{"status":"ok","message-type":"work","message-version":"1.0.0","message":{"indexed":{"date-parts":[[2026,2,18]],"date-time":"2026-02-18T22:59:06Z","timestamp":1771455546502,"version":"3.50.1"},"publisher-location":"Cham","reference-count":55,"publisher":"Springer International Publishing","isbn-type":[{"value":"9783319989884","type":"print"},{"value":"9783319989891","type":"electronic"}],"license":[{"start":{"date-parts":[[2018,1,1]],"date-time":"2018-01-01T00:00:00Z","timestamp":1514764800000},"content-version":"tdm","delay-in-days":0,"URL":"https:\/\/www.springernature.com\/gp\/researchers\/text-and-data-mining"},{"start":{"date-parts":[[2018,1,1]],"date-time":"2018-01-01T00:00:00Z","timestamp":1514764800000},"content-version":"vor","delay-in-days":0,"URL":"https:\/\/www.springernature.com\/gp\/researchers\/text-and-data-mining"}],"content-domain":{"domain":["link.springer.com"],"crossmark-restriction":false},"short-container-title":[],"published-print":{"date-parts":[[2018]]},"DOI":"10.1007\/978-3-319-98989-1_7","type":"book-chapter","created":{"date-parts":[[2018,8,6]],"date-time":"2018-08-06T18:14:14Z","timestamp":1533579254000},"page":"122-142","update-policy":"https:\/\/doi.org\/10.1007\/springer_crossmark_policy","source":"Crossref","is-referenced-by-count":48,"title":["SEISMIC: SEcure In-lined Script Monitors for Interrupting Cryptojacks"],"prefix":"10.1007","author":[{"given":"Wenhao","family":"Wang","sequence":"first","affiliation":[]},{"given":"Benjamin","family":"Ferrell","sequence":"additional","affiliation":[]},{"given":"Xiaoyang","family":"Xu","sequence":"additional","affiliation":[]},{"given":"Kevin W.","family":"Hamlen","sequence":"additional","affiliation":[]},{"given":"Shuang","family":"Hao","sequence":"additional","affiliation":[]}],"member":"297","published-online":{"date-parts":[[2018,8,7]]},"reference":[{"key":"7_CR1","doi-asserted-by":"crossref","unstructured":"Androulaki, E., Karame, G., Capkun, S.: Hiding transaction amounts and balances in Bitcoin. In: Proceedings of the 7th ACM International Conference on Trust and Trustworthy Computing (TRUST), pp. 161\u2013178 (2014)","DOI":"10.1007\/978-3-319-08593-7_11"},{"key":"7_CR2","doi-asserted-by":"crossref","unstructured":"Backes, M., Kate, A., Maffei, M.: ObliviAd: provably secure and practical online behavioral advertising. In: Proceedings of the 33th IEEE Symposium on Security and Privacy (S&P), pp. 257\u2013271 (2012)","DOI":"10.1109\/SP.2012.25"},{"key":"7_CR3","series-title":"Lecture Notes in Computer Science","doi-asserted-by":"publisher","first-page":"23","DOI":"10.1007\/978-3-540-70542-0_2","volume-title":"Detection of Intrusions and Malware, and Vulnerability Assessment","author":"P Bisht","year":"2008","unstructured":"Bisht, P., Venkatakrishnan, V.N.: XSS-GUARD: precise dynamic prevention of cross-site scripting attacks. In: Zamboni, D. (ed.) DIMVA 2008. LNCS, vol. 5137, pp. 23\u201343. Springer, Heidelberg (2008). https:\/\/doi.org\/10.1007\/978-3-540-70542-0_2"},{"key":"7_CR4","doi-asserted-by":"crossref","unstructured":"Bonneau, J., Miller, A., Clark, J., Narayanan, A., Kroll, J.A., Felten, E.W.: SoK: research perspectives and challenges for Bitcoin and cryptocurrencies. In: Proceedings of the 36th IEEE Symposium on Security and Privacy (S&P), pp. 104\u2013121 (2015)","DOI":"10.1109\/SP.2015.14"},{"key":"7_CR5","doi-asserted-by":"crossref","unstructured":"Christodorescu, M., Jha, S., Seshia, S.A., Song, D., Bryant, R.E.: