乐胖代购免代理版

{"id":"https://openalex.org/W2083794595","doi":"https://doi.org/10.1109/sp.2014.17","title":"Hidden GEMs: Automated Discovery of Access Control Vulnerabilities in Graphical User Interfaces","display_name":"Hidden GEMs: Automated Discovery of Access Control Vulnerabilities in Graphical User Interfaces","publication_year":2014,"publication_date":"2014-05-01","ids":{"openalex":"https://openalex.org/W2083794595","doi":"https://doi.org/10.1109/sp.2014.17","mag":"2083794595"},"language":"en","primary_location":{"is_oa":true,"landing_page_url":"https://doi.org/10.1109/sp.2014.17","pdf_url":"https://ieeexplore.ieee.org/ielx7/6954656/6956545/06956562.pdf","source":{"id":"https://openalex.org/S4306418833","display_name":"IEEE Symposium on Security and Privacy","issn_l":null,"issn":null,"is_oa":false,"is_in_doaj":false,"is_indexed_in_scopus":false,"is_core":false,"host_organization":null,"host_organization_name":null,"host_organization_lineage":[],"host_organization_lineage_names":[],"type":"conference"},"license":null,"license_id":null,"version":"publishedVersion","is_accepted":true,"is_published":true},"type":"article","type_crossref":"proceedings-article","indexed_in":["crossref"],"open_access":{"is_oa":true,"oa_status":"bronze","oa_url":"https://ieeexplore.ieee.org/ielx7/6954656/6956545/06956562.pdf","any_repository_has_fulltext":false},"authorships":[{"author_position":"first","author":{"id":"https://openalex.org/A5090070759","display_name":"Collin Mulliner","orcid":null},"institutions":[{"id":"https://openalex.org/I12912129","display_name":"Northeastern University","ror":"https://ror.org/04t5xt781","country_code":"US","type":"funder","lineage":["https://openalex.org/I12912129"]}],"countries":["US"],"is_corresponding":false,"raw_author_name":"Collin Mulliner","raw_affiliation_strings":["Northeastern University, Boston, United States"],"affiliations":[{"raw_affiliation_string":"Northeastern University, Boston, United States","institution_ids":["https://openalex.org/I12912129"]}]},{"author_position":"middle","author":{"id":"https://openalex.org/A5085358980","display_name":"William Robertson","orcid":"https://orcid.org/0000-0002-6968-0273"},"institutions":[{"id":"https://openalex.org/I12912129","display_name":"Northeastern University","ror":"https://ror.org/04t5xt781","country_code":"US","type":"funder","lineage":["https://openalex.org/I12912129"]}],"countries":["US"],"is_corresponding":false,"raw_author_name":"William Robertson","raw_affiliation_strings":["Northeastern University, Boston, United States"],"affiliations":[{"raw_affiliation_string":"Northeastern University, Boston, United States","institution_ids":["https://openalex.org/I12912129"]}]},{"author_position":"last","author":{"id":"https://openalex.org/A5077875821","display_name":"Engin Kirda","orcid":"https://orcid.org/0000-0001-9988-6873"},"institutions":[{"id":"https://openalex.org/I12912129","display_name":"Northeastern University","ror":"https://ror.org/04t5xt781","country_code":"US","type":"funder","lineage":["https://openalex.org/I12912129"]}],"countries":["US"],"is_corresponding":false,"raw_author_name":"Engin Kirda","raw_affiliation_strings":["Northeastern University, Boston, United States"],"affiliations":[{"raw_affiliation_string":"Northeastern University, Boston, United States","institution_ids":["https://openalex.org/I12912129"]}]}],"institution_assertions":[],"countries_distinct_count":1,"institutions_distinct_count":1,"corresponding_author_ids":[],"corresponding_institution_ids":[],"apc_list":null,"apc_paid":null,"fwci":0.822,"has_fulltext":true,"fulltext_origin":"pdf","cited_by_count":14,"citation_normalized_percentile":{"value":0.870921,"is_in_top_1_percent":false,"is_in_top_10_percent":false},"cited_by_percentile_year":{"min":88,"max":89},"biblio":{"volume":null,"issue":null,"first_page":null,"last_page":null},"is_retracted":false,"is_paratext":false,"primary_topic":{"id":"https://openalex.org/T12479","display_name":"Web Application Security Vulnerabilities","score":0.9999,"subfield":{"id":"https://openalex.org/subfields/1710","display_name":"Information Systems"},"field":{"id":"https://openalex.org/fields/17","display_name":"Computer Science"},"domain":{"id":"https://openalex.org/domains/3","display_name":"Physical Sciences"}},"topics":[{"id":"https://openalex.org/T12479","display_name":"Web Application Security Vulnerabilities","score":0.9999,"subfield":{"id":"https://openalex.org/subfields/1710","display_name":"Information Systems"},"field":{"id":"https://openalex.org/fields/17","display_name":"Computer