{"id":"https://openalex.org/W3204945378","doi":"https://doi.org/10.1145/3460120.3484535","title":"Preventing Dynamic Library Compromise on Node.js via RWX-Based Privilege Reduction","display_name":"Preventing Dynamic Library Compromise on Node.js via RWX-Based Privilege Reduction","publication_year":2021,"publication_date":"2021-11-12","ids":{"openalex":"https://openalex.org/W3204945378","doi":"https://doi.org/10.1145/3460120.3484535","mag":"3204945378"},"language":"en","primary_location":{"id":"doi:10.1145/3460120.3484535","is_oa":true,"landing_page_url":"https://doi.org/10.1145/3460120.3484535","pdf_url":"https://dl.acm.org/doi/pdf/10.1145/3460120.3484535","source":null,"license":null,"license_id":null,"version":"publishedVersion","is_accepted":true,"is_published":true,"raw_source_name":"Proceedings of the 2021 ACM SIGSAC Conference on Computer and Communications Security","raw_type":"proceedings-article"},"type":"article","indexed_in":["crossref","datacite"],"open_access":{"is_oa":true,"oa_status":"gold","oa_url":"https://dl.acm.org/doi/pdf/10.1145/3460120.3484535","any_repository_has_fulltext":true},"authorships":[{"author_position":"first","author":{"id":"https://openalex.org/A5034441711","display_name":"Nikos Vasilakis","orcid":"https://orcid.org/0000-0001-7347-298X"},"institutions":[{"id":"https://openalex.org/I63966007","display_name":"Massachusetts Institute of Technology","ror":"https://ror.org/042nb2s44","country_code":"US","type":"education","lineage":["https://openalex.org/I63966007"]}],"countries":["US"],"is_corresponding":true,"raw_author_name":"Nikos Vasilakis","raw_affiliation_strings":["Massachusetts Institute of Technology, Cambridge, MA, USA"],"affiliations":[{"raw_affiliation_string":"Massachusetts Institute of Technology, Cambridge, MA, USA","institution_ids":["https://openalex.org/I63966007"]}]},{"author_position":"middle","author":{"id":"https://openalex.org/A5068174067","display_name":"Cristian-Alexandru Staicu","orcid":"https://orcid.org/0000-0002-6542-2226"},"institutions":[{"id":"https://openalex.org/I4210128801","display_name":"Helmholtz Center for Information Security","ror":"https://ror.org/02njgxr09","country_code":"DE","type":"facility","lineage":["https://openalex.org/I1305996414","https://openalex.org/I4210128801"]}],"countries":["DE"],"is_corresponding":false,"raw_author_name":"Cristian-Alexandru Staicu","raw_affiliation_strings":["CISPA Helmholtz Center for Information Security, Saarbr\u00fccken, Germany"],"affiliations":[{"raw_affiliation_string":"CISPA Helmholtz Center for Information Security, Saarbr\u00fccken, Germany","institution_ids":["https://openalex.org/I4210128801"]}]},{"author_position":"middle","author":{"id":"https://openalex.org/A5073682091","display_name":"Grigoris Ntousakis","orcid":"https://orcid.org/0000-0003-1158-3056"},"institutions":[{"id":"https://openalex.org/I55741626","display_name":"Technical University of Crete","ror":"https://ror.org/03f8bz564","country_code":"GR","type":"education","lineage":["https://openalex.org/I55741626"]}],"countries":["GR"],"is_corresponding":false,"raw_author_name":"Grigoris Ntousakis","raw_affiliation_strings":["TU Crete, Chania, Greece"],"affiliations":[{"raw_affiliation_string":"TU Crete, Chania, Greece","institution_ids":["https://openalex.org/I55741626"]}]},{"author_position":"middle","author":{"id":"https://openalex.org/A5054940489","display_name":"\u039a\u03c9\u03bd\u03c3\u03c4\u03b1\u03bd\u03c4\u03af\u03bd\u03bf\u03c2 \u039a\u03b1\u03bb\u03bb\u03ac\u03c2","orcid":"https://orcid.org/0000-0002-8984-6648"},"institutions":[{"id":"https://openalex.org/I79576946","display_name":"University