{"status":"ok","message-type":"work","message-version":"1.0.0","message":{"indexed":{"date-parts":[[2026,3,10]],"date-time":"2026-03-10T20:42:59Z","timestamp":1773175379576,"version":"3.50.1"},"publisher-location":"New York, NY, USA","reference-count":40,"publisher":"ACM","license":[{"start":{"date-parts":[[2010,4,26]],"date-time":"2010-04-26T00:00:00Z","timestamp":1272240000000},"content-version":"vor","delay-in-days":0,"URL":"https:\/\/www.acm.org\/publications\/policies\/copyright_policy#Background"}],"content-domain":{"domain":["dl.acm.org"],"crossmark-restriction":true},"short-container-title":[],"published-print":{"date-parts":[[2010,4,26]]},"DOI":"10.1145\/1772690.1772720","type":"proceedings-article","created":{"date-parts":[[2010,4,27]],"date-time":"2010-04-27T12:45:48Z","timestamp":1272372348000},"page":"281-290","update-policy":"https:\/\/doi.org\/10.1145\/crossmark-policy","source":"Crossref","is-referenced-by-count":376,"title":["Detection and analysis of drive-by-download attacks and malicious JavaScript code"],"prefix":"10.1145","author":[{"given":"Marco","family":"Cova","sequence":"first","affiliation":[{"name":"University of California, Santa Barbara, Santa Barbara, CA, USA"}]},{"given":"Christopher","family":"Kruegel","sequence":"additional","affiliation":[{"name":"University of California, Santa Barbara, Santa Barbara, CA, USA"}]},{"given":"Giovanni","family":"Vigna","sequence":"additional","affiliation":[{"name":"University of California, Santa Barbara, Santa Barbara, CA, USA"}]}],"member":"320","published-online":{"date-parts":[[2010,4,26]]},"reference":[{"key":"e_1_3_2_1_1_1","unstructured":"Andre L. IE 0day exploit domains. http:\/\/isc.sans.org\/diary.html?storyid=6739 2009.  Andre L. IE 0day exploit domains. http:\/\/isc.sans.org\/diary.html?storyid=6739 2009."},{"key":"e_1_3_2_1_2_1","unstructured":"ClamAV. Clam AntiVirus. http:\/\/www.clamav.net\/.  ClamAV. Clam AntiVirus. http:\/\/www.clamav.net\/."},{"key":"e_1_3_2_1_3_1","unstructured":"D. De Beer. Detecting VMware with JavaScript. http:\/\/carnal0wnage.blogspot.com\/2009\/04\/ 2009.  D. De Beer. Detecting VMware with JavaScript. http:\/\/carnal0wnage.blogspot.com\/2009\/04\/ 2009."},{"key":"e_1_3_2_1_4_1","doi-asserted-by":"publisher","DOI":"10.5555\/1496702.1496703"},{"key":"e_1_3_2_1_5_1","doi-asserted-by":"publisher","DOI":"10.1109\/TSE.1987.232894"},{"key":"e_1_3_2_1_6_1","doi-asserted-by":"publisher","DOI":"10.1007\/978-3-642-02918-9_6"},{"key":"e_1_3_2_1_7_1","unstructured":"B. Feinstein and D. Peck. Caffeine Monkey. http:\/\/www.secureworks.com\/research\/tools\/caffeinemonkey.html.  B. Feinstein and D. Peck. Caffeine Monkey. http:\/\/www.secureworks.com\/research\/tools\/caffeinemonkey.html."},{"key":"e_1_3_2_1_8_1","volume-title":"Proceedings of DefCon 16","author":"Frei S.","year":"2008"},{"key":"e_1_3_2_1_9_1","unstructured":"Gargoyle Software Inc. HtmlUnit. http:\/\/htmlunit.sourceforge.net\/.  Gargoyle Software Inc. HtmlUnit. http:\/\/htmlunit.sourceforge.net\/."},{"key":"e_1_3_2_1_10_1","unstructured":"D. Goodin. Department of Homeland Security website hacked! http:\/\/www.theregister.co.uk\/2008\/04\/25\/mass_web_attack_grows\/ 2008.  