{"status":"ok","message-type":"work","message-version":"1.0.0","message":{"indexed":{"date-parts":[[2024,9,9]],"date-time":"2024-09-09T06:46:36Z","timestamp":1725864396564},"publisher-location":"Cham","reference-count":38,"publisher":"Springer International Publishing","isbn-type":[{"type":"print","value":"9783319457185"},{"type":"electronic","value":"9783319457192"}],"license":[{"start":{"date-parts":[[2016,1,1]],"date-time":"2016-01-01T00:00:00Z","timestamp":1451606400000},"content-version":"unspecified","delay-in-days":0,"URL":"http:\/\/www.springer.com\/tdm"}],"content-domain":{"domain":[],"crossmark-restriction":false},"short-container-title":[],"published-print":{"date-parts":[[2016]]},"DOI":"10.1007\/978-3-319-45719-2_12","type":"book-chapter","created":{"date-parts":[[2016,9,6]],"date-time":"2016-09-06T02:11:24Z","timestamp":1473127884000},"page":"254-276","source":"Crossref","is-referenced-by-count":0,"title":["Semantics-Preserving Dissection of JavaScript Exploits via Dynamic JS-Binary Analysis"],"prefix":"10.1007","author":[{"given":"Xunchao","family":"Hu","sequence":"first","affiliation":[],"role":[{"role":"author","vocabulary":"crossref"}]},{"given":"Aravind","family":"Prakash","sequence":"additional","affiliation":[],"role":[{"role":"author","vocabulary":"crossref"}]},{"given":"Jinghan","family":"Wang","sequence":"additional","affiliation":[],"role":[{"role":"author","vocabulary":"crossref"}]},{"given":"Rundong","family":"Zhou","sequence":"additional","affiliation":[],"role":[{"role":"author","vocabulary":"crossref"}]},{"given":"Yao","family":"Cheng","sequence":"additional","affiliation":[],"role":[{"role":"author","vocabulary":"crossref"}]},{"given":"Heng","family":"Yin","sequence":"additional","affiliation":[],"role":[{"role":"author","vocabulary":"crossref"}]}],"member":"297","published-online":{"date-parts":[[2016,9,7]]},"reference":[{"key":"12_CR1","unstructured":"Active script debugging overview. http:\/\/msdn.microsoft.com\/en-us\/library\/z537xb90(v=vs.94).aspx"},{"key":"12_CR2","unstructured":"Detailed analysis exp\/20111255-a. http:\/\/www.sophos.com\/en-us\/threat-center\/threat-analyses\/viruses-and-spyware\/Exp~20111255-A\/detailed-analysis.aspx"},{"key":"12_CR3","unstructured":"National vulnerability database. https:\/\/nvd.nist.gov\/"},{"key":"12_CR4","unstructured":"The T.J. Watson Libraries for Analysis (WALA). http:\/\/wala.sourceforge.net\/"},{"key":"12_CR5","unstructured":"Internet security threat report. https:\/\/www4.symantec.com\/mktginfo\/whitepaper\/ISTR\/21347932_GA-internet-security-threat-report-volume-20-2015-social_v2.pdf , April 2015"},{"key":"12_CR6","doi-asserted-by":"crossref","unstructured":"Borgolte, K., Kruegel, C., Vigna, G.: Delta: automatic identification of unknown web-based infection campaigns. In: Proceedings of the 2013 ACM SIGSAC Conference on Computer & Communications Security (2013)","DOI":"10.1145\/2508859.2516725"},{"key":"12_CR7","unstructured":"Burow, N., Carr, S.A., Brunthaler, S., Payer, M., Nash, J., Larsen, P., Franz, M.: Control-flow integrity: precision, security, and performance. arXiv preprint (2016). arXiv:1602.04056"},{"key":"12_CR8","doi-asserted-by":"crossref","unstructured":"Cao, Y., Pan, X., Chen, Y., Zhuge, J.: Jshield: towards real-time and vulnerability-based detection of polluted drive-by download attacks. In: Proceedings of Annual Computer Security Applications Conference (ACSAC) (2014)","DOI":"10.1145\/2664243.2664256"},{"key":"12_CR9","doi-asserted-by":"crossref","unstructured":"Chen, S., Pattabiraman, K., Kalbarczyk, Z., Iyer, R.K.: Formal reasoning of various categories of widely exploited security vulnerabilities using pointer taintedness semantics. In: Security and Protection in Information Processing Systems (2004)","DOI":"10.1007\/1-4020-8143-X_6"},{"key":"12_CR10","unstructured":"Collberg, C., Thomborson, C., Low, D.: A taxonomy of obfuscating transformations. Technical report, Department of Computer Science, The University of Auckland, New Zealand (1997)"},{"key":"12_CR11","doi-asserted-by":"crossref","unstructured":"Cova, M., Kruegel, C., Vigna, G.: Detection and analysis of drive-by-download attacks and malicious JavaScript code. In: Proceedings of the 19th International Conference on World Wide Web (2010)","DOI":"10.1145\/1772690.1772720"},{"key":"12_CR12","unstructured":"Curtsinger, C., Livshits, B., Zorn, B.G., Seifert, C.: Zozzle: fast and precise in-browser JavaScript malware detection. In: USENIX Security Symposium (2011)"},{"key":"12_CR13","doi-asserted-by":"crossref","unstructured":"Eshete, B.: Effective analysis, characterization, and detection of malicious web pages. In: Proceedings of the 22nd International Conference on World Wide Web Companion, International World Wide Web Conferences Steering Committee (2013)","DOI":"10.1145\/2487788.2487942"},{"key":"12_CR14","doi-asserted-by":"crossref","unstructured":"Eshete, B., Alhuzhali, A., Monshizadeh, M., Porras, P., Yegneswaran, V.: Ekhunter: a counter-offensive toolkit for exploit kit infiltration. In: Proceedings of the 22nd Annual Network and Distributed System Security Symposium, February 2015","DOI":"10.14722\/ndss.2015.23237"},{"key":"12_CR15","doi-asserted-by":"crossref","unstructured":"Grier, C., Ballard, L., Caballero, J., Chachra, N., Dietrich, C.J., Levchenko, K., Mavrommatis, P., McCoy, D., Nappa, A., Pitsillidis, A., Provos, N., Rafique, M.Z., Rajab, M.A., Rossow, C., Thomas, K., Paxson, V., Savage, S., Voelker, G.M.: Manufacturing compromise: the emergence of exploit-as-a-service. In: Proceedings of the 2012 ACM Conference on Computer and Communications Security (2012)","DOI":"10.1145\/2382196.2382283"},{"key":"12_CR16","doi-asserted-by":"crossref","unstructured":"Gu, B., Zhang, W., Bai, X., Champion, A.C., Qin, F., Xuan, D.: Jsguard: shellcode detection in JavaScript. In: Security and Privacy in Communication Networks (2013)","DOI":"10.1007\/978-3-642-36883-7_8"},{"key":"12_CR17","unstructured":"Hartstein, B.: Jsunpack: an automatic JavaScript unpacker. In: ShmooCon Convention (2009)"},{"key":"12_CR18","doi-asserted-by":"crossref","unstructured":"Hedin, D., Birgisson, A., Bello, L., Sabelfeld, A.: JSFlow: tracking information flow in JavaScript and its APIs. In: Proceedings 29th ACM Symposium on Applied Computing (2014)","DOI":"10.1145\/2554850.2554909"},{"key":"12_CR19","doi-asserted-by":"crossref","unstructured":"Henderson, A., Prakash, A., Yan, L.K., Hu, X., Wang, X., Zhou, R., Yin, H.: Make it work, make it right, make it fast: building a platform-neutral whole-system dynamic binary analysis platform. In: Proceedings of the 2014 International Symposium on Software Testing and Analysis (2014)","DOI":"10.1145\/2610384.2610407"},{"key":"12_CR20","doi-asserted-by":"crossref","unstructured":"Kolbitsch, C., Livshits, B., Zorn, B., Seifert, C.: Rozzle: de-cloaking internet malware. In: 2012 IEEE Symposium on Security and Privacy (SP) (2012)","DOI":"10.1109\/SP.2012.48"},{"key":"12_CR21","doi-asserted-by":"crossref","unstructured":"Lu, G., Debray, S.: Automatic simplification of obfuscated JavaScript code: a semantics-based approach. In: Proceedings of the 2012 IEEE Sixth International Conference on Software Security and Reliability (2012)","DOI":"10.1109\/SERE.2012.13"},{"key":"12_CR22","doi-asserted-by":"crossref","unstructured":"Lu, L., Yegneswaran, V., Porras, P., Lee, W.: Blade: an attack-agnostic approach for preventing drive-by malware infections. In: Proceedings of the 17th ACM Conference on Computer and Communications Security (2010)","DOI":"10.1145\/1866307.1866356"},{"key":"12_CR23","unstructured":"Newsome, J., Song, D.: Dynamic taint analysis: automatic detection, analysis, and signature generation of exploit attacks on commodity software. In: Proceedings of the Network and Distributed Systems Security Symposium, February 2005"},{"key":"12_CR24","doi-asserted-by":"crossref","unstructured":"Prakash, A., Yin, H., Liang, Z.: Enforcing system-wide control flow integrity for exploit detection and diagnosis. In: Proceedings of the 8th ACM SIGSAC Symposium on Information, Computer and Communications Security (2013)","DOI":"10.1145\/2484313.2484352"},{"key":"12_CR25","unstructured":"Provos, N., McNamee, D., Mavrommatis, P., Wang, K., Modadugu, N., et al.: The ghost in the browser analysis of web-based malware. In: Proceedings of the First Conference on First Workshop on Hot Topics in Understanding Botnets (2007)"},{"key":"12_CR26","unstructured":"Ratanaworabhan, P., Livshits, B., Zorn, B.: Nozzle: a defense against heap-spraying code injection attacks. In: Proceedings of the Usenix Security Symposium (2009)"},{"key":"12_CR27","doi-asserted-by":"crossref","unstructured":"Saxena, P., Akhawe, D., Hanna, S., Mao, F., McCamant, S., Song, D.: A symbolic execution framework for JavaScript. In: 2010 IEEE Symposium on Security and Privacy (SP) (2010)","DOI":"10.1109\/SP.2010.38"},{"key":"12_CR28","doi-asserted-by":"crossref","unstructured":"Schuster, F., Tendyck, T., Liebchen, C., Davi, L., Sadeghi, A.