乐胖代购免代理版

{"status":"ok","message-type":"work","message-version":"1.0.0","message":{"indexed":{"date-parts":[[2024,10,30]],"date-time":"2024-10-30T22:22:53Z","timestamp":1730326973318,"version":"3.28.0"},"publisher-location":"New York, NY, USA","reference-count":54,"publisher":"ACM","content-domain":{"domain":["dl.acm.org"],"crossmark-restriction":true},"short-container-title":[],"published-print":{"date-parts":[[2023,11,30]]},"DOI":"10.1145\/3611643.3613889","type":"proceedings-article","created":{"date-parts":[[2023,11,30]],"date-time":"2023-11-30T23:14:38Z","timestamp":1701386078000},"page":"1985-1996","update-policy":"http:\/\/dx.doi.org\/10.1145\/crossmark-policy","source":"Crossref","is-referenced-by-count":2,"title":["Compositional Taint Analysis for Enforcing Security Policies at Scale"],"prefix":"10.1145","author":[{"ORCID":"http:\/\/orcid.org\/0000-0001-5449-2264","authenticated-orcid":false,"given":"Subarno","family":"Banerjee","sequence":"first","affiliation":[{"name":"Amazon Web Services, Seattle, United States"}]},{"ORCID":"http:\/\/orcid.org\/0000-0002-0302-1064","authenticated-orcid":false,"given":"Siwei","family":"Cui","sequence":"additional","affiliation":[{"name":"Texas A&M University, College Station, USA"}]},{"ORCID":"http:\/\/orcid.org\/0009-0002-6283-5890","authenticated-orcid":false,"given":"Michael","family":"Emmi","sequence":"additional","affiliation":[{"name":"Amazon Web Services, Seattle, USA"}]},{"ORCID":"http:\/\/orcid.org\/0000-0001-9646-646X","authenticated-orcid":false,"given":"Antonio","family":"Filieri","sequence":"additional","affiliation":[{"name":"Amazon Web Services, Seattle, United States"}]},{"ORCID":"http:\/\/orcid.org\/0009-0007-2146-7303","authenticated-orcid":false,"given":"Liana","family":"Hadarean","sequence":"additional","affiliation":[{"name":"Amazon Web Services, Seattle, USA"}]},{"ORCID":"http:\/\/orcid.org\/0009-0005-9392-3481","authenticated-orcid":false,"given":"Peixuan","family":"Li","sequence":"additional","affiliation":[{"name":"Amazon Web Services, Seattle, United States"}]},{"ORCID":"http:\/\/orcid.org\/0000-0003-2054-0373","authenticated-orcid":false,"given":"Linghui","family":"Luo","sequence":"additional","affiliation":[{"name":"Amazon Web Services, Berlin, Germany"}]},{"ORCID":"http:\/\/orcid.org\/0000-0003-4424-5838","authenticated-orcid":false,"given":"Goran","family":"Piskachev","sequence":"additional","affiliation":[{"name":"Amazon Web Services, Berlin, Germany"}]},{"ORCID":"http:\/\/orcid.org\/0000-0002-0742-8101","authenticated-orcid":false,"given":"Nicol\u00e1s","family":"Rosner","sequence":"additional","affiliation":[{"name":"Amazon Web Services, Seattle, USA"}]},{"ORCID":"http:\/\/orcid.org\/0000-0003-0138-9858","authenticated-orcid":false,"given":"Aritra","family":"Sengupta","sequence":"additional","affiliation":[{"name":"Amazon Web Services, Seattle, USA"}]},{"ORCID":"http:\/\/orcid.org\/0000-0002-2393-854X","authenticated-orcid":false,"given":"Omer","family":"Tripp","sequence":"additional","affiliation":[{"name":"Amazon Web Services, Seattle, United States"}]},{"ORCID":"http:\/\/orcid.org\/0000-0001-5877-2677","authenticated-orcid":false,"given":"Jingbo","family":"Wang","sequence":"additional","affiliation":[{"name":"University of Southern California, Los Angeles, USA"}]}],"member":"320","published-online":{"date-parts":[[2023,11,30]]},"reference":[{"key":"e_1_3_2_2_1_1","unstructured":"[n. d.]