{"status":"ok","message-type":"work","message-version":"1.0.0","message":{"indexed":{"date-parts":[[2026,1,29]],"date-time":"2026-01-29T20:26:48Z","timestamp":1769718408677,"version":"3.49.0"},"reference-count":53,"publisher":"IEEE","license":[{"start":{"date-parts":[[2025,11,16]],"date-time":"2025-11-16T00:00:00Z","timestamp":1763251200000},"content-version":"stm-asf","delay-in-days":0,"URL":"https:\/\/2.zoppoz.workers.dev:443\/https\/doi.org\/10.15223\/policy-029"},{"start":{"date-parts":[[2025,11,16]],"date-time":"2025-11-16T00:00:00Z","timestamp":1763251200000},"content-version":"stm-asf","delay-in-days":0,"URL":"https:\/\/2.zoppoz.workers.dev:443\/https\/doi.org\/10.15223\/policy-037"}],"content-domain":{"domain":[],"crossmark-restriction":false},"short-container-title":[],"published-print":{"date-parts":[[2025,11,16]]},"DOI":"10.1109\/ase63991.2025.00111","type":"proceedings-article","created":{"date-parts":[[2026,1,28]],"date-time":"2026-01-28T20:54:38Z","timestamp":1769633678000},"page":"1299-1311","source":"Crossref","is-referenced-by-count":0,"title":["AMPLE: Fine-grained File Access Policies for Server Applications"],"prefix":"10.1109","author":[{"given":"Seyedhamed","family":"Ghavamnia","sequence":"first","affiliation":[{"name":"Bloomberg"}],"role":[{"role":"author","vocabulary":"crossref"}]},{"given":"Julien","family":"Vanegue","sequence":"additional","affiliation":[{"name":"Bloomberg"}],"role":[{"role":"author","vocabulary":"crossref"}]}],"member":"263","reference":[{"key":"ref1","volume-title":"aa-easyprof manpage"},{"key":"ref2","volume-title":"AppArmor Linux kernel security module"},{"key":"ref10","volume-title":"Landlock: unprivileged access control"},{"key":"ref11","volume-title":"The often misunderstood GEP instruction"},{"key":"ref12","volume-title":"Redis benchmark"},{"key":"ref15","volume-title":"xstress version 0.40"},{"key":"ref17","volume-title":"Ubuntu manpages - aa-genprof","year":"2019"},{"key":"ref19","doi-asserted-by":"publisher","DOI":"10.1145\/3359789.3359823"},{"key":"ref20","article-title":"Program analysis and specialization for the C programming language","volume-title":"PhD thesis","author":"Ole Andersen","year":"1994"},{"key":"ref21","doi-asserted-by":"publisher","DOI":"10.1145\/3422337.3447844"},{"key":"ref22","doi-asserted-by":"publisher","DOI":"10.1145\/3474123.3486762"},{"key":"ref23","doi-asserted-by":"publisher","DOI":"10.1145\/270152.270159"},{"key":"ref24","article-title":"Sysfilter: Automated system call filtering for commodity software","volume-title":"Proceedings of the International Conference on Research in Attacks, Intrusions, and Defenses (RAID)","author":"DeMarinis"},{"key":"ref25","doi-asserted-by":"publisher","DOI":"10.1145\/3319535.3345665"},{"key":"ref26","article-title":"Confine: Automated system call policy generation for container attack surface reduction","volume-title":"Proceedings of the International Conference on Research in Attacks, Intrusions, and Defenses (RAID)","author":"Ghavamnia"},{"key":"ref27","article-title":"Temporal system call specialization for attack surface reduction","volume-title":"Proceedings of the 29th USENIX Security Symposium","author":"Ghavamnia"},{"key":"ref28","doi-asserted-by":"publisher","DOI":"10.1145\/3548606.3559366"},{"key":"ref29","doi-asserted-by":"publisher","DOI":"10.1145\/3545948.3545978"},{"key":"ref30","first-page":"271","article-title":"BigMAC: Fine-Grained policy analysis of android firmware","volume-title":"29th USENIX Security Symposium (USENIX Security 20)","author":"Hernandez"},{"key":"ref31","doi-asserted-by":"publisher","DOI":"10.6028\/NIST.SP.800-162"},{"key":"ref32","doi-asserted-by":"publisher","DOI":"10.1145\/3301417.3312501"},{"key":"ref33","doi-asserted-by":"publisher","DOI":"10.1145\/775265.775268"},{"key":"ref34","first-page":"2579","article-title":"PolyScope: Multi-Policy access control analysis to compute authorized attack operations in android systems","volume-title":"30th USENIX Security Symposium (USENIX Security 