of Pennsylvania","ror":"https://ror.org/00b30xv10","country_code":"US","type":"education","lineage":["https://openalex.org/I79576946"]}],"countries":["US"],"is_corresponding":false,"raw_author_name":"Konstantinos Kallas","raw_affiliation_strings":["University of Pennsylvania, Philadelphia, PA, USA"],"affiliations":[{"raw_affiliation_string":"University of Pennsylvania, Philadelphia, PA, USA","institution_ids":["https://openalex.org/I79576946"]}]},{"author_position":"middle","author":{"id":"https://openalex.org/A5053420856","display_name":"Ben Karel","orcid":null},"institutions":[],"countries":[],"is_corresponding":false,"raw_author_name":"Ben Karel","raw_affiliation_strings":["Aarno Labs, Cambridge, MA, USA"],"affiliations":[{"raw_affiliation_string":"Aarno Labs, Cambridge, MA, USA","institution_ids":[]}]},{"author_position":"middle","author":{"id":"https://openalex.org/A5087585086","display_name":"Andr\u00e9 DeHon","orcid":"https://orcid.org/0000-0001-9177-7699"},"institutions":[{"id":"https://openalex.org/I79576946","display_name":"University of Pennsylvania","ror":"https://ror.org/00b30xv10","country_code":"US","type":"education","lineage":["https://openalex.org/I79576946"]}],"countries":["US"],"is_corresponding":false,"raw_author_name":"Andr\u00e9 DeHon","raw_affiliation_strings":["University of Pennsylvania, Philadelphia, PA, USA"],"affiliations":[{"raw_affiliation_string":"University of Pennsylvania, Philadelphia, PA, USA","institution_ids":["https://openalex.org/I79576946"]}]},{"author_position":"last","author":{"id":"https://openalex.org/A5013438083","display_name":"Michael Pradel","orcid":"https://orcid.org/0000-0003-1623-498X"},"institutions":[{"id":"https://openalex.org/I100066346","display_name":"University of Stuttgart","ror":"https://ror.org/04vnq7t77","country_code":"DE","type":"education","lineage":["https://openalex.org/I100066346"]}],"countries":["DE"],"is_corresponding":false,"raw_author_name":"Michael Pradel","raw_affiliation_strings":["University of Stuttgart, Stuttgart, Germany"],"affiliations":[{"raw_affiliation_string":"University of Stuttgart, Stuttgart, Germany","institution_ids":["https://openalex.org/I100066346"]}]}],"institutions":[],"countries_distinct_count":3,"institutions_distinct_count":7,"corresponding_author_ids":["https://openalex.org/A5034441711"],"corresponding_institution_ids":["https://openalex.org/I63966007"],"apc_list":null,"apc_paid":null,"fwci":3.0797,"has_fulltext":true,"cited_by_count":27,"citation_normalized_percentile":{"value":0.92876571,"is_in_top_1_percent":false,"is_in_top_10_percent":true},"cited_by_percentile_year":{"min":95,"max":99},"biblio":{"volume":null,"issue":null,"first_page":"1821","last_page":"1838"},"is_retracted":false,"is_paratext":false,"is_xpac":false,"primary_topic":{"id":"https://openalex.org/T11424","display_name":"Security and Verification in Computing","score":0.9998999834060669,"subfield":{"id":"https://openalex.org/subfields/1702","display_name":"Artificial Intelligence"},"field":{"id":"https://openalex.org/fields/17","display_name":"Computer Science"},"domain":{"id":"https://openalex.org/domains/3","display_name":"Physical Sciences"}},"topics":[{"id":"https://openalex.org/T11424","display_name":"Security and Verification in Computing","score":0.9998999834060669,"subfield":{"id":"https://openalex.org/subfields/1702","display_name":"Artificial Intelligence"},"field":{"id":"https://openalex.org/fields/17","display_name":"Computer Science"},"domain":{"id":"https://openalex.org/domains/3","display_name":"Physical