{"status":"ok","message-type":"work","message-version":"1.0.0","message":{"indexed":{"date-parts":[[2026,1,9]],"date-time":"2026-01-09T19:52:53Z","timestamp":1767988373312,"version":"3.49.0"},"publisher-location":"New York, NY, USA","reference-count":27,"publisher":"ACM","license":[{"start":{"date-parts":[[2011,12,5]],"date-time":"2011-12-05T00:00:00Z","timestamp":1323043200000},"content-version":"vor","delay-in-days":0,"URL":"https:\/\/www.acm.org\/publications\/policies\/copyright_policy#Background"}],"content-domain":{"domain":["dl.acm.org"],"crossmark-restriction":true},"short-container-title":[],"published-print":{"date-parts":[[2011,12,5]]},"DOI":"10.1145\/2076732.2076785","type":"proceedings-article","created":{"date-parts":[[2011,12,13]],"date-time":"2011-12-13T15:46:00Z","timestamp":1323791160000},"page":"373-382","update-policy":"https:\/\/doi.org\/10.1145\/crossmark-policy","source":"Crossref","is-referenced-by-count":108,"title":["Static detection of malicious JavaScript-bearing PDF documents"],"prefix":"10.1145","author":[{"given":"Pavel","family":"Laskov","sequence":"first","affiliation":[{"name":"University of T\u00fcbingen, Sand, T\u00fcbingen, Germany"}],"role":[{"role":"author","vocabulary":"crossref"}]},{"given":"Nedim","family":"\u0160rndi\u0107","sequence":"additional","affiliation":[{"name":"University of T\u00fcbingen, Sand, T\u00fcbingen, Germany"}],"role":[{"role":"author","vocabulary":"crossref"}]}],"member":"320","published-online":{"date-parts":[[2011,12,5]]},"reference":[{"key":"e_1_3_2_1_1_1","volume-title":"Symantec","year":"2010","unstructured":"Internet security threat report . Symantec , 2010 . Internet security threat report. Symantec, 2010."},{"key":"e_1_3_2_1_2_1","unstructured":"APSB11-03. http:\/\/www.adobe.com\/support\/security\/-bulletins\/apsb11-03.html.  APSB11-03. http:\/\/www.adobe.com\/support\/security\/-bulletins\/apsb11-03.html."},{"key":"e_1_3_2_1_3_1","unstructured":"APSB11-08. http:\/\/www.adobe.com\/support\/security\/-bulletins\/apsb11-08.html.  APSB11-08. http:\/\/www.adobe.com\/support\/security\/-bulletins\/apsb11-08.html."},{"key":"e_1_3_2_1_4_1","doi-asserted-by":"publisher","DOI":"10.1007\/s10994-010-5188-5"},{"key":"e_1_3_2_1_5_1","doi-asserted-by":"publisher","DOI":"10.1145\/1963405.1963436"},{"key":"e_1_3_2_1_6_1","doi-asserted-by":"publisher","DOI":"10.1145\/1961189.1961199"},{"key":"e_1_3_2_1_7_1","doi-asserted-by":"publisher","DOI":"10.1145\/1772690.1772720"},{"key":"e_1_3_2_1_8_1","volume-title":"USENIX Security Symposium","author":"Curtsinger C.","year":"2011","unstructured":"C. Curtsinger , B. Livshits , B. Zorn , and C. Seifert . ZOZZLE: Fast and precise in-browser javascript malware detection . In USENIX Security Symposium , 2011 . to appear. C. Curtsinger, B. Livshits, B. Zorn, and C. Seifert. ZOZZLE: Fast and precise in-browser javascript malware detection. In USENIX Security Symposium, 2011. to appear."},{"key":"e_1_3_2_1_9_1","doi-asserted-by":"publisher","DOI":"10.1145\/1774088.1774482"},{"key":"e_1_3_2_1_10_1","volume-title":"Virus Bulletin International Conference","author":"Engelberth M.","year":"2009","unstructured":"M. Engelberth , C. Willems , and H. T. MalOffice -- analysis of various application data files . In Virus Bulletin International Conference , 2009 . M. Engelberth, C. Willems, and H. T. MalOffice -- analysis of various application data files. In Virus Bulletin International Conference, 2009."},{"key":"e_1_3_2_1_11_1","volume-title":"Black Hat USA","author":"Feinstein B.","year":"2007","unstructured":"B. Feinstein and D. Peck . Caffeine Monkey: Automated collection, detection and analysis of malicious JavaScript . In Black Hat USA , 2007 . B. Feinstein and D. Peck. Caffeine Monkey: Automated collection, detection and analysis of malicious JavaScript. In Black Hat USA, 2007."},{"key":"e_1_3_2_1_12_1","volume-title":"Portable document format malware. Symantec white paper","author":"Itabashi K.","year":"2011","unstructured":"K. Itabashi . Portable document format malware. Symantec white paper , 2011 . K. Itabashi. Portable document format malware. Symantec white paper, 2011."