{"status":"ok","message-type":"work","message-version":"1.0.0","message":{"indexed":{"date-parts":[[2026,1,8]],"date-time":"2026-01-08T03:35:38Z","timestamp":1767843338807,"version":"3.49.0"},"publisher-location":"Cham","reference-count":42,"publisher":"Springer International Publishing","isbn-type":[{"value":"9783030220372","type":"print"},{"value":"9783030220389","type":"electronic"}],"license":[{"start":{"date-parts":[[2019,1,1]],"date-time":"2019-01-01T00:00:00Z","timestamp":1546300800000},"content-version":"tdm","delay-in-days":0,"URL":"http:\/\/www.springer.com\/tdm"}],"content-domain":{"domain":["link.springer.com"],"crossmark-restriction":false},"short-container-title":[],"published-print":{"date-parts":[[2019]]},"DOI":"10.1007\/978-3-030-22038-9_2","type":"book-chapter","created":{"date-parts":[[2019,6,9]],"date-time":"2019-06-09T19:02:31Z","timestamp":1560106951000},"page":"23-42","update-policy":"https:\/\/doi.org\/10.1007\/springer_crossmark_policy","source":"Crossref","is-referenced-by-count":32,"title":["New Kid on the Web: A Study on the Prevalence of WebAssembly in the Wild"],"prefix":"10.1007","author":[{"given":"Marius","family":"Musch","sequence":"first","affiliation":[]},{"given":"Christian","family":"Wressnegger","sequence":"additional","affiliation":[]},{"given":"Martin","family":"Johns","sequence":"additional","affiliation":[]},{"given":"Konrad","family":"Rieck","sequence":"additional","affiliation":[]}],"member":"297","published-online":{"date-parts":[[2019,6,6]]},"reference":[{"key":"2_CR1","unstructured":"AdGuard Research. Cryptocurrency mining affects over 500 million people. And they have no idea it is happening, October 2017. https:\/\/adguard.com\/en\/blog\/crypto-mining-fever\/"},{"key":"2_CR2","unstructured":"Adobe Corporate Communications. Flash & the future of interactive content (2017). https:\/\/theblog.adobe.com\/adobe-flash-update\/"},{"key":"2_CR3","series-title":"Lecture Notes in Computer Science","doi-asserted-by":"publisher","first-page":"283","DOI":"10.1007\/978-3-319-26096-9_29","volume-title":"Security Protocols XXIII","author":"ST Ali","year":"2015","unstructured":"Ali, S.T., Clarke, D., McCorry, P.: Bitcoin: perils of an unregulated global P2P currency. In: Christianson, B., \u0160venda, P., Maty\u00e1\u0161, V., Malcolm, J., Stajano, F., Anderson, J. (eds.) Security Protocols 2015. LNCS, vol. 9379, pp. 283\u2013293. Springer, Cham (2015). https:\/\/doi.org\/10.1007\/978-3-319-26096-9_29"},{"key":"2_CR4","unstructured":"ASM.js. Frequently asked questions, February 2019. http:\/\/asmjs.org\/faq.html"},{"key":"2_CR5","doi-asserted-by":"publisher","first-page":"894","DOI":"10.1038\/35091039","volume":"412","author":"A-L Barab\u00e1si","year":"2001","unstructured":"Barab\u00e1si, A.-L., Freeh, V.W., Jeong, H., Brockman, J.B.: Parasitic computing. Nature 412, 894\u2013897 (2001)","journal-title":"Nature"},{"key":"2_CR6","unstructured":"ChromeDevTools. Chrome DevTools Protocol Viewer, May 2018. https:\/\/chromedevtools.github.io\/devtools-protocol\/"},{"key":"2_CR7","unstructured":"Chromium Blog. Goodbye pnacl, hello webassembly! May 2017. https:\/\/blog.chromium.org\/2017\/05\/goodbye-pnacl-hello-webassembly.html"},{"key":"2_CR8","unstructured":"Clark, L.: What makes webassembly fast? February 2017. https:\/\/hacks.mozilla.org\/2017\/02\/what-makes-webassembly-fast\/"},{"key":"2_CR9","unstructured":"CoinHive Documentation. JavaScript Miner, February 2019. https:\/\/coinhive.com\/documentation\/miner"},{"key":"2_CR10","doi-asserted-by":"crossref","unstructured":"Cova, M., Kruegel, C., Vigna, G.: Detection and analysis of drive-by-download attacks and malicious javascript code. In: Proceedings of the International World Wide Web Conference (WWW) (2010)","DOI":"10.1145\/1772690.1772720"},{"key":"2_CR11","unstructured":"Curtsinger, C., Livshits, B., Zorn, B.G., Seifert, C.: Zozzle: Fast and precise in-browser javascript malware detection. In: Proceedings of USENIX Security Symposium (2011)"},{"key":"2_CR12","doi-asserted-by":"crossref","unstructured":"Eskandari, S., Leoutsarakos, A., Mursch, T., Clark, J.: A first look at browser-based cryptojacking. In: Proceedings of IEEE Security and Privacy on the Blockchain Workshop (2018)","DOI":"10.1109\/EuroSPW.2018.00014"},{"key":"2_CR13","doi-asserted-by":"crossref","unstructured":"Haas, A., et al.: Bringing the web up to speed with WebAssembly. In: Proceedings of ACM SIGPLAN International Conference on Programming Languages Design and Implementation (PLDI), pp. 185\u2013200 (2017)","DOI":"10.1145\/3062341.3062363"},{"key":"2_CR14","doi-asserted-by":"crossref","unstructured":"Hong, G., et al.: How you get shot in the back: a systematical study about cryptojacking in the real world. In: Proceedings of ACM Conference on Computer and Communications Security (CCS), October 2018","DOI":"10.1145\/3243734.3243840"},{"key":"2_CR15","doi-asserted-by":"crossref","unstructured":"Huang, D.Y., et al.: Botcoin: monetizing stolen cycles. In: Proceedings of Network and Distributed System Security Symposium (NDSS) (2014)","DOI":"10.14722\/ndss.2014.23044"},{"key":"2_CR16","unstructured":"Kapravelos, A., Shoshitaishvili, Y., Cova, M., Kruegel, C., Vigna, G.: Revolver: an automated approach to the detection of evasive web-based malware. In: Proceedings of USENIX Security Symposium (2013)"},{"key":"2_CR17","doi-asserted-by":"crossref","unstructured":"Kim, K., et al.: J-force: forced execution on javascript. In: Proceedings of the International World Wide Web Conference (WWW) (2017)","DOI":"10.1145\/3038912.3052674"},{"key":"2_CR18","doi-asserted-by":"crossref","unstructured":"Kolbitsch, C., Livshits, B., Zorn, B., Seifert, C.: Rozzle: de-cloaking internet malware. In: Proceedings of IEEE Symposium on Security and Privacy (2012)","DOI":"10.1109\/SP.2012.48"},{"key":"2_CR19","unstructured":"Konoth, R.K., et al.: An in-depth look into drive-by mining and its defense. In: Proceedings of ACM Conference on Computer and Communications Security (CCS), October 2018"},{"key":"2_CR20","unstructured":"Krebs, B.: Who and What Is Coinhive? March 2018. https:\/\/krebsonsecurity.com\/2018\/03\/who-and-what-is-coinhive"},{"key":"2_CR21","doi-asserted-by":"crossref","unstructured":"Maisuradze, G., Backes, M., Rossow, C.: Dachshund: digging for and securing against (non-) blinded constants in JIT code. In: Proceedings of Network and Distributed System Security Symposium (NDSS) (2017)","DOI":"10.14722\/ndss.2017.23224"},{"key":"2_CR22","unstructured":"McConnell, J.: Webassembly support now shipping in all major browsers, November 2017. https:\/\/blog.mozilla.org\/blog\/2017\/11\/13\/webassembly-in-browsers\/"},{"key":"2_CR23","unstructured":"MDN Web Docs. Proxy, February 2019. https:\/\/developer.mozilla.org\/en-US\/docs\/Web\/JavaScript\/Reference\/Global_Objects\/Proxy"},{"key":"2_CR24","unstructured":"Microsoft Windows Blogs. A break from the past, part 2: saying goodbye to activex, vbscript, attachevent, May 2015. https:\/\/blogs.windows.com\/msedgedev\/2015\/05\/06\/a-break-from-the-past-part-2-saying-goodbye-to-activex-vbscript-attachevent\/"},{"key":"2_CR25","unstructured":"Nakamoto, S.: Bitcoin: a peer-to-peer electronic cash system, May 2009. http:\/\/www.bitcoin.org\/bitcoin.pdf"},{"key":"2_CR26","unstructured":"\u00d6zkan, S.: CVE Details. http:\/\/www.cvedetails.com"},{"key":"2_CR27","doi-asserted-by":"crossref","unstructured":"Rieck, K., Krueger, T., Dewald, A.: Cujo: efficient detection and prevention of drive-by-download attacks. In: Proceedings of Annual Computer Security Applications Conference (ACSAC) (2010)","DOI":"10.1145\/1920261.1920267"},{"key":"2_CR28","unstructured":"Rodriguez, J.D.P., Posegga, J.: CSP & Co., Can Save Us from a Rogue Cross-Origin Storage Browser Network! But for How Long? In: Proceedings of ACM Conference on Data and Application Security and Privacy (CODASPY) (2018)"},{"key":"2_CR29","doi-asserted-by":"crossref","unstructured":"Rodriguez, J.D.P., Posegga, J.: Rapid: resource and api-based detection against in-browser miners. In: Proceedings of Annual Computer Security