/I162714631"]}],"countries":["US"],"is_corresponding":true,"raw_author_name":"Yunlong Xing","raw_affiliation_strings":["Center for Secure Information Systems, George Mason University, Fairfax, VA, USA"],"raw_orcid":"https://orcid.org/0000-0002-3844-2467","affiliations":[{"raw_affiliation_string":"Center for Secure Information Systems, George Mason University, Fairfax, VA, USA","institution_ids":["https://openalex.org/I162714631"]}]},{"author_position":"middle","author":{"id":"https://openalex.org/A5011102366","display_name":"Xinda Wang","orcid":"https://orcid.org/0000-0003-3648-1750"},"institutions":[{"id":"https://openalex.org/I162714631","display_name":"George Mason University","ror":"https://ror.org/02jqj7156","country_code":"US","type":"education","lineage":["https://openalex.org/I162714631"]}],"countries":["US"],"is_corresponding":false,"raw_author_name":"Xinda Wang","raw_affiliation_strings":["Center for Secure Information Systems, George Mason University, Fairfax, VA, USA"],"raw_orcid":"https://orcid.org/0000-0003-3648-1750","affiliations":[{"raw_affiliation_string":"Center for Secure Information Systems, George Mason University, Fairfax, VA, USA","institution_ids":["https://openalex.org/I162714631"]}]},{"author_position":"middle","author":{"id":"https://openalex.org/A5048698954","display_name":"Sadegh Torabi","orcid":"https://orcid.org/0000-0003-2811-3536"},"institutions":[{"id":"https://openalex.org/I162714631","display_name":"George Mason University","ror":"https://ror.org/02jqj7156","country_code":"US","type":"education","lineage":["https://openalex.org/I162714631"]}],"countries":["US"],"is_corresponding":false,"raw_author_name":"Sadegh Torabi","raw_affiliation_strings":["Center for Secure Information Systems, George Mason University, Fairfax, VA, USA"],"raw_orcid":"https://orcid.org/0000-0003-2811-3536","affiliations":[{"raw_affiliation_string":"Center for Secure Information Systems, George Mason University, Fairfax, VA, USA","institution_ids":["https://openalex.org/I162714631"]}]},{"author_position":"middle","author":{"id":"https://openalex.org/A5100358735","display_name":"Zeyu Zhang","orcid":"https://orcid.org/0009-0006-2834-3007"},"institutions":[{"id":"https://openalex.org/I162714631","display_name":"George Mason University","ror":"https://ror.org/02jqj7156","country_code":"US","type":"education","lineage":["https://openalex.org/I162714631"]}],"countries":["US"],"is_corresponding":false,"raw_author_name":"Zeyu Zhang","raw_affiliation_strings":["Center for Secure Information Systems, George Mason University, Fairfax, VA, USA"],"raw_orcid":null,"affiliations":[{"raw_affiliation_string":"Center for Secure Information Systems, George Mason University, Fairfax, VA, USA","institution_ids":["https://openalex.org/I162714631"]}]},{"author_position":"middle","author":{"id":"https://openalex.org/A5060586167","display_name":"Lingguang Lei","orcid":"https://orcid.org/0000-0002-1936-0562"},"institutions":[{"id":"https://openalex.org/I19820366","display_name":"Chinese Academy of Sciences","ror":"https://ror.org/034t30j35","country_code":"CN","type":"government","lineage":["https://openalex.org/I19820366"]},{"id":"https://openalex.org/I4210156404","display_name":"Institute of Information Engineering","ror":"https://ror.org/04r53se39","country_code":"CN","type":"facility","lineage":["https://openalex.org/I19820366","https://openalex.org/I4210156404"]}],"countries":["CN"],"is_corresponding":false,"raw_author_name":"Lingguang Lei","raw_affiliation_strings":["Institute of Information Engineering, Chinese Academy of Sciences, Beijing, China"],"raw_orcid":"https://orcid.org/0000-0002-1936-0562","affiliations":[{"raw_affiliation_string":"Institute