},{"key":"e_1_3_2_1_13_1","doi-asserted-by":"publisher","DOI":"10.1007\/978-3-540-73614-1_14"},{"key":"e_1_3_2_1_14_1","volume-title":"USENIX Workshop on Large-scale Exploits and Emergent Threats (LEET)","author":"Nazario J.","year":"2009","unstructured":"J. Nazario . PhoneyC : a virtual client honeypot . In USENIX Workshop on Large-scale Exploits and Emergent Threats (LEET) , 2009 . J. Nazario. PhoneyC: a virtual client honeypot. In USENIX Workshop on Large-scale Exploits and Emergent Threats (LEET), 2009."},{"key":"e_1_3_2_1_15_1","volume-title":"http:\/\/www.adobe.com\/devnet\/pdf\/pdf_reference.html","author":"Reference PDF","year":"2008","unstructured":"PDF Reference . http:\/\/www.adobe.com\/devnet\/pdf\/pdf_reference.html , 2008 . PDF Reference. http:\/\/www.adobe.com\/devnet\/pdf\/pdf_reference.html, 2008."},{"key":"e_1_3_2_1_16_1","doi-asserted-by":"publisher","DOI":"10.1145\/1920261.1920305"},{"key":"e_1_3_2_1_17_1","first-page":"1","volume-title":"USENIX Security Symposium","author":"Provos N.","year":"2008","unstructured":"N. Provos , P. Mavrommatis , M. Abu Rajab , and F. Monrose . All your iFRAMEs point to us . In USENIX Security Symposium , pages 1 -- 16 , 2008 . N. Provos, P. Mavrommatis, M. Abu Rajab, and F. Monrose. All your iFRAMEs point to us. In USENIX Security Symposium, pages 1--16, 2008."},{"key":"e_1_3_2_1_18_1","first-page":"169","volume-title":"USENIX Security Symposium","author":"Ratanaworabhan P.","year":"2009","unstructured":"P. Ratanaworabhan , B. Livshits , and B. Zorn . NOZZLE: A defense against heap-spraying code injection attacks . In USENIX Security Symposium , pages 169 -- 186 , 2009 . P. Ratanaworabhan, B. Livshits, and B. Zorn. NOZZLE: A defense against heap-spraying code injection attacks. In USENIX Security Symposium, pages 169--186, 2009."},{"key":"e_1_3_2_1_19_1","doi-asserted-by":"publisher","DOI":"10.1145\/1920261.1920267"},{"key":"e_1_3_2_1_20_1","doi-asserted-by":"publisher","DOI":"10.5555\/1390681.1390683"},{"key":"e_1_3_2_1_21_1","doi-asserted-by":"publisher","DOI":"10.1007\/978-3-540-70542-0_5"},{"key":"e_1_3_2_1_22_1","doi-asserted-by":"publisher","DOI":"10.1109\/SP.2010.25"},{"key":"e_1_3_2_1_23_1","doi-asserted-by":"publisher","DOI":"10.1023\/B:MACH.0000008084.60811.49"},{"key":"e_1_3_2_1_24_1","doi-asserted-by":"publisher","DOI":"10.1145\/1972551.1972555"},{"key":"e_1_3_2_1_25_1","volume-title":"Network and Distributed System Security Symposium (NDSS)","author":"Wang Y.-M.","year":"2006","unstructured":"Y.-M. Wang , D. Beck , X. Jiang , R. Roussev , C. Verbowski , S. Chen , and S. King . Automated web patrol with strider honeymonkeys: Finding web sites that exploit browser vulnerabilities . In Network and Distributed System Security Symposium (NDSS) , 2006 . Y.-M. Wang, D. Beck, X. Jiang, R. Roussev, C. Verbowski, S. Chen, and S. King. Automated web patrol with strider honeymonkeys: Finding web sites that exploit browser vulnerabilities. In Network and Distributed System Security Symposium (NDSS), 2006."},{"key":"e_1_3_2_1_26_1","doi-asserted-by":"publisher","DOI":"10.1109\/MSP.2007.45"},{"key":"e_1_3_2_1_27_1","volume-title":"OMG WTF PDF. Chaos Communication Congress (CCC)","author":"Wolf J.","year":"2010","unstructured":"J. Wolf . OMG WTF PDF. Chaos Communication Congress (CCC) , Dec. 2010 . J. Wolf. OMG WTF PDF. Chaos Communication Congress (CCC), Dec. 2010."}],"event":{"name":"ACSAC '11: Annual Computer Security Applications Conference","location":"Orlando Florida USA","acronym":"ACSAC '11","sponsor":["ACSA Applied Computing Security Assoc"]},"container-title":["Proceedings of the 27th Annual Computer Security Applications Conference"],"original-title":[],"link":[{"URL":"https:\/\/dl.acm.org\/doi\/10.1145\/2076732.2076785","content-type":"unspecified","content-version":"vor","intended-application":"text-mining"},{"URL":"https:\/\/dl.acm.org\/doi\/pdf\/10.1145\/2076732.2076785","content-type":"unspecified","content-version":"vor","intended-application":"similarity-checking"}],"deposited":{"date-parts":[[2025,6,18]],"date-time":"2025-06-18T09:54:46Z","timestamp":1750240486000},"score":1,"resource":{"primary":{"URL":"https:\/\/dl.acm.org\/doi\/10.1145\/2076732.2076785"}},"subtitle":[],"short-title":[],"issued":{"date-parts":[[2011,12,5]]},"references-count":27,"alternative-id":["10.1145\/2076732.2076785","10.1145\/2076732"],"URL":"https:\/\/doi.org\/10.1145\/2076732.2076785","relation":{},"subject":[],"published":{"date-parts":[[2011,12,5]]},"assertion":[{"value":"2011-12-05","order":2,"name":"published","label":"Published","group":{"name":"publication_history","label":"Publication History"}}]}}