{"id":"https://openalex.org/W4308642904","doi":"https://doi.org/10.1145/3548606.3560585","title":"DirtyCred","display_name":"DirtyCred","publication_year":2022,"publication_date":"2022-11-07","ids":{"openalex":"https://openalex.org/W4308642904","doi":"https://doi.org/10.1145/3548606.3560585"},"language":"en","primary_location":{"id":"doi:10.1145/3548606.3560585","is_oa":false,"landing_page_url":"https://doi.org/10.1145/3548606.3560585","pdf_url":null,"source":{"id":"https://openalex.org/S4363608815","display_name":"Proceedings of the 2022 ACM SIGSAC Conference on Computer and Communications Security","issn_l":null,"issn":null,"is_oa":false,"is_in_doaj":false,"is_core":false,"host_organization":null,"host_organization_name":null,"host_organization_lineage":[],"host_organization_lineage_names":[],"type":"conference"},"license":null,"license_id":null,"version":"publishedVersion","is_accepted":true,"is_published":true,"raw_source_name":"Proceedings of the 2022 ACM SIGSAC Conference on Computer and Communications Security","raw_type":"proceedings-article"},"type":"article","indexed_in":["crossref"],"open_access":{"is_oa":false,"oa_status":"closed","oa_url":null,"any_repository_has_fulltext":false},"authorships":[{"author_position":"first","author":{"id":"https://openalex.org/A5051548030","display_name":"Zhenpeng Lin","orcid":"https://orcid.org/0000-0003-3593-4615"},"institutions":[{"id":"https://openalex.org/I111979921","display_name":"Northwestern University","ror":"https://ror.org/000e0be47","country_code":"US","type":"education","lineage":["https://openalex.org/I111979921"]}],"countries":["US"],"is_corresponding":true,"raw_author_name":"Zhenpeng Lin","raw_affiliation_strings":["Northwestern University, Evanston, IL, USA"],"affiliations":[{"raw_affiliation_string":"Northwestern University, Evanston, IL, USA","institution_ids":["https://openalex.org/I111979921"]}]},{"author_position":"middle","author":{"id":"https://openalex.org/A5081197053","display_name":"Yuhang Wu","orcid":"https://orcid.org/0000-0002-0641-9107"},"institutions":[{"id":"https://openalex.org/I111979921","display_name":"Northwestern University","ror":"https://ror.org/000e0be47","country_code":"US","type":"education","lineage":["https://openalex.org/I111979921"]}],"countries":["US"],"is_corresponding":false,"raw_author_name":"Yuhang Wu","raw_affiliation_strings":["Northwestern University, Evanston, IL, USA"],"affiliations":[{"raw_affiliation_string":"Northwestern University, Evanston, IL, USA","institution_ids":["https://openalex.org/I111979921"]}]},{"author_position":"last","author":{"id":"https://openalex.org/A5041094652","display_name":"Xinyu Xing","orcid":"https://orcid.org/0000-0001-6733-226X"},"institutions":[{"id":"https://openalex.org/I111979921","display_name":"Northwestern University","ror":"https://ror.org/000e0be47","country_code":"US","type":"education","lineage":["https://openalex.org/I111979921"]}],"countries":["US"],"is_corresponding":false,"raw_author_name":"Xinyu Xing","raw_affiliation_strings":["Northwestern University, Evanston, IL, USA"],"affiliations":[{"raw_affiliation_string":"Northwestern University, Evanston, IL, USA","institution_ids":["https://openalex.org/I111979921"]}]}],"institutions":[],"countries_distinct_count":1,"institutions_distinct_count":3,"corresponding_author_ids":["https://openalex.org/A5051548030"],"corresponding_institution_ids":["https://openalex.org/I111979921"],"apc_list":null,"apc_paid":null,"fwci":3.1163,"has_fulltext":false,"cited_by_count":30,"citation_normalized_percentile":{"value":0.93218056,"is_in_top_1_percent":false,"is_in_top_10_percent":true},"cited_by_percentile_year":{"min":89,"max":100},"biblio":{"volume":null,"issue":null,"first_page":"1963","last_page":"1976"},"is_retracted":false,"is_paratext":false,"is_xpac":false,"primary_topic":{"id":"https://openalex.org/T11424","display_name":"Security and Verification in Computing","score":0.9998999834060669,"subfield":{"id":"https://openalex.org/subfields/1702","display_name":"Artificial Intelligence"},"field":{"id":"https://openalex.org/fields/17","display_name":"Computer Science"},"domain":{"id":"https://openalex.org/domains/3","display_name":"Physical Sciences"}},"topics":[{"id":"https://openalex.org/T11424","display_name":"Security and