{"id":"https://openalex.org/W4388856860","doi":"https://doi.org/10.1145/3576915.3623110","title":"Tainted Secure Multi-Execution to Restrict Attacker Influence","display_name":"Tainted Secure Multi-Execution to Restrict Attacker Influence","publication_year":2023,"publication_date":"2023-11-15","ids":{"openalex":"https://openalex.org/W4388856860","doi":"https://doi.org/10.1145/3576915.3623110"},"language":"en","primary_location":{"id":"doi:10.1145/3576915.3623110","is_oa":true,"landing_page_url":"https://doi.org/10.1145/3576915.3623110","pdf_url":"https://dl.acm.org/doi/pdf/10.1145/3576915.3623110","source":null,"license":"cc-by","license_id":"https://openalex.org/licenses/cc-by","version":"publishedVersion","is_accepted":true,"is_published":true,"raw_source_name":"Proceedings of the 2023 ACM SIGSAC Conference on Computer and Communications Security","raw_type":"proceedings-article"},"type":"article","indexed_in":["crossref","datacite"],"open_access":{"is_oa":true,"oa_status":"gold","oa_url":"https://dl.acm.org/doi/pdf/10.1145/3576915.3623110","any_repository_has_fulltext":true},"authorships":[{"author_position":"first","author":{"id":"https://openalex.org/A5017247346","display_name":"McKenna McCall","orcid":"https://orcid.org/0009-0007-5642-4717"},"institutions":[{"id":"https://openalex.org/I74973139","display_name":"Carnegie Mellon University","ror":"https://ror.org/05x2bcf33","country_code":"US","type":"education","lineage":["https://openalex.org/I74973139"]}],"countries":["US"],"is_corresponding":false,"raw_author_name":"McKenna McCall","raw_affiliation_strings":["Carnegie Mellon University, Pittsburgh, PA, USA"],"raw_orcid":"https://orcid.org/0009-0007-5642-4717","affiliations":[{"raw_affiliation_string":"Carnegie Mellon University, Pittsburgh, PA, USA","institution_ids":["https://openalex.org/I74973139"]}]},{"author_position":"middle","author":{"id":"https://openalex.org/A5022695129","display_name":"Abhishek Bichhawat","orcid":"https://orcid.org/0000-0002-3075-2743"},"institutions":[{"id":"https://openalex.org/I27674431","display_name":"Indian Institute of Technology Gandhinagar","ror":"https://ror.org/0036p5w23","country_code":"IN","type":"education","lineage":["https://openalex.org/I27674431"]}],"countries":["IN"],"is_corresponding":false,"raw_author_name":"Abhishek Bichhawat","raw_affiliation_strings":["Indian Institute of Technology Gandhinagar, Gandhinagar, India"],"raw_orcid":"https://orcid.org/0000-0002-3075-2743","affiliations":[{"raw_affiliation_string":"Indian Institute of Technology Gandhinagar, Gandhinagar, India","institution_ids":["https://openalex.org/I27674431"]}]},{"author_position":"last","author":{"id":"https://openalex.org/A5087946116","display_name":"Limin Jia","orcid":"https://orcid.org/0000-0002-8160-349X"},"institutions":[{"id":"https://openalex.org/I74973139","display_name":"Carnegie Mellon University","ror":"https://ror.org/05x2bcf33","country_code":"US","type":"education","lineage":["https://openalex.org/I74973139"]}],"countries":["US"],"is_corresponding":false,"raw_author_name":"Limin Jia","raw_affiliation_strings":["Carnegie Mellon University, Pittsburgh, PA, USA"],"raw_orcid":"https://orcid.org/0000-0002-8160-349X","affiliations":[{"raw_affiliation_string":"Carnegie Mellon University, Pittsburgh, PA, USA","institution_ids":["https://openalex.org/I74973139"]}]}],"institutions":[],"countries_distinct_count":2,"institutions_distinct_count":3,"corresponding_author_ids":[],"corresponding_institution_ids":[],"apc_list":null,"apc_paid":null,"fwci":0.1632,"has_fulltext":true,"cited_by_count":1,"citation_normalized_percentile":{"value":0.57743444,"is_in_top_1_percent":false,"is_in_top_10_percent":false},"cited_by_percentile_year":{"min":91,"max":95},"biblio":{"volume":null,"issue":null,"first_page":"1732","last_page":"1745"},"is_retracted":false,"is_paratext":false,"is_xpac":false,"primary_topic":{"id":"https://openalex.org/T11424","display_name":"Security