of Information Engineering, Chinese Academy of Sciences, Beijing, China","institution_ids":["https://openalex.org/I4210156404","https://openalex.org/I19820366"]}]},{"author_position":"last","author":{"id":"https://openalex.org/A5026728546","display_name":"Kun Sun","orcid":"https://orcid.org/0000-0003-4152-2107"},"institutions":[{"id":"https://openalex.org/I162714631","display_name":"George Mason University","ror":"https://ror.org/02jqj7156","country_code":"US","type":"education","lineage":["https://openalex.org/I162714631"]}],"countries":["US"],"is_corresponding":false,"raw_author_name":"Kun Sun","raw_affiliation_strings":["Center for Secure Information Systems, George Mason University, Fairfax, VA, USA"],"raw_orcid":"https://orcid.org/0000-0003-4152-2107","affiliations":[{"raw_affiliation_string":"Center for Secure Information Systems, George Mason University, Fairfax, VA, USA","institution_ids":["https://openalex.org/I162714631"]}]}],"institutions":[],"countries_distinct_count":2,"institutions_distinct_count":6,"corresponding_author_ids":["https://openalex.org/A5021740010"],"corresponding_institution_ids":["https://openalex.org/I162714631"],"apc_list":null,"apc_paid":null,"fwci":1.1805,"has_fulltext":false,"cited_by_count":6,"citation_normalized_percentile":{"value":0.7908465,"is_in_top_1_percent":false,"is_in_top_10_percent":false},"cited_by_percentile_year":{"min":90,"max":97},"biblio":{"volume":"21","issue":"3","first_page":"1068","last_page":"1083"},"is_retracted":false,"is_paratext":false,"is_xpac":false,"primary_topic":{"id":"https://openalex.org/T10400","display_name":"Network Security and Intrusion Detection","score":0.967199981212616,"subfield":{"id":"https://openalex.org/subfields/1705","display_name":"Computer Networks and Communications"},"field":{"id":"https://openalex.org/fields/17","display_name":"Computer Science"},"domain":{"id":"https://openalex.org/domains/3","display_name":"Physical Sciences"}},"topics":[{"id":"https://openalex.org/T10400","display_name":"Network Security and Intrusion Detection","score":0.967199981212616,"subfield":{"id":"https://openalex.org/subfields/1705","display_name":"Computer Networks and Communications"},"field":{"id":"https://openalex.org/fields/17","display_name":"Computer Science"},"domain":{"id":"https://openalex.org/domains/3","display_name":"Physical Sciences"}},{"id":"https://openalex.org/T10917","display_name":"Smart Grid Security and Resilience","score":0.9440000057220459,"subfield":{"id":"https://openalex.org/subfields/2207","display_name":"Control and Systems Engineering"},"field":{"id":"https://openalex.org/fields/22","display_name":"Engineering"},"domain":{"id":"https://openalex.org/domains/3","display_name":"Physical Sciences"}},{"id":"https://openalex.org/T12203","display_name":"Mobile Agent-Based Network Management","score":0.9197999835014343,"subfield":{"id":"https://openalex.org/subfields/1705","display_name":"Computer Networks and Communications"},"field":{"id":"https://openalex.org/fields/17","display_name":"Computer Science"},"domain":{"id":"https://openalex.org/domains/3","display_name":"Physical Sciences"}}],"keywords":[{"id":"https://openalex.org/keywords/computer-science","display_name":"Computer science","score":0.7335280776023865},{"id":"https://openalex.org/keywords/profiling","display_name":"Profiling (computer programming)","score":0.726840078830719},{"id":"https://openalex.org/keywords/container","display_name":"Container (type theory)","score":0.5508725643157959},{"id":"https://openalex.org/keywords/system-call","display_name":"System