Semantics-aware malware detection. In: Proceedings of the 26th IEEE Symposium on Security & Privacy (S&P), pp. 32\u201346 (2005)","DOI":"10.1109\/SP.2005.20"},{"key":"7_CR6","doi-asserted-by":"crossref","unstructured":"Conti, M., Gangwal, A., Ruj, S.: On the economic significance of ransomware campaigns: a Bitcoin transactions perspective (2018). arXiv:1804.01341","DOI":"10.1016\/j.cose.2018.08.008"},{"key":"7_CR7","unstructured":"DeMocker, J.: WebAssembly support now shipping in all major browsers. Mozilla Blog, November 2017"},{"key":"7_CR8","doi-asserted-by":"crossref","unstructured":"Erlingsson, \u00da., Schneider, F.B.: SASI enforcement of security policies: a retrospective. In: Proceedings of the New Security Paradigms Workshop (NSPW), pp. 87\u201395 (1999)","DOI":"10.1145\/335169.335201"},{"key":"7_CR9","doi-asserted-by":"crossref","unstructured":"Eskandari, S., Leoutsarakos, A., Mursch, T., Clark, J.: A first look at browser-based cryptojacking. In: Proceedings of the 2nd IEEE Security & Privacy on the Blockchain Workshop IEEE (S&B) (2018)","DOI":"10.1109\/EuroSPW.2018.00014"},{"key":"7_CR10","doi-asserted-by":"crossref","unstructured":"Gelernter, N., Herzberg, A.: Cross-site search attacks. In: Proceedings of the 22nd ACM Conference on Computer and Communications Security (CCS), pp. 1394\u20131405 (2015)","DOI":"10.1145\/2810103.2813688"},{"key":"7_CR11","unstructured":"Goodin, D.: Now even YouTube serves ads with CPU-draining cryptocurrency miners. Ars Technica, January 2018"},{"issue":"4","key":"7_CR12","doi-asserted-by":"publisher","first-page":"612","DOI":"10.1016\/j.cose.2011.12.004","volume":"31","author":"MV Gundy","year":"2012","unstructured":"Gundy, M.V., Chen, H.: Noncespaces: using randomization to defeat cross-site scripting attacks. Comput. Secur. 31(4), 612\u2013628 (2012)","journal-title":"Comput. Secur."},{"issue":"1","key":"7_CR13","doi-asserted-by":"publisher","first-page":"512","DOI":"10.1007\/s13198-015-0376-0","volume":"8","author":"S Gupta","year":"2017","unstructured":"Gupta, S., Gupta, B.: Cross-site scripting (XSS) attacks and defense mechanisms: classification and state-of-the-art. Int. J. Syst. Assur. Eng. Manag. 8(1), 512\u2013530 (2017)","journal-title":"Int. J. Syst. Assur. Eng. Manag."},{"key":"7_CR14","doi-asserted-by":"crossref","unstructured":"Haas, A., et al.: Bringing the web up to speed with WebAssembly. In: Proceedings of the 38th ACM SIGPLAN Conference on Programming Language Design and Implementation (PLDI), pp. 185\u2013200 (2017)","DOI":"10.1145\/3062341.3062363"},{"issue":"1","key":"7_CR15","doi-asserted-by":"publisher","first-page":"175","DOI":"10.1145\/1111596.1111601","volume":"28","author":"KW Hamlen","year":"2006","unstructured":"Hamlen, K.W., Morrisett, G., Schneider, F.B.: Computability classes for enforcement mechanisms. ACM Trans. Program. Lang. Syst. (TOPLAS) 28(1), 175\u2013205 (2006)","journal-title":"ACM Trans. Program. Lang. Syst. (TOPLAS)"},{"key":"7_CR16","series-title":"Lecture Notes in Computer Science","doi-asserted-by":"publisher","first-page":"116","DOI":"10.1007\/978-3-319-66399-9_7","volume-title":"Computer Security \u2013 ESORICS 2017","author":"M Heiderich","year":"2017","unstructured":"Heiderich, M., Sp\u00e4th, C., Schwenk, J.: DOMPurify: client-side protection against XSS and markup injection. In: Foley, S.N., Gollmann, D., Snekkenes, E. (eds.) ESORICS 