{"status":"ok","message-type":"work","message-version":"1.0.0","message":{"indexed":{"date-parts":[[2026,4,29]],"date-time":"2026-04-29T18:15:29Z","timestamp":1777486529506,"version":"3.51.4"},"publisher-location":"Cham","reference-count":29,"publisher":"Springer International Publishing","isbn-type":[{"value":"9783030343385","type":"print"},{"value":"9783030343392","type":"electronic"}],"license":[{"start":{"date-parts":[[2019,1,1]],"date-time":"2019-01-01T00:00:00Z","timestamp":1546300800000},"content-version":"tdm","delay-in-days":0,"URL":"http:\/\/www.springer.com\/tdm"}],"content-domain":{"domain":["link.springer.com"],"crossmark-restriction":false},"short-container-title":[],"published-print":{"date-parts":[[2019]]},"DOI":"10.1007\/978-3-030-34339-2_7","type":"book-chapter","created":{"date-parts":[[2019,11,18]],"date-time":"2019-11-18T19:04:55Z","timestamp":1574103895000},"page":"113-131","update-policy":"https:\/\/doi.org\/10.1007\/springer_crossmark_policy","source":"Crossref","is-referenced-by-count":17,"title":["JSLess: A Tale of a Fileless Javascript Memory-Resident Malware"],"prefix":"10.1007","author":[{"given":"Sherif","family":"Saad","sequence":"first","affiliation":[]},{"given":"Farhan","family":"Mahmood","sequence":"additional","affiliation":[]},{"given":"William","family":"Briguglio","sequence":"additional","affiliation":[]},{"given":"Haytham","family":"Elmiligi","sequence":"additional","affiliation":[]}],"member":"297","published-online":{"date-parts":[[2019,11,6]]},"reference":[{"key":"7_CR1","doi-asserted-by":"crossref","unstructured":"Adas, H., Shetty, S., Tayib, W.: Scalable detection of web malware on smartphones. In: 2015 International Conference on Information and Communication Technology Research (ICTRC), pp. 198\u2013201, May 2015","DOI":"10.1109\/ICTRC.2015.7156456"},{"key":"7_CR2","doi-asserted-by":"crossref","unstructured":"AL-Taharwa, I.A., et al.: RedJsod: a readable JavaScript obfuscation detector using semantic-based analysis. In: 2012 IEEE 11th International Conference on Trust, Security and Privacy in Computing and Communications, pp. 1370\u20131375, June 2012","DOI":"10.1109\/TrustCom.2012.235"},{"key":"7_CR3","unstructured":"Arias, D.: Speedy introduction to web workers, August 2018. \n                      https:\/\/auth0.com\/blog\/speedy-introduction-to-web-workers\/"},{"key":"7_CR4","unstructured":"Barkly. The 2017 state of endpoint security risk (2017). \n                      https:\/\/www.barkly.com\/ponemon-2018-endpoint-security-risk"},{"key":"7_CR5","doi-asserted-by":"crossref","unstructured":"Blanc, G., Miyamoto, D., Akiyama, M., Kadobayashi, Y.: Characterizing obfuscated JavaScript using abstract syntax trees: experimenting with malicious scripts. In: 2012 26th International Conference on Advanced Information Networking and Applications Workshops, pp. 344\u2013351, March 2012","DOI":"10.1109\/WAINA.2012.140"},{"key":"7_CR6","doi-asserted-by":"crossref","unstructured":"Cosovan, D., Benchea, R., Gavrilut, D.: A practical guide for detecting the Java script-based malware using hidden Markov models and linear classifiers. In: 2014 16th International Symposium on Symbolic and Numeric Algorithms for Scientific Computing, pp. 236\u2013243, September 2014","DOI":"10.1109\/SYNASC.2014.39"},{"key":"7_CR7","unstructured":"Google Developers. Introduction to service worker\u2014web, May 2019. \n                      https:\/\/developers.google.com\/web\/ilt\/pwa\/introduction-to-service-worker"},{"key":"7_CR8","doi-asserted-by":"publisher","first-page":"59118","DOI":"10.1109\/ACCESS.2018.2874098","volume":"6","author":"Y Fang","year":"2018","unstructured":"Fang, Y., Huang, C., Liu, L., Xue, M.: Research on malicious JavaScript detection technology based