{"id":"https://openalex.org/W2235876906","doi":"https://doi.org/10.1145/2810103.2813609","title":"Cracking App Isolation on Apple","display_name":"Cracking App Isolation on Apple","publication_year":2015,"publication_date":"2015-10-06","ids":{"openalex":"https://openalex.org/W2235876906","doi":"https://doi.org/10.1145/2810103.2813609","mag":"2235876906"},"language":"en","primary_location":{"id":"doi:10.1145/2810103.2813609","is_oa":false,"landing_page_url":"https://doi.org/10.1145/2810103.2813609","pdf_url":null,"source":null,"license":null,"license_id":null,"version":"publishedVersion","is_accepted":true,"is_published":true,"raw_source_name":"Proceedings of the 22nd ACM SIGSAC Conference on Computer and Communications Security","raw_type":"proceedings-article"},"type":"article","indexed_in":["crossref"],"open_access":{"is_oa":false,"oa_status":"closed","oa_url":null,"any_repository_has_fulltext":false},"authorships":[{"author_position":"first","author":{"id":"https://openalex.org/A5036446600","display_name":"Luyi Xing","orcid":"https://orcid.org/0000-0002-1036-1163"},"institutions":[{"id":"https://openalex.org/I4210119109","display_name":"Indiana University Bloomington","ror":"https://ror.org/02k40bc56","country_code":"US","type":"education","lineage":["https://openalex.org/I4210119109","https://openalex.org/I592451"]}],"countries":["US"],"is_corresponding":true,"raw_author_name":"Luyi Xing","raw_affiliation_strings":["Indiana University Bloomington, Bloomington, IN, USA"],"affiliations":[{"raw_affiliation_string":"Indiana University Bloomington, Bloomington, IN, USA","institution_ids":["https://openalex.org/I4210119109"]}]},{"author_position":"middle","author":{"id":"https://openalex.org/A5106789270","display_name":"Xiaolong Bai","orcid":"https://orcid.org/0000-0002-7474-5908"},"institutions":[{"id":"https://openalex.org/I4210119109","display_name":"Indiana University Bloomington","ror":"https://ror.org/02k40bc56","country_code":"US","type":"education","lineage":["https://openalex.org/I4210119109","https://openalex.org/I592451"]}],"countries":["US"],"is_corresponding":false,"raw_author_name":"Xiaolong Bai","raw_affiliation_strings":["Indiana University Bloomington, Tsinghua University, Bloomington, IN, USA"],"affiliations":[{"raw_affiliation_string":"Indiana University Bloomington, Tsinghua University, Bloomington, IN, USA","institution_ids":["https://openalex.org/I4210119109"]}]},{"author_position":"middle","author":{"id":"https://openalex.org/A5005758616","display_name":"Tongxin Li","orcid":"https://orcid.org/0000-0002-9806-8964"},"institutions":[{"id":"https://openalex.org/I20231570","display_name":"Peking University","ror":"https://ror.org/02v51f717","country_code":"CN","type":"education","lineage":["https://openalex.org/I20231570"]}],"countries":["CN"],"is_corresponding":false,"raw_author_name":"Tongxin Li","raw_affiliation_strings":["Peking University, Beijing, China"],"affiliations":[{"raw_affiliation_string":"Peking University, Beijing, China","institution_ids":["https://openalex.org/I20231570"]}]},{"author_position":"middle","author":{"id":"https://openalex.org/A5100751838","display_name":"Xiaofeng Wang","orcid":"https://orcid.org/0000-0001-8424-419X"},"institutions":[{"id":"https://openalex.org/I4210119109","display_name":"Indiana University Bloomington","ror":"https://ror.org/02k40bc56","country_code":"US","type":"education","lineage":["https://openalex.org/I4210119109","https://openalex.org/I592451"]}],"countries":["US"],"is_corresponding":false,"raw_author_name":"XiaoFeng Wang","raw_affiliation_strings":["Indiana University Bloomington, Bloomington, IN, USA"],"affiliations":[{"raw_affiliation_string":"Indiana