{"status":"ok","message-type":"work","message-version":"1.0.0","message":{"indexed":{"date-parts":[[2024,9,11]],"date-time":"2024-09-11T13:51:06Z","timestamp":1726062666878},"publisher-location":"Cham","reference-count":56,"publisher":"Springer International Publishing","isbn-type":[{"type":"print","value":"9783030372279"},{"type":"electronic","value":"9783030372286"}],"license":[{"start":{"date-parts":[[2019,1,1]],"date-time":"2019-01-01T00:00:00Z","timestamp":1546300800000},"content-version":"tdm","delay-in-days":0,"URL":"http:\/\/www.springer.com\/tdm"}],"content-domain":{"domain":["link.springer.com"],"crossmark-restriction":false},"short-container-title":[],"published-print":{"date-parts":[[2019]]},"DOI":"10.1007\/978-3-030-37228-6_10","type":"book-chapter","created":{"date-parts":[[2019,12,16]],"date-time":"2019-12-16T10:00:05Z","timestamp":1576490405000},"page":"191-213","update-policy":"http:\/\/dx.doi.org\/10.1007\/springer_crossmark_policy","source":"Crossref","is-referenced-by-count":0,"title":["ChaffyScript: Vulnerability-Agnostic Defense of JavaScript Exploits via Memory Perturbation"],"prefix":"10.1007","author":[{"given":"Xunchao","family":"Hu","sequence":"first","affiliation":[]},{"given":"Brian","family":"Testa","sequence":"additional","affiliation":[]},{"given":"Heng","family":"Yin","sequence":"additional","affiliation":[]}],"member":"297","published-online":{"date-parts":[[2019,12,13]]},"reference":[{"key":"10_CR1","unstructured":"ActionScript technology center (2017). \nhttp:\/\/www.adobe.com\/devnet\/actionscript.html"},{"key":"10_CR2","unstructured":"AKBuilder (2017). \nhttps:\/\/nakedsecurity.sophos.com\/2017\/02\/07\/akbuilder-is-the-latest-exploit-kit-to-target-word-documents-spread-malware\/"},{"key":"10_CR3","unstructured":"The art of leaks: the return of Feng Shui (2017). \nhttps:\/\/cansecwest.com\/slides\/2014\/The%20Art%20of%20Leaks%20-%20read%20version%20-%20Yoyo.pdf"},{"key":"10_CR4","unstructured":"ASLR bypass apocalypse in recent zero-day exploits (2017). \nhttps:\/\/www.fireeye.com\/blog\/threat-research\/2013\/10\/aslr-bypass-apocalypse-in-lately-zero-day-exploits.html"},{"key":"10_CR5","unstructured":"ChakraCore JavaScript Engine (2017). \nhttps:\/\/github.com\/Microsoft\/ChakraCore"},{"key":"10_CR6","unstructured":"Chrome V8 Engine (2017). \nhttps:\/\/developers.google.com\/v8\/"},{"key":"10_CR7","unstructured":"Control flow guard (2017). \nhttps:\/\/msdn.microsoft.com\/en-us\/library\/windows\/desktop\/mt637065(v=vs.85).aspx"},{"key":"10_CR8","unstructured":"CVE details (2017). \nhttp:\/\/www.cvedetails.com\/"},{"key":"10_CR9","unstructured":"ECMAScript JS AST traversal functions (2017). \nhttps:\/\/github.com\/estools\/estraverse"},{"key":"10_CR10","unstructured":"ECMAScript parsing infrastructure for multipurpose analysis (2017). \nhttp:\/\/esprima.org\/"},{"key":"10_CR11","unstructured":"The enhanced mitigation experience toolkit (2017). \nhttps:\/\/support.microsoft.com\/en-us\/help\/2458544\/the-enhanced-mitigation-experience-toolkit"},{"key":"10_CR12","unstructured":"GeekPwn (2017). \nhttp:\/\/2017.geekpwn.org\/1024\/en\/index.html"},{"key":"10_CR13","unstructured":"HTTP mitmproxy (2017). \nhttps:\/\/github.com\/joeferner\/node-http-mitm-proxy"},{"key":"10_CR14","unstructured":"The JavaScript Benchmark suite for the modern web (2017). \nhttps:\/\/developers.google.com\/octane\/"},{"key":"10_CR15","unstructured":"Javascriptcore (2017). \nhttps:\/\/trac.webkit.org\/wiki\/JavaScriptCore"},{"key":"10_CR16","unstructured":"Lexer confusing attack (2017). \nhttps:\/\/github.com\/google\/caja\/wiki\/JsControlFormatChars"},{"key":"10_CR17","unstructured":"Node.js. (2017) \nhttps:\/\/nodejs.org\/en\/"},{"key":"10_CR18","unstructured":"Proof-of-concept exploit for CVE-2016-0189 (VBScript memory corruption in ie11) (2017). \nhttps:\/\/github.com\/theori-io\/cve-2016-0189"},{"key":"10_CR19","unstructured":"Pwn2Own (2017). \nhttps:\/\/en.wikipedia.org\/wiki\/Pwn2Own"},{"key":"10_CR20","unstructured":"ROP is dying and your exploit mitigations are on life support (2017). \nhttps:\/\/www.endgame.com\/blog\/technical-blog\/rop-dying-and-your-exploit-mitigations-are-life-support"},{"key":"10_CR21","unstructured":"SpiderMonkey JavaScript engine (2017). \nhttps:\/\/developer.mozilla.org\/en-US\/docs\/Mozilla\/Projects\/SpiderMonkey"},{"key":"10_CR22","unstructured":"VBScript (2017). \nhttps:\/\/en.wikipedia.org\/wiki\/VBScript"},{"key":"10_CR23","doi-asserted-by":"crossref","unstructured":"Abadi, M., Budiu, M., Erlingsson, U., Ligatti, J.: Control-flow integrity. In: Proceedings of the 12th ACM Conference on Computer and Communications Security 2005, pp. 340\u2013353. ACM (2005)","DOI":"10.1145\/1102120.1102165"},{"key":"10_CR24","series-title":"Lecture Notes in Computer Science","doi-asserted-by":"publisher","first-page":"428","DOI":"10.1007\/11531142_19","volume-title":"ECOOP 2005 - Object-Oriented Programming","author":"C Anderson","year":"2005","unstructured":"Anderson, C., Giannini, P., Drossopoulou, S.: Towards type inference for JavaScript. In: Black, A.P. (ed.) ECOOP 2005. LNCS, vol. 3586, pp. 428\u2013452. Springer, Heidelberg (2005). \nhttps:\/\/doi.org\/10.1007\/11531142_19"},{"key":"10_CR25","doi-asserted-by":"crossref","unstructured":"Barth, A., Jackson, C., Mitchell, J.C.: Robust defenses for cross-site request forgery. In: 2008 Proceedings of the 15th ACM Conference on Computer and Communications Security, pp. 75\u201388. ACM (2008)","DOI":"10.1145\/1455770.1455782"},{"key":"10_CR26","doi-asserted-by":"crossref","unstructured":"Carmony, C., Hu, X., Yin, H., Bhaskar, A.V., Zhang, M.: Abusing PDF parsers in malware detectors. In: NDSS, Extract Me If You Can (2016)","DOI":"10.14722\/ndss.2016.23483"},{"key":"10_CR27","doi-asserted-by":"crossref","unstructured":"Chen, X., Slowinska, A., Andriesse, D., Bos, H., Giuffrida, C. StackArmor: comprehensive protection from stack-based memory error vulnerabilities for binaries. In: NDSS (2015)","DOI":"10.14722\/ndss.2015.23248"},{"key":"10_CR28","unstructured":"Cheng, Y., Zhou, Z., Miao, Y., Ding, X., Deng, H., et al.: ROPecker: a generic and practical approach for defending against ROP attack"},{"key":"10_CR29","unstructured":"Collberg, C., Thomborson, C., Low, D.: A taxonomy of obfuscating transformations. Department of Computer Science, The University of Auckland, New Zealand, Technical report (1997)"},{"key":"10_CR30","doi-asserted-by":"crossref","unstructured":"Cova, M., Kruegel, C., Vigna, G.: Detection and analysis of drive-by-download attacks and malicious Javascript code. In: Proceedings of the 19th International Conference on World Wide Web (2010)","DOI":"10.1145\/1772690.1772720"},{"key":"10_CR31","unstructured":"Curtsinger, C., Livshits, B., Zorn, B.G., Seifert, C.: ZOZZLE: fast and precise in-browser JavaScript malware detection. In: USENIX Security Symposium (2011)"},{"key":"10_CR32","unstructured":"Daniel, M., Honoroff, J., Miller, C.: Engineering heap overflow exploits with JavaScript, WOOT, vol. 8, pp. 1\u20136 (2008)"},{"key":"10_CR33","unstructured":"Feinstein, B., Peck, D., SecureWorks, I.: Caffeine monkey: automated collection, detection and analysis of malicious Javascript. Black Hat, USA (2007)"},{"key":"10_CR34","series-title":"Lecture Notes in