2017. LNCS, vol. 10493, pp. 116\u2013134. Springer, Cham (2017). https:\/\/doi.org\/10.1007\/978-3-319-66399-9_7"},{"key":"7_CR17","unstructured":"Hruska, J.: Browser-based mining malware found on Pirate Bay, other sites. ExtremeTech, September 2017"},{"key":"7_CR18","doi-asserted-by":"crossref","unstructured":"Huang, D.Y., et al.: Botcoin: monetizing stolen cycles. In: Proceedings of the 21st Network and Distributed System Security Symposium (NDSS) (2014)","DOI":"10.14722\/ndss.2014.23044"},{"key":"7_CR19","unstructured":"Kafeine. Smominru Monero mining botnet making millions for operators. ProofPoint Threat Insight, January 2018"},{"key":"7_CR20","doi-asserted-by":"crossref","unstructured":"Karame, G., Androulaki, E., Capkun, S.: Double-spending fast payments in Bitcoin. In: Proceedings of the 19th ACM Conference on Computer and Communications Security (CCS), pp. 906\u2013917 (2012)","DOI":"10.1145\/2382196.2382292"},{"key":"7_CR21","unstructured":"Keramidas, R.: Stop coin mining in the browser with No Coin, September 2017. https:\/\/ker.af\/stop-coin-mining-in-the-browser-with-no-coin"},{"key":"7_CR22","doi-asserted-by":"crossref","unstructured":"Kinder, J., Katzenbeisser, S., Schallhart, C., Veith, H.: Detecting malicious code by model checking. In: Proceedings of the 2nd International Conference on Detection of Intrusions and Malware, and Vulnerability Assessment (DIMVA), pp. 174\u2013187 (2005)","DOI":"10.1007\/11506881_11"},{"key":"7_CR23","unstructured":"Lau, H.: Browser-based cryptocurrency mining makes unexpected return from the dead. Sympantec Threat Intelligence, December 2017"},{"key":"7_CR24","doi-asserted-by":"crossref","unstructured":"Lekies, S., Kotowicz, K., Gro\u00df, S., Nava, E.V., Johns, M.: Code-reuse attacks for the web: breaking cross-site scripting mitigations via script gadgets. In: Proceedings of the 24th ACM Conference on Computer and Communications Security (CCS), pp. 1709\u20131723 (2017)","DOI":"10.1145\/3133956.3134091"},{"key":"7_CR25","doi-asserted-by":"crossref","unstructured":"Lekies, S., Stock, B., Johns, M.: 25 million flows later: large-scale detection of DOM-based XSS. In: Proceedings of the 20th ACM Conference on Computer and Communications Security (CCS), pp. 1193\u20131204 (2013)","DOI":"10.1145\/2508859.2516703"},{"key":"7_CR26","doi-asserted-by":"crossref","unstructured":"Li, Z., Zhang, K., Xie, Y., Yu, F., Wang, X.: Knowing your enemy: understanding and detecting malicious web advertising. In: Proceedings of the 19th ACM Conference on Computer and Communications Security (CCS), pp. 906\u2013917 (2012)","DOI":"10.1145\/2382196.2382267"},{"key":"7_CR27","doi-asserted-by":"crossref","unstructured":"Liao, K., Zhao, Z., Doup\u00e9, A., Ahn, G.-J.: Behind closed doors: measurement and analysis of cryptolocker ransoms in Bitcoin. In: Proceedings of the 11th APWG Symposium on Electronic Crime Research (eCrime), pp. 1\u201313 (2016)","DOI":"10.1109\/ECRIME.2016.7487938"},{"key":"7_CR28","unstructured":"Liao, S.: Showtime websites secretly mined user CPU for cryptocurrency. The Verge, September 2017"},{"issue":"3","key":"7_CR29","doi-asserted-by":"publisher","first-page":"19","DOI":"10.1145\/1455526.1455532","volume":"12","author":"J Ligatti","year":"2009","unstructured":"Ligatti, J., Bauer, L., Walker, D.: Run-time enforcement of nonsafety policies. ACM Trans. Inf. Syst. Secur. (TISSEC) 12(3), 19 (2009)","journal-title":"ACM