. Amazon CodeGuru. https:\/\/aws.amazon.com\/codeguru"},{"key":"e_1_3_2_2_2_1","unstructured":"[n. d.]. Amazon CodeGuru Reviewer. https:\/\/docs.aws.amazon.com\/codeguru\/latest\/reviewer-ug\/welcome.html"},{"key":"e_1_3_2_2_3_1","unstructured":"[n. d.]. Amazon Elastic Container Registry (Amazon ECR). https:\/\/aws.amazon.com\/ecr\/"},{"key":"e_1_3_2_2_4_1","unstructured":"[n. d.]. Amazon Inspector. https:\/\/https:\/\/aws.amazon.com\/inspector\/"},{"key":"e_1_3_2_2_5_1","unstructured":"[n. d.]. AWS Lambda. https:\/\/docs.aws.amazon.com\/lambda\/latest\/dg\/welcome.html"},{"key":"e_1_3_2_2_6_1","unstructured":"[n. d.]. CodeQL. https:\/\/codeql.github.com\/"},{"key":"e_1_3_2_2_7_1","unstructured":"[n. d.]. CodeQL Github Action. https:\/\/github.com\/github\/codeql-action"},{"key":"e_1_3_2_2_8_1","unstructured":"[n. d.]. Cross Site Scripting (XSS). https:\/\/owasp.org\/www-community\/attacks\/xss\/"},{"key":"e_1_3_2_2_9_1","unstructured":"[n. d.]. Docker Hub. https:\/\/hub.docker.com\/"},{"volume-title":"d.]. Identity Theft Resource Centre","year":"2022","key":"e_1_3_2_2_10_1","unstructured":"[n. d.]. Identity Theft Resource Centre, 2022 Data Breach Report. https:\/\/www.idtheftcenter.org\/publication\/2022-data-breach-report\/"},{"key":"e_1_3_2_2_11_1","unstructured":"[n. d.]. Libraries.io. https:\/\/libraries.io\/"},{"key":"e_1_3_2_2_12_1","unstructured":"[n. d.]. Maven Central Repository. https:\/\/maven.apache.org\/"},{"key":"e_1_3_2_2_13_1","unstructured":"[n. d.]. Optus Data Breach. https:\/\/www.cshub.com\/attacks\/news\/iotw-everything-we-know-about-the-optus-data-breach"},{"key":"e_1_3_2_2_14_1","unstructured":"[n. d.]. OWASP Benchmark: The OWASP Benchmark Project. https:\/\/owasp.org\/www-project-benchmark"},{"key":"e_1_3_2_2_15_1","unstructured":"[n. d.]. OWASP Top Ten 2017: Injection. https:\/\/owasp.org\/www-project-top-ten\/2017\/A1_2017-Injection"},{"key":"e_1_3_2_2_16_1","unstructured":"[n. d.]. OWASP XXE: OWASP Cheat Sheet Series. https:\/\/cheatsheetseries.owasp.org\/cheatsheets\/XML_External_Entity_Prevention_Cheat_Sheet.html"},{"key":"e_1_3_2_2_17_1","unstructured":"[n. d.]. Plume Taint Specification. https:\/\/github.com\/plume-oss\/benchmarking\/blob\/main\/experiments\/src\/main\/resources\/taint_definitions.yaml"},{"key":"e_1_3_2_2_18_1","unstructured":"[n. d.]. Scanning AWS Lambda Functions with Amazon Inspector. https:\/\/docs.aws.amazon.com\/inspector\/latest\/user\/scanning-lambda.html"},{"key":"e_1_3_2_2_19_1","unstructured":"[n. d.]. Snyk Container. https:\/\/snyk.io\/product\/container-vulnerability-management\/"},{"key":"e_1_3_2_2_20_1","unstructured":"[n. d.]