Computer Science","doi-asserted-by":"publisher","first-page":"1","DOI":"10.1007\/978-3-642-11747-3_1","volume-title":"Engineering Secure Software and Systems","author":"F Gadaleta","year":"2010","unstructured":"Gadaleta, F., Younan, Y., Joosen, W.: BuBBle: a JavaScript engine level countermeasure against heap-spraying attacks. In: Massacci, F., Wallach, D., Zannone, N. (eds.) ESSoS 2010. LNCS, vol. 5965, pp. 1\u201317. Springer, Heidelberg (2010). \nhttps:\/\/doi.org\/10.1007\/978-3-642-11747-3_1"},{"key":"10_CR35","doi-asserted-by":"crossref","unstructured":"Gras, B., Razavi, K., Bosman, E., Bos, H., Giuffrida, C. ASLR on the line: practical cache attacks on the MMU. In: NDSS, February 2017 (2017)","DOI":"10.14722\/ndss.2017.23271"},{"key":"10_CR36","doi-asserted-by":"crossref","unstructured":"Grier, et al.: Manufacturing compromise: the emergence of exploit-as-a-service. In: Proceedings of the 2012 ACM Conference on Computer and Communications Security (2012), pp. 821\u2013832. ACM (2012)","DOI":"10.1145\/2382196.2382283"},{"key":"10_CR37","unstructured":"Hartstein, B. Jsunpack: an automatic JavaScript unpacker. In: ShmooCon Convention (2009)"},{"key":"10_CR38","doi-asserted-by":"crossref","unstructured":"Kc, G.S., Keromytis, A.D., Prevelakis, V.: Countering code-injection attacks with instruction-set randomization. In: 2003 Proceedings of the 10th ACM Conference on Computer and Communications Security, CCS 2003, New York, NY, USA, pp. 272\u2013280. ACM (2003)","DOI":"10.1145\/948143.948146"},{"key":"10_CR39","doi-asserted-by":"crossref","unstructured":"Kirda, E., Kruegel, C., Vigna, G., Jovanovic, N.: Noxes: a client-side solution for mitigating cross-site scripting attacks. In: 2006 Proceedings of the 2006 ACM symposium on Applied computing, pp. 330\u2013337. ACM (2006)","DOI":"10.1145\/1141277.1141357"},{"key":"10_CR40","doi-asserted-by":"crossref","unstructured":"Larsen, P., Homescu, A., Brunthaler, S., Franz, M. SoK: automated software diversity. In: 2014 IEEE Symposium on Security and Privacy (SP), pp. 276\u2013291. IEEE (2014)","DOI":"10.1109\/SP.2014.25"},{"key":"10_CR41","doi-asserted-by":"crossref","unstructured":"Likarish, P., Jung, E., Jo, I.: Obfuscated malicious JavaScript detection using classification techniques. In: MALWARE (2009), pp. 47\u201354. Citeseer (2009)","DOI":"10.1109\/MALWARE.2009.5403020"},{"key":"10_CR42","doi-asserted-by":"crossref","unstructured":"Lu, G., Debray, S.: Automatic simplification of obfuscated JavaScript code: a semantics-based approach. In: Proceedings of the 2012 IEEE Sixth International Conference on Software Security and Reliability (2012)","DOI":"10.1109\/SERE.2012.13"},{"key":"10_CR43","doi-asserted-by":"crossref","unstructured":"Lu, K., Song, C., Lee, B., Chung, S.P., Kim, T., Lee, W.: ASLR-guard: stopping address space leakage for code reuse attacks. In: 2015 Proceedings of the 22nd ACM SIGSAC Conference on Computer and Communications Security, pp. 280\u2013291. ACM (2015)","DOI":"10.1145\/2810103.2813694"},{"key":"10_CR44","doi-asserted-by":"crossref","unstructured":"Maisuradze, G., Backes, M., Rossow, C.: Dachshund: Digging for and Securing Against (non-) Blinded Constants in JIT Code (2017)","DOI":"10.14722\/ndss.2017.23224"},{"key":"10_CR45","doi-asserted-by":"crossref","unstructured":"Meyerovich, L.A., Livshits, B.: ConScript: specifying and enforcing fine-grained security policies for JavaScript in the browser. In: 2010 IEEE Symposium on Security and Privacy (SP), pp. 481\u2013496. IEEE (2010)","DOI":"10.1109\/SP.2010.36"},{"key":"10_CR46","doi-asserted-by":"crossref","unstructured":"Prakash, A., Yin, H., Liang, Z.: Enforcing system-wide control flow integrity for exploit detection and diagnosis. In: 2013 Proceedings of the 8th ACM SIGSAC Symposium on Information, Computer and Communications Security, pp. 311\u2013322. ACM (2013)","DOI":"10.1145\/2484313.2484352"},{"issue":"3","key":"10_CR47","doi-asserted-by":"publisher","first-page":"11","DOI":"10.1145\/1281480.1281481","volume":"1","author":"C Reis","year":"2007","unstructured":"Reis, C., Dunagan, J., Wang, H.J., Dubrovsky, O., Esmeir, S.: BrowserShield: vulnerability-driven filtering of dynamic HTML. ACM Trans. Web (TWEB) 1(3), 11 (2007)","journal-title":"ACM Trans. Web (TWEB)"},{"key":"10_CR48","doi-asserted-by":"crossref","unstructured":"Seifert, C., Welch, I., Komisarczuk, P.: Identification of malicious web pages with static heuristics. In: 2008 Australasian Telecommunication Networks and Applications Conference, ATNAC 2008, pp. 91\u201396. IEEE (2008)","DOI":"10.1109\/ATNAC.2008.4783302"},{"key":"10_CR49","unstructured":"Serna, F.J.: The info leak era on software exploitation. Black Hat, USA (2012)"},{"key":"10_CR50","unstructured":"Sintsov, A.: Writing JIT-Spray Shellcode for fun and profit. Writing (2010)"},{"key":"10_CR51","unstructured":"Sotirov, A.: Heap Feng Shui in JavaScript. Black Hat Europe (2007)"},{"key":"10_CR52","unstructured":"Tice, C., et al.: Enforcing forward-edge control-flow integrity in GCC & LLVM. In: USENIX Security Symposium, pp. 941\u2013955 (2014)"},{"key":"10_CR53","doi-asserted-by":"crossref","unstructured":"Tran, T., Pelizzi, R., Sekar, R.: JaTE: transparent and efficient JavaScript confinement. In: Proceedings of the 31st Annual Computer Security Applications Conference, pp. 151\u2013160. ACM (2015)","DOI":"10.1145\/2818000.2818019"},{"key":"10_CR54","doi-asserted-by":"crossref","unstructured":"Yee, B., et al.: Native client: a sandbox for portable, untrusted x86 native code. In: Security and Privacy, 2009 30th IEEE Symposium on 2009, pp. 79\u201393. IEEE (2009)","DOI":"10.1109\/SP.2009.25"},{"key":"10_CR55","unstructured":"Yu, Y.: Write once, Pwn anywhere. Black Hat (2014)"},{"key":"10_CR56","unstructured":"Zhang, C., et al.: Practical control flow integrity and randomization for binary executables. In: 2013 IEEE Symposium on Security and Privacy (SP), pp. 559\u2013573. IEEE (2013)"}],"container-title":["Lecture Notes of the Institute for Computer Sciences, Social Informatics and Telecommunications Engineering","Security and Privacy in Communication Networks"],"original-title":[],"language":"en","link":[{"URL":"http:\/\/link.springer.com\/content\/pdf\/10.1007\/978-3-030-37228-6_10","content-type":"unspecified","content-version":"vor","intended-application":"similarity-checking"}],"deposited":{"date-parts":[[2019,12,16]],"date-time":"2019-12-16T10:00:21Z","timestamp":1576490421000},"score":1,"resource":{"primary":{"URL":"http:\/\/link.springer.com\/10.1007\/978-3-030-37228-6_10"}},"subtitle":[],"short-title":[],"issued":{"date-parts":[[2019]]},"ISBN":["9783030372279","9783030372286"],"references-count":56,"URL":"https:\/\/doi.org\/10.1007\/978-3-030-37228-6_10","relation":{},"ISSN":["1867-8211","1867-822X"],"issn-type":[{"type":"print","value":"1867-8211"},{"type":"electronic","value":"1867-822X"}],"subject":[],"published":{"date-parts":[[2019]]},"assertion":[{"value":"13 December 2019","order":1,"name":"first_online","label":"First Online","group":{"name":"ChapterHistory","label":"Chapter History"}},{"value":"SecureComm","order":1,"name":"conference_acronym","label":"Conference Acronym","group":{"name":"ConferenceInfo","label":"Conference Information"}},{"value":"International Conference on