Trans. Inf. Syst. Secur. (TISSEC)"},{"key":"7_CR30","doi-asserted-by":"crossref","unstructured":"Louw, M.T., Venkatakrishnan, V.N.: Blueprint: robust prevention of cross-site scripting attacks for existing browsers. In: Proceedings of the 30th IEEE Symposium on Security and Privacy (S&P), pp. 331\u2013346 (2009)","DOI":"10.1109\/SP.2009.33"},{"key":"7_CR31","unstructured":"McMillen, D.: Network attacks containing cryptocurrency CPU mining tools grow sixfold. IBM X-Force SecurityIntelligence, September 2017"},{"key":"7_CR32","unstructured":"Meshkov, A.: Cryptojacking surges in popularity growing by 31% over the past month. AdGuard Research, November 2017"},{"key":"7_CR33","doi-asserted-by":"crossref","unstructured":"Moser, A., Kruegel, C., Kirda, E.: Limits of static analysis for malware detection. In: Proceedings of the 23rd Annual Computer Security Applications Conference (ACSAC), pp. 421\u2013430 (2007)","DOI":"10.1109\/ACSAC.2007.21"},{"key":"7_CR34","unstructured":"Nadji, Y., Saxena, P., Song, D.: Document structure integrity: a robust basis for cross-site scripting defense. In: Proceedings of the 21st Network and Distributed System Security Symposium (NDSS) (2014)"},{"key":"7_CR35","unstructured":"Neumann, R., Toro, A.: In-browser mining: Coinhive and WebAssembly. Forcepoint Security Labs, April 2018. https:\/\/blogs.forcepoint.com\/security-labs\/browser-mining-coinhive-and-webassembly"},{"key":"7_CR36","unstructured":"OAG, New Jersey. New Jersey Division of Consumer Affairs obtains settlement with developer of Bitcoin-mining software found to have accessed New Jersey computers without users\u2019 knowledge or consent. Office of the Attorney General, Department of Law & Public Safety, State of New Jersey, May 2015"},{"issue":"4","key":"7_CR37","doi-asserted-by":"publisher","first-page":"443","DOI":"10.1109\/TDSC.2014.2355847","volume":"12","author":"PH Phung","year":"2015","unstructured":"Phung, P.H., Monshizadeh, M., Sridhar, M., Hamlen, K.W., Venkatakrishnan, V.: Between worlds: securing mixed JavaScript\/ActionScript multi-party web content. IEEE Trans. Dependable Secur. Comput. TDSC 12(4), 443\u2013457 (2015)","journal-title":"IEEE Trans. Dependable Secur. Comput. TDSC"},{"key":"7_CR38","doi-asserted-by":"crossref","unstructured":"Rowe, N.C.: The attribution of cyber warfare. In: Green, J.A. (eds.) Cyber Warfare: A multidisciplinary Analysis, Routledge Studies in Conflict, Security and Technology. Routledge (2015)","DOI":"10.4324\/9781315761565-4"},{"issue":"1","key":"7_CR39","doi-asserted-by":"publisher","first-page":"30","DOI":"10.1145\/353323.353382","volume":"3","author":"FB Schneider","year":"2000","unstructured":"Schneider, F.B.: Enforceable security policies. ACM Trans. Inf. Syst. Secur. (TISSEC) 3(1), 30\u201350 (2000)","journal-title":"ACM Trans. Inf. Syst. Secur. (TISSEC)"},{"key":"7_CR40","series-title":"Lecture Notes in Computer Science","doi-asserted-by":"publisher","first-page":"149","DOI":"10.1007\/978-3-642-11503-5_13","volume-title":"Practical Aspects of Declarative Languages","author":"M Sridhar","year":"2010","unstructured":"Sridhar, M., Hamlen, K.W.: ActionScript in-lined reference monitoring in prolog. In: Carro, M., Pe\u00f1a, R. (eds.) PADL 2010. LNCS, vol. 5937, pp. 149\u2013151. Springer, Heidelberg (2010). https:\/\/doi.org\/10.1007\/978-3-642-11503-5_13"},{"key":"7_CR41","series-title":"Lecture Notes in Computer