{"id":"https://openalex.org/W2532435403","doi":"https://doi.org/10.1145/2976749.2978336","title":"SandScout","display_name":"SandScout","publication_year":2016,"publication_date":"2016-10-24","ids":{"openalex":"https://openalex.org/W2532435403","doi":"https://doi.org/10.1145/2976749.2978336","mag":"2532435403"},"language":"en","primary_location":{"id":"doi:10.1145/2976749.2978336","is_oa":true,"landing_page_url":"https://doi.org/10.1145/2976749.2978336","pdf_url":"http://dl.acm.org/ft_gateway.cfm?id=2978336&type=pdf","source":null,"license":null,"license_id":null,"version":"publishedVersion","is_accepted":true,"is_published":true,"raw_source_name":"Proceedings of the 2016 ACM SIGSAC Conference on Computer and Communications Security","raw_type":"proceedings-article"},"type":"article","indexed_in":["crossref"],"open_access":{"is_oa":true,"oa_status":"gold","oa_url":"http://dl.acm.org/ft_gateway.cfm?id=2978336&type=pdf","any_repository_has_fulltext":null},"authorships":[{"author_position":"first","author":{"id":"https://openalex.org/A5046111765","display_name":"Luke Deshotels","orcid":null},"institutions":[{"id":"https://openalex.org/I137902535","display_name":"North Carolina State University","ror":"https://ror.org/04tj63d06","country_code":"US","type":"education","lineage":["https://openalex.org/I137902535"]}],"countries":["US"],"is_corresponding":true,"raw_author_name":"Luke Deshotels","raw_affiliation_strings":["North Carolina State University, Raleigh, USA"],"affiliations":[{"raw_affiliation_string":"North Carolina State University, Raleigh, USA","institution_ids":["https://openalex.org/I137902535"]}]},{"author_position":"middle","author":{"id":"https://openalex.org/A5072899308","display_name":"R\u0103zvan Deaconescu","orcid":"https://orcid.org/0000-0001-8287-1712"},"institutions":[{"id":"https://openalex.org/I61641377","display_name":"Universitatea Na\u021bional\u0103 de \u0218tiin\u021b\u0103 \u0219i Tehnologie Politehnica Bucure\u0219ti","ror":"https://ror.org/0558j5q12","country_code":"RO","type":"education","lineage":["https://openalex.org/I61641377"]}],"countries":["RO"],"is_corresponding":false,"raw_author_name":"Razvan Deaconescu","raw_affiliation_strings":["University POLITEHNICA of Bucharest, Bucharest, Romania"],"affiliations":[{"raw_affiliation_string":"University POLITEHNICA of Bucharest, Bucharest, Romania","institution_ids":["https://openalex.org/I61641377"]}]},{"author_position":"middle","author":{"id":"https://openalex.org/A5089215288","display_name":"Mihai Chiroiu","orcid":null},"institutions":[{"id":"https://openalex.org/I61641377","display_name":"Universitatea Na\u021bional\u0103 de \u0218tiin\u021b\u0103 \u0219i Tehnologie Politehnica Bucure\u0219ti","ror":"https://ror.org/0558j5q12","country_code":"RO","type":"education","lineage":["https://openalex.org/I61641377"]}],"countries":["RO"],"is_corresponding":false,"raw_author_name":"Mihai Chiroiu","raw_affiliation_strings":["University POLITEHNICA of Bucharest, Bucharest, Romania"],"affiliations":[{"raw_affiliation_string":"University POLITEHNICA of Bucharest, Bucharest, Romania","institution_ids":["https://openalex.org/I61641377"]}]},{"author_position":"middle","author":{"id":"https://openalex.org/A5089242868","display_name":"Lucas Davi","orcid":"https://orcid.org/0000-0002-7322-2777"},"institutions":[{"id":"https://openalex.org/I31512782","display_name":"Technical University of Darmstadt","ror":"https://ror.org/05n911h24","country_code":"DE","type":"education","lineage":["https://openalex.org/I31512782"]}],"countries":["DE"],"is_corresponding":false,"raw_author_name":"Lucas Davi","raw_affiliation_strings":["Technische Universitat Darmstadt, Germany, Darmstadt, Germany"],"affiliations":[{"raw_affiliation_string":"Technische Universitat