{"id":"https://openalex.org/W4400976119","doi":"https://doi.org/10.1145/3664476.3670895","title":"Don't, Stop, Drop, Pause: Forensics of CONtainer CheckPOINTs (ConPoint)","display_name":"Don't, Stop, Drop, Pause: Forensics of CONtainer CheckPOINTs (ConPoint)","publication_year":2024,"publication_date":"2024-07-25","ids":{"openalex":"https://openalex.org/W4400976119","doi":"https://doi.org/10.1145/3664476.3670895"},"language":"en","primary_location":{"id":"doi:10.1145/3664476.3670895","is_oa":false,"landing_page_url":"https://doi.org/10.1145/3664476.3670895","pdf_url":null,"source":null,"license":null,"license_id":null,"version":"publishedVersion","is_accepted":true,"is_published":true,"raw_source_name":"Proceedings of the 19th International Conference on Availability, Reliability and Security","raw_type":"proceedings-article"},"type":"article","indexed_in":["crossref"],"open_access":{"is_oa":true,"oa_status":"green","oa_url":"https://repository.lsu.edu/eecs_pubs/2326","any_repository_has_fulltext":true},"authorships":[{"author_position":"first","author":{"id":"https://openalex.org/A5060320867","display_name":"Taha Gharaibeh","orcid":"https://orcid.org/0000-0001-7407-2304"},"institutions":[{"id":"https://openalex.org/I121820613","display_name":"Louisiana State University","ror":"https://ror.org/05ect4e57","country_code":"US","type":"education","lineage":["https://openalex.org/I121820613"]}],"countries":["US"],"is_corresponding":true,"raw_author_name":"Taha Gharaibeh","raw_affiliation_strings":["BiTLab, Louisiana State University, USA"],"affiliations":[{"raw_affiliation_string":"BiTLab, Louisiana State University, USA","institution_ids":["https://openalex.org/I121820613"]}]},{"author_position":"middle","author":{"id":"https://openalex.org/A5034376192","display_name":"Steven S. Seiden","orcid":"https://orcid.org/0009-0006-4358-946X"},"institutions":[{"id":"https://openalex.org/I121820613","display_name":"Louisiana State University","ror":"https://ror.org/05ect4e57","country_code":"US","type":"education","lineage":["https://openalex.org/I121820613"]}],"countries":["US"],"is_corresponding":false,"raw_author_name":"Steven Seiden","raw_affiliation_strings":["Louisiana State University, USA"],"affiliations":[{"raw_affiliation_string":"Louisiana State University, USA","institution_ids":["https://openalex.org/I121820613"]}]},{"author_position":"middle","author":{"id":"https://openalex.org/A5105049145","display_name":"Mohamed Abouelsaoud","orcid":null},"institutions":[{"id":"https://openalex.org/I135428043","display_name":"Cisco Systems (United States)","ror":"https://ror.org/03yt1ez60","country_code":"US","type":"company","lineage":["https://openalex.org/I135428043"]}],"countries":["US"],"is_corresponding":false,"raw_author_name":"Mohamed Abouelsaoud","raw_affiliation_strings":["Cisco Systems, USA"],"affiliations":[{"raw_affiliation_string":"Cisco Systems, USA","institution_ids":["https://openalex.org/I135428043"]}]},{"author_position":"middle","author":{"id":"https://openalex.org/A5039079298","display_name":"Elias Bou\u2010Harb","orcid":"https://orcid.org/0000-0001-8040-4635"},"institutions":[{"id":"https://openalex.org/I121820613","display_name":"Louisiana State University","ror":"https://ror.org/05ect4e57","country_code":"US","type":"education","lineage":["https://openalex.org/I121820613"]}],"countries":["US"],"is_corresponding":false,"raw_author_name":"Elias Bou-Harb","raw_affiliation_strings":["Louisiana State University, USA"],"affiliations":[{"raw_affiliation_string":"Louisiana State University, USA","institution_ids":["https://openalex.org/I121820613"]}]},{"author_position":"last","author":{"id":"https://openalex.org/A5043176147","display_name":"Ibrahim Baggili","orcid":"https://orcid.org/0000-0002-9574-9537"},"institutions":[{"id":"https://openalex.org/I121820613","display_name":"Louisiana State