Applications Conference (ACSAC) (2018)","DOI":"10.1145\/3274694.3274735"},{"key":"2_CR30","unstructured":"Rossberg, A.: Webassembly core specification. W3C First Public Working Draft, February 2018. https:\/\/www.w3.org\/TR\/2018\/WD-wasm-core-1-20180215"},{"key":"2_CR31","doi-asserted-by":"crossref","unstructured":"R\u00fcth, J., Zimmermann, T., Wolsing, K., Hohlfeld O.: Digging into browser-based crypto mining. In: Proceeings of Internet Measurement Conference (IMC) (2018)","DOI":"10.1145\/3278532.3278539"},{"key":"2_CR32","unstructured":"Salton, G., McGill, M.J.: Introduction to Modern Information Retrieval. McGraw-Hill (1986)"},{"key":"2_CR33","unstructured":"\u201cSeigen\u201d, Jameson, M., Nieminen, T., \u201cNeocortex\u201d, Juarez, A.M.: Cryptonight hash function. CryptoNote Standard 008, March 2008. https:\/\/cryptonote.org\/cns\/cns008.txt"},{"key":"2_CR34","doi-asserted-by":"crossref","unstructured":"Stock, B., Livshits, B., Zorn, B.: Kizzle: a signature compiler for detecting exploit kits. In: Proceedings of Conference on Dependable Systems and Networks (DSN) (2016)","DOI":"10.1109\/DSN.2016.48"},{"key":"2_CR35","series-title":"Lecture Notes in Computer Science","doi-asserted-by":"publisher","first-page":"287","DOI":"10.1007\/978-3-319-66332-6_13","volume-title":"Research in Attacks, Intrusions, and Defenses","author":"R Tahir","year":"2017","unstructured":"Tahir, R., et al.: Mining on someone else\u2019s dime: mitigating covert mining operations in clouds and enterprises. In: Dacier, M., Bailey, M., Polychronakis, M., Antonakakis, M. (eds.) RAID 2017. LNCS, vol. 10453, pp. 287\u2013310. Springer, Cham (2017). https:\/\/doi.org\/10.1007\/978-3-319-66332-6_13"},{"key":"2_CR36","unstructured":"van Saberhagen, N.: Cryptonote v2.0. Technical report, CryptoNote, October 2013"},{"key":"2_CR37","unstructured":"W3C WebAssembly Community Group. Webassembly design documents, January 2019. https:\/\/webassembly.org"},{"key":"2_CR38","doi-asserted-by":"publisher","first-page":"122","DOI":"10.1007\/978-3-319-98989-1_7","volume-title":"Computer Security","author":"Wenhao Wang","year":"2018","unstructured":"Wang, W., Ferrell, B., Xu, X., Hamlen, K.W., Hao, S.: SEISMIC: secure in-lined script monitors for interrupting cryptojacks. In: Proceedings of European Symposium on Research in Computer Security (ESORICS) (2018)"},{"key":"2_CR39","unstructured":"Wasabi. Dynamic Analysis Framework, February 2019. http:\/\/wasabi.software-lab.org"},{"key":"2_CR40","series-title":"Lecture Notes in Computer Science","doi-asserted-by":"publisher","first-page":"101","DOI":"10.1007\/978-3-319-40667-1_6","volume-title":"Detection of Intrusions and Malware, and Vulnerability Assessment","author":"C Wressnegger","year":"2016","unstructured":"Wressnegger, C., Yamaguchi, F., Arp, D., Rieck, K.: Comprehensive analysis and detection of flash-based malware. In: Caballero, J., Zurutuza, U., Rodr\u00edguez, R. (eds.) DIMVA 2016. LNCS, vol. 9721, pp. 101\u2013121. Springer, Cham (2016). https:\/\/doi.org\/10.1007\/978-3-319-40667-1_6"},{"key":"2_CR41","doi-asserted-by":"crossref","unstructured":"Xu, W., Zhang, F., Zhu, S.: JStill: mostly static detection of obfuscated malicious javascript code. In: Proceedings of ACM Conference on Data and Application Security and Privacy (CODASPY) (2013)","DOI":"10.1145\/2435349.2435364"},{"key":"2_CR42","unstructured":"Zakai, A.: Why webassembly is faster than asm.js, March 2017. https:\/\/hacks.mozilla.org\/2017\/03\/why-webassembly-is-faster-than-asm-js\/"}],"container-title":["Lecture Notes in Computer Science","Detection of Intrusions and Malware, and Vulnerability