and Verification in Computing","score":0.9998999834060669,"subfield":{"id":"https://openalex.org/subfields/1702","display_name":"Artificial Intelligence"},"field":{"id":"https://openalex.org/fields/17","display_name":"Computer Science"},"domain":{"id":"https://openalex.org/domains/3","display_name":"Physical Sciences"}},"topics":[{"id":"https://openalex.org/T11424","display_name":"Security and Verification in Computing","score":0.9998999834060669,"subfield":{"id":"https://openalex.org/subfields/1702","display_name":"Artificial Intelligence"},"field":{"id":"https://openalex.org/fields/17","display_name":"Computer Science"},"domain":{"id":"https://openalex.org/domains/3","display_name":"Physical Sciences"}},{"id":"https://openalex.org/T11241","display_name":"Advanced Malware Detection Techniques","score":0.9984999895095825,"subfield":{"id":"https://openalex.org/subfields/1711","display_name":"Signal Processing"},"field":{"id":"https://openalex.org/fields/17","display_name":"Computer Science"},"domain":{"id":"https://openalex.org/domains/3","display_name":"Physical Sciences"}},{"id":"https://openalex.org/T12479","display_name":"Web Application Security Vulnerabilities","score":0.9955999851226807,"subfield":{"id":"https://openalex.org/subfields/1710","display_name":"Information Systems"},"field":{"id":"https://openalex.org/fields/17","display_name":"Computer Science"},"domain":{"id":"https://openalex.org/domains/3","display_name":"Physical Sciences"}}],"keywords":[{"id":"https://openalex.org/keywords/computer-science","display_name":"Computer science","score":0.7983896136283875},{"id":"https://openalex.org/keywords/scripting-language","display_name":"Scripting language","score":0.7708296775817871},{"id":"https://openalex.org/keywords/leverage","display_name":"Leverage (statistics)","score":0.7289130687713623},{"id":"https://openalex.org/keywords/computer-security","display_name":"Computer security","score":0.7253034710884094},{"id":"https://openalex.org/keywords/dynamic-web-page","display_name":"Dynamic web page","score":0.6773868799209595},{"id":"https://openalex.org/keywords/web-application","display_name":"Web application","score":0.5572510361671448},{"id":"https://openalex.org/keywords/cross-site-scripting","display_name":"Cross-site scripting","score":0.47216007113456726},{"id":"https://openalex.org/keywords/web-application-security","display_name":"Web application security","score":0.4443914592266083},{"id":"https://openalex.org/keywords/function","display_name":"Function (biology)","score":0.4263575077056885},{"id":"https://openalex.org/keywords/world-wide-web","display_name":"World Wide Web","score":0.4103408753871918},{"id":"https://openalex.org/keywords/web-service","display_name":"Web service","score":0.3334364891052246},{"id":"https://openalex.org/keywords/web-development","display_name":"Web development","score":0.19901791214942932},{"id":"https://openalex.org/keywords/operating-system","display_name":"Operating system","score":0.17955780029296875}],"concepts":[{"id":"https://openalex.org/C41008148","wikidata":"https://www.wikidata.org/wiki/Q21198","display_name":"Computer science","level":0,"score":0.7983896136283875},{"id":"https://openalex.org/C61423126","wikidata":"https://www.wikidata.org/wiki/Q187432","display_name":"Scripting language","level":2,"score":0.7708296775817871},{"id":"https://openalex.org/C153083717","wikidata":"https://www.wikidata.org/wiki/Q6535263","display_name":"Leverage (statistics)","level":2,"score":0.7289130687713623},{"id":"https://openalex.org/C38652104","wikidata":"https://www.wikidata.org/wiki/Q3510521","display_name":"Computer security","level":1,"score":0.7253034710884094},{"id":"https://openalex.org/C100158260","wikidata":"https://www.wikidata.org/wiki/Q1650567","display_name":"Dynamic web