University","ror":"https://ror.org/05ect4e57","country_code":"US","type":"education","lineage":["https://openalex.org/I121820613"]}],"countries":["US"],"is_corresponding":false,"raw_author_name":"Ibrahim Baggili","raw_affiliation_strings":["Louisiana State University, USA"],"affiliations":[{"raw_affiliation_string":"Louisiana State University, USA","institution_ids":["https://openalex.org/I121820613"]}]}],"institutions":[],"countries_distinct_count":1,"institutions_distinct_count":5,"corresponding_author_ids":["https://openalex.org/A5060320867"],"corresponding_institution_ids":["https://openalex.org/I121820613"],"apc_list":null,"apc_paid":null,"fwci":0.7794,"has_fulltext":false,"cited_by_count":1,"citation_normalized_percentile":{"value":0.77011136,"is_in_top_1_percent":false,"is_in_top_10_percent":false},"cited_by_percentile_year":{"min":91,"max":95},"biblio":{"volume":null,"issue":null,"first_page":"1","last_page":"11"},"is_retracted":false,"is_paratext":false,"is_xpac":false,"primary_topic":{"id":"https://openalex.org/T12034","display_name":"Digital and Cyber Forensics","score":1.0,"subfield":{"id":"https://openalex.org/subfields/1710","display_name":"Information Systems"},"field":{"id":"https://openalex.org/fields/17","display_name":"Computer Science"},"domain":{"id":"https://openalex.org/domains/3","display_name":"Physical Sciences"}},"topics":[{"id":"https://openalex.org/T12034","display_name":"Digital and Cyber Forensics","score":1.0,"subfield":{"id":"https://openalex.org/subfields/1710","display_name":"Information Systems"},"field":{"id":"https://openalex.org/fields/17","display_name":"Computer Science"},"domain":{"id":"https://openalex.org/domains/3","display_name":"Physical Sciences"}},{"id":"https://openalex.org/T11241","display_name":"Advanced Malware Detection Techniques","score":0.9998999834060669,"subfield":{"id":"https://openalex.org/subfields/1711","display_name":"Signal Processing"},"field":{"id":"https://openalex.org/fields/17","display_name":"Computer Science"},"domain":{"id":"https://openalex.org/domains/3","display_name":"Physical Sciences"}},{"id":"https://openalex.org/T11424","display_name":"Security and Verification in Computing","score":0.9980999827384949,"subfield":{"id":"https://openalex.org/subfields/1702","display_name":"Artificial Intelligence"},"field":{"id":"https://openalex.org/fields/17","display_name":"Computer Science"},"domain":{"id":"https://openalex.org/domains/3","display_name":"Physical Sciences"}}],"keywords":[{"id":"https://openalex.org/keywords/container","display_name":"Container (type theory)","score":0.6853794455528259},{"id":"https://openalex.org/keywords/network-forensics","display_name":"Network forensics","score":0.6464414596557617},{"id":"https://openalex.org/keywords/computer-science","display_name":"Computer science","score":0.6102253198623657},{"id":"https://openalex.org/keywords/drop","display_name":"Drop (telecommunication)","score":0.5528339147567749},{"id":"https://openalex.org/keywords/computer-security","display_name":"Computer security","score":0.43590080738067627},{"id":"https://openalex.org/keywords/digital-forensics","display_name":"Digital forensics","score":0.4288294315338135},{"id":"https://openalex.org/keywords/engineering","display_name":"Engineering","score":0.11376896500587463},{"id":"https://openalex.org/keywords/telecommunications","display_name":"Telecommunications","score":0.08517515659332275},{"id":"https://openalex.org/keywords/mechanical-engineering","display_name":"Mechanical engineering","score":0.05064907670021057}],"concepts":[{"id":"https://openalex.org/C2781018962","wikidata":"https://www.wikidata.org/wiki/Q5164884","display_name":"Container (type theory)","level":2,"score":0.6853794455528259},{"id":"https://openalex.org/C50747538","wikidata":"https://www.wikidata.org/wiki/Q7001032","display_name":"Network