{"id":"https://openalex.org/W2536021772","doi":"https://doi.org/10.1145/2976749.2978322","title":"Draco","display_name":"Draco","publication_year":2016,"publication_date":"2016-10-24","ids":{"openalex":"https://openalex.org/W2536021772","doi":"https://doi.org/10.1145/2976749.2978322","mag":"2536021772"},"language":"en","primary_location":{"id":"doi:10.1145/2976749.2978322","is_oa":true,"landing_page_url":"https://doi.org/10.1145/2976749.2978322","pdf_url":"http://dl.acm.org/ft_gateway.cfm?id=2978322&type=pdf","source":null,"license":null,"license_id":null,"version":"publishedVersion","is_accepted":true,"is_published":true,"raw_source_name":"Proceedings of the 2016 ACM SIGSAC Conference on Computer and Communications Security","raw_type":"proceedings-article"},"type":"article","indexed_in":["crossref"],"open_access":{"is_oa":true,"oa_status":"gold","oa_url":"http://dl.acm.org/ft_gateway.cfm?id=2978322&type=pdf","any_repository_has_fulltext":null},"authorships":[{"author_position":"first","author":{"id":"https://openalex.org/A5062234261","display_name":"G\u00fcliz Seray Tuncay","orcid":"https://orcid.org/0009-0003-5472-141X"},"institutions":[{"id":"https://openalex.org/I157725225","display_name":"University of Illinois Urbana-Champaign","ror":"https://ror.org/047426m28","country_code":"US","type":"education","lineage":["https://openalex.org/I157725225"]}],"countries":["US"],"is_corresponding":true,"raw_author_name":"Guliz Seray Tuncay","raw_affiliation_strings":["University of Illinois at Urbana-Champaign, Urbana, IL, USA"],"affiliations":[{"raw_affiliation_string":"University of Illinois at Urbana-Champaign, Urbana, IL, USA","institution_ids":["https://openalex.org/I157725225"]}]},{"author_position":"middle","author":{"id":"https://openalex.org/A5007503250","display_name":"Soteris Demetriou","orcid":"https://orcid.org/0000-0003-0318-9171"},"institutions":[{"id":"https://openalex.org/I157725225","display_name":"University of Illinois Urbana-Champaign","ror":"https://ror.org/047426m28","country_code":"US","type":"education","lineage":["https://openalex.org/I157725225"]}],"countries":["US"],"is_corresponding":false,"raw_author_name":"Soteris Demetriou","raw_affiliation_strings":["University of Illinois at Urbana-Champaign, Urbana, IL, USA"],"affiliations":[{"raw_affiliation_string":"University of Illinois at Urbana-Champaign, Urbana, IL, USA","institution_ids":["https://openalex.org/I157725225"]}]},{"author_position":"last","author":{"id":"https://openalex.org/A5031954035","display_name":"Carl A. Gunter","orcid":"https://orcid.org/0009-0006-6943-0684"},"institutions":[{"id":"https://openalex.org/I157725225","display_name":"University of Illinois Urbana-Champaign","ror":"https://ror.org/047426m28","country_code":"US","type":"education","lineage":["https://openalex.org/I157725225"]}],"countries":["US"],"is_corresponding":false,"raw_author_name":"Carl A. Gunter","raw_affiliation_strings":["University of Illinois at Urbana-Champaign, Urbana, IL, USA"],"affiliations":[{"raw_affiliation_string":"University of Illinois at Urbana-Champaign, Urbana, IL, USA","institution_ids":["https://openalex.org/I157725225"]}]}],"institutions":[],"countries_distinct_count":1,"institutions_distinct_count":3,"corresponding_author_ids":["https://openalex.org/A5062234261"],"corresponding_institution_ids":["https://openalex.org/I157725225"],"apc_list":null,"apc_paid":null,"fwci":3.5659,"has_fulltext":true,"cited_by_count":33,"citation_normalized_percentile":{"value":0.93844802,"is_in_top_1_percent":false,"is_in_top_10_percent":true},"cited_by_percentile_year":{"min":90,"max":99},"biblio":{"volume":null,"issue":null,"first_page":"104","last_page":"115"},"is_retracted":false,"is_paratext":false,"is_xpac":false,"primary_topic":{"id":"https://openalex.org/T11241","display_name":"Advanced Malware Detection Techniques","score":0.9998999834060669,"subfield":{"id":"https://openalex.org/subfields/1711","display_name":"Signal Processing"},"field":{"id":"https://openalex.org/fields/17","display_name":"Computer Science"},"domain":{"id":"https://openalex.org/domains/3","display_name":"Physical Sciences"}},"topics":[{"id":"https://openalex.org/T11241","display_name":"Advanced Malware Detection Techniques","score":0.9998999834060669,"subfield":{"id":"https://openalex.org/subfields/1711","display_name":"Signal Processing"},"field":{"id":"https://openalex.org/fields/17","display_name":"Computer Science"},"domain":{"id":"https://openalex.org/domains/3","display_name":"Physical