{"status":"ok","message-type":"work","message-version":"1.0.0","message":{"indexed":{"date-parts":[[2026,2,19]],"date-time":"2026-02-19T15:15:23Z","timestamp":1771514123507,"version":"3.50.1"},"publisher-location":"New York, NY, USA","reference-count":28,"publisher":"ACM","license":[{"start":{"date-parts":[[2011,10,21]],"date-time":"2011-10-21T00:00:00Z","timestamp":1319155200000},"content-version":"vor","delay-in-days":0,"URL":"https:\/\/www.acm.org\/publications\/policies\/copyright_policy#Background"}],"content-domain":{"domain":["dl.acm.org"],"crossmark-restriction":true},"short-container-title":[],"published-print":{"date-parts":[[2011,10,21]]},"DOI":"10.1145\/2046684.2046690","type":"proceedings-article","created":{"date-parts":[[2011,10,25]],"date-time":"2011-10-25T12:23:06Z","timestamp":1319545386000},"page":"31-42","update-policy":"https:\/\/doi.org\/10.1145\/crossmark-policy","source":"Crossref","is-referenced-by-count":5,"title":["ZDVUE"],"prefix":"10.1145","author":[{"given":"Sandeep","family":"Karanth","sequence":"first","affiliation":[{"name":"Microsoft Research India, Bangalore, India"}],"role":[{"role":"author","vocabulary":"crossref"}]},{"given":"Srivatsan","family":"Laxman","sequence":"additional","affiliation":[{"name":"Microsoft Research India, Bangalore, India"}],"role":[{"role":"author","vocabulary":"crossref"}]},{"given":"Prasad","family":"Naldurg","sequence":"additional","affiliation":[{"name":"Microsoft Research India, Bangalore, India"}],"role":[{"role":"author","vocabulary":"crossref"}]},{"given":"Ramarathnam","family":"Venkatesan","sequence":"additional","affiliation":[{"name":"Microsoft Research India, Bangalore, India"}],"role":[{"role":"author","vocabulary":"crossref"}]},{"given":"J.","family":"Lambert","sequence":"additional","affiliation":[{"name":"Microsoft Corporation, Redmond, WA, USA"}],"role":[{"role":"author","vocabulary":"crossref"}]},{"given":"Jinwook","family":"Shin","sequence":"additional","affiliation":[{"name":"Microsoft Corporation, Redmond, WA, USA"}],"role":[{"role":"author","vocabulary":"crossref"}]}],"member":"320","published-online":{"date-parts":[[2011,10,21]]},"reference":[{"key":"e_1_3_2_1_1_1","doi-asserted-by":"publisher","DOI":"10.1145\/170035.170072"},{"key":"e_1_3_2_1_3_1","doi-asserted-by":"publisher","DOI":"10.1145\/1963405.1963436"},{"key":"e_1_3_2_1_4_1","volume-title":"Sept.","author":"CAPTURE.","year":"2008","unstructured":"CAPTURE. The honeynet project , Sept. 2008 . https:\/\/projects.honeynet.org\/capture-hpc. CAPTURE. The honeynet project, Sept. 2008. https:\/\/projects.honeynet.org\/capture-hpc."},{"key":"e_1_3_2_1_5_1","doi-asserted-by":"publisher","DOI":"10.1145\/1542476.1542483"},{"key":"e_1_3_2_1_6_1","doi-asserted-by":"publisher","DOI":"10.1145\/1772690.1772720"},{"key":"e_1_3_2_1_7_1","volume-title":"Proceedings of the Usenix Security Symposium (Aug.","author":"Curtsinger C.","year":"2011","unstructured":"Curtsinger , C. , Livshits , B. , Zorn , B. , and Seifert , C . Zozzle: Low-overhead mostly static JavaScript malware detection . In Proceedings of the Usenix Security Symposium (Aug. 2011 ). Curtsinger, C., Livshits, B., Zorn, B., and Seifert, C. Zozzle: Low-overhead mostly static JavaScript malware detection. In Proceedings of the Usenix Security Symposium (Aug. 2011)."},{"key":"e_1_3_2_1_8_1","doi-asserted-by":"publisher","DOI":"10.1109\/ACSAC.2009.43"},{"key":"e_1_3_2_1_9_1","volume-title":"Proceedings of the USENIX Security Symposium","author":"Felmetsger V.","year":"2010","unstructured":"Felmetsger , V. , Cavedon , L. , Kruegel , C. , and Vigna , G . Toward automated detection of logic vulnerabilities in web applications . In Proceedings of the USENIX Security Symposium ( Washington, DC , August 2010 ). Felmetsger, V., Cavedon, L., Kruegel, C., and Vigna, G. Toward automated detection of logic vulnerabilities in web applications. In Proceedings of the USENIX Security Symposium (Washington, DC, August 2010)."