{"status":"ok","message-type":"work","message-version":"1.0.0","message":{"indexed":{"date-parts":[[2025,11,18]],"date-time":"2025-11-18T12:19:48Z","timestamp":1763468388838,"version":"3.40.3"},"publisher-location":"Berlin, Heidelberg","reference-count":43,"publisher":"Springer Berlin Heidelberg","isbn-type":[{"type":"print","value":"9783662549698"},{"type":"electronic","value":"9783662549704"}],"license":[{"start":{"date-parts":[[2017,1,1]],"date-time":"2017-01-01T00:00:00Z","timestamp":1483228800000},"content-version":"unspecified","delay-in-days":0,"URL":"http:\/\/www.springer.com\/tdm"}],"content-domain":{"domain":["link.springer.com"],"crossmark-restriction":false},"short-container-title":[],"published-print":{"date-parts":[[2017]]},"DOI":"10.1007\/978-3-662-54970-4_26","type":"book-chapter","created":{"date-parts":[[2017,5,16]],"date-time":"2017-05-16T02:02:55Z","timestamp":1494900175000},"page":"441-459","update-policy":"https:\/\/doi.org\/10.1007\/springer_crossmark_policy","source":"Crossref","is-referenced-by-count":12,"title":["Include Me Out: In-Browser Detection of Malicious Third-Party Content Inclusions"],"prefix":"10.1007","author":[{"given":"Sajjad","family":"Arshad","sequence":"first","affiliation":[],"role":[{"role":"author","vocabulary":"crossref"}]},{"given":"Amin","family":"Kharraz","sequence":"additional","affiliation":[],"role":[{"role":"author","vocabulary":"crossref"}]},{"given":"William","family":"Robertson","sequence":"additional","affiliation":[],"role":[{"role":"author","vocabulary":"crossref"}]}],"member":"297","published-online":{"date-parts":[[2017,5,17]]},"reference":[{"key":"26_CR1","unstructured":"ADsafe. http:\/\/www.adsafe.org\/"},{"key":"26_CR2","unstructured":"CSP in Content Scripts. https:\/\/developer.chrome.com\/extensions\/contentSecurityPolicy#interactions"},{"key":"26_CR3","unstructured":"PhantomJS. http:\/\/phantomjs.org\/"},{"key":"26_CR4","unstructured":"Selenium: Web Browser Automation. http:\/\/www.seleniumhq.org\/"},{"key":"26_CR5","unstructured":"VirtusTotal. https:\/\/www.virustotal.com\/"},{"key":"26_CR6","unstructured":"Cross-Origin Resource Sharing (CORS) (2014). http:\/\/www.w3.org\/TR\/cors\/"},{"key":"26_CR7","unstructured":"Content Security Policy 1.1 (2015). https:\/\/dvcs.w3.org\/hg\/content-security-policy\/raw-file\/tip\/csp-specification.dev.html"},{"key":"26_CR8","unstructured":"Bilge, L., Kirda, E., Kruegel, C., Marco Balduzzi, E.: Finding malicious domains using passive DNS analysis. In: Network and Distributed System Security Symposium (NDSS) (2011)"},{"key":"26_CR9","unstructured":"Coldewey, D.: Marriott puts an end to shady ad injection service (2012). http:\/\/techcrunch.com\/2012\/04\/09\/marriott-puts-an-end-to-shady-ad-injection-service\/"},{"key":"26_CR10","doi-asserted-by":"crossref","unstructured":"Cova, M., Kruegel, C., Vigna, G.: Detection and analysis of drive-by-download attacks and malicious javascript code. In: International World Wide Web Conference (WWW) (2010)","DOI":"10.1145\/1772690.1772720"},{"key":"26_CR11","doi-asserted-by":"crossref","unstructured":"Dong, X., Tran, M., Liang, Z., Jiang, X.: AdSentry: Comprehensive and flexible confinement of JavaScript-based advertisements. In: Annual Computer Security Applications Conference (ACSAC) (2011)","DOI":"10.1145\/2076732.2076774"},{"key":"26_CR12","unstructured":"Finifter, M., Weinberger, J., Barth, A.: Preventing capability leaks in secure JavaScript subsets. In: Network and Distributed System Security Symposium (NDSS) (2010)"},{"key":"26_CR13","unstructured":"Google, Inc., Google Safe Browsing API (2015). https:\/\/developers.google.com\/safe-browsing\/"},{"key":"26_CR14","doi-asserted-by":"crossref","unstructured":"Grier, C., Tang, S., King, S.T.: Secure web browsing with the OP web browser. In: IEEE Symposium on Security and Privacy (Oakland) (2008)","DOI":"10.1109\/SP.2008.19"},{"key":"26_CR15","unstructured":"Guarnieri, S., Benjamin Livshits, G.: Mostly static enforcement of security and reliability policies for JavaScript code. In: USENIX Security Symposium (2009)"},{"key":"26_CR16","doi-asserted-by":"crossref","unstructured":"Huang, L.