page","level":3,"score":0.6773868799209595},{"id":"https://openalex.org/C118643609","wikidata":"https://www.wikidata.org/wiki/Q189210","display_name":"Web application","level":2,"score":0.5572510361671448},{"id":"https://openalex.org/C39569185","wikidata":"https://www.wikidata.org/wiki/Q371199","display_name":"Cross-site scripting","level":5,"score":0.47216007113456726},{"id":"https://openalex.org/C59241245","wikidata":"https://www.wikidata.org/wiki/Q4781497","display_name":"Web application security","level":4,"score":0.4443914592266083},{"id":"https://openalex.org/C14036430","wikidata":"https://www.wikidata.org/wiki/Q3736076","display_name":"Function (biology)","level":2,"score":0.4263575077056885},{"id":"https://openalex.org/C136764020","wikidata":"https://www.wikidata.org/wiki/Q466","display_name":"World Wide Web","level":1,"score":0.4103408753871918},{"id":"https://openalex.org/C35578498","wikidata":"https://www.wikidata.org/wiki/Q193424","display_name":"Web service","level":2,"score":0.3334364891052246},{"id":"https://openalex.org/C79373723","wikidata":"https://www.wikidata.org/wiki/Q386275","display_name":"Web development","level":3,"score":0.19901791214942932},{"id":"https://openalex.org/C111919701","wikidata":"https://www.wikidata.org/wiki/Q9135","display_name":"Operating system","level":1,"score":0.17955780029296875},{"id":"https://openalex.org/C86803240","wikidata":"https://www.wikidata.org/wiki/Q420","display_name":"Biology","level":0,"score":0.0},{"id":"https://openalex.org/C78458016","wikidata":"https://www.wikidata.org/wiki/Q840400","display_name":"Evolutionary biology","level":1,"score":0.0},{"id":"https://openalex.org/C119857082","wikidata":"https://www.wikidata.org/wiki/Q2539","display_name":"Machine learning","level":1,"score":0.0}],"mesh":[],"locations_count":3,"locations":[{"id":"doi:10.1145/3576915.3623110","is_oa":true,"landing_page_url":"https://doi.org/10.1145/3576915.3623110","pdf_url":"https://dl.acm.org/doi/pdf/10.1145/3576915.3623110","source":null,"license":"cc-by","license_id":"https://openalex.org/licenses/cc-by","version":"publishedVersion","is_accepted":true,"is_published":true,"raw_source_name":"Proceedings of the 2023 ACM SIGSAC Conference on Computer and Communications Security","raw_type":"proceedings-article"},{"id":"pmh:oai:figshare.com:article/22296628","is_oa":true,"landing_page_url":"https://figshare.com/articles/report/Restricting_Attacker_Influence_in_Reactive_Programs_with_Dynamic_Secrets/22296628","pdf_url":null,"source":{"id":"https://openalex.org/S4377196282","display_name":"Figshare","issn_l":null,"issn":null,"is_oa":false,"is_in_doaj":false,"is_core":false,"host_organization":"https://openalex.org/I4210132348","host_organization_name":"Figshare (United Kingdom)","host_organization_lineage":["https://openalex.org/I4210132348"],"host_organization_lineage_names":[],"type":"repository"},"license":"cc-by","license_id":"https://openalex.org/licenses/cc-by","version":"submittedVersion","is_accepted":false,"is_published":false,"raw_source_name":"","raw_type":"Text"},{"id":"doi:10.1184/r1/22296628.v2","is_oa":true,"landing_page_url":"https://doi.org/10.1184/r1/22296628.v2","pdf_url":null,"source":{"id":"https://openalex.org/S7407050927","display_name":"KiltHub Repository","issn_l":null,"issn":[],"is_oa":false,"is_in_doaj":false,"is_core":false,"host_organization":null,"host_organization_name":null,"host_organization_lineage":[],"host_organization_lineage_names":[],"type":"repository"},"license":"cc-by","license_id":"https://openalex.org/licenses/cc-by","version":null,"is_accepted":false,"is_published":null,"raw_source_name":null,"raw_type":"report"}],"best_oa_location":{"id":"doi:10.1145/3576915.3623110","is_oa":true,"landing_page_url":"https://doi.org/10.1145/3576915.3623110","pdf_url":"https://dl.acm.org/doi/pdf/10.1145/3576915.3623110","source":null,"license":"cc-by","license_id":"https://openalex.org/licenses/cc-by","version":"publishedVersion","is_accepted":true,"is_published":true,"raw_source_name":"Proceedings