. SQL Injection. https:\/\/owasp.org\/www-community\/attacks\/SQL_Injection"},{"key":"e_1_3_2_2_21_1","unstructured":"[n. d.]. Twitter Accounts Data Breach. https:\/\/www.cshub.com\/attacks\/news\/54-million-twitter-accounts-reportedly-on-sale-in-hacking-forum"},{"key":"e_1_3_2_2_22_1","unstructured":"[n. d.]. XPath Injection. https:\/\/owasp.org\/www-community\/attacks\/XPATH_Injection"},{"key":"e_1_3_2_2_23_1","unstructured":"[n. d.]. Xstream API Documentation. https:\/\/x-stream.github.io\/javadoc\/index.html"},{"key":"e_1_3_2_2_24_1","unstructured":"[n. d.]. Xstream Security Aspects. https:\/\/x-stream.github.io\/security.html"},{"key":"e_1_3_2_2_25_1","doi-asserted-by":"publisher","DOI":"10.1109\/TSE.2018.2827384"},{"key":"e_1_3_2_2_26_1","doi-asserted-by":"publisher","DOI":"10.1145\/3385412.3386026"},{"key":"e_1_3_2_2_27_1","doi-asserted-by":"publisher","DOI":"10.1145\/2666356.2594299"},{"key":"e_1_3_2_2_28_1","doi-asserted-by":"publisher","DOI":"10.1145\/3236454.3236500"},{"key":"e_1_3_2_2_29_1","doi-asserted-by":"publisher","DOI":"10.1145\/1640089.1640108"},{"key":"e_1_3_2_2_30_1","doi-asserted-by":"publisher","DOI":"10.1007\/978-3-319-17524-9_1"},{"key":"e_1_3_2_2_31_1","volume-title":"Lee Pike, Nicol\u00e1s Rosner, Martin Sch\u00e4f, Aritra Sengupta, and Willem Visser.","author":"Christakis Maria","year":"2022","unstructured":"Maria Christakis, Thomas Cottenier, Antonio Filieri, Linghui Luo, Muhammad Numair Mansur, Lee Pike, Nicol\u00e1s Rosner, Martin Sch\u00e4f, Aritra Sengupta, and Willem Visser. 2022. Input splitting for cloud-based static application security testing platforms. In ESEC\/FSE 2022. https:\/\/www.amazon.science\/publications\/input-splitting-for-cloud-based-static-application-security-testing-platforms"},{"key":"e_1_3_2_2_32_1","doi-asserted-by":"publisher","DOI":"10.1145\/512950.512973"},{"key":"e_1_3_2_2_33_1","doi-asserted-by":"publisher","DOI":"10.1145\/3338112"},{"key":"e_1_3_2_2_34_1","volume-title":"Rapid: Checking API usage for the cloud in the cloud. In ESEC\/FSE","author":"Emmi Michael","year":"2021","unstructured":"Michael Emmi, Liana Hadarean, Ranjit Jhala, Lee Pike, Nicol\u00e1s Rosner, Martin Sch\u00e4f, Aritra Sengupta, and Willem Visser. 2021. Rapid: Checking API usage for the cloud in the cloud. In ESEC\/FSE 2021. https:\/\/www.amazon.science\/publications\/rapid-checking-api-usage-for-the-cloud-in-the-cloud"},{"key":"e_1_3_2_2_35_1","doi-asserted-by":"publisher","DOI":"10.1007\/978-3-319-26529-2_25"},{"key":"e_1_3_2_2_36_1","doi-asserted-by":"publisher","DOI":"10.1145\/3133926"},{"key":"e_1_3_2_2_37_1","doi-asserted-by":"publisher","DOI":"10.1145\/2931098"},{"key":"e_1_3_2_2_38_1","doi-asserted-by":"publisher","DOI":"10.1007\/978-3-642-31057-7_16"},{"key":"e_1_3_2_2_39_1","doi-asserted-by":"publisher","DOI":"10.1007\/3-540-36579-6_12"},{"key":"e_1_3_2_2_40_1","doi-asserted-by":"publisher","DOI":"10.1145\/3293606"},{"key":"e_1_3_2_2_41_1","doi-asserted-by":"publisher","DOI":"10.1561\/2500000020"},{"key":"e_1_3_2_2_42_1","volume-title":"ECOOP","author":"Mukherjee Rajdeep","year":"2022","unstructured":"Rajdeep Mukherjee, Omer Tripp, Ben Liblit, and Michael Wilson. 