Sciences"}},{"id":"https://openalex.org/T11241","display_name":"Advanced Malware Detection Techniques","score":0.9995999932289124,"subfield":{"id":"https://openalex.org/subfields/1711","display_name":"Signal Processing"},"field":{"id":"https://openalex.org/fields/17","display_name":"Computer Science"},"domain":{"id":"https://openalex.org/domains/3","display_name":"Physical Sciences"}},{"id":"https://openalex.org/T12479","display_name":"Web Application Security Vulnerabilities","score":0.9988999962806702,"subfield":{"id":"https://openalex.org/subfields/1710","display_name":"Information Systems"},"field":{"id":"https://openalex.org/fields/17","display_name":"Computer Science"},"domain":{"id":"https://openalex.org/domains/3","display_name":"Physical Sciences"}}],"keywords":[{"id":"https://openalex.org/keywords/computer-science","display_name":"Computer science","score":0.8300964832305908},{"id":"https://openalex.org/keywords/privilege","display_name":"Privilege (computing)","score":0.6311676502227783},{"id":"https://openalex.org/keywords/permission","display_name":"Permission","score":0.6130664348602295},{"id":"https://openalex.org/keywords/javascript","display_name":"JavaScript","score":0.6064240336418152},{"id":"https://openalex.org/keywords/computer-security","display_name":"Computer security","score":0.5386995673179626},{"id":"https://openalex.org/keywords/compromise","display_name":"Compromise","score":0.5240055322647095},{"id":"https://openalex.org/keywords/software","display_name":"Software","score":0.44612449407577515},{"id":"https://openalex.org/keywords/context","display_name":"Context (archaeology)","score":0.4414592385292053},{"id":"https://openalex.org/keywords/node","display_name":"Node (physics)","score":0.4316520392894745},{"id":"https://openalex.org/keywords/operating-system","display_name":"Operating system","score":0.3425728380680084},{"id":"https://openalex.org/keywords/world-wide-web","display_name":"World Wide Web","score":0.32543617486953735}],"concepts":[{"id":"https://openalex.org/C41008148","wikidata":"https://www.wikidata.org/wiki/Q21198","display_name":"Computer science","level":0,"score":0.8300964832305908},{"id":"https://openalex.org/C2780138299","wikidata":"https://www.wikidata.org/wiki/Q3404265","display_name":"Privilege (computing)","level":2,"score":0.6311676502227783},{"id":"https://openalex.org/C2779089604","wikidata":"https://www.wikidata.org/wiki/Q7169333","display_name":"Permission","level":2,"score":0.6130664348602295},{"id":"https://openalex.org/C544833334","wikidata":"https://www.wikidata.org/wiki/Q2005","display_name":"JavaScript","level":2,"score":0.6064240336418152},{"id":"https://openalex.org/C38652104","wikidata":"https://www.wikidata.org/wiki/Q3510521","display_name":"Computer security","level":1,"score":0.5386995673179626},{"id":"https://openalex.org/C46355384","wikidata":"https://www.wikidata.org/wiki/Q726686","display_name":"Compromise","level":2,"score":0.5240055322647095},{"id":"https://openalex.org/C2777904410","wikidata":"https://www.wikidata.org/wiki/Q7397","display_name":"Software","level":2,"score":0.44612449407577515},{"id":"https://openalex.org/C2779343474","wikidata":"https://www.wikidata.org/wiki/Q3109175","display_name":"Context (archaeology)","level":2,"score":0.4414592385292053},{"id":"https://openalex.org/C62611344","wikidata":"https://www.wikidata.org/wiki/Q1062658","display_name":"Node (physics)","level":2,"score":0.4316520392894745},{"id":"https://openalex.org/C111919701","wikidata":"https://www.wikidata.org/wiki/Q9135","display_name":"Operating