{"status":"ok","message-type":"work","message-version":"1.0.0","message":{"indexed":{"date-parts":[[2026,5,30]],"date-time":"2026-05-30T13:39:49Z","timestamp":1780148389381,"version":"3.54.0"},"publisher-location":"New York, NY, USA","reference-count":25,"publisher":"ACM","license":[{"start":{"date-parts":[[2012,10,19]],"date-time":"2012-10-19T00:00:00Z","timestamp":1350604800000},"content-version":"vor","delay-in-days":0,"URL":"https:\/\/www.acm.org\/publications\/policies\/copyright_policy#Background"}],"content-domain":{"domain":["dl.acm.org"],"crossmark-restriction":true},"short-container-title":[],"published-print":{"date-parts":[[2012,10,19]]},"DOI":"10.1145\/2381896.2381901","type":"proceedings-article","created":{"date-parts":[[2012,10,19]],"date-time":"2012-10-19T13:41:01Z","timestamp":1350654061000},"page":"15-24","update-policy":"https:\/\/doi.org\/10.1145\/crossmark-policy","source":"Crossref","is-referenced-by-count":19,"title":["Early detection of malicious behavior in JavaScript code"],"prefix":"10.1145","author":[{"given":"Kristof","family":"Sch\u00fctt","sequence":"first","affiliation":[{"name":"Technische Universit\u00e4t Berlin, Berlin, Germany"}],"role":[{"vocabulary":"crossref","role":"author"}]},{"given":"Marius","family":"Kloft","sequence":"additional","affiliation":[{"name":"Technische Universit\u00e4t Berlin, Berlin, Germany"}],"role":[{"vocabulary":"crossref","role":"author"}]},{"given":"Alexander","family":"Bikadorov","sequence":"additional","affiliation":[{"name":"Technische Universit\u00e4t Berlin, Berlin, Germany"}],"role":[{"vocabulary":"crossref","role":"author"}]},{"given":"Konrad","family":"Rieck","sequence":"additional","affiliation":[{"name":"University of G\u00f6ttingen, G\u00f6ttingen, Germany"}],"role":[{"vocabulary":"crossref","role":"author"}]}],"member":"320","published-online":{"date-parts":[[2012,10,19]]},"reference":[{"key":"e_1_3_2_1_1_1","doi-asserted-by":"publisher","DOI":"10.1007\/978-3-642-13241-4_4"},{"key":"e_1_3_2_1_2_1","doi-asserted-by":"publisher","DOI":"10.1145\/1963405.1963436"},{"key":"e_1_3_2_1_3_1","doi-asserted-by":"publisher","DOI":"10.1023\/A:1022627411411"},{"key":"e_1_3_2_1_4_1","doi-asserted-by":"publisher","DOI":"10.1145\/1772690.1772720"},{"key":"e_1_3_2_1_5_1","volume-title":"An Introduction to Support Vector Machines","author":"Cristianini N.","year":"2000","unstructured":"N. Cristianini and J. Shawe-Taylor . An Introduction to Support Vector Machines . Cambridge University Press , Cambridge, UK , 2000 . N. Cristianini and J. Shawe-Taylor. An Introduction to Support Vector Machines. Cambridge University Press, Cambridge, UK, 2000."},{"key":"e_1_3_2_1_6_1","volume-title":"Proc. of USENIX Security Symposium","author":"Curtsinger C.","year":"2011","unstructured":"C. Curtsinger , B. Livshits , B. Zorn , and C. Seifert . Zozzle: Fast and precise in-browser javascript malware detection . In Proc. of USENIX Security Symposium , 2011 . C. Curtsinger, B. Livshits, B. Zorn, and C. Seifert. Zozzle: Fast and precise in-browser javascript malware detection. In Proc. of USENIX Security Symposium, 2011."},{"key":"e_1_3_2_1_7_1","doi-asserted-by":"publisher","DOI":"10.1007\/978-3-642-02918-9_6"},{"key":"e_1_3_2_1_8_1","volume-title":"LIBLINEAR: A library for large linear classification. Journal of Machine Learning Research (JMLR), 9: 1871--1874","author":"Fan R.-E.","year":"2008","unstructured":"R.-E. Fan , K.-W. Chang , C.-J. Hsieh , X.-R. Wang , and C.-J. Lin . LIBLINEAR: A library for large linear classification. Journal of Machine Learning Research (JMLR), 9: 1871--1874 , 2008 . R.