University Bloomington, Bloomington, IN, USA","institution_ids":["https://openalex.org/I4210119109"]}]},{"author_position":"middle","author":{"id":"https://openalex.org/A5107171920","display_name":"Kai Chen","orcid":"https://orcid.org/0000-0002-1145-0117"},"institutions":[{"id":"https://openalex.org/I4210119109","display_name":"Indiana University Bloomington","ror":"https://ror.org/02k40bc56","country_code":"US","type":"education","lineage":["https://openalex.org/I4210119109","https://openalex.org/I592451"]}],"countries":["US"],"is_corresponding":false,"raw_author_name":"Kai Chen","raw_affiliation_strings":["Indiana University Bloomington, Chinese Academy of Science, Bloomington, IN, USA"],"affiliations":[{"raw_affiliation_string":"Indiana University Bloomington, Chinese Academy of Science, Bloomington, IN, USA","institution_ids":["https://openalex.org/I4210119109"]}]},{"author_position":"middle","author":{"id":"https://openalex.org/A5084889167","display_name":"Xiaojing Liao","orcid":"https://orcid.org/0000-0001-7555-1673"},"institutions":[{"id":"https://openalex.org/I130701444","display_name":"Georgia Institute of Technology","ror":"https://ror.org/01zkghx44","country_code":"US","type":"education","lineage":["https://openalex.org/I130701444"]}],"countries":["US"],"is_corresponding":false,"raw_author_name":"Xiaojing Liao","raw_affiliation_strings":["Georgia Institute of Technology, Atlanta, USA"],"affiliations":[{"raw_affiliation_string":"Georgia Institute of Technology, Atlanta, USA","institution_ids":["https://openalex.org/I130701444"]}]},{"author_position":"middle","author":{"id":"https://openalex.org/A5037233582","display_name":"Shi\u2010Min Hu","orcid":"https://orcid.org/0000-0001-7507-6542"},"institutions":[{"id":"https://openalex.org/I99065089","display_name":"Tsinghua University","ror":"https://ror.org/03cve4549","country_code":"CN","type":"education","lineage":["https://openalex.org/I99065089"]}],"countries":["CN"],"is_corresponding":false,"raw_author_name":"Shi-Min Hu","raw_affiliation_strings":["Tsinghua University, Beijing, China"],"affiliations":[{"raw_affiliation_string":"Tsinghua University, Beijing, China","institution_ids":["https://openalex.org/I99065089"]}]},{"author_position":"last","author":{"id":"https://openalex.org/A5102438645","display_name":"Xinhui Han","orcid":null},"institutions":[{"id":"https://openalex.org/I20231570","display_name":"Peking University","ror":"https://ror.org/02v51f717","country_code":"CN","type":"education","lineage":["https://openalex.org/I20231570"]}],"countries":["CN"],"is_corresponding":false,"raw_author_name":"Xinhui Han","raw_affiliation_strings":["Peking University, Beijing, China"],"affiliations":[{"raw_affiliation_string":"Peking University, Beijing, China","institution_ids":["https://openalex.org/I20231570"]}]}],"institutions":[],"countries_distinct_count":2,"institutions_distinct_count":8,"corresponding_author_ids":["https://openalex.org/A5036446600"],"corresponding_institution_ids":["https://openalex.org/I4210119109"],"apc_list":null,"apc_paid":null,"fwci":4.8822,"has_fulltext":false,"cited_by_count":32,"citation_normalized_percentile":{"value":0.95878032,"is_in_top_1_percent":false,"is_in_top_10_percent":true},"cited_by_percentile_year":{"min":89,"max":99},"biblio":{"volume":null,"issue":null,"first_page":"31","last_page":"43"},"is_retracted":false,"is_paratext":false,"is_xpac":false,"primary_topic":{"id":"https://openalex.org/T11241","display_name":"Advanced Malware Detection Techniques","score":1.0,"subfield":{"id":"https://openalex.org/subfields/1711","display_name":"Signal