system","level":1,"score":0.3425728380680084},{"id":"https://openalex.org/C136764020","wikidata":"https://www.wikidata.org/wiki/Q466","display_name":"World Wide Web","level":1,"score":0.32543617486953735},{"id":"https://openalex.org/C36289849","wikidata":"https://www.wikidata.org/wiki/Q34749","display_name":"Social science","level":1,"score":0.0},{"id":"https://openalex.org/C66938386","wikidata":"https://www.wikidata.org/wiki/Q633538","display_name":"Structural engineering","level":1,"score":0.0},{"id":"https://openalex.org/C151730666","wikidata":"https://www.wikidata.org/wiki/Q7205","display_name":"Paleontology","level":1,"score":0.0},{"id":"https://openalex.org/C127413603","wikidata":"https://www.wikidata.org/wiki/Q11023","display_name":"Engineering","level":0,"score":0.0},{"id":"https://openalex.org/C17744445","wikidata":"https://www.wikidata.org/wiki/Q36442","display_name":"Political science","level":0,"score":0.0},{"id":"https://openalex.org/C86803240","wikidata":"https://www.wikidata.org/wiki/Q420","display_name":"Biology","level":0,"score":0.0},{"id":"https://openalex.org/C144024400","wikidata":"https://www.wikidata.org/wiki/Q21201","display_name":"Sociology","level":0,"score":0.0},{"id":"https://openalex.org/C199539241","wikidata":"https://www.wikidata.org/wiki/Q7748","display_name":"Law","level":1,"score":0.0}],"mesh":[],"locations_count":3,"locations":[{"id":"doi:10.1145/3460120.3484535","is_oa":true,"landing_page_url":"https://doi.org/10.1145/3460120.3484535","pdf_url":"https://dl.acm.org/doi/pdf/10.1145/3460120.3484535","source":null,"license":null,"license_id":null,"version":"publishedVersion","is_accepted":true,"is_published":true,"raw_source_name":"Proceedings of the 2021 ACM SIGSAC Conference on Computer and Communications Security","raw_type":"proceedings-article"},{"id":"pmh:oai:figshare.com:article/24613752","is_oa":true,"landing_page_url":"https://figshare.com/articles/conference_contribution/Preventing_Dynamic_Library_Compromise_on_Node_js_via_RWX-Based_Privilege_Reduction/24613752","pdf_url":null,"source":{"id":"https://openalex.org/S4377196282","display_name":"Figshare","issn_l":null,"issn":null,"is_oa":false,"is_in_doaj":false,"is_core":false,"host_organization":"https://openalex.org/I4210132348","host_organization_name":"Figshare (United Kingdom)","host_organization_lineage":["https://openalex.org/I4210132348"],"host_organization_lineage_names":[],"type":"repository"},"license":"cc-by","license_id":"https://openalex.org/licenses/cc-by","version":"submittedVersion","is_accepted":false,"is_published":false,"raw_source_name":"","raw_type":"Text"},{"id":"doi:10.60882/cispa.24613752.v1","is_oa":true,"landing_page_url":"https://doi.org/10.60882/cispa.24613752.v1","pdf_url":null,"source":{"id":"https://openalex.org/S7407050916","display_name":"CISPA Helmholtz Center","issn_l":null,"issn":[],"is_oa":false,"is_in_doaj":false,"is_core":false,"host_organization":null,"host_organization_name":null,"host_organization_lineage":[],"host_organization_lineage_names":[],"type":"repository"},"license":null,"license_id":null,"version":null,"is_accepted":false,"is_published":null,"raw_source_name":null,"raw_type":"article"}],"best_oa_location":{"id":"doi:10.1145/3460120.3484535","is_oa":true,"landing_page_url":"https://doi.org/10.1145/3460120.3484535","pdf_url":"https://dl.acm.org/doi/pdf/10.1145/3460120.3484535","source":null,"license":null,"license_id":null,"version":"publishedVersion","is_accepted":true,"is_published":true,"raw_source_name":"Proceedings of the 2021 ACM SIGSAC Conference on Computer and Communications