Darmstadt, Germany, Darmstadt, Germany","institution_ids":["https://openalex.org/I31512782"]}]},{"author_position":"middle","author":{"id":"https://openalex.org/A5024034310","display_name":"William Enck","orcid":"https://orcid.org/0000-0002-3043-8092"},"institutions":[{"id":"https://openalex.org/I137902535","display_name":"North Carolina State University","ror":"https://ror.org/04tj63d06","country_code":"US","type":"education","lineage":["https://openalex.org/I137902535"]}],"countries":["US"],"is_corresponding":false,"raw_author_name":"William Enck","raw_affiliation_strings":["North Carolina State University, Raleigh, USA"],"affiliations":[{"raw_affiliation_string":"North Carolina State University, Raleigh, USA","institution_ids":["https://openalex.org/I137902535"]}]},{"author_position":"last","author":{"id":"https://openalex.org/A5079497016","display_name":"Ahmad\u2010Reza Sadeghi","orcid":"https://orcid.org/0000-0001-6833-3598"},"institutions":[{"id":"https://openalex.org/I31512782","display_name":"Technical University of Darmstadt","ror":"https://ror.org/05n911h24","country_code":"DE","type":"education","lineage":["https://openalex.org/I31512782"]}],"countries":["DE"],"is_corresponding":false,"raw_author_name":"Ahmad-Reza Sadeghi","raw_affiliation_strings":["Technische Universitat Darmstadt, Germany, Darmstadt, Germany"],"affiliations":[{"raw_affiliation_string":"Technische Universitat Darmstadt, Germany, Darmstadt, Germany","institution_ids":["https://openalex.org/I31512782"]}]}],"institutions":[],"countries_distinct_count":3,"institutions_distinct_count":6,"corresponding_author_ids":["https://openalex.org/A5046111765"],"corresponding_institution_ids":["https://openalex.org/I137902535"],"apc_list":null,"apc_paid":null,"fwci":2.5458,"has_fulltext":true,"cited_by_count":17,"citation_normalized_percentile":{"value":0.90597941,"is_in_top_1_percent":false,"is_in_top_10_percent":true},"cited_by_percentile_year":{"min":89,"max":98},"biblio":{"volume":null,"issue":null,"first_page":"704","last_page":"716"},"is_retracted":false,"is_paratext":false,"is_xpac":false,"primary_topic":{"id":"https://openalex.org/T11241","display_name":"Advanced Malware Detection Techniques","score":1.0,"subfield":{"id":"https://openalex.org/subfields/1711","display_name":"Signal Processing"},"field":{"id":"https://openalex.org/fields/17","display_name":"Computer Science"},"domain":{"id":"https://openalex.org/domains/3","display_name":"Physical Sciences"}},"topics":[{"id":"https://openalex.org/T11241","display_name":"Advanced Malware Detection Techniques","score":1.0,"subfield":{"id":"https://openalex.org/subfields/1711","display_name":"Signal Processing"},"field":{"id":"https://openalex.org/fields/17","display_name":"Computer Science"},"domain":{"id":"https://openalex.org/domains/3","display_name":"Physical Sciences"}},{"id":"https://openalex.org/T11424","display_name":"Security and Verification in Computing","score":0.9993000030517578,"subfield":{"id":"https://openalex.org/subfields/1702","display_name":"Artificial Intelligence"},"field":{"id":"https://openalex.org/fields/17","display_name":"Computer Science"},"domain":{"id":"https://openalex.org/domains/3","display_name":"Physical Sciences"}},{"id":"https://openalex.org/T12479","display_name":"Web Application Security Vulnerabilities","score":0.9962000250816345,"subfield":{"id":"https://openalex.org/subfields/1710","display_name":"Information Systems"},"field":{"id":"https://openalex.org/fields/17","display_name":"Computer Science"},"domain":{"id":"https://openalex.org/domains/3","display_name":"Physical Sciences"}}],"keywords":[{"id":"https://openalex.org/keywords/sandbox","display_name":"Sandbox (software development)","score":0.9907721877098083},{"id":"https://openalex.org/keywords/vetting","display_name":"Vetting","score":0.926594614982605},{"id":"https://openalex.org/keywords/computer-science","display_name":"Computer