-E. Fan, K.-W. Chang, C.-J. Hsieh, X.-R. Wang, and C.-J. Lin. LIBLINEAR: A library for large linear classification. Journal of Machine Learning Research (JMLR), 9: 1871--1874, 2008."},{"key":"e_1_3_2_1_9_1","doi-asserted-by":"publisher","DOI":"10.1007\/978-3-642-23644-0_15"},{"key":"e_1_3_2_1_10_1","first-page":"891","volume-title":"Proc. of Conference \"Sicherheit, Schutz und Zuverl\u00e4ssigkeit\" (SICHERHEIT)","author":"Ikinci A.","year":"2008","unstructured":"A. Ikinci , T. Holz , and F. Freiling . Monkey-spider: Detecting malicious websites with low-interaction honeyclients . In Proc. of Conference \"Sicherheit, Schutz und Zuverl\u00e4ssigkeit\" (SICHERHEIT) , pages 891 -- 898 , 2008 . A. Ikinci, T. Holz, and F. Freiling. Monkey-spider: Detecting malicious websites with low-interaction honeyclients. In Proc. of Conference \"Sicherheit, Schutz und Zuverl\u00e4ssigkeit\" (SICHERHEIT), pages 891--898, 2008."},{"key":"e_1_3_2_1_11_1","doi-asserted-by":"publisher","DOI":"10.1145\/2046684.2046690"},{"key":"e_1_3_2_1_13_1","volume-title":"Proc. of Network and Distributed System Security Symposium (NDSS)","author":"Li Z.","year":"2011","unstructured":"Z. Li , Y. Tang , Y. Cao , V. Rastogi , Y. Chen , B. Liu , and C. Sbisa . WebShield: enabling various web defense techniques without client side modifications . In Proc. of Network and Distributed System Security Symposium (NDSS) , 2011 . Z. Li, Y. Tang, Y. Cao, V. Rastogi, Y. Chen, B. Liu, and C. Sbisa. WebShield: enabling various web defense techniques without client side modifications. In Proc. of Network and Distributed System Security Symposium (NDSS), 2011."},{"key":"e_1_3_2_1_14_1","doi-asserted-by":"publisher","DOI":"10.1145\/1866307.1866356"},{"key":"e_1_3_2_1_15_1","doi-asserted-by":"publisher","DOI":"10.1109\/72.914517"},{"key":"e_1_3_2_1_16_1","volume-title":"Proc. of USENIX Workshop on Large-Scale Exploits and Emergent Threats (LEET)","author":"Nazario J.","year":"2009","unstructured":"J. Nazario . A virtual client honeypot . In Proc. of USENIX Workshop on Large-Scale Exploits and Emergent Threats (LEET) , 2009 . J. Nazario. A virtual client honeypot. In Proc. of USENIX Workshop on Large-Scale Exploits and Emergent Threats (LEET), 2009."},{"key":"e_1_3_2_1_17_1","volume-title":"Proc. of USENIX Security Symposium","author":"Provos N.","year":"2008","unstructured":"N. Provos , P. Mavrommatis , M. A. Rajab , and F. Monrose . All Your iFRAMEs Point to Us . In Proc. of USENIX Security Symposium , 2008 . N. Provos, P. Mavrommatis, M. A. Rajab, and F. Monrose. All Your iFRAMEs Point to Us. In Proc. of USENIX Security Symposium, 2008."},{"key":"e_1_3_2_1_18_1","volume-title":"Proc. of USENIX Security Symposium","author":"Ratanaworabhan P.","year":"2009","unstructured":"P. Ratanaworabhan , B. Livshits , and B. Zorn . Nozzle: A defense against heap-spraying code injection attacks . In Proc. of USENIX Security Symposium , 2009 . P. Ratanaworabhan, B. Livshits, and B. Zorn. Nozzle: A defense against heap-spraying code injection attacks. In Proc. of USENIX Security Symposium, 2009."},{"key":"e_1_3_2_1_19_1","doi-asserted-by":"publisher","DOI":"10.5555\/1390681.1390683"},{"key":"e_1_3_2_1_20_1","doi-asserted-by":"publisher","DOI":"10.1145\/1920261.1920267"},{"key":"e_1_3_2_1_21_1","volume-title":"Learning with kernels: Support vector machines, regularization, optimization, and beyond. the MIT Press","author":"Sch\u00f6lkopf B.","year":"2002","unstructured":"B. Sch\u00f6lkopf and A. Smola . Learning with kernels: Support vector machines, regularization, optimization, and beyond. the MIT Press , 2002 . B. Sch\u00f6lkopf and A. Smola. Learning with kernels: Support vector machines, regularization, optimization, and beyond. the MIT Press, 2002."