Security","raw_type":"proceedings-article"},"sustainable_development_goals":[{"id":"https://metadata.un.org/sdg/16","score":0.7099999785423279,"display_name":"Peace, Justice and strong institutions"}],"awards":[{"id":"https://openalex.org/G1692276411","display_name":null,"funder_award_id":"HR001120C0191","funder_id":"https://openalex.org/F4320332180","funder_display_name":"Defense Advanced Research Projects Agency"},{"id":"https://openalex.org/G2629488062","display_name":null,"funder_award_id":"1513687","funder_id":"https://openalex.org/F4320306076","funder_display_name":"National Science Foundation"},{"id":"https://openalex.org/G4161730871","display_name":"MPS-BIO: Collaborative Research: Physical Mechanisms Regulating Sperm Chemotaxis","funder_award_id":"1120200","funder_id":"https://openalex.org/F4320306076","funder_display_name":"National Science Foundation"},{"id":"https://openalex.org/G4234623774","display_name":null,"funder_award_id":"1763514","funder_id":"https://openalex.org/F4320306076","funder_display_name":"National Science Foundation"},{"id":"https://openalex.org/G4412634630","display_name":"CAREER: Rigidity of Group Actions on Manifolds","funder_award_id":"2020013","funder_id":"https://openalex.org/F4320306076","funder_display_name":"National Science Foundation"},{"id":"https://openalex.org/G5869372632","display_name":"Optical MIMO and Hybrid Communication Systems","funder_award_id":"1202001","funder_id":"https://openalex.org/F4320306076","funder_display_name":"National Science Foundation"},{"id":"https://openalex.org/G6573288936","display_name":null,"funder_award_id":"CNS-1513687","funder_id":"https://openalex.org/F4320306076","funder_display_name":"National Science Foundation"},{"id":"https://openalex.org/G7749375848","display_name":null,"funder_award_id":"HR00112020013, HR001120C0191","funder_id":"https://openalex.org/F4320332180","funder_display_name":"Defense Advanced Research Projects Agency"},{"id":"https://openalex.org/G8919204292","display_name":null,"funder_award_id":"HR001120C0155","funder_id":"https://openalex.org/F4320332180","funder_display_name":"Defense Advanced Research Projects Agency"}],"funders":[{"id":"https://openalex.org/F4320306076","display_name":"National Science Foundation","ror":"https://ror.org/021nxhr62"},{"id":"https://openalex.org/F4320320879","display_name":"Deutsche Forschungsgemeinschaft","ror":"https://ror.org/018mejw64"},{"id":"https://openalex.org/F4320332180","display_name":"Defense Advanced Research Projects Agency","ror":"https://ror.org/02caytj08"}],"has_content":{"pdf":true,"grobid_xml":true},"content_urls":{"pdf":"https://content.openalex.org/works/W3204945378.pdf","grobid_xml":"https://content.openalex.org/works/W3204945378.grobid-xml"},"referenced_works_count":57,"referenced_works":["https://openalex.org/W6385438","https://openalex.org/W19830081","https://openalex.org/W68159281","https://openalex.org/W148369031","https://openalex.org/W155216046","https://openalex.org/W163930933","https://openalex.org/W192856476","https://openalex.org/W431566009","https://openalex.org/W1410526368","https://openalex.org/W1482769911","https://openalex.org/W1508969946","https://openalex.org/W1520961854","https://openalex.org/W1561387739","https://openalex.org/W1999579337","https://openalex.org/W2023753091","https://openalex.org/W2036790532","https://openalex.org/W2039999720","https://openalex.org/W2053707676","https://openalex.org/W2058099999","https://openalex.org/W2060475972","https://openalex.org/W2063776463","https://openalex.org/W2079029390","https://openalex.org/W2101678831","https://openalex.org/W2107370049","https://openalex.org