Science","doi-asserted-by":"publisher","first-page":"312","DOI":"10.1007\/978-3-642-11319-2_23","volume-title":"Verification, Model Checking, and Abstract Interpretation","author":"M Sridhar","year":"2010","unstructured":"Sridhar, M., Hamlen, K.W.: Model-checking in-lined reference monitors. In: Barthe, G., Hermenegildo, M. (eds.) VMCAI 2010. LNCS, vol. 5944, pp. 312\u2013327. Springer, Heidelberg (2010). https:\/\/doi.org\/10.1007\/978-3-642-11319-2_23"},{"key":"7_CR42","doi-asserted-by":"crossref","unstructured":"Stamm, S., Sterne, B., Markham, G.: Reining in the web with content security policy. In: Proceedings of the 19th International Conference on World Wide Web WWW, pp. 921\u2013930 (2010)","DOI":"10.1145\/1772690.1772784"},{"key":"7_CR43","doi-asserted-by":"crossref","unstructured":"Stasinopoulos, A., Ntantogian, C., Xenakis, C.: Commix: automating evaluation and exploitation of command injection vulnerabilities in web applications. Int. J. Inf. Secur. 1\u201324 (2018)","DOI":"10.1007\/s10207-018-0399-z"},{"key":"7_CR44","unstructured":"Stock, B., Johns, M., Steffens, M., Backes, M.: How the web tangled itself: uncovering the history of client-side Web (in)security. In: Proceedings of the 26th USENIX Security Symposium, pp. 971\u2013987 (2017)"},{"key":"7_CR45","unstructured":"Stock, B., Lekies, S., Mueller, T., Spiegel, P., Johns, M.: Precise client-side protection against DOM-based cross-site scripting. In: Proceedings of the 23rd USENIX Security Symposium, pp. 655\u2013670 (2014)"},{"key":"7_CR46","doi-asserted-by":"crossref","unstructured":"Szalachowski, P.: Towards more reliable Bitcoin timestamps (2018). arXiv:1803.09028","DOI":"10.1109\/CVCBT.2018.00018"},{"key":"7_CR47","doi-asserted-by":"crossref","unstructured":"Tahir, R., et al.: Mining on someone else\u2019s dime: mitigating covert mining operations in clouds and enterprises. In: Proceedings of the 20th International Symposium on Research in Attacks, Intrusions, and Defenses RAID, pp. 287\u2013310 (2017)","DOI":"10.1007\/978-3-319-66332-6_13"},{"key":"7_CR48","unstructured":"van Saberhagen, N.: CryptoNote v 2.0. Technical report, CryptoNote Technology, October 2013"},{"key":"7_CR49","doi-asserted-by":"publisher","first-page":"90","DOI":"10.1016\/j.cose.2015.04.009","volume":"52","author":"N Virvilis","year":"2015","unstructured":"Virvilis, N., Mylonas, A., Tsalis, N., Gritzalis, D.: Security busters: web browser security vs. suspicious sites. Comput. Secur. 52, 90\u2013105 (2015)","journal-title":"Comput. Secur."},{"key":"7_CR50","unstructured":"WebAssembly Community Group. Security (2018). http:\/\/webassembly.org\/docs\/security"},{"key":"7_CR51","unstructured":"Weinberger, J., Barth, A., Song, D.: Towards client-side HTML security policies. In: Proceedings of the 6th USENIX Conference on Hot Topics in Security (HotSec), p. 8 (2011)"},{"key":"7_CR52","unstructured":"WhiteHat Security. Application security statistics report, vol. 12 (2017)"},{"key":"7_CR53","doi-asserted-by":"crossref","unstructured":"Wu, Z., Gianvecchio, S., Xie, M., Wang, H.: Mimimorphism: a new approach to binary code obfuscation. In: Proceedings of the 17th ACM Conference on Computer and Communications Security (CCS), pp. 536\u2013546 (2010)","DOI":"10.1145\/1866307.1866368"},{"key":"7_CR54","doi-asserted-by":"crossref","unstructured":"Xu, W., Zhang, F., Zhu, S.: JStill: mostly static detection of obfuscated malicious JavaScript code. In: Proceedings