D. Goodin. Department of Homeland Security website hacked! http:\/\/www.theregister.co.uk\/2008\/04\/25\/mass_web_attack_grows\/ 2008."},{"key":"e_1_3_2_1_11_1","unstructured":"D. Goodin. SQL injection taints BusinessWeek.com. http:\/\/www.theregister.co.uk\/2008\/09\/16\/businessweek_hacked\/ 2008.  D. Goodin. SQL injection taints BusinessWeek.com. http:\/\/www.theregister.co.uk\/2008\/09\/16\/businessweek_hacked\/ 2008."},{"key":"e_1_3_2_1_12_1","unstructured":"D. Goodin. Exploit code for potent IE zero-day bug goes wild. http:\/\/www.theregister.co.uk\/2010\/01\/15\/ie_zero_day_exploit_goes_wild\/print.html 2010.  D. Goodin. Exploit code for potent IE zero-day bug goes wild. http:\/\/www.theregister.co.uk\/2010\/01\/15\/ie_zero_day_exploit_goes_wild\/print.html 2010."},{"key":"e_1_3_2_1_13_1","unstructured":"Google. Safe Browsing API. http:\/\/code.google.com\/apis\/safebrowsing\/.  Google. Safe Browsing API. http:\/\/code.google.com\/apis\/safebrowsing\/."},{"key":"e_1_3_2_1_14_1","volume-title":"Proceedings of Sicherheit, Schutz und Zuverl\u00e4ssigkeit","author":"Ikinci A.","year":"2008"},{"key":"e_1_3_2_1_15_1","volume-title":"IBM","year":"2008"},{"key":"e_1_3_2_1_16_1","doi-asserted-by":"publisher","DOI":"10.1145\/948109.948144"},{"key":"e_1_3_2_1_17_1","doi-asserted-by":"publisher","DOI":"10.1016\/j.comnet.2005.01.009"},{"key":"e_1_3_2_1_18_1","unstructured":"MITRE Corporation. Common Vulnerabilities and Exposures (CVE). http:\/\/cve.mitre.org\/.  MITRE Corporation. Common Vulnerabilities and Exposures (CVE). http:\/\/cve.mitre.org\/."},{"key":"e_1_3_2_1_19_1","doi-asserted-by":"publisher","DOI":"10.1109\/SP.2007.17"},{"key":"e_1_3_2_1_20_1","volume-title":"Proceedings of the USENIX Security Symposium","author":"Moshchuk A.","year":"2007"},{"key":"e_1_3_2_1_21_1","volume-title":"Proceedings of the Symposium on Network and Distributed System Security","author":"Moshchuk A.","year":"2006"},{"key":"e_1_3_2_1_22_1","unstructured":"Mozilla.org. Rhino: JavaScript for Java. http:\/\/www.mozilla.org\/rhino\/.  Mozilla.org. Rhino: JavaScript for Java. http:\/\/www.mozilla.org\/rhino\/."},{"key":"e_1_3_2_1_23_1","volume-title":"PhoneyC: A Virtual Client Honeypot. In Proceedings of the USENIX Workshop on Large-Scale Exploits and Emergent Threats","author":"Nazario J.","year":"2009"},{"key":"e_1_3_2_1_24_1","unstructured":"New Zealand Honeynet Project. Know Your Enemy: Malicious Web Servers. http:\/\/www.honeynet.org\/papers\/mws 2007.  New Zealand Honeynet Project. Know Your Enemy: Malicious Web Servers. http:\/\/www.honeynet.org\/papers\/mws 2007."},{"key":"e_1_3_2_1_25_1","unstructured":"C. Pederick. User Agent Switcher Firefox Plugin. https:\/\/addons.mozilla.org\/en-US\/firefox\/addon\/59.  C. Pederick. User Agent Switcher Firefox Plugin. https:\/\/addons.mozilla.org\/en-US\/firefox\/addon\/59."},{"key":"e_1_3_2_1_26_1","volume-title":"Proceedings of the USENIX Workshop on Large-Scale Exploits and Emergent Threats","author":"Polychronakis M.","year":"2008"},{"key":"e_1_3_2_1_27_1","unstructured":"N. Provos. SpyBye. http:\/\/code.google.com\/p\/spybye.  