{"status":"ok","message-type":"work","message-version":"1.0.0","message":{"indexed":{"date-parts":[[2026,2,4]],"date-time":"2026-02-04T15:30:49Z","timestamp":1770219049270,"version":"3.49.0"},"publisher-location":"Berlin, Heidelberg","reference-count":38,"publisher":"Springer Berlin Heidelberg","isbn-type":[{"value":"9783642236433","type":"print"},{"value":"9783642236440","type":"electronic"}],"license":[{"start":{"date-parts":[[2011,1,1]],"date-time":"2011-01-01T00:00:00Z","timestamp":1293840000000},"content-version":"unspecified","delay-in-days":0,"URL":"http:\/\/www.springer.com\/tdm"}],"content-domain":{"domain":[],"crossmark-restriction":false},"short-container-title":[],"published-print":{"date-parts":[[2011]]},"DOI":"10.1007\/978-3-642-23644-0_15","type":"book-chapter","created":{"date-parts":[[2012,2,11]],"date-time":"2012-02-11T00:06:20Z","timestamp":1328918780000},"page":"281-300","source":"Crossref","is-referenced-by-count":31,"title":["IceShield: Detection and Mitigation of Malicious Websites with a Frozen DOM"],"prefix":"10.1007","author":[{"given":"Mario","family":"Heiderich","sequence":"first","affiliation":[],"role":[{"role":"author","vocabulary":"crossref"}]},{"given":"Tilman","family":"Frosch","sequence":"additional","affiliation":[],"role":[{"role":"author","vocabulary":"crossref"}]},{"given":"Thorsten","family":"Holz","sequence":"additional","affiliation":[],"role":[{"role":"author","vocabulary":"crossref"}]}],"member":"297","reference":[{"key":"15_CR1","unstructured":"Provos, N., Mavrommatis, P., Rajab, M.A., Monrose, F.: All your iFRAMEs point to us. In: USENIX Security Symposium (2008)"},{"key":"15_CR2","doi-asserted-by":"crossref","unstructured":"Kirda, E., Kruegel, C., Vigna, G., Jovanovic, N.: Noxes: A client-side solution for mitigating Cross-Site scripting attacks. In: ACM Symposium on Applied Computing, SAC (2006)","DOI":"10.1145\/1141277.1141357"},{"key":"15_CR3","unstructured":"Martin, M., Lam, M.S.: Automatic generation of XSS and SQL injection attacks with Goal-Directed model checking. In: USENIX Security Symposium (2008)"},{"key":"15_CR4","doi-asserted-by":"crossref","unstructured":"Wassermann, G., Su, Z.: Static detection of Cross-Site scripting vulnerabilities. In: International Conference on Software Engineering, ICSE (2008)","DOI":"10.1145\/1368088.1368112"},{"key":"15_CR5","unstructured":"Balduzzi, M.: New insights into clickjacking. In: OWASP AppSec Research (2010)"},{"key":"15_CR6","doi-asserted-by":"crossref","unstructured":"Cova, M., Kruegel, C., Vigna, G.: Detection and analysis of drive-by-download attacks and malicious JavaScript code. In: 19th International Conference on World Wide Web (2010)","DOI":"10.1145\/1772690.1772720"},{"key":"15_CR7","doi-asserted-by":"crossref","unstructured":"Rieck, K., Krueger, T., Dewald, A.: Cujo: Efficient Detection and Prevention of Drive-by-Download Attacks. In: Annual Computer Security Applications Conference, ACSAC (2010)","DOI":"10.1145\/1920261.1920267"},{"key":"15_CR8","unstructured":"Guarnieri, S., Livshits, B.: GATEKEEPER: Mostly Static Enforcement of Security and Reliability Policies for JavaScript Code. In: USENIX Security Symposium (2009)"},{"key":"15_CR9","unstructured":"Miller, M.S., Samuel, M., Laurie, B., Awad, I., Stay, M.: Caja - safe active content in sanitized javascript (2007), \n                    \n                      