21)","author":"Lee"},{"key":"ref35","doi-asserted-by":"publisher","DOI":"10.1007\/978-3-319-60876-1_11"},{"key":"ref36","doi-asserted-by":"publisher","DOI":"10.1109\/ISPA-BDCloud-SocialCom-SustainCom51426.2020.00075"},{"key":"ref37","doi-asserted-by":"publisher","DOI":"10.1145\/3548606.3560585"},{"key":"ref38","doi-asserted-by":"publisher","DOI":"10.1109\/ICDCS.2018.00169"},{"key":"ref39","doi-asserted-by":"publisher","DOI":"10.1145\/3319535.3354244"},{"key":"ref40","doi-asserted-by":"publisher","DOI":"10.1109\/CNS.2015.7346869"},{"key":"ref41","first-page":"279","article-title":"lmbench: Portable tools for performance analysis","volume-title":"Proceedings of the 2nd USENIX annual technical conference (ATC)","author":"McVoy"},{"key":"ref42","doi-asserted-by":"publisher","DOI":"10.1145\/3274694.3274703"},{"key":"ref43","doi-asserted-by":"publisher","DOI":"10.1109\/EuroSP48549.2020.00010"},{"key":"ref44","doi-asserted-by":"publisher","DOI":"10.1109\/ISPASS.2016.7482080"},{"key":"ref45","first-page":"1733","article-title":"Razor: A framework for post-deployment software debloating","volume-title":"Proceedings of the 28th USENIX Conference on Security Symposium, SEC\u201919","author":"Qian"},{"key":"ref46","doi-asserted-by":"publisher","DOI":"10.1145\/3372297.3417866"},{"key":"ref47","first-page":"869","article-title":"Debloating software through piece-wise compilation and loading","volume-title":"Proceedings of the 27th USENIX Security Symposium","author":"Quach"},{"key":"ref48","doi-asserted-by":"publisher","DOI":"10.1145\/3576915.3623207"},{"key":"ref49","doi-asserted-by":"publisher","DOI":"10.1016\/j.cose.2023.103325"},{"key":"ref50","doi-asserted-by":"publisher","DOI":"10.1109\/PROC.1975.9939"},{"key":"ref51","doi-asserted-by":"publisher","DOI":"10.1016\/s0065-2458(08)60206-5"},{"key":"ref52","doi-asserted-by":"publisher","DOI":"10.1145\/237721.237727"},{"key":"ref53","doi-asserted-by":"publisher","DOI":"10.1145\/2892208.2892235"},{"key":"ref54","doi-asserted-by":"publisher","DOI":"10.1109\/TSE.2014.2302311"},{"key":"ref55","doi-asserted-by":"publisher","DOI":"10.1145\/3545948.3545966"},{"key":"ref56","doi-asserted-by":"publisher","DOI":"10.1145\/1266840.1266870"},{"key":"ref57","first-page":"351","article-title":"{EASEAndroid}: Automatic policy analysis and refinement for security enhanced android via {Large-Scale}{Semi-Supervised} learning","volume-title":"Proceedings of the 24th USENIX Security Symposium (USENIX Security 15)","author":"Wang"},{"key":"ref58","doi-asserted-by":"publisher","DOI":"10.14722\/ndss.2025.240418"},{"key":"ref59","doi-asserted-by":"publisher","DOI":"10.1016\/j.future.2022.04.016"},{"key":"ref60","doi-asserted-by":"publisher","DOI":"10.1109\/TDSC.2014.2369048"},{"key":"ref61","doi-asserted-by":"publisher","DOI":"10.1109\/jiot.2022.3222074"},{"key":"ref62","first-page":"3273","article-title":"StateFuzz: System call-based state-aware linux driver fuzzing","volume-title":"31st USENIX Security Symposium (USENIX Security 22)","author":"Zhao"},{"key":"ref63","doi-asserted-by":"publisher","DOI":"10.1016\/j.jisa.2021.102924"},{"key":"ref64","doi-asserted-by":"publisher","DOI":"10.1109\/COMSNETS53615.2022.9668504"}],"event":{"name":"2025 40th IEEE\/ACM International Conference on Automated Software Engineering (ASE)","location":"Seoul, Korea, Republic of","start":{"date-parts":[[2025,11,16]]},"end":{"date-parts":[[2025,11,20]]}},"container-title":["2025 40th IEEE\/ACM International Conference on Automated Software Engineering (ASE)"],"original-title":[],"link":[{"URL":"https:\/\/2.zoppoz.workers.dev:443\/http\/xplorestaging.ieee.org\/ielx8\/11334056\/11334198\/11334498.pdf?arnumber=11334498","content-type":"unspecified","content-version":"vor","intended-application":"similarity-checking"}],"deposited":{"date-parts":[[2026,1,29]],"date-time":"2026-01-29T09:20:02Z","timestamp":1769678402000},"score":1,"resource":{"primary":{"URL":"https:\/\/2.zoppoz.workers.dev:443\/https\/ieeexplore.ieee.org\/document\/11334498\/"}},"subtitle":[],"short-title":[],"issued":{"date-parts":[[2025,11,16]]},"references-count":53,"URL":"https:\/\/2.zoppoz.workers.dev:443\/https\/doi.org\/10.1109\/ase63991.2025.00111","relation":{},"subject":[],"published":{"date-parts":[[2025,11,16]]}}}