Sciences"}},{"id":"https://openalex.org/T10743","display_name":"Software Testing and Debugging Techniques","score":0.9889000058174133,"subfield":{"id":"https://openalex.org/subfields/1712","display_name":"Software"},"field":{"id":"https://openalex.org/fields/17","display_name":"Computer Science"},"domain":{"id":"https://openalex.org/domains/3","display_name":"Physical Sciences"}},{"id":"https://openalex.org/T11424","display_name":"Security and Verification in Computing","score":0.9842000007629395,"subfield":{"id":"https://openalex.org/subfields/1702","display_name":"Artificial Intelligence"},"field":{"id":"https://openalex.org/fields/17","display_name":"Computer Science"},"domain":{"id":"https://openalex.org/domains/3","display_name":"Physical Sciences"}}],"keywords":[{"id":"https://openalex.org/keywords/javascript","display_name":"JavaScript","score":0.868364691734314},{"id":"https://openalex.org/keywords/computer-science","display_name":"Computer science","score":0.7910579442977905},{"id":"https://openalex.org/keywords/android","display_name":"Android (operating system)","score":0.7052730321884155},{"id":"https://openalex.org/keywords/world-wide-web","display_name":"World Wide Web","score":0.6274747252464294},{"id":"https://openalex.org/keywords/web-application","display_name":"Web application","score":0.5796980857849121},{"id":"https://openalex.org/keywords/web-page","display_name":"Web page","score":0.5300811529159546},{"id":"https://openalex.org/keywords/web-browser","display_name":"Web browser","score":0.5099581480026245},{"id":"https://openalex.org/keywords/operating-system","display_name":"Operating system","score":0.3425624966621399},{"id":"https://openalex.org/keywords/the-internet","display_name":"The Internet","score":0.22349092364311218}],"concepts":[{"id":"https://openalex.org/C544833334","wikidata":"https://www.wikidata.org/wiki/Q2005","display_name":"JavaScript","level":2,"score":0.868364691734314},{"id":"https://openalex.org/C41008148","wikidata":"https://www.wikidata.org/wiki/Q21198","display_name":"Computer science","level":0,"score":0.7910579442977905},{"id":"https://openalex.org/C557433098","wikidata":"https://www.wikidata.org/wiki/Q94","display_name":"Android (operating system)","level":2,"score":0.7052730321884155},{"id":"https://openalex.org/C136764020","wikidata":"https://www.wikidata.org/wiki/Q466","display_name":"World Wide Web","level":1,"score":0.6274747252464294},{"id":"https://openalex.org/C118643609","wikidata":"https://www.wikidata.org/wiki/Q189210","display_name":"Web application","level":2,"score":0.5796980857849121},{"id":"https://openalex.org/C21959979","wikidata":"https://www.wikidata.org/wiki/Q36774","display_name":"Web page","level":2,"score":0.5300811529159546},{"id":"https://openalex.org/C2983909278","wikidata":"https://www.wikidata.org/wiki/Q6368","display_name":"Web browser","level":3,"score":0.5099581480026245},{"id":"https://openalex.org/C111919701","wikidata":"https://www.wikidata.org/wiki/Q9135","display_name":"Operating system","level":1,"score":0.3425624966621399},{"id":"https://openalex.org/C110875604","wikidata":"https://www.wikidata.org/wiki/Q75","display_name":"The Internet","level":2,"score":0.22349092364311218}],"mesh":[],"locations_count":1,"locations":[{"id":"doi:10.1145/2976749.2978322","is_oa":true,"landing_page_url":"https://doi.org/10.1145/2976749.2978322","pdf_url":"http://dl.acm.org/ft_gateway.cfm?id=2978322&type=pdf","source":null,"license":null,"license_id":null,"version":"publishedVersion","is_accepted":true,"is_published":true,"raw_source_name":"Proceedings of the 2016 ACM SIGSAC Conference on Computer and Communications Security","raw_type":"proceedings-article"}],"best_oa_location":{"id":"doi:10.1145/2976749.2978322","is_oa":true,"landing_page_url":"https://doi.org/10.1145/2976749.2978322","pdf_url":"http://dl.acm.org/ft_gateway.cfm?id=2978322&type=pdf","source":null,"license":null,"license_id":null,"version":"publishedVersion","is_accepted":true,"is_published":true,"raw_source_name":"Proceedings of the 2016 ACM SIGSAC Conference on Computer and Communications Security","raw_type":"proceedings-article"},"sustainable_development_goals":[],"awards":[{"id":"https://openalex.org/G636339268","display_name":null,"funder_award_id":"CNS 12-23967, 14-08944, 15-13939","funder_id":"https://openalex.org/F4320306076","funder_display_name":"National Science Foundation"}],"funders":[{"id":"https://openalex.org/F4320306076","display_name":"National Science