{"status":"ok","message-type":"work","message-version":"1.0.0","message":{"indexed":{"date-parts":[[2025,6,19]],"date-time":"2025-06-19T04:17:14Z","timestamp":1750306634176,"version":"3.41.0"},"publisher-location":"New York, NY, USA","reference-count":23,"publisher":"ACM","license":[{"start":{"date-parts":[[2014,6,4]],"date-time":"2014-06-04T00:00:00Z","timestamp":1401840000000},"content-version":"vor","delay-in-days":0,"URL":"https:\/\/www.acm.org\/publications\/policies\/copyright_policy#Background"}],"content-domain":{"domain":["dl.acm.org"],"crossmark-restriction":true},"short-container-title":[],"published-print":{"date-parts":[[2014,6,4]]},"DOI":"10.1145\/2590296.2590311","type":"proceedings-article","created":{"date-parts":[[2014,5,30]],"date-time":"2014-05-30T18:18:31Z","timestamp":1401473911000},"page":"525-530","update-policy":"https:\/\/doi.org\/10.1145\/crossmark-policy","source":"Crossref","is-referenced-by-count":11,"title":["Monkey-in-the-browser"],"prefix":"10.1145","author":[{"given":"Steven","family":"Van Acker","sequence":"first","affiliation":[{"name":"iMinds-DistriNet, KU Leuven, Leuven, Belgium"}]},{"given":"Nick","family":"Nikiforakis","sequence":"additional","affiliation":[{"name":"iMinds-DistriNet, KU Leuven, Leuven, Belgium"}]},{"given":"Lieven","family":"Desmet","sequence":"additional","affiliation":[{"name":"iMinds-DistriNet, KU Leuven, Leuven, Belgium"}]},{"given":"Frank","family":"Piessens","sequence":"additional","affiliation":[{"name":"iMinds-DistriNet, KU Leuven, Leuven, Belgium"}]},{"given":"Wouter","family":"Joosen","sequence":"additional","affiliation":[{"name":"iMinds-DistriNet, KU Leuven, Leuven, Belgium"}]}],"member":"320","published-online":{"date-parts":[[2014,6,4]]},"reference":[{"key":"e_1_3_2_1_1_1","doi-asserted-by":"publisher","DOI":"10.1145\/2420950.2420952"},{"key":"e_1_3_2_1_2_1","first-page":"339","volume-title":"USENIX Security Symposium","author":"Bandhakavi S.","year":"2010","unstructured":"S. Bandhakavi , S. T. King , P. Madhusudan , and M. Winslett . Vex: Vetting browser extensions for security vulnerabilities . In USENIX Security Symposium , pages 339 -- 354 . USENIX Association , 2010 . S. Bandhakavi, S. T. King, P. Madhusudan, and M. Winslett. Vex: Vetting browser extensions for security vulnerabilities. In USENIX Security Symposium, pages 339--354. USENIX Association, 2010."},{"key":"e_1_3_2_1_3_1","volume-title":"Protecting browsers from extension vulnerabilities","author":"Barth A.","year":"2010","unstructured":"A. Barth , A. P. Felt , P. Saxena , and A. Boodman . Protecting browsers from extension vulnerabilities . In NDSS. The Internet Society , 2010 . A. Barth, A. P. Felt, P. Saxena, and A. Boodman. Protecting browsers from extension vulnerabilities. In NDSS. The Internet Society, 2010."},{"key":"e_1_3_2_1_4_1","unstructured":"Match Patterns - Google Chrome. https:\/\/developer.chrome.com\/extensions\/match_patterns.html.  Match Patterns - Google Chrome. https:\/\/developer.chrome.com\/extensions\/match_patterns.html."