},{"key":"e_1_3_2_1_22_1","volume-title":"Capture - honeypot client (Capture-HPC)","author":"Seifert C.","year":"2006","unstructured":"C. Seifert and R. Steenson . Capture - honeypot client (Capture-HPC) . Victoria University of Wellington , NZ , https:\/\/projects.honeynet.org\/capture-hpc, 2006 . C. Seifert and R. Steenson. Capture - honeypot client (Capture-HPC). Victoria University of Wellington, NZ, https:\/\/projects.honeynet.org\/capture-hpc, 2006."},{"key":"e_1_3_2_1_23_1","volume-title":"Support Vector Maschines and other kernel-based learning methods","author":"Shawe-Taylor J.","year":"2000","unstructured":"J. Shawe-Taylor and N. Cristianini . Support Vector Maschines and other kernel-based learning methods . Cambridge University Press , 2000 . J. Shawe-Taylor and N. Cristianini. Support Vector Maschines and other kernel-based learning methods. Cambridge University Press, 2000."},{"key":"e_1_3_2_1_24_1","volume-title":"Symantec Internet Security Threat Report: Trends for","year":"2010","unstructured":"Symantec. Symantec Internet Security Threat Report: Trends for 2010 . Vol. 16 , Symantec, Inc. , 2011. Symantec. Symantec Internet Security Threat Report: Trends for 2010. Vol. 16, Symantec, Inc., 2011."},{"key":"e_1_3_2_1_25_1","doi-asserted-by":"publisher","DOI":"10.5555\/211359"},{"key":"e_1_3_2_1_26_1","volume-title":"Proc. of Network and Distributed System Security Symposium (NDSS)","author":"Wang Y.-M.","year":"2006","unstructured":"Y.-M. Wang , D. Beck , X. Jiang , R. Roussev , C. Verbowski , S. Chen , and S. T. King . Automated web patrol with strider honeymonkeys: Finding web sites that exploit browser vulnerabilities . In Proc. of Network and Distributed System Security Symposium (NDSS) , 2006 . Y.-M. Wang, D. Beck, X. Jiang, R. Roussev, C. Verbowski, S. Chen, and S. T. King. Automated web patrol with strider honeymonkeys: Finding web sites that exploit browser vulnerabilities. In Proc. of Network and Distributed System Security Symposium (NDSS), 2006."}],"event":{"name":"CCS'12: the ACM Conference on Computer and Communications Security","location":"Raleigh North Carolina USA","acronym":"CCS'12","sponsor":["SIGSAC ACM Special Interest Group on Security, Audit, and Control"]},"container-title":["Proceedings of the 5th ACM workshop on Security and artificial intelligence"],"original-title":[],"link":[{"URL":"https:\/\/dl.acm.org\/doi\/10.1145\/2381896.2381901","content-type":"unspecified","content-version":"vor","intended-application":"text-mining"},{"URL":"https:\/\/dl.acm.org\/doi\/pdf\/10.1145\/2381896.2381901","content-type":"unspecified","content-version":"vor","intended-application":"similarity-checking"}],"deposited":{"date-parts":[[2025,6,18]],"date-time":"2025-06-18T09:34:46Z","timestamp":1750239286000},"score":1,"resource":{"primary":{"URL":"https:\/\/dl.acm.org\/doi\/10.1145\/2381896.2381901"}},"subtitle":[],"short-title":[],"issued":{"date-parts":[[2012,10,19]]},"references-count":25,"alternative-id":["10.1145\/2381896.2381901","10.1145\/2381896"],"URL":"https:\/\/doi.org\/10.1145\/2381896.2381901","relation":{},"subject":[],"published":{"date-parts":[[2012,10,19]]},"assertion":[{"value":"2012-10-19","order":2,"name":"published","label":"Published","group":{"name":"publication_history","label":"Publication History"}}]}}