Science"},"domain":{"id":"https://openalex.org/domains/3","display_name":"Physical Sciences"}},{"id":"https://openalex.org/T11424","display_name":"Security and Verification in Computing","score":0.9965,"subfield":{"id":"https://openalex.org/subfields/1702","display_name":"Artificial Intelligence"},"field":{"id":"https://openalex.org/fields/17","display_name":"Computer Science"},"domain":{"id":"https://openalex.org/domains/3","display_name":"Physical Sciences"}},{"id":"https://openalex.org/T11241","display_name":"Advanced Malware Detection Techniques","score":0.985,"subfield":{"id":"https://openalex.org/subfields/1711","display_name":"Signal Processing"},"field":{"id":"https://openalex.org/fields/17","display_name":"Computer Science"},"domain":{"id":"https://openalex.org/domains/3","display_name":"Physical Sciences"}}],"keywords":[{"id":"https://openalex.org/keywords/graphical-user-interface","display_name":"Graphical user interface","score":0.7587666}],"concepts":[{"id":"https://openalex.org/C41008148","wikidata":"https://www.wikidata.org/wiki/Q21198","display_name":"Computer science","level":0,"score":0.82980144},{"id":"https://openalex.org/C37789001","wikidata":"https://www.wikidata.org/wiki/Q782543","display_name":"Graphical user interface","level":2,"score":0.7587666},{"id":"https://openalex.org/C2779343474","wikidata":"https://www.wikidata.org/wiki/Q3109175","display_name":"Context (archaeology)","level":2,"score":0.574653},{"id":"https://openalex.org/C177264268","wikidata":"https://www.wikidata.org/wiki/Q1514741","display_name":"Set (abstract data type)","level":2,"score":0.55522776},{"id":"https://openalex.org/C527821871","wikidata":"https://www.wikidata.org/wiki/Q228502","display_name":"Access control","level":2,"score":0.51010114},{"id":"https://openalex.org/C66153210","wikidata":"https://www.wikidata.org/wiki/Q5597182","display_name":"Graphical user interface testing","level":4,"score":0.44071937},{"id":"https://openalex.org/C2777212361","wikidata":"https://www.wikidata.org/wiki/Q5127848","display_name":"Class (philosophy)","level":2,"score":0.41970137},{"id":"https://openalex.org/C89505385","wikidata":"https://www.wikidata.org/wiki/Q47146","display_name":"User interface","level":2,"score":0.41865814},{"id":"https://openalex.org/C107457646","wikidata":"https://www.wikidata.org/wiki/Q207434","display_name":"Human\u2013computer interaction","level":1,"score":0.39414746},{"id":"https://openalex.org/C136764020","wikidata":"https://www.wikidata.org/wiki/Q466","display_name":"World Wide Web","level":1,"score":0.33345193},{"id":"https://openalex.org/C199360897","wikidata":"https://www.wikidata.org/wiki/Q9143","display_name":"Programming language","level":1,"score":0.33109105},{"id":"https://openalex.org/C38652104","wikidata":"https://www.wikidata.org/wiki/Q3510521","display_name":"Computer security","level":1,"score":0.23528355},{"id":"https://openalex.org/C154945302","wikidata":"https://www.wikidata.org/wiki/Q11660","display_name":"Artificial intelligence","level":1,"score":0.1605955},{"id":"https://openalex.org/C149229913","wikidata":"https://www.wikidata.org/wiki/Q135707","display_name":"User interface design","level":3,"score":0.085722536},{"id":"https://openalex.org/C151730666","wikidata":"https://www.wikidata.org/wiki/Q7205","display_name":"Paleontology","level":1,"score":0.0},{"id":"https://openalex.org/C86803240","wikidata":"https://www.wikidata.org/wiki/Q420","display_name":"Biology","level":0,"score":0.0}],"mesh":[],"locations_count":1,"locations":[{"is_oa":true,"landing_page_url":"https://doi.org/10.1109/sp.2014.17","pdf_url":"https://ieeexplore.ieee.org/ielx7/6954656/6956545/06956562.pdf","source":{"id":"https://openalex.org/S4306418833","display_name":"IEEE Symposium on Security and Privacy","issn_l":null,"issn":null,"is_oa":false,"is_in_doaj":false,"is_indexed_in_scopus":false,"is_core":false,"host_organization":null,"host_organization_name":null,"host_organization_lineage":[],"host_organization_lineage_names":[],"type":"conference"},"license":null,"license_id":null,"version":"publishedVersion","is_accepted":true,"is_published":true}],"best_oa_location":{"is_oa":true,"landing_page_url":"https://doi.org/10.1109/sp.2014.17","pdf_url":"https://ieeexplore.ieee.org/ielx7/6954656/6956545/06956562.pdf","source":{"id":"https://openalex.org/S4306418833","display_name":"IEEE Symposium on Security and