2022. Static analysis for AWS best practices in Python code. In ECOOP 2022. https:\/\/www.amazon.science\/publications\/static-analysis-for-aws-best-practices-in-python-code"},{"key":"e_1_3_2_2_43_1","first-page":"1125","article-title":"A Machine-learning Approach for Classifying and Categorizing Android Sources and Sinks","volume":"14","author":"Rasthofer Siegfried","year":"2014","unstructured":"Siegfried Rasthofer, Steven Arzt, and Eric Bodden. 2014. A Machine-learning Approach for Classifying and Categorizing Android Sources and Sinks. In NDSS. 14, 1125.","journal-title":"NDSS."},{"key":"e_1_3_2_2_44_1","doi-asserted-by":"publisher","DOI":"10.1145\/199448.199462"},{"key":"e_1_3_2_2_45_1","doi-asserted-by":"publisher","DOI":"10.5555\/2818754.2818828"},{"key":"e_1_3_2_2_46_1","doi-asserted-by":"publisher","DOI":"10.1145\/3133923"},{"key":"e_1_3_2_2_47_1","doi-asserted-by":"publisher","DOI":"10.1145\/3290361"},{"key":"e_1_3_2_2_48_1","doi-asserted-by":"publisher","DOI":"10.1145\/3290361"},{"key":"e_1_3_2_2_49_1","doi-asserted-by":"publisher","DOI":"10.4230\/LIPIcs.ECOOP.2016.22"},{"key":"e_1_3_2_2_50_1","doi-asserted-by":"publisher","DOI":"10.1145\/353171.353189"},{"key":"e_1_3_2_2_51_1","doi-asserted-by":"publisher","DOI":"10.5555\/647476.727758"},{"key":"e_1_3_2_2_52_1","doi-asserted-by":"publisher","DOI":"10.1145\/3368089.3417059"},{"key":"e_1_3_2_2_53_1","doi-asserted-by":"publisher","DOI":"10.1145\/3037697.3037744"},{"key":"e_1_3_2_2_54_1","doi-asserted-by":"publisher","DOI":"10.1145\/3302424.3303972"}],"event":{"name":"ESEC\/FSE '23: 31st ACM Joint European Software Engineering Conference and Symposium on the Foundations of Software Engineering","sponsor":["SIGSOFT ACM Special Interest Group on Software Engineering"],"location":"San Francisco CA USA","acronym":"ESEC\/FSE '23"},"container-title":["Proceedings of the 31st ACM Joint European Software Engineering Conference and Symposium on the Foundations of Software Engineering"],"original-title":[],"link":[{"URL":"https:\/\/dl.acm.org\/doi\/pdf\/10.1145\/3611643.3613889","content-type":"unspecified","content-version":"vor","intended-application":"similarity-checking"}],"deposited":{"date-parts":[[2024,5,28]],"date-time":"2024-05-28T18:01:07Z","timestamp":1716919267000},"score":1,"resource":{"primary":{"URL":"https:\/\/dl.acm.org\/doi\/10.1145\/3611643.3613889"}},"subtitle":[],"short-title":[],"issued":{"date-parts":[[2023,11,30]]},"references-count":54,"alternative-id":["10.1145\/3611643.3613889","10.1145\/3611643"],"URL":"https:\/\/doi.org\/10.1145\/3611643.3613889","relation":{},"subject":[],"published":{"date-parts":[[2023,11,30]]},"assertion":[{"value":"2023-11-30","order":2,"name":"published","label":"Published","group":{"name":"publication_history","label":"Publication History"}}]}}