science","score":0.7745445966720581},{"id":"https://openalex.org/keywords/prolog","display_name":"Prolog","score":0.5655975341796875},{"id":"https://openalex.org/keywords/computer-security","display_name":"Computer security","score":0.5110331773757935},{"id":"https://openalex.org/keywords/container","display_name":"Container (type theory)","score":0.5054900646209717},{"id":"https://openalex.org/keywords/code","display_name":"Code (set theory)","score":0.41752728819847107},{"id":"https://openalex.org/keywords/programming-language","display_name":"Programming language","score":0.35559722781181335},{"id":"https://openalex.org/keywords/world-wide-web","display_name":"World Wide Web","score":0.3258175253868103},{"id":"https://openalex.org/keywords/operating-system","display_name":"Operating system","score":0.22068539261817932},{"id":"https://openalex.org/keywords/set","display_name":"Set (abstract data type)","score":0.07676172256469727},{"id":"https://openalex.org/keywords/engineering","display_name":"Engineering","score":0.07238420844078064}],"concepts":[{"id":"https://openalex.org/C167981075","wikidata":"https://www.wikidata.org/wiki/Q2667186","display_name":"Sandbox (software development)","level":2,"score":0.9907721877098083},{"id":"https://openalex.org/C2777230681","wikidata":"https://www.wikidata.org/wiki/Q7923820","display_name":"Vetting","level":2,"score":0.926594614982605},{"id":"https://openalex.org/C41008148","wikidata":"https://www.wikidata.org/wiki/Q21198","display_name":"Computer science","level":0,"score":0.7745445966720581},{"id":"https://openalex.org/C81721847","wikidata":"https://www.wikidata.org/wiki/Q163468","display_name":"Prolog","level":2,"score":0.5655975341796875},{"id":"https://openalex.org/C38652104","wikidata":"https://www.wikidata.org/wiki/Q3510521","display_name":"Computer security","level":1,"score":0.5110331773757935},{"id":"https://openalex.org/C2781018962","wikidata":"https://www.wikidata.org/wiki/Q5164884","display_name":"Container (type theory)","level":2,"score":0.5054900646209717},{"id":"https://openalex.org/C2776760102","wikidata":"https://www.wikidata.org/wiki/Q5139990","display_name":"Code (set theory)","level":3,"score":0.41752728819847107},{"id":"https://openalex.org/C199360897","wikidata":"https://www.wikidata.org/wiki/Q9143","display_name":"Programming language","level":1,"score":0.35559722781181335},{"id":"https://openalex.org/C136764020","wikidata":"https://www.wikidata.org/wiki/Q466","display_name":"World Wide Web","level":1,"score":0.3258175253868103},{"id":"https://openalex.org/C111919701","wikidata":"https://www.wikidata.org/wiki/Q9135","display_name":"Operating system","level":1,"score":0.22068539261817932},{"id":"https://openalex.org/C177264268","wikidata":"https://www.wikidata.org/wiki/Q1514741","display_name":"Set (abstract data type)","level":2,"score":0.07676172256469727},{"id":"https://openalex.org/C127413603","wikidata":"https://www.wikidata.org/wiki/Q11023","display_name":"Engineering","level":0,"score":0.07238420844078064},{"id":"https://openalex.org/C78519656","wikidata":"https://www.wikidata.org/wiki/Q101333","display_name":"Mechanical engineering","level":1,"score":0.0}],"mesh":[],"locations_count":1,"locations":[{"id":"doi:10.1145/2976749.2978336","is_oa":true,"landing_page_url":"https://doi.org/10.1145/2976749.2978336","pdf_url":"http://dl.acm.org/ft_gateway.cfm?id=2978336&type=pdf","source":null,"license":null,"license_id":null,"version":"publishedVersion","is_accepted":true,"is_published":true,"raw_source_name":"Proceedings of the 2016 ACM SIGSAC Conference on Computer and Communications Security","raw_type":"proceedings-article"}],"best_oa_location":{"id":"doi:10.1145/2976749.2978336","is_oa":true,"landing_page_url":"https://doi.org/10.1145/2976749.2978336","pdf_url":"http://dl.acm.org/ft_gateway.cfm?id=2978336&type=pdf","source":null,"license":null,"license_id":null,"version":"publishedVersion","is_accepted":true,"is_published":true,"raw_source_name":"Proceedings