forensics","level":3,"score":0.6464414596557617},{"id":"https://openalex.org/C41008148","wikidata":"https://www.wikidata.org/wiki/Q21198","display_name":"Computer science","level":0,"score":0.6102253198623657},{"id":"https://openalex.org/C2781345722","wikidata":"https://www.wikidata.org/wiki/Q5308388","display_name":"Drop (telecommunication)","level":2,"score":0.5528339147567749},{"id":"https://openalex.org/C38652104","wikidata":"https://www.wikidata.org/wiki/Q3510521","display_name":"Computer security","level":1,"score":0.43590080738067627},{"id":"https://openalex.org/C84418412","wikidata":"https://www.wikidata.org/wiki/Q3246940","display_name":"Digital forensics","level":2,"score":0.4288294315338135},{"id":"https://openalex.org/C127413603","wikidata":"https://www.wikidata.org/wiki/Q11023","display_name":"Engineering","level":0,"score":0.11376896500587463},{"id":"https://openalex.org/C76155785","wikidata":"https://www.wikidata.org/wiki/Q418","display_name":"Telecommunications","level":1,"score":0.08517515659332275},{"id":"https://openalex.org/C78519656","wikidata":"https://www.wikidata.org/wiki/Q101333","display_name":"Mechanical engineering","level":1,"score":0.05064907670021057}],"mesh":[],"locations_count":2,"locations":[{"id":"doi:10.1145/3664476.3670895","is_oa":false,"landing_page_url":"https://doi.org/10.1145/3664476.3670895","pdf_url":null,"source":null,"license":null,"license_id":null,"version":"publishedVersion","is_accepted":true,"is_published":true,"raw_source_name":"Proceedings of the 19th International Conference on Availability, Reliability and Security","raw_type":"proceedings-article"},{"id":"pmh:oai:repository.lsu.edu:eecs_pubs-3328","is_oa":true,"landing_page_url":"https://repository.lsu.edu/eecs_pubs/2326","pdf_url":null,"source":{"id":"https://openalex.org/S4210169993","display_name":"Civil War Book Review","issn_l":"1528-6592","issn":["1528-6592"],"is_oa":true,"is_in_doaj":false,"is_core":false,"host_organization":"https://openalex.org/P4310315936","host_organization_name":"Louisiana State University","host_organization_lineage":["https://openalex.org/P4310315936"],"host_organization_lineage_names":["Louisiana State University"],"type":"journal"},"license":null,"license_id":null,"version":"submittedVersion","is_accepted":false,"is_published":false,"raw_source_name":"Faculty Publications","raw_type":"text"}],"best_oa_location":{"id":"pmh:oai:repository.lsu.edu:eecs_pubs-3328","is_oa":true,"landing_page_url":"https://repository.lsu.edu/eecs_pubs/2326","pdf_url":null,"source":{"id":"https://openalex.org/S4210169993","display_name":"Civil War Book Review","issn_l":"1528-6592","issn":["1528-6592"],"is_oa":true,"is_in_doaj":false,"is_core":false,"host_organization":"https://openalex.org/P4310315936","host_organization_name":"Louisiana State University","host_organization_lineage":["https://openalex.org/P4310315936"],"host_organization_lineage_names":["Louisiana State University"],"type":"journal"},"license":null,"license_id":null,"version":"submittedVersion","is_accepted":false,"is_published":false,"raw_source_name":"Faculty Publications","raw_type":"text"},"sustainable_development_goals":[],"awards":[],"funders":[],"has_content":{"grobid_xml":false,"pdf":false},"content_urls":null,"referenced_works_count":36,"referenced_works":["https://openalex.org/W2016752183","https://openalex.org/W2092935428","https://openalex.org/W2222737249","https://openalex.org/W2229662347","https://openalex.org/W2344568383","https://openalex.org/W2613345295","https://openalex.org/W2624255989","https://openalex.org/W2734455483","https://openalex.org/W2734941459","https://openalex.org/W2744544580","https://openalex.org/W2766645114","https://openalex.org/W2845881471","https://openalex.org/W2919541189","https://openalex.org/W2935205354","https://openalex.org/W2936268283","https://openalex.org/W2956221590","https://openalex.org/W2967637625","https://openalex.org/W3002342731","https://openalex.org/W3004805649","https://openalex.org/W3005899515","https://openalex.org/W3010788741","https://openalex.org/W3035749538","https://openalex.org/W3042306991","https://openalex.org/W3082693641","https://openalex.org/W3103894276","https://openalex.org/W3111005548","https://openalex.org/W3126998840","https://openalex.org/W3128340129","https://openalex.org/W3198962051","https://openalex.org/W4281629071","https://openalex.org/W4284961255","https://openalex.org/W4284975799","https://openalex.org/W4286005470","https://openalex.org/W4292332550","https://openalex.org/W4296934749","https://openalex.org/W4386946955"],"related_works":["https://openalex.org/W2972427363","https://openalex.org/W2121070677","https://openalex.org/W2161391695","https://openalex.org/W4238452393","https://openalex.org/W188028618","https://openalex.org/W2489557937","https://openalex.org/W1500698787","https://openalex.org/W1970399788","https://openalex.org/W4385257722","https://openalex.org/W2111038567"],"abstract_inverted_index":{"In":[0],"the":[1,59,63,82,106,120,135,146,193,200,229],"rapidly":[2],"evolving":[3],"landscape":[4],"of":[5,45,58,65,85,108,215,232],"cloud":[6],"computing,":[7],"containerization":[8],"technologies":[9],"such":[10],"as":[11,235],"Docker":[12],"and":[13,21,76,130,142,159,188,243],"Kubernetes":[14],"have":[15],"become":[16],"instrumental":[17],"in":[18,97,140,173],"deploying,":[19],"scaling,":[20],"managing":[22],"applications.":[23],"However,":[24],"these":[25,51,109],"containers":[26,221],"pose":[27],"unique":[28],"challenges":[29,52],"for":[30,70,105,125,203,239],"memory":[31,39,72,129,137,177,241],"forensics":[32,40,242],"due":[33],"to":[34,62,152,207],"their":[35],"ephemeral":[36],"nature.":[37],"As":[38],"is":[41,119,189],"a":[42,55,66,90,94,102,127,174,205,213],"crucial":[43],"aspect":[44],"incident":[46,244],"response,":[47],"our":[48,79],"work":[49,80,227],"combats":[50],"by":[53,211],"developing":[54],"deeper":[56],"understanding":[57],"containers,":[60],"leading":[61],"development":[64],"novel,":[67],"scalable":[68],"tool":[69,103],"container":[71,86,166,194,206,240],"forensics.":[73],"Through":[74],"experimental":[75],"computational":[77],"analyses,":[78],"investigates":[81],"forensic":[83],"capabilities":[84],"checkpoints,":[87],"which":[88],"capture":[89],"container\u2019s":[91,128,175],"state":[92],"at":[93,163],"specific":[95],"moment":[96],"time.":[98],"We":[99,111,168],"introduce":[100],"ConPoint,":[101],"created":[104],"collection":[107],"checkpoints.":[110,167],"focused":[112],"on":[113,150],"three":[114],"primary":[115],"research":[116],"questions:":[117],"What":[118],"most":[121],"forensically":[122],"sound":[123],"approach":[124,155],"checkpointing":[126,204,234],"filesystem?,":[131],"How":[132,143],"long":[133,144],"does":[134,145],"volatile":[136,176],"evidence":[138,172],"reside":[139],"memory?,":[141],"checkpoint":[147],"process":[148],"take":[149],"average":[151,201],"complete?":[153],"Our":[154,197],"successfully":[156],"captured":[157],"checkpoints":[158,219],"retrieved":[160],"artifacts":[161],"generated":[162],"runtime":[164],"from":[165,220],"found":[169],"that":[170],"digital":[171],"can":[178],"persist":[179],"during":[180],"idle":[181],"states,":[182],"yet":[183],"gradually":[184],"diminishes":[185],"over":[186],"time":[187,202],"entirely":[190],"lost":[191],"when":[192],"shuts":[195],"down.":[196],"experiments":[198],"determined":[199],"be":[208],"0.537":[209],"seconds":[210],"acquiring":[212],"total":[214],"(n":[216],"=":[217],"45)":[218],"running":[222],"different":[223],"databases.":[224],"The":[225],"proposed":[226],"demonstrates":[228],"pragmatic":[230],"feasibility":[231],"implementing":[233],"an":[236],"overarching":[237],"strategy":[238],"response.":[245]},"counts_by_year":[{"year":2025,"cited_by_count":1}],"updated_date":"2026-03-27T05:58:40.876381","created_date":"2025-10-10T00:00:00"}