Verification in Computing","score":0.9998999834060669,"subfield":{"id":"https://openalex.org/subfields/1702","display_name":"Artificial Intelligence"},"field":{"id":"https://openalex.org/fields/17","display_name":"Computer Science"},"domain":{"id":"https://openalex.org/domains/3","display_name":"Physical Sciences"}},{"id":"https://openalex.org/T11241","display_name":"Advanced Malware Detection Techniques","score":0.9848999977111816,"subfield":{"id":"https://openalex.org/subfields/1711","display_name":"Signal Processing"},"field":{"id":"https://openalex.org/fields/17","display_name":"Computer Science"},"domain":{"id":"https://openalex.org/domains/3","display_name":"Physical Sciences"}},{"id":"https://openalex.org/T10478","display_name":"Diamond and Carbon-based Materials Research","score":0.9847000241279602,"subfield":{"id":"https://openalex.org/subfields/2505","display_name":"Materials Chemistry"},"field":{"id":"https://openalex.org/fields/25","display_name":"Materials Science"},"domain":{"id":"https://openalex.org/domains/3","display_name":"Physical Sciences"}}],"keywords":[{"id":"https://openalex.org/keywords/vulnerability","display_name":"Vulnerability (computing)","score":0.8713705539703369},{"id":"https://openalex.org/keywords/exploit","display_name":"Exploit","score":0.8609970808029175},{"id":"https://openalex.org/keywords/linux-kernel","display_name":"Linux kernel","score":0.8216344118118286},{"id":"https://openalex.org/keywords/computer-science","display_name":"Computer science","score":0.7045843005180359},{"id":"https://openalex.org/keywords/computer-security","display_name":"Computer security","score":0.6191065907478333},{"id":"https://openalex.org/keywords/kernel","display_name":"Kernel (algebra)","score":0.6094018220901489},{"id":"https://openalex.org/keywords/file-system","display_name":"File system","score":0.5171703696250916},{"id":"https://openalex.org/keywords/operating-system","display_name":"Operating system","score":0.508363664150238},{"id":"https://openalex.org/keywords/vulnerability-management","display_name":"Vulnerability management","score":0.42293423414230347},{"id":"https://openalex.org/keywords/vulnerability-assessment","display_name":"Vulnerability assessment","score":0.31158211827278137},{"id":"https://openalex.org/keywords/psychology","display_name":"Psychology","score":0.05977091193199158}],"concepts":[{"id":"https://openalex.org/C95713431","wikidata":"https://www.wikidata.org/wiki/Q631425","display_name":"Vulnerability (computing)","level":2,"score":0.8713705539703369},{"id":"https://openalex.org/C165696696","wikidata":"https://www.wikidata.org/wiki/Q11287","display_name":"Exploit","level":2,"score":0.8609970808029175},{"id":"https://openalex.org/C553261973","wikidata":"https://www.wikidata.org/wiki/Q14579","display_name":"Linux kernel","level":2,"score":0.8216344118118286},{"id":"https://openalex.org/C41008148","wikidata":"https://www.wikidata.org/wiki/Q21198","display_name":"Computer science","level":0,"score":0.7045843005180359},{"id":"https://openalex.org/C38652104","wikidata":"https://www.wikidata.org/wiki/Q3510521","display_name":"Computer security","level":1,"score":0.6191065907478333},{"id":"https://openalex.org/C74193536","wikidata":"https://www.wikidata.org/wiki/Q574844","display_name":"Kernel (algebra)","level":2,"score":0.6094018220901489},{"id":"https://openalex.org/C2780940931","wikidata":"https://www.wikidata.org/wiki/Q174989","display_name":"File system","level":2,"score":0.5171703696250916},{"id":"https://openalex.org/C111919701","wikidata":"https://www.wikidata.org/wiki/Q9135","display_name":"Operating system","level":1,"score":0.508363664150238},{"id":"https://openalex.org/C172776598","wikidata":"https://www.wikidata.org/wiki/Q7943570","display_name":"Vulnerability management","level":4,"score":0.42293423414230347},{"id":"https://openalex.org/C167063184","wikidata":"https://www.wikidata.org/wiki/Q1400839","display_name":"Vulnerability assessment","level":3,"score":0.31158211827278137},{"id":"https://openalex.org/C15744967","wikidata":"https://www.wikidata.org/wiki/Q9418","display_name":"Psychology","level":0,"score":0.05977091193199158},{"id":"https://openalex.org/C33923547","wikidata":"https://www.wikidata.org/wiki/Q395","display_name":"Mathematics","level":0,"score":0.0},{"id":"https://openalex.org/C137176749","wikidata":"https://www.wikidata.org/wiki/Q4105337","display_name":"Psychological