of the 2016 ACM SIGSAC Conference on Computer and Communications Security","raw_type":"proceedings-article"},"sustainable_development_goals":[{"display_name":"Peace, Justice and strong institutions","id":"https://metadata.un.org/sdg/16","score":0.800000011920929}],"awards":[{"id":"https://openalex.org/G277512886","display_name":null,"funder_award_id":"W911NF-16-1-0299,W911NF-14-1-0537","funder_id":"https://openalex.org/F4320338281","funder_display_name":"Army Research Office"},{"id":"https://openalex.org/G3366966419","display_name":null,"funder_award_id":"W911NF-16-1","funder_id":"https://openalex.org/F4320338281","funder_display_name":"Army Research Office"},{"id":"https://openalex.org/G3424441068","display_name":null,"funder_award_id":"W911NF-14-1","funder_id":"https://openalex.org/F4320338281","funder_display_name":"Army Research Office"},{"id":"https://openalex.org/G3981126665","display_name":null,"funder_award_id":"Seventh Framework Programme","funder_id":"https://openalex.org/F4320320300","funder_display_name":"European Commission"},{"id":"https://openalex.org/G4143225217","display_name":null,"funder_award_id":"W911NF-16-1-0299","funder_id":"https://openalex.org/F4320338281","funder_display_name":"Army Research Office"},{"id":"https://openalex.org/G4351222689","display_name":null,"funder_award_id":"CRC1119","funder_id":"https://openalex.org/F4320320879","funder_display_name":"Deutsche Forschungsgemeinschaft"},{"id":"https://openalex.org/G4956763309","display_name":null,"funder_award_id":"CRISP","funder_id":"https://openalex.org/F4320321114","funder_display_name":"Bundesministerium f\u00fcr Bildung und Forschung"},{"id":"https://openalex.org/G5452878729","display_name":null,"funder_award_id":"643964","funder_id":"https://openalex.org/F4320320300","funder_display_name":"European Commission"},{"id":"https://openalex.org/G657448715","display_name":null,"funder_award_id":"W911NF-16-1-","funder_id":"https://openalex.org/F4320338281","funder_display_name":"Army Research Office"},{"id":"https://openalex.org/G7145350082","display_name":"CAREER: Secure OS Views for Modern Computing Platforms","funder_award_id":"1253346","funder_id":"https://openalex.org/F4320306076","funder_display_name":"National Science Foundation"},{"id":"https://openalex.org/G7225624288","display_name":null,"funder_award_id":"This work was","funder_id":"https://openalex.org/F4320321114","funder_display_name":"Bundesministerium f\u00fcr Bildung und Forschung"},{"id":"https://openalex.org/G7263572847","display_name":null,"funder_award_id":"643964","funder_id":"https://openalex.org/F4320334960","funder_display_name":"Seventh Framework Programme"},{"id":"https://openalex.org/G7452299184","display_name":null,"funder_award_id":"W911NF","funder_id":"https://openalex.org/F4320338281","funder_display_name":"Army Research Office"},{"id":"https://openalex.org/G7730874732","display_name":null,"funder_award_id":"CNS-1253346","funder_id":"https://openalex.org/F4320306076","funder_display_name":"National Science Foundation"},{"id":"https://openalex.org/G8912956372","display_name":"Weil-\u00e9tale cohomology and Deninger's dynamical system","funder_award_id":"253346","funder_id":"https://openalex.org/F4320320300","funder_display_name":"European Commission"},{"id":"https://openalex.org/G8998121839","display_name":null,"funder_award_id":"911NF","funder_id":"https://openalex.org/F4320338281","funder_display_name":"Army Research Office"}],"funders":[{"id":"https://openalex.org/F4320306076","display_name":"National Science Foundation","ror":"https://ror.org/021nxhr62"},{"id":"https://openalex.org/F4320320300","display_name":"European Commission","ror":"https://ror.org/00k4n6c32"},{"id":"https://openalex.org/F4320320879","display_name":"Deutsche