of the 3rd ACM Conference on Data and Application Security and Privacy (CODASPY), pp. 117\u2013128 (2013)","DOI":"10.1145\/2435349.2435364"},{"key":"7_CR55","series-title":"Lecture Notes in Computer Science","doi-asserted-by":"publisher","first-page":"143","DOI":"10.1007\/978-3-319-66332-6_7","volume-title":"Research in Attacks, Intrusions, and Defenses","author":"G Yang","year":"2017","unstructured":"Yang, G., Mendoza, A., Zhang, J., Gu, G.: Precisely and scalably vetting JavaScript bridge in android hybrid apps. In: Dacier, M., Bailey, M., Polychronakis, M., Antonakakis, M. (eds.) RAID 2017. LNCS, vol. 10453, pp. 143\u2013166. Springer, Cham (2017). https:\/\/doi.org\/10.1007\/978-3-319-66332-6_7"}],"container-title":["Lecture Notes in Computer Science","Computer Security"],"original-title":[],"language":"en","link":[{"URL":"https:\/\/link.springer.com\/content\/pdf\/10.1007\/978-3-319-98989-1_7","content-type":"unspecified","content-version":"vor","intended-application":"similarity-checking"}],"deposited":{"date-parts":[[2023,8,8]],"date-time":"2023-08-08T00:02:33Z","timestamp":1691452953000},"score":1,"resource":{"primary":{"URL":"https:\/\/link.springer.com\/10.1007\/978-3-319-98989-1_7"}},"subtitle":[],"short-title":[],"issued":{"date-parts":[[2018]]},"ISBN":["9783319989884","9783319989891"],"references-count":55,"URL":"https:\/\/doi.org\/10.1007\/978-3-319-98989-1_7","relation":{},"ISSN":["0302-9743","1611-3349"],"issn-type":[{"value":"0302-9743","type":"print"},{"value":"1611-3349","type":"electronic"}],"subject":[],"published":{"date-parts":[[2018]]},"assertion":[{"value":"7 August 2018","order":1,"name":"first_online","label":"First Online","group":{"name":"ChapterHistory","label":"Chapter History"}},{"value":"ESORICS","order":1,"name":"conference_acronym","label":"Conference Acronym","group":{"name":"ConferenceInfo","label":"Conference Information"}},{"value":"European Symposium on Research in Computer Security","order":2,"name":"conference_name","label":"Conference Name","group":{"name":"ConferenceInfo","label":"Conference Information"}},{"value":"Barcelona","order":3,"name":"conference_city","label":"Conference City","group":{"name":"ConferenceInfo","label":"Conference Information"}},{"value":"Spain","order":4,"name":"conference_country","label":"Conference Country","group":{"name":"ConferenceInfo","label":"Conference Information"}},{"value":"2018","order":5,"name":"conference_year","label":"Conference Year","group":{"name":"ConferenceInfo","label":"Conference Information"}},{"value":"3 September 2018","order":7,"name":"conference_start_date","label":"Conference Start Date","group":{"name":"ConferenceInfo","label":"Conference Information"}},{"value":"9 September 2018","order":8,"name":"conference_end_date","label":"Conference End Date","group":{"name":"ConferenceInfo","label":"Conference Information"}},{"value":"23","order":9,"name":"conference_number","label":"Conference Number","group":{"name":"ConferenceInfo","label":"Conference Information"}},{"value":"esorics2018","order":10,"name":"conference_id","label":"Conference ID","group":{"name":"ConferenceInfo","label":"Conference Information"}},{"value":"https:\/\/esorics2018.upc.edu\/","order":11,"name":"conference_url","label":"Conference URL","group":{"name":"ConferenceInfo","label":"Conference Information"}},{"value":"This content has been made available to all.","name":"free","label":"Free to read"}]}}