/W2121251946","https://openalex.org/W2123582298","https://openalex.org/W2128303158","https://openalex.org/W2138346871","https://openalex.org/W2146717998","https://openalex.org/W2150210903","https://openalex.org/W2157514610","https://openalex.org/W2223370306","https://openalex.org/W2294912735","https://openalex.org/W2400063502","https://openalex.org/W2467714986","https://openalex.org/W2467837290","https://openalex.org/W2591793539","https://openalex.org/W2614073125","https://openalex.org/W2765284675","https://openalex.org/W2792952820","https://openalex.org/W2797464081","https://openalex.org/W2891688103","https://openalex.org/W2914982603","https://openalex.org/W2921892740","https://openalex.org/W2943785747","https://openalex.org/W2962785744","https://openalex.org/W2965940576","https://openalex.org/W2966437945","https://openalex.org/W2988741178","https://openalex.org/W3090362160","https://openalex.org/W3092106265","https://openalex.org/W3104970816","https://openalex.org/W3106913944","https://openalex.org/W3194460284","https://openalex.org/W4239778624","https://openalex.org/W4242574860","https://openalex.org/W4246472322"],"related_works":["https://openalex.org/W2801622120","https://openalex.org/W2164141394","https://openalex.org/W1967649051","https://openalex.org/W3036524962","https://openalex.org/W4240977217","https://openalex.org/W2508088450","https://openalex.org/W4214750239","https://openalex.org/W2389434635","https://openalex.org/W2503982731","https://openalex.org/W4313011913"],"abstract_inverted_index":{"Third-party":[0],"libraries":[1,10,105,116],"ease":[2],"the":[3,39,63,75,90],"development":[4],"of":[5,65,69,77,144],"large-scale":[6],"software":[7],"systems.":[8],"However,":[9],"often":[11],"execute":[12],"with":[13],"significantly":[14],"more":[15],"privilege":[16,25,145],"than":[17],"needed":[18],"to":[19,34,93,112],"complete":[20],"their":[21,109],"task.":[22],"Such":[23],"additional":[24],"is":[26,42,81],"sometimes":[27],"exploited":[28],"at":[29,62],"runtime":[30],"via":[31],"inputs":[32],"passed":[33],"a":[35,49,56,84,141],"library,":[36],"even":[37],"when":[38],"library":[40,80],"itself":[41],"not":[43],"actively":[44],"malicious.":[45],"We":[46],"present":[47],"Mir,":[48],"system":[50],"addressing":[51],"dynamic":[52,134],"compromise":[53],"by":[54,83,102,108],"introducing":[55],"fine-grained":[57],"read-write-execute":[58],"(RWX)":[59],"permission":[60,85],"model":[61],"boundaries":[64],"libraries:":[66],"every":[67,70],"field":[68],"free":[71],"variable":[72],"name":[73],"in":[74],"context":[76],"an":[78],"imported":[79],"governed":[82],"set.":[86],"To":[87],"help":[88],"specify":[89],"permissions":[91,101],"given":[92],"existing":[94],"code,":[95],"Mir's":[96],"automated":[97],"inference":[98],"generates":[99],"default":[100],"analyzing":[103],"how":[104],"are":[106],"used":[107],"clients.":[110],"Applied":[111],"over":[113],"1,000":[114],"JavaScript":[115],"for":[117,128,133],"Node.js,":[118],"Mir":[119],"shows":[120],"practical":[121],"security":[122],"(61/63":[123],"attacks":[124],"mitigated),":[125],"performance":[126],"(2.1s":[127],"static":[129],"analysis":[130],"and":[131,136],"+1.93%":[132],"enforcement),":[135],"compatibility":[137],"(99.09%)":[138],"characteristics---and":[139],"enables":[140],"novel":[142],"quantification":[143],"reduction.":[146]},"counts_by_year":[{"year":2025,"cited_by_count":5},{"year":2024,"cited_by_count":5},{"year":2023,"cited_by_count":10},{"year":2022,"cited_by_count":4},{"year":2021,"cited_by_count":3}],"updated_date":"2026-04-21T08:09:41.155169","created_date":"2025-10-10T00:00:00"}