},{"key":"e_1_3_2_1_10_1","doi-asserted-by":"publisher","DOI":"10.1145\/1315245.1315292"},{"key":"e_1_3_2_1_11_1","volume-title":"Proceedings of the Usenix Security Symposium (Aug.","author":"Guarnieri S.","year":"2009","unstructured":"Guarnieri , S. , and Livshits , B . Gatekeeper: Mostly static enforcement of security and reliability policies for javascript code . In Proceedings of the Usenix Security Symposium (Aug. 2009 ). Guarnieri, S., and Livshits, B. Gatekeeper: Mostly static enforcement of security and reliability policies for javascript code. In Proceedings of the Usenix Security Symposium (Aug. 2009)."},{"key":"e_1_3_2_1_12_1","doi-asserted-by":"publisher","DOI":"10.1109\/FOCS.2006.33"},{"key":"e_1_3_2_1_13_1","doi-asserted-by":"publisher","DOI":"10.1109\/ICDM.2007.83"},{"key":"e_1_3_2_1_14_1","doi-asserted-by":"publisher","DOI":"10.1109\/SP.2009.33"},{"key":"e_1_3_2_1_15_1","doi-asserted-by":"publisher","DOI":"10.1109\/CSF.2009.11"},{"key":"e_1_3_2_1_16_1","doi-asserted-by":"crossref","DOI":"10.1007\/1-84628-253-5","volume-title":"Machine Learning and Data Mining for Computer Security: Methods and Applications (Advanced Information and Knowledge Processing)","author":"Maloof M. A.","year":"2006","unstructured":"Maloof , M. A. Machine Learning and Data Mining for Computer Security: Methods and Applications (Advanced Information and Knowledge Processing) . Springer-Verlag New York, Inc. , Secaucus, NJ, USA , 2006 . Maloof, M. A. Machine Learning and Data Mining for Computer Security: Methods and Applications (Advanced Information and Knowledge Processing). Springer-Verlag New York, Inc., Secaucus, NJ, USA, 2006."},{"key":"e_1_3_2_1_17_1","volume-title":"In Sixth Workshop on the Economics of Information Security","author":"Miller C.","year":"2007","unstructured":"Miller , C. The legitimate vulnerability market: Inside the secretive world of 0-day exploit sales . In In Sixth Workshop on the Economics of Information Security ( 2007 ). Miller, C. The legitimate vulnerability market: Inside the secretive world of 0-day exploit sales. In In Sixth Workshop on the Economics of Information Security (2007)."},{"key":"e_1_3_2_1_18_1","unstructured":"Mitre. Common vulnerabilities and exposures database. http:\/\/cve.mitre.org\/.  Mitre. Common vulnerabilities and exposures database. http:\/\/cve.mitre.org\/."},{"key":"e_1_3_2_1_19_1","volume-title":"SS'07: Proceedings of 16th USENIX Security Symposium on USENIX Security Symposium","author":"Moshchuk A.","year":"2007","unstructured":"Moshchuk , A. , Bragin , T. , Deville , D. , Gribble , S. D. , and Levy , H. M . Spyproxy: execution-based detection of malicious web content . In SS'07: Proceedings of 16th USENIX Security Symposium on USENIX Security Symposium ( Berkeley, CA, USA , 2007 ), USENIX Association, pp. 1--16. Moshchuk, A., Bragin, T., Deville, D., Gribble, S. D., and Levy, H. M. Spyproxy: execution-based detection of malicious web content. In SS'07: Proceedings of 16th USENIX Security Symposium on USENIX Security Symposium (Berkeley, CA, USA, 2007), USENIX Association, pp. 1--16."},{"key":"e_1_3_2_1_20_1","volume-title":"NDSS","author":"Moshchuk E.","year":"2006","unstructured":"Moshchuk , E. , Bragin , T. , Gribble , S. D. , and Levy , H. M . A crawler-based study of spyware on the web . In NDSS ( 2006 ). Moshchuk, E., Bragin, T., Gribble, S. D., and Levy, H. M. A crawler-based study of spyware on the web. In NDSS (2006)."