on LSTM. IEEE Access 6, 59118\u201359125 (2018)","journal-title":"IEEE Access"},{"key":"7_CR9","unstructured":"Global Research and Analysis Team: KASPERSKY Lab. Fileless attack against enterprise network, White Paper (2017)"},{"key":"7_CR10","unstructured":"INFOSEC. Websocket security issues, December 2014. \n                      https:\/\/resources.infosecinstitute.com\/websocket-security-issues\/"},{"key":"7_CR11","doi-asserted-by":"crossref","unstructured":"Kishore, K.R., Mallesh, M., Jyostna, G., Eswari, P.R.L., Sarma, S.S.: Browser JS guard: detects and defends against malicious JavaScript injection based drive by download attacks. In: The Fifth International Conference on the Applications of Digital Information and Web Technologies (ICADIWT 2014), pp. 92\u2013100, February 2014","DOI":"10.1109\/ICADIWT.2014.6814705"},{"key":"7_CR12","unstructured":"Magnusardottir, A.: Fileless ransomware: how it works & how to stop it?, June 2018. \n                      https:\/\/www.infosecurityeurope.com\/en\/Sessions\/58302\/Fileless-Ransomware-How-It-Works-How-To-Stop-It"},{"key":"7_CR13","unstructured":"Maiorca, D., Russu, P., Corona, I., Biggio, B., Giacinto, G.: Detection of malicious scripting code through discriminant and adversary-aware API analysis. In: Armando, A., Baldoni, R., Focardi, R. (eds.) Proceedings of the First Italian Conference on Cybersecurity (ITASEC17), Venice, Italy, 17\u201320 January 2017. CEUR Workshop Proceedings, vol. 1816, pp. 96\u2013105. CEUR-WS.org (2017)"},{"key":"7_CR14","doi-asserted-by":"publisher","first-page":"12284","DOI":"10.1109\/ACCESS.2018.2795383","volume":"6","author":"J Mao","year":"2018","unstructured":"Mao, J., Bian, J., Bai, G., Wang, R., Chen, Y., Xiao, Y., Liang, Z.: Detecting malicious behaviors in JavaScript applications. IEEE Access 6, 12284\u201312294 (2018)","journal-title":"IEEE Access"},{"key":"7_CR15","unstructured":"McAfee. Fileless malware execution with powershell is easier than you may realize, March 2017. \n                      https:\/\/www.mcafee.com\/enterprise\/en-us\/assets\/solution-briefs\/sb-fileless-malware-execution.pdf"},{"key":"7_CR16","doi-asserted-by":"crossref","unstructured":"Ndichu, S., Ozawa, S., Misu, T., Okada, K.: A machine learning approach to malicious JavaScript detection using fixed length vector representation. In: 2018 International Joint Conference on Neural Networks (IJCNN), pp. 1\u20138, July 2018","DOI":"10.1109\/IJCNN.2018.8489414"},{"key":"7_CR17","unstructured":"Mozilla Developer Network. Glossary: websockets (2015). \n                      https:\/\/developer.mozilla.org\/en-US\/docs\/Glossary\/WebSockets"},{"key":"7_CR18","doi-asserted-by":"crossref","unstructured":"Oh, S., Bae, H., Yoon, S., Kim, H., Cha, Y.: Malicious script blocking detection technology using a local proxy. In: 2016 10th International Conference on Innovative Mobile and Internet Services in Ubiquitous Computing (IMIS), pp. 495\u2013498, July 2016","DOI":"10.1109\/IMIS.2016.125"},{"key":"7_CR19","unstructured":"Kaazing Corporation Peter Lubbers & Frank Greco. HTML5 websocket: a quantum leap in scalability for the web. \n                      www.websocket.org\/quantum.html"},{"key":"7_CR20","doi-asserted-by":"crossref","unstructured":"Shen, V.R.L., Wei, C.-S., Juang, T.T.