Forschungsgemeinschaft","ror":"https://ror.org/018mejw64"},{"id":"https://openalex.org/F4320321114","display_name":"Bundesministerium f\u00fcr Bildung und Forschung","ror":"https://ror.org/04pz7b180"},{"id":"https://openalex.org/F4320334960","display_name":"Seventh Framework Programme","ror":"https://ror.org/00k4n6c32"},{"id":"https://openalex.org/F4320338281","display_name":"Army Research Office","ror":"https://ror.org/05epdh915"}],"has_content":{"pdf":true,"grobid_xml":true},"content_urls":{"pdf":"https://content.openalex.org/works/W2532435403.pdf","grobid_xml":"https://content.openalex.org/works/W2532435403.grobid-xml"},"referenced_works_count":25,"referenced_works":["https://openalex.org/W109911468","https://openalex.org/W154231405","https://openalex.org/W781283046","https://openalex.org/W1425914613","https://openalex.org/W1454815643","https://openalex.org/W1481758559","https://openalex.org/W1512458425","https://openalex.org/W1555215938","https://openalex.org/W1953670109","https://openalex.org/W1975197166","https://openalex.org/W1977634174","https://openalex.org/W1989734217","https://openalex.org/W2025115771","https://openalex.org/W2048714945","https://openalex.org/W2053343487","https://openalex.org/W2143492458","https://openalex.org/W2155678180","https://openalex.org/W2161533689","https://openalex.org/W2165269684","https://openalex.org/W2232411669","https://openalex.org/W2235876906","https://openalex.org/W2294481702","https://openalex.org/W2397986719","https://openalex.org/W2516747684","https://openalex.org/W2611950219"],"related_works":["https://openalex.org/W3137893487","https://openalex.org/W2588786532","https://openalex.org/W2169930420","https://openalex.org/W2108865840","https://openalex.org/W2802914690","https://openalex.org/W4248793399","https://openalex.org/W3120410482","https://openalex.org/W2980021769","https://openalex.org/W2769878339","https://openalex.org/W3049198170"],"abstract_inverted_index":{"Recent":[0],"literature":[1],"on":[2,7],"iOS":[3,29,55,71,93],"security":[4,85],"has":[5],"focused":[6],"the":[8,49,54,61,88,132],"malicious":[9,39],"potential":[10],"of":[11,53,87,99,110,134,140],"third-party":[12,42],"applications,":[13],"demonstrating":[14],"how":[15],"developers":[16],"can":[17],"bypass":[18],"application":[19],"vetting":[20],"and":[21,69,95,121],"code-level":[22],"protections.":[23],"In":[24,44],"addition":[25],"to":[26,37,64,82,117],"these":[27,119],"protections,":[28],"uses":[30],"a":[31,128],"generic":[32],"sandbox":[33,57,72,90,135],"profile":[34,91],"called":[35],"\"container\"":[36],"confine":[38],"or":[40],"exploited":[41],"applications.":[43],"this":[45],"paper,":[46],"we":[47,122],"present":[48],"first":[50],"systematic":[51],"analysis":[52],"container":[56,89],"profile.":[58],"We":[59,77,112],"propose":[60],"SandScout":[62,125],"framework":[63],"extract,":[65],"decompile,":[66],"formally":[67],"model,":[68],"analyze":[70],"profiles":[73,136],"as":[74],"logic-based":[75],"programs.":[76],"use":[78],"our":[79],"Prolog-based":[80],"queries":[81],"evaluate":[83],"file-based":[84],"properties":[86],"for":[92,137],"9.0.2":[94],"discover":[96],"seven":[97],"classes":[98],"exploitable":[100],"vulnerabilities.":[101],"These":[102],"attacks":[103],"affect":[104],"non-jailbroken":[105],"devices":[106],"running":[107],"later":[108],"versions":[109,139],"iOS.":[111,141],"are":[113],"working":[114],"with":[115],"Apple":[116],"resolve":[118],"attacks,":[120],"expect":[123],"that":[124],"will":[126],"play":[127],"significant":[129],"role":[130],"in":[131],"development":[133],"future":[138]},"counts_by_year":[{"year":2025,"cited_by_count":3},{"year":2024,"cited_by_count":1},{"year":2021,"cited_by_count":1},{"year":2020,"cited_by_count":2},{"year":2019,"cited_by_count":5},{"year":2018,"cited_by_count":5}],"updated_date":"2026-04-21T08:09:41.155169","created_date":"2016-10-28T00:00:00"}