-R., Holz, T.: Counterfeit object-oriented programming: on the difficulty of preventing code reuse attacks in C++ applications. In: 2015 IEEE Symposium on Security and Privacy (SP). IEEE (2015)","DOI":"10.1109\/SP.2015.51"},{"key":"12_CR29","doi-asserted-by":"crossref","unstructured":"Shacham, H.: The geometry of innocent flesh on the bone: return-into-libc without function calls (on the X86). In: Proceedings of the 14th ACM Conference on Computer and Communications Security (2007)","DOI":"10.1145\/1315245.1315313"},{"key":"12_CR30","doi-asserted-by":"crossref","unstructured":"Slowinska, A., Bos, H.: Pointless tainting? evaluating the practicality of pointer tainting. In: Proceedings of the 4th ACM European Conference on Computer systems. ACM (2009)","DOI":"10.1145\/1519065.1519073"},{"key":"12_CR31","unstructured":"Snow, K.Z., Krishnan, S., Monrose, F., Provos, N.: Shellos: enabling fast detection and forensic analysis of code injection attacks. In: USENIX Security Symposium (2011)"},{"key":"12_CR32","doi-asserted-by":"crossref","unstructured":"Stringhini, G., Kruegel, C., Vigna, G.: Shady paths: leveraging surfing crowds to detect malicious web pages. In: Proceedings of the 2013 ACM SIGSAC Conference on Computer & Communications Security (2013)","DOI":"10.1145\/2508859.2516682"},{"key":"12_CR33","unstructured":"Wang, Y.-M., Beck, D., Jiang, X., Roussev, R., Verbowski, C., Chen, S., King, S.: Automated web patrol with strider honeymonkeys: finding web sites that exploit browser vulnerabilities. In: Proceedings of the 2006 Network and Distributed System Security Symposium (2006)"},{"key":"12_CR34","unstructured":"Weiser, M.: Program slicing. In: Proceedings of the 5th International Conference on Software Engineering. IEEE Press (1981)"},{"key":"12_CR35","unstructured":"Yan, L.K., Yin, H.: Droidscope: seamlessly reconstructing the OS and Dalvik semantic views for dynamic Android malware analysis. In: Proceedings of the 21st USENIX Conference on Security Symposium (2012)"},{"key":"12_CR36","doi-asserted-by":"crossref","unstructured":"Yin, H., Song, D., Egele, M., Kruegel, C., Kirda, E.: Panorama: capturing system-wide information flow for malware detection and analysis. In: Proceedings of the 14th ACM Conference on Computer and Communications Security, New York, NY, USA (2007)","DOI":"10.1145\/1315245.1315261"},{"issue":"2","key":"12_CR37","doi-asserted-by":"crossref","first-page":"183","DOI":"10.1109\/32.988498","volume":"28","author":"A Zeller","year":"2002","unstructured":"Zeller, A., Hildebrandt, R.: Simplifying and isolating failure-inducing input. IEEE Trans. Softw. Eng. 28(2), 183\u2013200 (2002)","journal-title":"IEEE Trans. Softw. Eng."},{"key":"12_CR38","unstructured":"Zhang, M., Prakash, A., Li, X., Liang, Z., Yin, H.: Identifying and analyzing pointer misuses for sophisticated memory-corruption exploit diagnosis. In: Proceedings of 19th Annual Network & Distributed System Security Symposium (2012)"}],"container-title":["Lecture Notes in Computer Science","Research in Attacks, Intrusions, and Defenses"],"original-title":[],"link":[{"URL":"http:\/\/link.springer.com\/content\/pdf\/10.1007\/978-3-319-45719-2_12","content-type":"unspecified","content-version":"vor","intended-application":"similarity-checking"}],"deposited":{"date-parts":[[2019,9,13]],"date-time":"2019-09-13T06:25:27Z","timestamp":1568355927000},"score":1,"resource":{"primary":{"URL":"http:\/\/link.springer.com\/10.1007\/978-3-319-45719-2_12"}},"subtitle":[],"short-title":[],"issued":{"date-parts":[[2016]]},"ISBN":["9783319457185","9783319457192"],"references-count":38,"URL":"https:\/\/doi.org\/10.1007\/978-3-319-45719-2_12","relation":{},"ISSN":["0302-9743","1611-3349"],"issn-type":[{"type":"print","value":"0302-9743"},{"type":"electronic","value":"1611-3349"}],"subject":[],"published":{"date-parts":[[2016]]}}}