call","score":0.4543052315711975},{"id":"https://openalex.org/keywords/computer-security","display_name":"Computer security","score":0.3783857226371765},{"id":"https://openalex.org/keywords/computer-network","display_name":"Computer network","score":0.37350887060165405},{"id":"https://openalex.org/keywords/operating-system","display_name":"Operating system","score":0.23197540640830994},{"id":"https://openalex.org/keywords/engineering","display_name":"Engineering","score":0.12651750445365906}],"concepts":[{"id":"https://openalex.org/C41008148","wikidata":"https://www.wikidata.org/wiki/Q21198","display_name":"Computer science","level":0,"score":0.7335280776023865},{"id":"https://openalex.org/C187191949","wikidata":"https://www.wikidata.org/wiki/Q1138496","display_name":"Profiling (computer programming)","level":2,"score":0.726840078830719},{"id":"https://openalex.org/C2781018962","wikidata":"https://www.wikidata.org/wiki/Q5164884","display_name":"Container (type theory)","level":2,"score":0.5508725643157959},{"id":"https://openalex.org/C2778579508","wikidata":"https://www.wikidata.org/wiki/Q722192","display_name":"System call","level":2,"score":0.4543052315711975},{"id":"https://openalex.org/C38652104","wikidata":"https://www.wikidata.org/wiki/Q3510521","display_name":"Computer security","level":1,"score":0.3783857226371765},{"id":"https://openalex.org/C31258907","wikidata":"https://www.wikidata.org/wiki/Q1301371","display_name":"Computer network","level":1,"score":0.37350887060165405},{"id":"https://openalex.org/C111919701","wikidata":"https://www.wikidata.org/wiki/Q9135","display_name":"Operating system","level":1,"score":0.23197540640830994},{"id":"https://openalex.org/C127413603","wikidata":"https://www.wikidata.org/wiki/Q11023","display_name":"Engineering","level":0,"score":0.12651750445365906},{"id":"https://openalex.org/C78519656","wikidata":"https://www.wikidata.org/wiki/Q101333","display_name":"Mechanical engineering","level":1,"score":0.0}],"mesh":[],"locations_count":1,"locations":[{"id":"doi:10.1109/tdsc.2023.3268124","is_oa":false,"landing_page_url":"https://doi.org/10.1109/tdsc.2023.3268124","pdf_url":null,"source":{"id":"https://openalex.org/S133795288","display_name":"IEEE Transactions on Dependable and Secure Computing","issn_l":"1545-5971","issn":["1545-5971","1941-0018","2160-9209"],"is_oa":false,"is_in_doaj":false,"is_core":true,"host_organization":"https://openalex.org/P4310320439","host_organization_name":"IEEE Computer Society","host_organization_lineage":["https://openalex.org/P4310320439","https://openalex.org/P4310319808"],"host_organization_lineage_names":["IEEE Computer Society","Institute of Electrical and Electronics Engineers"],"type":"journal"},"license":null,"license_id":null,"version":"publishedVersion","is_accepted":true,"is_published":true,"raw_source_name":"IEEE Transactions on Dependable and Secure Computing","raw_type":"journal-article"}],"best_oa_location":null,"sustainable_development_goals":[],"awards":[],"funders":[],"has_content":{"grobid_xml":false,"pdf":false},"content_urls":null,"referenced_works_count":37,"referenced_works":["https://openalex.org/W1805474074","https://openalex.org/W1832277845","https://openalex.org/W1966636435","https://openalex.org/W2037587902","https://openalex.org/W2065176875","https://openalex.org/W2096921767","https://openalex.org/W2101849888","https://openalex.org/W2106649514","https://openalex.org/W2118372007","https://openalex.org/W2123886726","https://openalex.org/W2135143063","https://openalex.org/W2182584490","https://openalex.org/W2184107019","https://openalex.org/W2281283623","https://openalex.org/W2614983068","https://openalex.org/