Privacy","issn_l":null,"issn":null,"is_oa":false,"is_in_doaj":false,"is_indexed_in_scopus":false,"is_core":false,"host_organization":null,"host_organization_name":null,"host_organization_lineage":[],"host_organization_lineage_names":[],"type":"conference"},"license":null,"license_id":null,"version":"publishedVersion","is_accepted":true,"is_published":true},"sustainable_development_goals":[],"grants":[],"datasets":[],"versions":[],"referenced_works_count":18,"referenced_works":["https://openalex.org/W109951691","https://openalex.org/W127224647","https://openalex.org/W1590462283","https://openalex.org/W1608928262","https://openalex.org/W1980694458","https://openalex.org/W1990467226","https://openalex.org/W20506972","https://openalex.org/W2085925880","https://openalex.org/W2125753667","https://openalex.org/W2141407780","https://openalex.org/W2143058502","https://openalex.org/W2144696387","https://openalex.org/W2162720432","https://openalex.org/W2167762898","https://openalex.org/W2170806228","https://openalex.org/W2971171795","https://openalex.org/W3015492789","https://openalex.org/W4247064801"],"related_works":["https://openalex.org/W2381088774","https://openalex.org/W2369004040","https://openalex.org/W2348179769","https://openalex.org/W2248734696","https://openalex.org/W2154998455","https://openalex.org/W2139068398","https://openalex.org/W2116888309","https://openalex.org/W184489130","https://openalex.org/W1539807119","https://openalex.org/W1186135329"],"abstract_inverted_index":{"Graphical":[0],"user":[1],"interfaces":[2],"(GUIs)":[3],"are":[4,54,59,105],"the":[5,37,89,100,163,182,201,209,228,233,246],"predominant":[6],"means":[7],"by":[8,214],"which":[9],"users":[10,67],"interact":[11],"with":[12],"modern":[13],"programs.":[14],"GUIs":[15,34],"contain":[16],"a":[17,109,129,141,156,190],"number":[18],"of":[19,91,124,132,143,151,165,177,193,211,235,245],"common":[20],"visual":[21,64],"elements":[22],"or":[23,122],"widgets":[24,44],"such":[25],"as":[26,108,128],"labels,":[27],"text":[28],"fields,":[29],"buttons,":[30],"and":[31,33,51,154,161,204,207,238],"lists,":[32],"typically":[35],"provide":[36,63],"ability":[38],"to":[39,45,62,66,68,232],"set":[40,192],"attributes":[41,58,104],"on":[42],"these":[43,57,223],"control":[46,114,134,220],"their":[47],"visibility,":[48],"enabled":[49],"status,":[50],"whether":[52],"they":[53,75,82],"writable.":[55],"While":[56],"extremely":[60],"useful":[61],"cues":[65],"guide":[69],"them":[70],"through":[71,149],"an":[72,175],"application's":[73],"GUI,":[74],"can":[76,147],"also":[77],"be":[78],"misused":[79,107],"for":[80,111,159,181],"purposes":[81],"were":[83],"not":[84],"intended.":[85],"In":[86,116],"particular,":[87],"in":[88,136,167,222,239],"context":[90],"GUI-based":[92,137,197],"applications":[93,198],"that":[94,146],"include":[95],"multiple":[96],"privilege":[97],"levels":[98],"within":[99],"application,":[101,237],"GUI":[102,125],"element":[103,126],"often":[106],"mechanism":[110],"enforcing":[112],"access":[113,133,219],"policies.":[115],"this":[117],"work,":[118],"we":[119,230],"introduce":[120],"GEMs,":[121],"instances":[123],"misuse,":[127],"novel":[130],"class":[131],"vulnerabilities":[135,221,229],"applications.":[138,169,224],"We":[139,170,185,225],"present":[140,172],"classification":[142],"different":[144],"GEMs":[145,166],"arise":[148],"misuse":[150],"widget":[152],"attributes,":[153],"describe":[155],"general":[157],"algorithm":[158],"identifying":[160],"confirming":[162],"presence":[164],"vulnerable":[168],"then":[171],"GEM":[173,179,187],"Miner,":[174],"implementation":[176],"our":[178,212],"analysis":[180,213],"Windows":[183],"platform.":[184],"evaluate":[186],"Miner":[188],"over":[189],"test":[191],"three":[194],"complex,":[195],"real-world":[196],"targeted":[199],"at":[200],"small":[202],"business":[203],"enterprise":[205],"markets,":[206],"demonstrate":[208],"efficacy":[210],"finding":[215],"numerous":[216],"previously":[217],"unknown":[218],"have":[226,242],"reported":[227],"discovered":[231],"developers":[234],"each":[236],"one":[240],"case":[241],"received":[243],"confirmation":[244],"issue.":[247]},"abstract_inverted_index_v3":null,"cited_by_api_url":"https://api.openalex.org/works?filter=cites:W2083794595","counts_by_year":[{"year":2024,"cited_by_count":1},{"year":2022,"cited_by_count":3},{"year":2021,"cited_by_count":1},{"year":2020,"cited_by_count":4},{"year":2018,"cited_by_count":1},{"year":2017,"cited_by_count":1},{"year":2016,"cited_by_count":1},{"year":2015,"cited_by_count":1},{"year":2014,"cited_by_count":1}],"updated_date":"2025-03-17T13:16:16.985892","created_date":"2016-06-24"}