-Y.: JavaScript malware detection using a high-level fuzzy Petri net, pp. 511\u2013514, July 2018","DOI":"10.1109\/ICMLC.2018.8527036"},{"key":"7_CR21","doi-asserted-by":"crossref","unstructured":"Sachin, V., Chiplunkar, N.N.: SurfGuard JavaScript instrumentation-based defense against drive-by downloads. In: 2012 International Conference on Recent Advances in Computing and Software Systems, pp. 267\u2013272, April 2012","DOI":"10.1109\/RACSS.2012.6212679"},{"key":"7_CR22","doi-asserted-by":"crossref","unstructured":"Sayed, B., Traor\u00e9, I., Abdelhalim. A.: Detection and mitigation of malicious JavaScript using information flow control. In: 2014 Twelfth Annual International Conference on Privacy, Security and Trust, pp. 264\u2013273, July 2014","DOI":"10.1109\/PST.2014.6890948"},{"key":"7_CR23","doi-asserted-by":"publisher","first-page":"768","DOI":"10.1016\/j.procs.2016.07.291","volume":"93","author":"P Seshagiri","year":"2016","unstructured":"Seshagiri, P., Vazhayil, A., Sriram, P.: AMA: static code analysis of web page for the detection of malicious scripts. Procedia Comput. Sci. 93, 768\u2013773 (2016). Proceedings of the 6th International Conference on Advances in Computing and Communications","journal-title":"Procedia Comput. Sci."},{"key":"7_CR24","unstructured":"Netsparker Security Team. DOM based cross-site scripting vulnerability, May 2019. \n                      https:\/\/www.netsparker.com\/blog\/web-security\/dom-based-cross-site-scripting-vulnerability\/"},{"key":"7_CR25","unstructured":"TrendMicro. Analyzing the fileless, code-injecting sorebrect ransomware, June 2017. \n                      https:\/\/blog.trendmicro.com\/trendlabs-security-intelligence\/analyzing-fileless-code-injecting-sorebrect-ransomware\/"},{"key":"7_CR26","doi-asserted-by":"crossref","unstructured":"Wang, C., Zhou, Y.: A new cross-site scripting detection mechanism integrated with HTML5 and CORS properties by using browser extensions. In: 2016 International Computer Symposium (ICS), pp. 264\u2013269, December 2016","DOI":"10.1109\/ICS.2016.0060"},{"key":"7_CR27","doi-asserted-by":"publisher","first-page":"1520","DOI":"10.1002\/sec.1441","volume":"9","author":"Y Wang","year":"2016","unstructured":"Wang, Y., Cai, W.-D., Wei, P.: A deep learning approach for detecting malicious JavaScript code. Secur. Commun. Netw. 9, 1520\u20131534 (2016)","journal-title":"Secur. Commun. Netw."},{"key":"7_CR28","doi-asserted-by":"crossref","unstructured":"Xu, W., Zhang, F., Zhu, S.: The power of obfuscation techniques in malicious JavaScript code: a measurement study. In: 2012 7th International Conference on Malicious and Unwanted Software, pp. 9\u201316, October 2012","DOI":"10.1109\/MALWARE.2012.6461002"},{"key":"7_CR29","doi-asserted-by":"crossref","unstructured":"Yoon, S., Jung, J., Noh, M., Chung, K., Im, C.: Automatic attack signature generation technology for malicious JavaScript. In: Proceedings of 2014 International Conference on Modelling, Identification Control, pp. 351\u2013354, December 2014","DOI":"10.1109\/ICMIC.2014.7020779"}],"container-title":["Lecture Notes in Computer Science","Information Security Practice and Experience"],"original-title":[],"language":"en","link":[{"URL":"http:\/\/link.springer.com\/content\/pdf\/10.1007\/978-3-030-34339-2_7","content-type":"unspecified","content-version":"vor","intended-application":"similarity-checking"}],"deposited":{"date-parts":[[2019,11,18]],"date-time":"2019-11-18T19:21:38Z","timestamp":1574104898000},"score":1,"resource":{"primary":{"URL":"http:\/\/link.springer.com\/10.1007\/978-3-030-34339-2_7"}},"subtitle":[],"short-title":[],"issued":{"date-parts":[[2019]]},"ISBN":["9783030343385","9783030343392"],"references-count":29,"URL":"https:\/\/doi.org\/10.1007\/978-3-030-34339-2_7","relation":{},"ISSN":["0302-9743","1611-3349"],"issn-type":[{"value":"0302-9743","type":"print"},{"value":"1611-3349","type":"electronic"}],"subject":[],"published":{"date-parts":[[2019]]},"assertion":[{"value":"6 November 2019","order":1,"name":"first_online","label":"First Online","group":{"name":"ChapterHistory","label":"Chapter History"}},{"value":"ISPEC","order":1,"name":"conference_acronym","label":"Conference