-S., Weinberg, Z., Evans, C., Jackson, C.: Protecting browsers from cross-origin CSS attacks. In: Proceedings of the ACM Conference on Computer and Communications Security (CCS) (2010)","DOI":"10.1145\/1866307.1866376"},{"key":"26_CR17","unstructured":"Jagpal, N., Dingle, E., Gravel, J.-P., Mavrommatis, P., Provos, N., Rajab, M.A., Thomas, K.: Trends and lessons from three years fighting malicious extensions. In: USENIX Security Symposium (2015)"},{"key":"26_CR18","unstructured":"John, J.P., Yu, F., Xie, Y., Krishnamurthy, A., Abadi, M.: deSEO: Combating search-result poisoning. In: USENIX Security Symposium (2011)"},{"key":"26_CR19","unstructured":"Kapravelos, A., Grier, C., Chachra, N., Kruegel, C., Vigna, G., Paxson, V.: Hulk: eliciting malicious behavior in browser extensions. In: USENIX Security Symposium (2014)"},{"key":"26_CR20","series-title":"Lecture Notes in Computer Science","doi-asserted-by":"publisher","first-page":"4","DOI":"10.1007\/BFb0026666","volume-title":"Machine Learning: ECML-98","author":"DD Lewis","year":"1998","unstructured":"Lewis, D.D.: Naive (Bayes) at forty: the independence assumption in information retrieval. In: N\u00e9dellec, C., Rouveirol, C. (eds.) ECML 1998. LNCS, vol. 1398, pp. 4\u201315. Springer, Heidelberg (1998). doi:10.1007\/BFb0026666"},{"key":"26_CR21","unstructured":"Li, Z., Alrwais, S., Xie, Y., Yu, F., Wang, X.: Finding the linchpins of the dark web: a study on topologically dedicated hosts on malicious web infrastructures. In: IEEE Symposium on Security and Privacy (Oakland) (2013)"},{"key":"26_CR22","doi-asserted-by":"crossref","unstructured":"Li, Z., Zhang, K., Xie, Y., Yu, F., Wang, X.: Knowing your enemy: understanding and detecting malicious web advertising. In: ACM Conference on Computer and Communications Security (CCS) (2012)","DOI":"10.1145\/2382196.2382267"},{"key":"26_CR23","unstructured":"Ter Louw, M., Ganesh, K.T., Venkatakrishnan, V.N.: AdJail: practical enforcement of confidentiality and integrity policies on web advertisements. In: USENIX Security Symposium (2010)"},{"key":"26_CR24","doi-asserted-by":"crossref","unstructured":"Maffeis, S., Taly, A.: Language-based isolation of untrusted JavaScript. In: IEEE Computer Security Foundations Symposium (CSF) (2009)","DOI":"10.1109\/CSF.2009.11"},{"key":"26_CR25","unstructured":"Marvin, G.: Google study exposes \u201ctangled web\u201d of companies profiting from ad injection (2015). http:\/\/marketingland.com\/ad-injector-study-google-127738"},{"key":"26_CR26","doi-asserted-by":"crossref","unstructured":"Meyerovich, L.A., Livshits, B.: ConScript: specifying and enforcing fine-grained security policies for JavaScript in the browser. In: IEEE Symposium on Security and Privacy (Oakland) (2010)","DOI":"10.1109\/SP.2010.36"},{"key":"26_CR27","unstructured":"Nelms, T., Perdisci, R., Antonakakis, M., Ahamad, M.: WebWitness: investigating, categorizing, and mitigating malware download paths. In: USENIX Security Symposium (2015)"},{"key":"26_CR28","doi-asserted-by":"crossref","unstructured":"Nikiforakis, N., Invernizzi, L., Kapravelos, A., Van Acker, S., Joosen, W., Kruegel, C., Piessens, F., Vigna, G.: You are