Security and Privacy in Communication Systems","order":2,"name":"conference_name","label":"Conference Name","group":{"name":"ConferenceInfo","label":"Conference Information"}},{"value":"Orlando, VA","order":3,"name":"conference_city","label":"Conference City","group":{"name":"ConferenceInfo","label":"Conference Information"}},{"value":"USA","order":4,"name":"conference_country","label":"Conference Country","group":{"name":"ConferenceInfo","label":"Conference Information"}},{"value":"2019","order":5,"name":"conference_year","label":"Conference Year","group":{"name":"ConferenceInfo","label":"Conference Information"}},{"value":"23 October 2019","order":7,"name":"conference_start_date","label":"Conference Start Date","group":{"name":"ConferenceInfo","label":"Conference Information"}},{"value":"25 October 2019","order":8,"name":"conference_end_date","label":"Conference End Date","group":{"name":"ConferenceInfo","label":"Conference Information"}},{"value":"15","order":9,"name":"conference_number","label":"Conference Number","group":{"name":"ConferenceInfo","label":"Conference Information"}},{"value":"securecomm2019","order":10,"name":"conference_id","label":"Conference ID","group":{"name":"ConferenceInfo","label":"Conference Information"}},{"value":"http:\/\/securecomm.org","order":11,"name":"conference_url","label":"Conference URL","group":{"name":"ConferenceInfo","label":"Conference Information"}},{"value":"Single-blind","order":1,"name":"type","label":"Type","group":{"name":"ConfEventPeerReviewInformation","label":"Peer Review Information (provided by the conference organizers)"}},{"value":"easychair","order":2,"name":"conference_management_system","label":"Conference Management System","group":{"name":"ConfEventPeerReviewInformation","label":"Peer Review Information (provided by the conference organizers)"}},{"value":"149","order":3,"name":"number_of_submissions_sent_for_review","label":"Number of Submissions Sent for Review","group":{"name":"ConfEventPeerReviewInformation","label":"Peer Review Information (provided by the conference organizers)"}},{"value":"38","order":4,"name":"number_of_full_papers_accepted","label":"Number of Full Papers Accepted","group":{"name":"ConfEventPeerReviewInformation","label":"Peer Review Information (provided by the conference organizers)"}},{"value":"18","order":5,"name":"number_of_short_papers_accepted","label":"Number of Short Papers Accepted","group":{"name":"ConfEventPeerReviewInformation","label":"Peer Review Information (provided by the conference organizers)"}},{"value":"26% - The value is computed by the equation \"Number of Full Papers Accepted \/ Number of Submissions Sent for Review * 100\" and then rounded to a whole number.","order":6,"name":"acceptance_rate_of_full_papers","label":"Acceptance Rate of Full Papers","group":{"name":"ConfEventPeerReviewInformation","label":"Peer Review Information (provided by the conference organizers)"}},{"value":"3,5","order":7,"name":"average_number_of_reviews_per_paper","label":"Average Number of Reviews per Paper","group":{"name":"ConfEventPeerReviewInformation","label":"Peer Review Information (provided by the conference organizers)"}},{"value":"2","order":8,"name":"average_number_of_papers_per_reviewer","label":"Average Number of Papers per Reviewer","group":{"name":"ConfEventPeerReviewInformation","label":"Peer Review Information (provided by the conference organizers)"}},{"value":"No","order":9,"name":"external_reviewers_involved","label":"External Reviewers Involved","group":{"name":"ConfEventPeerReviewInformation","label":"Peer Review Information (provided by the conference organizers)"}}]}}