Assessment"],"original-title":[],"language":"en","link":[{"URL":"http:\/\/link.springer.com\/content\/pdf\/10.1007\/978-3-030-22038-9_2","content-type":"unspecified","content-version":"vor","intended-application":"similarity-checking"}],"deposited":{"date-parts":[[2019,11,28]],"date-time":"2019-11-28T01:58:13Z","timestamp":1574906293000},"score":1,"resource":{"primary":{"URL":"http:\/\/link.springer.com\/10.1007\/978-3-030-22038-9_2"}},"subtitle":[],"short-title":[],"issued":{"date-parts":[[2019]]},"ISBN":["9783030220372","9783030220389"],"references-count":42,"URL":"https:\/\/doi.org\/10.1007\/978-3-030-22038-9_2","relation":{},"ISSN":["0302-9743","1611-3349"],"issn-type":[{"value":"0302-9743","type":"print"},{"value":"1611-3349","type":"electronic"}],"subject":[],"published":{"date-parts":[[2019]]},"assertion":[{"value":"6 June 2019","order":1,"name":"first_online","label":"First Online","group":{"name":"ChapterHistory","label":"Chapter History"}},{"value":"DIMVA","order":1,"name":"conference_acronym","label":"Conference Acronym","group":{"name":"ConferenceInfo","label":"Conference Information"}},{"value":"International Conference on Detection of Intrusions and Malware, and Vulnerability Assessment","order":2,"name":"conference_name","label":"Conference Name","group":{"name":"ConferenceInfo","label":"Conference Information"}},{"value":"Gothenburg","order":3,"name":"conference_city","label":"Conference City","group":{"name":"ConferenceInfo","label":"Conference Information"}},{"value":"Sweden","order":4,"name":"conference_country","label":"Conference Country","group":{"name":"ConferenceInfo","label":"Conference Information"}},{"value":"2019","order":5,"name":"conference_year","label":"Conference Year","group":{"name":"ConferenceInfo","label":"Conference Information"}},{"value":"19 June 2019","order":7,"name":"conference_start_date","label":"Conference Start Date","group":{"name":"ConferenceInfo","label":"Conference Information"}},{"value":"20 June 2019","order":8,"name":"conference_end_date","label":"Conference End Date","group":{"name":"ConferenceInfo","label":"Conference Information"}},{"value":"16","order":9,"name":"conference_number","label":"Conference Number","group":{"name":"ConferenceInfo","label":"Conference Information"}},{"value":"dimva2019","order":10,"name":"conference_id","label":"Conference ID","group":{"name":"ConferenceInfo","label":"Conference Information"}},{"value":"https:\/\/www.dimva2019.org\/","order":11,"name":"conference_url","label":"Conference URL","group":{"name":"ConferenceInfo","label":"Conference Information"}},{"value":"Double-blind","order":1,"name":"type","label":"Type","group":{"name":"ConfEventPeerReviewInformation","label":"Peer Review Information"}},{"value":"dimca2019.hotcrp.com","order":2,"name":"conference_management_system","label":"Conference Management System","group":{"name":"ConfEventPeerReviewInformation","label":"Peer Review Information"}},{"value":"80","order":3,"name":"number_of_submissions_sent_for_review","label":"Number of Submissions Sent for Review","group":{"name":"ConfEventPeerReviewInformation","label":"Peer Review Information"}},{"value":"23","order":4,"name":"number_of_full_papers_accepted","label":"Number of Full Papers Accepted","group":{"name":"ConfEventPeerReviewInformation","label":"Peer Review Information"}},{"value":"0","order":5,"name":"number_of_short_papers_accepted","label":"Number of Short Papers Accepted","group":{"name":"ConfEventPeerReviewInformation","label":"Peer Review Information"}},{"value":"29% - The value is computed by the equation \"Number of Full Papers Accepted \/ Number of Submissions Sent for Review * 100\" and then rounded to a whole number.","order":6,"name":"acceptance_rate_of_full_papers","label":"Acceptance Rate of Full Papers","group":{"name":"ConfEventPeerReviewInformation","label":"Peer Review Information"}},{"value":"3","order":7,"name":"average_number_of_reviews_per_paper","label":"Average Number of Reviews per Paper","group":{"name":"ConfEventPeerReviewInformation","label":"Peer Review Information"}},{"value":"6","order":8,"name":"average_number_of_papers_per_reviewer","label":"Average Number of Papers per Reviewer","group":{"name":"ConfEventPeerReviewInformation","label":"Peer Review Information"}},{"value":"Yes","order":9,"name":"external_reviewers_involved","label":"External Reviewers Involved","group":{"name":"ConfEventPeerReviewInformation","label":"Peer Review Information"}}]}}