},{"key":"e_1_3_2_1_5_1","doi-asserted-by":"publisher","DOI":"10.1145\/1772690.1772720"},{"key":"e_1_3_2_1_6_1","first-page":"3","volume-title":"Proceedings of the 20th USENIX Conference on Security, SEC'11","author":"Curtsinger C.","year":"2011","unstructured":"C. Curtsinger , B. Livshits , B. Zorn , and C. Seifert . Zozzle: Fast and precise in-browser javascript malware detection . In Proceedings of the 20th USENIX Conference on Security, SEC'11 , pages 3 -- 3 , Berkeley, CA, USA , 2011 . USENIX Association. C. Curtsinger, B. Livshits, B. Zorn, and C. Seifert. Zozzle: Fast and precise in-browser javascript malware detection. In Proceedings of the 20th USENIX Conference on Security, SEC'11, pages 3--3, Berkeley, CA, USA, 2011. USENIX Association."},{"key":"e_1_3_2_1_7_1","unstructured":"DOM XSS Test Cases Wiki Cheatsheet Project. https:\/\/code.google.com\/p\/domxsswiki\/.  DOM XSS Test Cases Wiki Cheatsheet Project. https:\/\/code.google.com\/p\/domxsswiki\/."},{"key":"e_1_3_2_1_8_1","unstructured":"Greasemonkey. https:\/\/addons.mozilla.org\/en-US\/firefox\/addon\/greasemonkey\/.  Greasemonkey. https:\/\/addons.mozilla.org\/en-US\/firefox\/addon\/greasemonkey\/."},{"key":"e_1_3_2_1_9_1","doi-asserted-by":"publisher","DOI":"10.1109\/SP.2011.36"},{"key":"e_1_3_2_1_10_1","volume-title":"Proceedings of the USENIX annual technical conference","author":"Ingram L.","year":"2012","unstructured":"L. Ingram and M. Walfish . Treehouse: JavaScript sandboxes to help web developers help themselves . In Proceedings of the USENIX annual technical conference , 2012 . L. Ingram and M. Walfish. Treehouse: JavaScript sandboxes to help web developers help themselves. In Proceedings of the USENIX annual technical conference, 2012."},{"key":"e_1_3_2_1_11_1","volume-title":"Proceedings of USENIX Security","author":"Kapravelos A.","year":"2013","unstructured":"A. Kapravelos , Y. Shoshitaishvili , M. Cova , C. Kruegel , and G. Vigna . Revolver: An Automated Approach to the Detection of Evasive Web-based Malware . In Proceedings of USENIX Security , 2013 . A. Kapravelos, Y. Shoshitaishvili, M. Cova, C. Kruegel, and G. Vigna. Revolver: An Automated Approach to the Detection of Evasive Web-based Malware. In Proceedings of USENIX Security, 2013."},{"key":"e_1_3_2_1_12_1","unstructured":"A. Klein. DOM Based Cross Site Scripting or XSS of the Third Kind. http:\/\/www.webappsec.org\/projects\/articles\/071105.shtml April 2005.  A. Klein. DOM Based Cross Site Scripting or XSS of the Third Kind. http:\/\/www.webappsec.org\/projects\/articles\/071105.shtml April 2005."},{"key":"e_1_3_2_1_13_1","doi-asserted-by":"publisher","DOI":"10.1109\/SP.2012.48"},{"key":"e_1_3_2_1_14_1","doi-asserted-by":"publisher","DOI":"10.1007\/978-3-642-27937-9_17"},{"key":"e_1_3_2_1_15_1","volume-title":"Proceedings of 13th Network and Distributed Systems Security Symposium (NDSS '06)","author":"Wang Y.","year":"2006","unstructured":"Y. min Wang , D. Beck , X. Jiang , R. Roussev , C. Verbowski , S. Chen , and S. King . Automated web patrol with strider honeymonkeys: Finding web sites that exploit browser vulnerabilities . In Proceedings of 13th Network and Distributed Systems Security Symposium (NDSS '06) , 2006 . Y. min Wang, D. Beck, X. Jiang, R. Roussev, C. Verbowski, S. Chen, and S. King. Automated web patrol with strider honeymonkeys: Finding web sites that exploit browser vulnerabilities. In Proceedings of 13th Network and Distributed Systems Security Symposium (NDSS '06), 2006."