http:\/\/code.google.com\/p\/google-caja\/"},{"key":"15_CR10","unstructured":"Wang, H.J., Grier, C., Moshchuk, A., King, S.T., Choudhury, P., Venter, H.: The Multi-Principal OS Construction of the Gazelle Web Browser. In: USENIX Security Symposium (2009)"},{"key":"15_CR11","unstructured":"Mozilla: String - MDC (2011), \n                    \n                      https:\/\/developer.mozilla.org\/en\/Core_JavaScript_1.5_Reference\/Global_Objects\/String#Methods_2"},{"key":"15_CR12","unstructured":"Heyes, G.: Polymorphic javascript (2010), \n                    \n                      http:\/\/www.thespanner.co.uk\/2008\/02\/27\/polymorphic-javascript\/"},{"key":"15_CR13","doi-asserted-by":"crossref","unstructured":"Song, Y., Locasto, M.E., Stavrou, A., Keromytis, A.D., Stolfo, S.J.: On the infeasibility of modeling polymorphic shellcode. Mach. Learn.\u00a081 (2010)","DOI":"10.1007\/s10994-009-5143-5"},{"key":"15_CR14","unstructured":"Oberheide, J., Cooke, E., Jahanian, F.: CloudAV: N-Version Antivirus in the Network Cloud. In: USENIX Security Symposium (2008)"},{"key":"15_CR15","unstructured":"Barth, A.: Bug 29278 XSSAuditor bypasses from sla.ckers.org (2009), \n                    \n                      https:\/\/bugs.webkit.org\/show_bug.cgi?id=29278"},{"key":"15_CR16","unstructured":"Kouzemchenko, A.: Examining and bypassing the IE8 XSS filter (2009), \n                    \n                      http:\/\/www.slideshare.net\/kuza55\/examining-the-ie8-xss-filter"},{"key":"15_CR17","unstructured":"Father, H.: Hooking Windows API - Technics of Hooking API functions on Windows. The CodeBreakers Journal\u00a01 (2004)"},{"key":"15_CR18","doi-asserted-by":"crossref","unstructured":"Willems, C., Holz, T., Freiling, F.: CWSandbox: Towards Automated Dynamic Binary Analysis. IEEE Security and Privacy\u00a05 (2007)","DOI":"10.1109\/MSP.2007.45"},{"key":"15_CR19","unstructured":"Mozilla: defineProperty - MDC (2011), \n                    \n                      https:\/\/developer.mozilla.org\/en\/JavaScript\/Reference\/Global_Objects\/Object\/defineProperty"},{"key":"15_CR20","unstructured":"Mozilla: defineProperties - MDC (2011), \n                    \n                      https:\/\/developer.mozilla.org\/en\/JavaScript\/Reference\/Global_Objects\/Object\/defineProperties"},{"key":"15_CR21","unstructured":"Mozilla: window.location - MDC (2011), \n                    \n                      https:\/\/developer.mozilla.org\/en\/window.location"},{"key":"15_CR22","unstructured":"Mozilla: document.URL - MDC (2010), \n                    \n                      https:\/\/developer.mozilla.org\/en\/document.URL"},{"key":"15_CR23","doi-asserted-by":"publisher","first-page":"84","DOI":"10.1007\/978-0-387-21606-5","volume-title":"The Elements of Statistical Learning","author":"T. Hastie","year":"2001","unstructured":"Hastie, T., Tibshirani, R., Friedman, R.: Linear discriminant analysis. In: The Elements of Statistical Learning, p. 84. Springer, Heidelberg (2001)"},{"key":"15_CR24","unstructured":"W3C: Client-side scripting techniques for WCAG 2.0 (2004), \n                    \n                      http:\/\/www.w3.org\/TR\/2004\/WD-WCAG20-SCRIPT-TECHS-20041119\/"},{"key":"15_CR25","doi-asserted-by":"crossref","unstructured":"Masinter, L.: RFC 2397 - the \u201ddata\u201d URL scheme (1998)","DOI":"10.17487\/rfc2397"},{"key":"15_CR26","unstructured":"Mozilla: Gecko - MDC (2011), \n                    \n                      