Foundation","ror":"https://ror.org/021nxhr62"}],"has_content":{"pdf":true,"grobid_xml":true},"content_urls":{"pdf":"https://content.openalex.org/works/W2536021772.pdf","grobid_xml":"https://content.openalex.org/works/W2536021772.grobid-xml"},"referenced_works_count":20,"referenced_works":["https://openalex.org/W36948825","https://openalex.org/W187285683","https://openalex.org/W1493914388","https://openalex.org/W1806586425","https://openalex.org/W1969357379","https://openalex.org/W2066428817","https://openalex.org/W2119249378","https://openalex.org/W2140095007","https://openalex.org/W2143599789","https://openalex.org/W2148009765","https://openalex.org/W2167661907","https://openalex.org/W2248426850","https://openalex.org/W2399762640","https://openalex.org/W2404526437","https://openalex.org/W2468282407","https://openalex.org/W2573983983","https://openalex.org/W2949838346","https://openalex.org/W4301861397","https://openalex.org/W6638668378","https://openalex.org/W6691502292"],"related_works":["https://openalex.org/W2808406842","https://openalex.org/W2914791830","https://openalex.org/W2795601048","https://openalex.org/W2403324299","https://openalex.org/W2621177934","https://openalex.org/W4286287737","https://openalex.org/W3009852816","https://openalex.org/W2513223212","https://openalex.org/W42576273","https://openalex.org/W1844100222"],"abstract_inverted_index":{"In-app":[0],"embedded":[1,29,93,161,197],"browsers":[2,30,163,198],"are":[3,122],"commonly":[4],"used":[5],"by":[6],"app":[7,53,75,102,173,260],"developers":[8,76,209],"to":[9,15,19,46,51,77,97,149,171,210,213,246,261],"display":[10],"web":[11,21,27,36,48,88,162,192,220],"content":[12],"without":[13],"having":[14],"redirect":[16],"the":[17,25,33,83,100,134,215,233,247,255,268,269,282],"user":[18],"heavy-weight":[20],"browsers.":[22],"Just":[23],"like":[24],"conventional":[26],"browsers,":[28],"can":[31],"allow":[32],"execution":[34],"of":[35,136,219,267,284],"code.":[37],"In":[38,143,235],"addition,":[39],"they":[40],"provide":[41,150],"mechanisms":[42],"(viz.,":[43,199],"JavaScript":[44,84,137],"bridges)":[45],"give":[47,169],"code":[49,54,89,193],"access":[50,80,113,170,188,217],"internal":[52,172],"that":[55,108,116,121,139,154,159,168,207,230,274],"might":[56],"implement":[57,252],"critical":[58],"functionalities":[59],"and":[60,86,103,164,174,186,226,251],"expose":[61,140],"device":[62,104,175],"resources.":[63,105,142,176],"This":[64],"is":[65,70,95,148,280],"intrinsically":[66],"dangerous":[67],"since":[68],"there":[69],"currently":[71],"no":[72],"means":[73],"for":[74,119,156,191],"perform":[78],"origin-based":[79],"control":[81,114,189],"on":[82,131,195],"bridges,":[85],"any":[87,244],"running":[90,194],"in":[91,222,254,281],"an":[92],"browser":[94],"free":[96],"use":[98],"all":[99,157,166],"exposed":[101],"Previous":[106],"work":[107,117],"addresses":[109],"this":[110,144,179],"problem":[111],"provided":[112],"solutions":[115,129],"only":[118,133],"apps":[120,158],"built":[123,182],"using":[124],"hybrid":[125],"frameworks.":[126],"Additionally,":[127],"these":[128],"focused":[130],"protecting":[132],"parts":[135],"bridges":[138],"permissions-protected":[141],"work,":[145,239],"our":[146],"goal":[147],"a":[151,184,203,223,227],"generic":[152],"solution":[153],"works":[155],"utilize":[160],"protects":[165],"channels":[167],"Towards":[177],"realizing":[178],"goal,":[180],"we":[181,240],"Draco,":[183],"uniform":[185],"fine-grained":[187,224],"framework":[190],"Android":[196,248,257],"WebView).":[200],"Draco":[201,253,270,275],"provides":[202],"declarative":[204],"policy":[205],"language":[206],"allows":[208],"define":[211],"policies":[212],"specify":[214],"desired":[216],"characteristics":[218],"origins":[221],"fashion,":[225],"runtime":[228,271],"system":[229,272],"dynamically":[231],"enforces":[232],"policies.":[234],"contrast":[236],"with":[237],"previous":[238],"do":[241],"not":[242],"assume":[243],"modifications":[245],"operating":[249],"system,":[250],"Chromium":[256],"System":[258],"WebView":[259],"enable":[262],"seamless":[263],"deployment.":[264],"Our":[265],"evaluation":[266],"shows":[273],"incurs":[276],"negligible":[277],"overhead,":[278],"which":[279],"order":[283],"microseconds.":[285]},"counts_by_year":[{"year":2025,"cited_by_count":1},{"year":2024,"cited_by_count":5},{"year":2023,"cited_by_count":1},{"year":2022,"cited_by_count":2},{"year":2021,"cited_by_count":6},{"year":2020,"cited_by_count":4},{"year":2019,"cited_by_count":1},{"year":2018,"cited_by_count":8},{"year":2017,"cited_by_count":5}],"updated_date":"2026-04-04T16:13:02.066488","created_date":"2016-10-28T00:00:00"}