resilience","level":2,"score":0.0},{"id":"https://openalex.org/C114614502","wikidata":"https://www.wikidata.org/wiki/Q76592","display_name":"Combinatorics","level":1,"score":0.0},{"id":"https://openalex.org/C542102704","wikidata":"https://www.wikidata.org/wiki/Q183257","display_name":"Psychotherapist","level":1,"score":0.0}],"mesh":[],"locations_count":1,"locations":[{"id":"doi:10.1145/3548606.3560585","is_oa":false,"landing_page_url":"https://doi.org/10.1145/3548606.3560585","pdf_url":null,"source":{"id":"https://openalex.org/S4363608815","display_name":"Proceedings of the 2022 ACM SIGSAC Conference on Computer and Communications Security","issn_l":null,"issn":null,"is_oa":false,"is_in_doaj":false,"is_core":false,"host_organization":null,"host_organization_name":null,"host_organization_lineage":[],"host_organization_lineage_names":[],"type":"conference"},"license":null,"license_id":null,"version":"publishedVersion","is_accepted":true,"is_published":true,"raw_source_name":"Proceedings of the 2022 ACM SIGSAC Conference on Computer and Communications Security","raw_type":"proceedings-article"}],"best_oa_location":null,"sustainable_development_goals":[],"awards":[{"id":"https://openalex.org/G8355012457","display_name":null,"funder_award_id":"1954466","funder_id":"https://openalex.org/F4320306076","funder_display_name":"National Science Foundation"}],"funders":[{"id":"https://openalex.org/F4320306076","display_name":"National Science Foundation","ror":"https://ror.org/021nxhr62"}],"has_content":{"pdf":false,"grobid_xml":false},"content_urls":null,"referenced_works_count":23,"referenced_works":["https://openalex.org/W1447175589","https://openalex.org/W1964281299","https://openalex.org/W2015083179","https://openalex.org/W2094619820","https://openalex.org/W2368550879","https://openalex.org/W2532499458","https://openalex.org/W2575425722","https://openalex.org/W2601109594","https://openalex.org/W2612397603","https://openalex.org/W2664885055","https://openalex.org/W2912675049","https://openalex.org/W2914012796","https://openalex.org/W2914630606","https://openalex.org/W2963311060","https://openalex.org/W2985831349","https://openalex.org/W3015513242","https://openalex.org/W3108020564","https://openalex.org/W4213355680","https://openalex.org/W4226422324","https://openalex.org/W4242926647","https://openalex.org/W4288057707","https://openalex.org/W4308642904","https://openalex.org/W6753443810"],"related_works":["https://openalex.org/W2393340519","https://openalex.org/W2390459954","https://openalex.org/W4220885008","https://openalex.org/W2057803998","https://openalex.org/W4298219515","https://openalex.org/W1613146948","https://openalex.org/W3118510577","https://openalex.org/W2021298062","https://openalex.org/W2185499427","https://openalex.org/W4388541873"],"abstract_inverted_index":{"The":[0],"kernel":[1,30,70],"vulnerability":[2,37],"DirtyPipe":[3,44],"was":[4],"reported":[5],"to":[6],"be":[7,88],"present":[8],"in":[9],"nearly":[10],"all":[11],"versions":[12],"of":[13,43],"Linux":[14,80],"since":[15],"5.8.":[16],"Using":[17],"this":[18,36,49],"vulnerability,":[19,84],"a":[20],"bad":[21],"actor":[22],"could":[23,87],"fulfill":[24],"privilege":[25],"escalation":[26],"without":[27],"triggering":[28],"existing":[29],"protection":[31],"and":[32],"exploit":[33],"mitigation,":[34],"making":[35,72],"particularly":[38],"disconcerting.":[39],"However,":[40],"the":[41,56,73,83,85],"success":[42],"exploitation":[45],"heavily":[46],"relies":[47],"on":[48],"vulnerability's":[50],"capability":[51],"(i.e.,":[52],"injecting":[53],"data":[54],"into":[55],"arbitrary":[57],"file":[58],"through":[59],"Linux's":[60],"pipes).":[61],"Such":[62],"an":[63],"ability":[64],"is":[65],"rarely":[66],"seen":[67],"for":[68],"other":[69],"vulnerabilities,":[71],"defense":[74],"relatively":[75,89],"easy.":[76],"As":[77],"long":[78],"as":[79],"users":[81],"eliminate":[82],"system":[86],"secure.":[90]},"counts_by_year":[{"year":2025,"cited_by_count":16},{"year":2024,"cited_by_count":12},{"year":2023,"cited_by_count":1},{"year":2022,"cited_by_count":1}],"updated_date":"2025-11-06T03:46:38.306776","created_date":"2022-11-13T00:00:00"}