of the 2023 ACM SIGSAC Conference on Computer and Communications Security","raw_type":"proceedings-article"},"sustainable_development_goals":[{"score":0.699999988079071,"id":"https://metadata.un.org/sdg/16","display_name":"Peace, Justice and strong institutions"}],"awards":[{"id":"https://openalex.org/G4208173469","display_name":null,"funder_award_id":"CNS1704542, CNS2245115","funder_id":"https://openalex.org/F4320306076","funder_display_name":"National Science Foundation"}],"funders":[{"id":"https://openalex.org/F4320306076","display_name":"National Science Foundation","ror":"https://ror.org/021nxhr62"},{"id":"https://openalex.org/F4320310207","display_name":"Carnegie Mellon University","ror":"https://ror.org/05x2bcf33"},{"id":"https://openalex.org/F4320320719","display_name":"Department of Science and Technology, Ministry of Science and Technology, India","ror":"https://ror.org/0101xrq71"}],"has_content":{"grobid_xml":true,"pdf":true},"content_urls":{"pdf":"https://content.openalex.org/works/W4388856860.pdf","grobid_xml":"https://content.openalex.org/works/W4388856860.grobid-xml"},"referenced_works_count":36,"referenced_works":["https://openalex.org/W66661079","https://openalex.org/W1264845515","https://openalex.org/W1531328487","https://openalex.org/W1534212008","https://openalex.org/W1557847811","https://openalex.org/W1821830326","https://openalex.org/W1995290095","https://openalex.org/W1998180710","https://openalex.org/W2008332764","https://openalex.org/W2024811322","https://openalex.org/W2027146564","https://openalex.org/W2027822753","https://openalex.org/W2036463966","https://openalex.org/W2081377878","https://openalex.org/W2086234010","https://openalex.org/W2099510595","https://openalex.org/W2126469755","https://openalex.org/W2145653610","https://openalex.org/W2155317744","https://openalex.org/W2162283517","https://openalex.org/W2165078378","https://openalex.org/W2295903522","https://openalex.org/W2296605318","https://openalex.org/W2381524979","https://openalex.org/W2519680833","https://openalex.org/W2687548538","https://openalex.org/W2752155394","https://openalex.org/W2766853406","https://openalex.org/W2798483320","https://openalex.org/W2886179714","https://openalex.org/W2890509371","https://openalex.org/W2972047516","https://openalex.org/W3102410487","https://openalex.org/W4254234063","https://openalex.org/W4283389523","https://openalex.org/W4283398559"],"related_works":["https://openalex.org/W2150889667","https://openalex.org/W4392079573","https://openalex.org/W4233984944","https://openalex.org/W3190536237","https://openalex.org/W195300121","https://openalex.org/W2017602249","https://openalex.org/W2548409577","https://openalex.org/W3180404666","https://openalex.org/W1531015913","https://openalex.org/W2735662051"],"abstract_inverted_index":{"Attackers":[0],"can":[1,30],"steal":[2],"sensitive":[3],"user":[4],"information":[5],"from":[6,46,63],"web":[7,33,48],"pages":[8],"via":[9],"third-party":[10],"scripts.":[11],"Prior":[12],"work":[13],"shows":[14],"that":[15,28,60],"secure":[16],"multi-execution":[17],"(SME)":[18],"with":[19],"declassification":[20],"is":[21,53],"useful":[22],"for":[23],"mitigating":[24],"such":[25],"attacks,":[26],"but":[27],"attackers":[29],"leverage":[31],"dynamic":[32,47,64],"features":[34],"to":[35,50,56],"declassify":[36,61],"more":[37],"than":[38],"intended.":[39],"The":[40],"proposed":[41],"solution":[42],"of":[43],"disallowing":[44],"events":[45,62],"elements":[49,65],"be":[51,57],"declassified":[52],"too":[54],"restrictive":[55],"practical;":[58],"websites":[59],"cannot":[66],"function":[67],"correctly.":[68]},"counts_by_year":[{"year":2025,"cited_by_count":1}],"updated_date":"2026-06-11T09:08:48.828518","created_date":"2025-10-10T00:00:00"}