Processing"},"field":{"id":"https://openalex.org/fields/17","display_name":"Computer Science"},"domain":{"id":"https://openalex.org/domains/3","display_name":"Physical Sciences"}},"topics":[{"id":"https://openalex.org/T11241","display_name":"Advanced Malware Detection Techniques","score":1.0,"subfield":{"id":"https://openalex.org/subfields/1711","display_name":"Signal Processing"},"field":{"id":"https://openalex.org/fields/17","display_name":"Computer Science"},"domain":{"id":"https://openalex.org/domains/3","display_name":"Physical Sciences"}},{"id":"https://openalex.org/T12034","display_name":"Digital and Cyber Forensics","score":0.9969000220298767,"subfield":{"id":"https://openalex.org/subfields/1710","display_name":"Information Systems"},"field":{"id":"https://openalex.org/fields/17","display_name":"Computer Science"},"domain":{"id":"https://openalex.org/domains/3","display_name":"Physical Sciences"}},{"id":"https://openalex.org/T11424","display_name":"Security and Verification in Computing","score":0.9955000281333923,"subfield":{"id":"https://openalex.org/subfields/1702","display_name":"Artificial Intelligence"},"field":{"id":"https://openalex.org/fields/17","display_name":"Computer Science"},"domain":{"id":"https://openalex.org/domains/3","display_name":"Physical Sciences"}}],"keywords":[{"id":"https://openalex.org/keywords/malware","display_name":"Malware","score":0.7411795854568481},{"id":"https://openalex.org/keywords/computer-science","display_name":"Computer science","score":0.7303623557090759},{"id":"https://openalex.org/keywords/os-x","display_name":"OS X","score":0.6558691263198853},{"id":"https://openalex.org/keywords/sandbox","display_name":"Sandbox (software development)","score":0.639968752861023},{"id":"https://openalex.org/keywords/password","display_name":"Password","score":0.57799232006073},{"id":"https://openalex.org/keywords/computer-security","display_name":"Computer security","score":0.518325686454773},{"id":"https://openalex.org/keywords/directory","display_name":"Directory","score":0.5136608481407166},{"id":"https://openalex.org/keywords/security-token","display_name":"Security token","score":0.4878949820995331},{"id":"https://openalex.org/keywords/isolation","display_name":"Isolation (microbiology)","score":0.47999781370162964},{"id":"https://openalex.org/keywords/world-wide-web","display_name":"World Wide Web","score":0.4727947413921356},{"id":"https://openalex.org/keywords/mac-os","display_name":"Mac OS","score":0.4418148398399353},{"id":"https://openalex.org/keywords/internet-privacy","display_name":"Internet privacy","score":0.37007954716682434},{"id":"https://openalex.org/keywords/operating-system","display_name":"Operating system","score":0.3075562119483948}],"concepts":[{"id":"https://openalex.org/C541664917","wikidata":"https://www.wikidata.org/wiki/Q14001","display_name":"Malware","level":2,"score":0.7411795854568481},{"id":"https://openalex.org/C41008148","wikidata":"https://www.wikidata.org/wiki/Q21198","display_name":"Computer science","level":0,"score":0.7303623557090759},{"id":"https://openalex.org/C515153823","wikidata":"https://www.wikidata.org/wiki/Q14116","display_name":"OS X","level":3,"score":0.6558691263198853},{"id":"https://openalex.org/C167981075","wikidata":"https://www.wikidata.org/wiki/Q2667186","display_name":"Sandbox (software development)","level":2,"score":0.639968752861023},{"id":"https://openalex.org/C109297577","wikidata":"https://www.wikidata.org/wiki/Q161157","display_name":"Password","level":2,"score":0.57799232006073},{"id":"https://openalex.org/C38652104","wikidata":"https://www.wikidata.org/wiki/Q3510521","display_name":"Computer