N. Provos. SpyBye. http:\/\/code.google.com\/p\/spybye."},{"key":"e_1_3_2_1_28_1","volume-title":"Proceedings of the USENIX Security Symposium","author":"Provos N.","year":"2008"},{"key":"e_1_3_2_1_29_1","doi-asserted-by":"publisher","DOI":"10.5555\/1323128.1323132"},{"key":"e_1_3_2_1_30_1","volume-title":"Proceedings of the USENIX Security Symposium","author":"Ratanaworabhan P.","year":"2009"},{"key":"e_1_3_2_1_31_1","volume-title":"Snort - Lightweight Intrusion Detection for Networks. In Proceedings of the USENIX Conference on System Administration","author":"Roesch M.","year":"1999"},{"key":"e_1_3_2_1_32_1","doi-asserted-by":"publisher","DOI":"10.1109\/LCN.2008.4664306"},{"key":"e_1_3_2_1_33_1","unstructured":"SkyLined. Internet Explorer IFRAME src&name parameter BoF remote compromise. http:\/\/www.edup.tudelft.nl\/~bjwever\/advisory_iframe.html.php 2004.  SkyLined. Internet Explorer IFRAME src&name parameter BoF remote compromise. http:\/\/www.edup.tudelft.nl\/~bjwever\/advisory_iframe.html.php 2004."},{"key":"e_1_3_2_1_34_1","volume-title":"Black Hat Europe","author":"Sotirov A.","year":"2007"},{"key":"e_1_3_2_1_35_1","volume-title":"Black Hat","author":"Sotirov A.","year":"2008"},{"key":"e_1_3_2_1_36_1","unstructured":"SpamCop. SpamCop.net. http:\/\/www.spamcop.net\/ 2008.  SpamCop. SpamCop.net. http:\/\/www.spamcop.net\/ 2008."},{"key":"e_1_3_2_1_37_1","unstructured":"The Honeynet Project. Capture-HPC. https:\/\/projects.honeynet.org\/capture-hpc.  The Honeynet Project. Capture-HPC. https:\/\/projects.honeynet.org\/capture-hpc."},{"key":"e_1_3_2_1_38_1","doi-asserted-by":"publisher","DOI":"10.1145\/586110.586145"},{"key":"e_1_3_2_1_39_1","volume-title":"Proceedings of the Symposium on Network and Distributed System Security","author":"Wang Y.-M.","year":"2006"},{"key":"e_1_3_2_1_40_1","doi-asserted-by":"publisher","DOI":"10.5555\/1776434.1776451"}],"event":{"name":"WWW '10: The 19th International World Wide Web Conference","location":"Raleigh North Carolina USA","acronym":"WWW '10"},"container-title":["Proceedings of the 19th international conference on World wide web"],"original-title":[],"link":[{"URL":"https:\/\/dl.acm.org\/doi\/10.1145\/1772690.1772720","content-type":"unspecified","content-version":"vor","intended-application":"text-mining"},{"URL":"https:\/\/dl.acm.org\/doi\/pdf\/10.1145\/1772690.1772720","content-type":"unspecified","content-version":"vor","intended-application":"similarity-checking"}],"deposited":{"date-parts":[[2025,6,18]],"date-time":"2025-06-18T20:26:28Z","timestamp":1750278388000},"score":1,"resource":{"primary":{"URL":"https:\/\/dl.acm.org\/doi\/10.1145\/1772690.1772720"}},"subtitle":[],"short-title":[],"issued":{"date-parts":[[2010,4,26]]},"references-count":40,"alternative-id":["10.1145\/1772690.1772720","10.1145\/1772690"],"URL":"https:\/\/doi.org\/10.1145\/1772690.1772720","relation":{},"subject":[],"published":{"date-parts":[[2010,4,26]]},"assertion":[{"value":"2010-04-26","order":2,"name":"published","label":"Published","group":{"name":"publication_history","label":"Publication History"}}]}}