what You include: large-scale evaluation of remote JavaScript inclusions. In: ACM Conference on Computer and Communications Security (CCS) (2012)","DOI":"10.1145\/2382196.2382274"},{"key":"26_CR29","doi-asserted-by":"crossref","unstructured":"Nikiforakis, N., Maggi, F., Stringhini, G., Rafique, M., Joosen, W., Kruegel, C., Piessens, F., Vigna, G., Zanero, S.: Stranger danger: exploring the ecosystem of ad-based URL shortening services. In: International World Wide Web Conference (WWW) (2014)","DOI":"10.1145\/2566486.2567983"},{"key":"26_CR30","doi-asserted-by":"crossref","unstructured":"Phung, P.H., Sands, D., Chudnov, A.: Lightweight self-protecting JavaScript. In: ACM Symposium on Information, Computer, and Communications Security (ASIACCS) (2009)","DOI":"10.1145\/1533057.1533067"},{"issue":"2","key":"26_CR31","doi-asserted-by":"publisher","first-page":"257","DOI":"10.1109\/5.18626","volume":"77","author":"LR Rabiner","year":"1989","unstructured":"Rabiner, L.R.: A tutorial on Hidden Markov Models and selected applications in speech recognition. Proc. IEEE 77(2), 257\u2013285 (1989)","journal-title":"Proc. IEEE"},{"key":"26_CR32","doi-asserted-by":"crossref","unstructured":"Rahbarinia, B., Perdisci, R., Antonakakis, M.: Segugio: efficient behavior-based tracking of new malware-control domains in large ISP networks. In: IEEE\/IFIP International Conference on Dependable Systems and Networks (DSN) (2015)","DOI":"10.1109\/DSN.2015.35"},{"key":"26_CR33","doi-asserted-by":"crossref","unstructured":"Reis, C., Dunagan, J., Wang, H.J., Dubrovsky, O., Esmeir, S.: BrowserShield: vulnerability-driven filtering of dynamic HTML. In: USENIX Symposium on Operating Systems Design and Implementation (OSDI) (2006)","DOI":"10.1145\/1281480.1281481"},{"key":"26_CR34","unstructured":"Son, S., Shmatikov, V.: The postman always rings twice: attacking and defending postMessage in HTML5 websites. In: Network and Distributed System Security Symposium (NDSS) (2013)"},{"key":"26_CR35","doi-asserted-by":"crossref","unstructured":"Stone-Gross, B., Stevens, R., Kemmerer, R., Kruegel, C., Vigna, G., Zarras, A.: Understanding fraudulent activities in online ad exchanges. In: Internet Measurement Conference (IMC) (2011)","DOI":"10.1145\/2068816.2068843"},{"key":"26_CR36","doi-asserted-by":"crossref","unstructured":"Stringhini, G., Kruegel, C., Vigna, G.: Shady paths: leveraging surfing crowds to detect malicious web pages. In: ACM Conference on Computer and Communications Security (CCS) (2013)","DOI":"10.1145\/2508859.2516682"},{"key":"26_CR37","unstructured":"Tang, S., Mai, H., King, S.T.: Trust and protection in the Illinois browser operating system. In: USENIX Symposium on Operating Systems Design and Implementation (OSDI) (2010)"},{"key":"26_CR38","doi-asserted-by":"crossref","unstructured":"Thomas, K., Bursztein, E., Grier, C., Ho, G., Jagpal, N., Kapravelos, A., McCoy, D., Nappa, A., Paxson, V., Pearce, P., Provos, N., Rajab, M.A.: Ad injection at scale: assessing deceptive advertisement modifications. In: IEEE Symposium on Security and Privacy (Oakland) (2015)","DOI":"10.1109\/SP.2015.17"},{"key":"26_CR39","unstructured":"Wang, H.J., Grier, C., Moshchuk, A., King, S.T., Choudhury, P., Venter, H.: The multi-principal OS construction of the Gazelle web browser. In: USENIX Security Symposium (2009)"},{"key":"26_CR40","series-title":"Lecture Notes in Computer Science","doi-asserted-by":"publisher","first-page":"212","DOI":"10.1007\/978-3-319-11379-1_11","volume-title":"Research in Attacks, Intrusions and Defenses","author":"M Weissbacher","year":"2014","unstructured":"Weissbacher, M., Lauinger, T., Robertson, W.: Why is CSP