W2621197600","https://openalex.org/W2991611768","https://openalex.org/W3102468935","https://openalex.org/W3200325357","https://openalex.org/W6607589358","https://openalex.org/W6630877225","https://openalex.org/W6635828606","https://openalex.org/W6636217443","https://openalex.org/W6638282704","https://openalex.org/W6639770171","https://openalex.org/W6640626842","https://openalex.org/W6680492132","https://openalex.org/W6695448558","https://openalex.org/W6712595259","https://openalex.org/W6713443841","https://openalex.org/W6747817603","https://openalex.org/W6756096457","https://openalex.org/W6766950264","https://openalex.org/W6767136051","https://openalex.org/W6782203875","https://openalex.org/W6784165801","https://openalex.org/W6784834832"],"related_works":["https://openalex.org/W2367301169","https://openalex.org/W2974221847","https://openalex.org/W2352134912","https://openalex.org/W2055230095","https://openalex.org/W2001079144","https://openalex.org/W2480624181","https://openalex.org/W4376623838","https://openalex.org/W1995656050","https://openalex.org/W2048054615","https://openalex.org/W2313990708"],"abstract_inverted_index":{"Over-privileged":[0],"Linux":[1],"containers":[2,41],"might":[3],"put":[4],"the":[5,23,38,43,62,67,87,105,115,126,151,167,175,180,186,192],"underlying":[6],"OS":[7],"at":[8],"risk":[9],"by":[10,82],"permitting":[11],"pointless":[12],"system":[13,50,63,129,134,177],"calls":[14,178],"that":[15],"could":[16],"be":[17,137,147],"exploited":[18],"as":[19,34],"entry":[20],"points":[21],"to":[22,60,85,99,118,142,149],"kernel.":[24],"However,":[25],"finding":[26],"such":[27],"security":[28,89,153],"profiles":[29],"is":[30],"a":[31,57,92],"difficult":[32],"task":[33],"it":[35,145],"demands":[36],"examining":[37],"implementation/operation":[39],"of":[40,45,69,108,169,194],"in":[42,172],"absence":[44],"knowledge":[46],"regarding":[47],"its":[48],"required":[49,176],"calls.":[51],"In":[52],"this":[53],"article,":[54],"we":[55,76,184],"propose":[56],"hybrid":[58],"approach":[59,171,196],"limit":[61],"call":[64,130,135],"usage":[65],"during":[66,179],"execution":[68,121],"containers.":[70],"Specifically,":[71],"given":[72],"an":[73,78],"application":[74],"container,":[75],"maintain":[77,100],"initial":[79],"fine-grained":[80,128],"whitelist":[81,94],"dynamic":[83,109],"tracking":[84],"control":[86],"run-time":[88],"along":[90],"with":[91,139,162],"complementary":[93],"extracted":[95],"via":[96],"static":[97],"analysis":[98,199],"container's":[101],"functionality":[102],"while":[103],"addressing":[104],"coverage":[106],"limitation":[107],"analysis.":[110,158],"Our":[111,159],"method":[112],"automatically":[113],"analyzes":[114],"container":[116,152],"behavior":[117],"identify":[119],"three":[120],"phases":[122],"and":[123,190],"dynamically":[124],"enforce":[125],"corresponding":[127],"whitelists.":[131],"The":[132],"invoked":[133],"will":[136],"compared":[138],"both":[140],"whitelists":[141],"decide":[143],"if":[144],"should":[146],"killed":[148],"guarantee":[150],"or":[154],"logged":[155],"for":[156],"further":[157],"evaluation":[160],"results":[161],"193":[163],"Docker":[164],"images":[165],"demonstrate":[166,191],"effectiveness":[168],"our":[170,195],"significantly":[173],"reducing":[174],"applications'":[181],"life-cycle.":[182],"Furthermore,":[183],"discuss":[185],"reduced":[187],"attack":[188],"surface":[189],"efficiency":[193],"through":[197],"empirical":[198],"results.":[200]},"counts_by_year":[{"year":2025,"cited_by_count":3},{"year":2024,"cited_by_count":2},{"year":2023,"cited_by_count":1}],"updated_date":"2025-11-06T03:46:38.306776","created_date":"2025-10-10T00:00:00"}