},{"key":"e_1_3_2_1_21_1","doi-asserted-by":"publisher","DOI":"10.1145\/1218063.1217938"},{"key":"e_1_3_2_1_22_1","doi-asserted-by":"publisher","DOI":"10.5555\/1496711.1496712"},{"key":"e_1_3_2_1_23_1","volume-title":"Proceedings of the Usenix Security Symposium (Aug.","author":"Ratanaworabhan P.","year":"2009","unstructured":"Ratanaworabhan , P. , Livshits , B. , and Zorn , B . Nozzle: A defense against heap-spraying code injection attacks . In Proceedings of the Usenix Security Symposium (Aug. 2009 ). Ratanaworabhan, P., Livshits, B., and Zorn, B. Nozzle: A defense against heap-spraying code injection attacks. In Proceedings of the Usenix Security Symposium (Aug. 2009)."},{"key":"e_1_3_2_1_24_1","doi-asserted-by":"publisher","DOI":"10.1145\/1920261.1920267"},{"key":"e_1_3_2_1_25_1","unstructured":"SANS. The top cyber security risks 2009 Sept. 2009. http:\/\/www.sans.org\/top-cyber-security-risks\/.  SANS. The top cyber security risks 2009 Sept. 2009. http:\/\/www.sans.org\/top-cyber-security-risks\/."},{"key":"e_1_3_2_1_26_1","unstructured":"Tipping-Point. The zero day initiative. http:\/\/www.zerodayinitiative.com\/.  Tipping-Point. The zero day initiative. http:\/\/www.zerodayinitiative.com\/."},{"key":"e_1_3_2_1_27_1","volume-title":"Proceedings of the 13th Annual Symposium on Network and Distributed System security (NDSS'06)","author":"Wang Y.-M.","year":"2006","unstructured":"Wang , Y.-M. , Beck , D. , Jian , X. , and Roussev , R . Automated web patrol: Finding web sites that exploit browser vulnerabilities . In Proceedings of the 13th Annual Symposium on Network and Distributed System security (NDSS'06) , San Diego, USA ( 2006 ). Wang, Y.-M., Beck, D., Jian, X., and Roussev, R. Automated web patrol: Finding web sites that exploit browser vulnerabilities. In Proceedings of the 13th Annual Symposium on Network and Distributed System security (NDSS'06), San Diego, USA (2006)."},{"key":"e_1_3_2_1_28_1","volume-title":"NDSS","author":"Wang Y.-M.","year":"2006","unstructured":"Wang , Y.-M. , Beck , D. , Jiang , X. , and Roussev , R . Automated web patrol with strider honeymonkeys: Finding web sites that exploit browser vulnerabilities . In NDSS ( 2006 ). Wang, Y.-M., Beck, D., Jiang, X., and Roussev, R. Automated web patrol with strider honeymonkeys: Finding web sites that exploit browser vulnerabilities. In NDSS (2006)."},{"key":"e_1_3_2_1_29_1","unstructured":"Wired.com. Threat level privacy crime and security online previous post next post hack of google adobe conducted through zero-day ie flaw. http:\/\/www.wired.com\/threatlevel\/2010\/01\/hack-of-adob.  Wired.com. Threat level privacy crime and security online previous post next post hack of google adobe conducted through zero-day ie flaw. http:\/\/www.wired.com\/threatlevel\/2010\/01\/hack-of-adob."}],"event":{"name":"CCS'11: the ACM Conference on Computer and Communications Security","location":"Chicago Illinois USA","acronym":"CCS'11","sponsor":["SIGSAC ACM Special Interest Group on Security, Audit, and Control"]},"container-title":["Proceedings of the 4th ACM workshop on Security and artificial intelligence"],"original-title":[],"link":[{"URL":"https:\/\/dl.acm.org\/doi\/10.1145\/2046684.2046690","content-type":"unspecified","content-version":"vor","intended-application":"text-mining"},{"URL":"https:\/\/dl.acm.org\/doi\/pdf\/10.1145\/2046684.2046690","content-type":"unspecified","content-version":"vor","intended-application":"similarity-checking"}],"deposited":{"date-parts":[[2025,6,18]],"date-time":"2025-06-18T09:48:42Z","timestamp":1750240122000},"score":1,"resource":{"primary":{"URL":"https:\/\/dl.acm.org\/doi\/10.1145\/2046684.2046690"}},"subtitle":["prioritization of javascript attacks to discover new vulnerabilities"],"short-title":[],"issued":{"date-parts":[[2011,10,21]]},"references-count":28,"alternative-id":["10.1145\/2046684.2046690","10.1145\/2046684"],"URL":"https:\/\/doi.org\/10.1145\/2046684.2046690","relation":{},"subject":[],"published":{"date-parts":[[2011,10,21]]},"assertion":[{"value":"2011-10-21","order":2,"name":"published","label":"Published","group":{"name":"publication_history","label":"Publication History"}}]}}