failing? Trends and challenges in CSP adoption. In: Stavrou, A., Bos, H., Portokalidis, G. (eds.) RAID 2014. LNCS, vol. 8688, pp. 212\u2013233. Springer, Cham (2014). doi:10.1007\/978-3-319-11379-1_11"},{"key":"26_CR41","unstructured":"World Wide Web Consortium (W3C). What is the document object model? http:\/\/www.w3.org\/TR\/DOM-Level-2-Core\/introduction.html"},{"key":"26_CR42","doi-asserted-by":"crossref","unstructured":"Xing, X., Meng, W., Weinsberg, U., Sheth, A., Lee, B., Perdisci, R., Lee, W.: Unraveling the relationship between ad-injecting browser extensions and malvertising. In: International World Wide Web Conference (WWW) (2015)","DOI":"10.1145\/2736277.2741630"},{"key":"26_CR43","doi-asserted-by":"crossref","unstructured":"Zarras, A., Kapravelos, A., Stringhini, G., Holz, T., Kruegel, C., Vigna, G.: The dark alleys of madison avenue: understanding malicious advertisements. In: Proceedings of the Internet Measurement Conference (IMC) (2014)","DOI":"10.1145\/2663716.2663719"}],"container-title":["Lecture Notes in Computer Science","Financial Cryptography and Data Security"],"original-title":[],"language":"en","link":[{"URL":"https:\/\/link.springer.com\/content\/pdf\/10.1007\/978-3-662-54970-4_26","content-type":"unspecified","content-version":"vor","intended-application":"similarity-checking"}],"deposited":{"date-parts":[[2024,4,2]],"date-time":"2024-04-02T16:47:59Z","timestamp":1712076479000},"score":1,"resource":{"primary":{"URL":"https:\/\/link.springer.com\/10.1007\/978-3-662-54970-4_26"}},"subtitle":[],"short-title":[],"issued":{"date-parts":[[2017]]},"ISBN":["9783662549698","9783662549704"],"references-count":43,"URL":"https:\/\/doi.org\/10.1007\/978-3-662-54970-4_26","relation":{},"ISSN":["0302-9743","1611-3349"],"issn-type":[{"type":"print","value":"0302-9743"},{"type":"electronic","value":"1611-3349"}],"subject":[],"published":{"date-parts":[[2017]]},"assertion":[{"value":"17 May 2017","order":1,"name":"first_online","label":"First Online","group":{"name":"ChapterHistory","label":"Chapter History"}},{"value":"FC","order":1,"name":"conference_acronym","label":"Conference Acronym","group":{"name":"ConferenceInfo","label":"Conference Information"}},{"value":"International Conference on Financial Cryptography and Data Security","order":2,"name":"conference_name","label":"Conference Name","group":{"name":"ConferenceInfo","label":"Conference Information"}},{"value":"Christ Church","order":3,"name":"conference_city","label":"Conference City","group":{"name":"ConferenceInfo","label":"Conference Information"}},{"value":"Barbados","order":4,"name":"conference_country","label":"Conference Country","group":{"name":"ConferenceInfo","label":"Conference Information"}},{"value":"2016","order":5,"name":"conference_year","label":"Conference Year","group":{"name":"ConferenceInfo","label":"Conference Information"}},{"value":"22 February 2016","order":7,"name":"conference_start_date","label":"Conference Start Date","group":{"name":"ConferenceInfo","label":"Conference Information"}},{"value":"26 February 2016","order":8,"name":"conference_end_date","label":"Conference End Date","group":{"name":"ConferenceInfo","label":"Conference Information"}},{"value":"20","order":9,"name":"conference_number","label":"Conference Number","group":{"name":"ConferenceInfo","label":"Conference Information"}},{"value":"fc2016","order":10,"name":"conference_id","label":"Conference ID","group":{"name":"ConferenceInfo","label":"Conference Information"}},{"value":"http:\/\/fc16.ifca.ai\/","order":11,"name":"conference_url","label":"Conference URL","group":{"name":"ConferenceInfo","label":"Conference Information"}}]}}