},{"key":"e_1_3_2_1_16_1","doi-asserted-by":"publisher","DOI":"10.1145\/2382196.2382274"},{"key":"e_1_3_2_1_17_1","first-page":"169","volume-title":"Proceedings of the 18th Conference on USENIX Security Symposium, SSYM'09","author":"Ratanaworabhan P.","year":"2009","unstructured":"P. Ratanaworabhan , B. Livshits , and B. Zorn . Nozzle: A defense against heap-spraying code injection attacks . In Proceedings of the 18th Conference on USENIX Security Symposium, SSYM'09 , pages 169 -- 186 , Berkeley, CA, USA , 2009 . USENIX Association. P. Ratanaworabhan, B. Livshits, and B. Zorn. Nozzle: A defense against heap-spraying code injection attacks. In Proceedings of the 18th Conference on USENIX Security Symposium, SSYM'09, pages 169--186, Berkeley, CA, USA, 2009. USENIX Association."},{"key":"e_1_3_2_1_18_1","doi-asserted-by":"publisher","DOI":"10.1145\/1920261.1920267"},{"key":"e_1_3_2_1_19_1","unstructured":"Mozilla SpiderMonkey. https:\/\/developer.mozilla.org\/en-US\/docs\/Mozilla\/Projects\/SpiderMonkey.  Mozilla SpiderMonkey. https:\/\/developer.mozilla.org\/en-US\/docs\/Mozilla\/Projects\/SpiderMonkey."},{"key":"e_1_3_2_1_20_1","unstructured":"Mozilla add-ons - featured extensions. https:\/\/addons.mozilla.org\/en-US\/firefox\/extensions\/.  Mozilla add-ons - featured extensions. https:\/\/addons.mozilla.org\/en-US\/firefox\/extensions\/."},{"key":"e_1_3_2_1_21_1","unstructured":"Userscripts.org. http:\/\/userscripts.org\/.  Userscripts.org. http:\/\/userscripts.org\/."},{"key":"e_1_3_2_1_22_1","doi-asserted-by":"publisher","DOI":"10.1145\/2076732.2076775"},{"key":"e_1_3_2_1_23_1","volume-title":"Mar.","author":"Van Acker S.","year":"2014","unstructured":"S. Van Acker , N. Nikiforakis , L. Desmet , F. Piessens , and W. Joosen . Monkey-in-the-browser: Malware and vulnerabilities in augmented browsing script markets -- extended version. Technical report , Mar. 2014 . S. Van Acker, N. Nikiforakis, L. Desmet, F. Piessens, and W. Joosen. Monkey-in-the-browser: Malware and vulnerabilities in augmented browsing script markets -- extended version. Technical report, Mar. 2014."}],"event":{"name":"ASIA CCS '14: 9th ACM Symposium on Information, Computer and Communications Security","sponsor":["SIGSAC ACM Special Interest Group on Security, Audit, and Control"],"location":"Kyoto Japan","acronym":"ASIA CCS '14"},"container-title":["Proceedings of the 9th ACM symposium on Information, computer and communications security"],"original-title":[],"link":[{"URL":"https:\/\/dl.acm.org\/doi\/10.1145\/2590296.2590311","content-type":"unspecified","content-version":"vor","intended-application":"text-mining"},{"URL":"https:\/\/dl.acm.org\/doi\/pdf\/10.1145\/2590296.2590311","content-type":"unspecified","content-version":"vor","intended-application":"similarity-checking"}],"deposited":{"date-parts":[[2025,6,18]],"date-time":"2025-06-18T06:55:51Z","timestamp":1750229751000},"score":1,"resource":{"primary":{"URL":"https:\/\/dl.acm.org\/doi\/10.1145\/2590296.2590311"}},"subtitle":["malware and vulnerabilities in augmented browsing script markets"],"short-title":[],"issued":{"date-parts":[[2014,6,4]]},"references-count":23,"alternative-id":["10.1145\/2590296.2590311","10.1145\/2590296"],"URL":"https:\/\/doi.org\/10.1145\/2590296.2590311","relation":{},"subject":[],"published":{"date-parts":[[2014,6,4]]},"assertion":[{"value":"2014-06-04","order":2,"name":"published","label":"Published","group":{"name":"publication_history","label":"Publication History"}}]}}