Acronym","group":{"name":"ConferenceInfo","label":"Conference Information"}},{"value":"International Conference on Information Security Practice and Experience","order":2,"name":"conference_name","label":"Conference Name","group":{"name":"ConferenceInfo","label":"Conference Information"}},{"value":"Kuala Lumpur","order":3,"name":"conference_city","label":"Conference City","group":{"name":"ConferenceInfo","label":"Conference Information"}},{"value":"Malaysia","order":4,"name":"conference_country","label":"Conference Country","group":{"name":"ConferenceInfo","label":"Conference Information"}},{"value":"2019","order":5,"name":"conference_year","label":"Conference Year","group":{"name":"ConferenceInfo","label":"Conference Information"}},{"value":"26 November 2019","order":7,"name":"conference_start_date","label":"Conference Start Date","group":{"name":"ConferenceInfo","label":"Conference Information"}},{"value":"28 November 2019","order":8,"name":"conference_end_date","label":"Conference End Date","group":{"name":"ConferenceInfo","label":"Conference Information"}},{"value":"15","order":9,"name":"conference_number","label":"Conference Number","group":{"name":"ConferenceInfo","label":"Conference Information"}},{"value":"ispec2019","order":10,"name":"conference_id","label":"Conference ID","group":{"name":"ConferenceInfo","label":"Conference Information"}},{"value":"http:\/\/ccs.research.utar.edu.my\/ispec2019\/","order":11,"name":"conference_url","label":"Conference URL","group":{"name":"ConferenceInfo","label":"Conference Information"}},{"value":"Double-blind","order":1,"name":"type","label":"Type","group":{"name":"ConfEventPeerReviewInformation","label":"Peer Review Information (provided by the conference organizers)"}},{"value":"EasyChair","order":2,"name":"conference_management_system","label":"Conference Management System","group":{"name":"ConfEventPeerReviewInformation","label":"Peer Review Information (provided by the conference organizers)"}},{"value":"68","order":3,"name":"number_of_submissions_sent_for_review","label":"Number of Submissions Sent for Review","group":{"name":"ConfEventPeerReviewInformation","label":"Peer Review Information (provided by the conference organizers)"}},{"value":"21","order":4,"name":"number_of_full_papers_accepted","label":"Number of Full Papers Accepted","group":{"name":"ConfEventPeerReviewInformation","label":"Peer Review Information (provided by the conference organizers)"}},{"value":"7","order":5,"name":"number_of_short_papers_accepted","label":"Number of Short Papers Accepted","group":{"name":"ConfEventPeerReviewInformation","label":"Peer Review Information (provided by the conference organizers)"}},{"value":"31% - The value is computed by the equation \"Number of Full Papers Accepted \/ Number of Submissions Sent for Review * 100\" and then rounded to a whole number.","order":6,"name":"acceptance_rate_of_full_papers","label":"Acceptance Rate of Full Papers","group":{"name":"ConfEventPeerReviewInformation","label":"Peer Review Information (provided by the conference organizers)"}},{"value":"3.5","order":7,"name":"average_number_of_reviews_per_paper","label":"Average Number of Reviews per Paper","group":{"name":"ConfEventPeerReviewInformation","label":"Peer Review Information (provided by the conference organizers)"}},{"value":"3.5","order":8,"name":"average_number_of_papers_per_reviewer","label":"Average Number of Papers per Reviewer","group":{"name":"ConfEventPeerReviewInformation","label":"Peer Review Information (provided by the conference organizers)"}},{"value":"Yes","order":9,"name":"external_reviewers_involved","label":"External Reviewers Involved","group":{"name":"ConfEventPeerReviewInformation","label":"Peer Review Information (provided by the conference organizers)"}}]}}