https:\/\/developer.mozilla.org\/en\/Gecko"},{"key":"15_CR27","unstructured":"Mozilla: Gecko-Specific DOM events - MDC (2011), \n                    \n                      https:\/\/developer.mozilla.org\/en\/Gecko-Specific_DOM_Events"},{"key":"15_CR28","unstructured":"Nava, E.V.: ACS - active content signatures. PST_WEBZINE_0X04 (2006)"},{"key":"15_CR29","doi-asserted-by":"crossref","unstructured":"Phung, P.H., Sands, D., Chudnov, A.: Lightweight Self-Protecting javascript. In: ACM Symposium on Information, Computer and Communications Security (ASIACCS) (March 2009)","DOI":"10.1145\/1533057.1533067"},{"key":"15_CR30","unstructured":"Johns, M.: Code Injection Vulnerabilities in Web Applications - Exemplified at Cross-site Scripting. PhD thesis. University of Passau, Passau (2009)"},{"key":"15_CR31","unstructured":"Deiters, M.: Aspect-Oriented programming (2010), \n                    \n                      http:\/\/msdn.microsoft.com\/en-us\/library\/aa288717VS.71.aspx"},{"key":"15_CR32","unstructured":"Barth, A., Felt, A.P., Saxena, P., Boodman, A.: Protecting browsers from extension vulnerabilities. In: Proc. of the 17th Network and Distributed System Security Symposium (2009), \n                    \n                      http:\/\/www.adambarth.com\/papers\/2010\/barth-felt-saxena-boodman.pdf"},{"key":"15_CR33","unstructured":"Naraine, R.: Drive-by downloads. the web under siege - securelist (2009), \n                    \n                      http:\/\/www.securelist.com\/en\/analysis?pubid=204792056"},{"key":"15_CR34","unstructured":"OWASP: Enterprise security API (2011), \n                    \n                      http:\/\/www.owasp.org\/index.php\/Category:OWASP_Enterprise_Security_API"},{"key":"15_CR35","unstructured":"Alexa, the Web Information Company: Top 1,000,000 Sites (2010), \n                    \n                      http:\/\/www.alexa.com\/topsites"},{"key":"15_CR36","unstructured":"Malware Domain List (2010), \n                    \n                      http:\/\/www.malwaredomainlist.com\/mdlcsv.php"},{"key":"15_CR37","unstructured":"Curtsinger, C., Livshits, B., Zorn, B., Seifert, C.: Zozzle: Fast and Precise In-Browser JavaScript Malware Detection. In: USENIX Security Symposium (2011)"},{"key":"15_CR38","unstructured":"Wang, Y.M., Beck, D., Jiang, X., Roussev, R., Verbowski, C., Chen, S., King, S.T.: Automated Web Patrol with Strider HoneyMonkeys: Finding Web Sites That Exploit Browser Vulnerabilities. In: Network and Distributed System Security Symposium, NDSS (2006)"}],"container-title":["Lecture Notes in Computer Science","Recent Advances in Intrusion Detection"],"original-title":[],"link":[{"URL":"http:\/\/link.springer.com\/content\/pdf\/10.1007\/978-3-642-23644-0_15","content-type":"unspecified","content-version":"vor","intended-application":"similarity-checking"}],"deposited":{"date-parts":[[2019,4,27]],"date-time":"2019-04-27T12:17:23Z","timestamp":1556367443000},"score":1,"resource":{"primary":{"URL":"http:\/\/link.springer.com\/10.1007\/978-3-642-23644-0_15"}},"subtitle":[],"short-title":[],"issued":{"date-parts":[[2011]]},"ISBN":["9783642236433","9783642236440"],"references-count":38,"URL":"https:\/\/doi.org\/10.1007\/978-3-642-23644-0_15","relation":{},"ISSN":["0302-9743","1611-3349"],"issn-type":[{"value":"0302-9743","type":"print"},{"value":"1611-3349","type":"electronic"}],"subject":[],"published":{"date-parts":[[2011]]}}}