security","level":1,"score":0.518325686454773},{"id":"https://openalex.org/C2777683733","wikidata":"https://www.wikidata.org/wiki/Q201456","display_name":"Directory","level":2,"score":0.5136608481407166},{"id":"https://openalex.org/C48145219","wikidata":"https://www.wikidata.org/wiki/Q1335365","display_name":"Security token","level":2,"score":0.4878949820995331},{"id":"https://openalex.org/C2775941552","wikidata":"https://www.wikidata.org/wiki/Q25212305","display_name":"Isolation (microbiology)","level":2,"score":0.47999781370162964},{"id":"https://openalex.org/C136764020","wikidata":"https://www.wikidata.org/wiki/Q466","display_name":"World Wide Web","level":1,"score":0.4727947413921356},{"id":"https://openalex.org/C522133331","wikidata":"https://www.wikidata.org/wiki/Q43627","display_name":"Mac OS","level":3,"score":0.4418148398399353},{"id":"https://openalex.org/C108827166","wikidata":"https://www.wikidata.org/wiki/Q175975","display_name":"Internet privacy","level":1,"score":0.37007954716682434},{"id":"https://openalex.org/C111919701","wikidata":"https://www.wikidata.org/wiki/Q9135","display_name":"Operating system","level":1,"score":0.3075562119483948},{"id":"https://openalex.org/C86803240","wikidata":"https://www.wikidata.org/wiki/Q420","display_name":"Biology","level":0,"score":0.0},{"id":"https://openalex.org/C2777904410","wikidata":"https://www.wikidata.org/wiki/Q7397","display_name":"Software","level":2,"score":0.0},{"id":"https://openalex.org/C89423630","wikidata":"https://www.wikidata.org/wiki/Q7193","display_name":"Microbiology","level":1,"score":0.0}],"mesh":[],"locations_count":1,"locations":[{"id":"doi:10.1145/2810103.2813609","is_oa":false,"landing_page_url":"https://doi.org/10.1145/2810103.2813609","pdf_url":null,"source":null,"license":null,"license_id":null,"version":"publishedVersion","is_accepted":true,"is_published":true,"raw_source_name":"Proceedings of the 22nd ACM SIGSAC Conference on Computer and Communications Security","raw_type":"proceedings-article"}],"best_oa_location":null,"sustainable_development_goals":[{"id":"https://metadata.un.org/sdg/16","score":0.5199999809265137,"display_name":"Peace, Justice and strong institutions"}],"awards":[{"id":"https://openalex.org/G4590480251","display_name":null,"funder_award_id":"CNS-1117106","funder_id":"https://openalex.org/F4320306076","funder_display_name":"National Science Foundation"}],"funders":[{"id":"https://openalex.org/F4320306076","display_name":"National Science Foundation","ror":"https://ror.org/021nxhr62"}],"has_content":{"grobid_xml":false,"pdf":false},"content_urls":null,"referenced_works_count":17,"referenced_works":["https://openalex.org/W99385246","https://openalex.org/W1425914613","https://openalex.org/W1555215938","https://openalex.org/W1912565424","https://openalex.org/W1953670109","https://openalex.org/W1988036170","https://openalex.org/W1994588724","https://openalex.org/W2023446630","https://openalex.org/W2119249378","https://openalex.org/W2153497135","https://openalex.org/W2165269684","https://openalex.org/W2211371252","https://openalex.org/W2350778671","https://openalex.org/W2398484989","https://openalex.org/W6628502034","https://openalex.org/W6633254993","https://openalex.org/W6640059210"],"related_works":["https://openalex.org/W2034129977","https://openalex.org/W3099773647","https://openalex.org/W1745773915","https://openalex.org/W2765820957","https://openalex.org/W2311131113","https://openalex.org/W4367595269","https://openalex.org/W2294212083","https://openalex.org/W2466726934","https://openalex.org/W2404899166","https://openalex.org/W597258566"],"abstract_inverted_index":{"On":[0],"modern":[1],"operating":[2],"systems,":[3],"applications":[4],"under":[5,199,203],"the":[6,15,26,55,58,77,94,111,116,127,137,145,153,159,162,178,194,215,234,260,263,270,293],"same":[7],"user":[8,191,197],"are":[9,212],"separated":[10],"from":[11],"each":[12],"other,":[13],"for":[14,147],"purpose":[16],"of":[17,28,42,79,82,156,161,217,236,256,262],"protecting":[18],"them":[19],"against":[20,39],"malware":[21,138,180],"and":[22,71,119,123,130,150,152,196,201,219,239],"compromised":[23],"programs.":[24],"Given":[25],"complexity":[27],"today's":[29],"OSes,":[30],"less":[31],"clear":[32],"is":[33,37,247],"whether":[34,244],"such":[35,141],"isolation":[36],"effective":[38],"different":[40],"kind":[41],"cross-app":[43],"resource":[44],"access":[45,100],"attacks":[46],"(called":[47],"XARA":[48],"in":[49,249],"our":[50],"research).":[51],"To":[52,222],"better":[53,223],"understand":[54,224],"problem,":[56],"on":[57,68,121,126,165,254,286],"less-studied":[59],"Apple":[60,95,184,267],"platforms,":[61],"we":[62,108,227,258,277],"conducted":[63],"a":[64,80,88,188,229,279],"systematic":[65],"security":[66,84],"analysis":[67],"MAC":[69,128,237],"OS~X":[70,122,166],"iOS.":[72],"Our":[73],"research":[74],"leads":[75],"to":[76,97,101,139,169,177,242],"discovery":[78],"series":[81],"high-impact":[83,266],"weaknesses,":[85],"which":[86],"enable":[87],"sandboxed":[89,179],"malicious":[90],"app,":[91],"approved":[92],"by":[93,136,214],"Stores,":[96],"gain":[98],"unauthorized":[99],"other":[102],"apps'":[103],"sensitive":[104,190],"data.":[105],"More":[106],"specifically,":[107],"found":[109,168],"that":[110,181,231,282],"inter-app":[112],"interaction":[113],"services,":[114],"including":[115],"keychain,":[117],"WebSocket":[118],"NSConnection":[120],"URL":[124],"Scheme":[125],"OS":[129,238],"iOS,":[131],"can":[132,295],"all":[133,206],"be":[134,170,274,296],"exploited":[135],"steal":[140],"confidential":[142],"information":[143],"as":[144],"passwords":[146],"iCloud,":[148],"email":[149],"bank,":[151],"secret":[154],"token":[155],"Evernote.":[157],"Further,":[158],"design":[160],"app":[163],"sandbox":[164],"was":[167],"vulnerable,":[171],"exposing":[172],"an":[173],"app's":[174],"private":[175],"directory":[176],"hijacks":[182],"its":[183],"Bundle":[185],"ID.":[186],"As":[187],"result,":[189],"data,":[192],"like":[193],"notes":[195],"contacts":[198],"Evernote":[200],"photos":[202],"WeChat,":[204],"have":[205],"been":[207],"disclosed.":[208],"Fundamentally,":[209],"these":[210],"problems":[211,294],"caused":[213],"lack":[216],"app-to-app":[218],"app-to-OS":[220],"authentications.":[221],"their":[225,250],"impacts,":[226],"developed":[228],"scanner":[230],"automatically":[232],"analyzes":[233],"binaries":[235],"iOS":[240],"apps":[241,291],"determine":[243],"proper":[245],"protection":[246],"missing":[248],"code.":[251],"Running":[252],"it":[253],"hundreds":[255],"binaries,":[257],"confirmed":[259],"pervasiveness":[261],"weaknesses":[264],"among":[265],"apps.":[268],"Since":[269],"issues":[271],"may":[272],"not":[273],"easily":[275],"fixed,":[276],"built":[278],"simple":[280],"program":[281],"detects":[283],"exploit":[284],"attempts":[285],"OS~X,":[287],"helping":[288],"protect":[289],"vulnerable":[290],"before":[292],"fully":[297],"addressed.":[298]},"counts_by_year":[{"year":2025,"cited_by_count":1},{"year":2022,"cited_by_count":1},{"year":2021,"cited_by_count":2},{"year":2020,"cited_by_count":4},{"year":2019,"cited_by_count":7},{"year":2018,"cited_by_count":7},{"year":2017,"cited_by_count":5},{"year":2016,"cited_by_count":5}],"updated_date":"2025-11-06T03:46:38.306776","created_date":"2025-10-10T00:00:00"}