{"status":"ok","message-type":"work","message-version":"1.0.0","message":{"indexed":{"date-parts":[[2025,9,28]],"date-time":"2025-09-28T20:43:56Z","timestamp":1759092236010,"version":"3.41.0"},"publisher-location":"New York, NY, USA","reference-count":55,"publisher":"ACM","license":[{"start":{"date-parts":[[2014,12,8]],"date-time":"2014-12-08T00:00:00Z","timestamp":1417996800000},"content-version":"vor","delay-in-days":0,"URL":"https:\/\/www.acm.org\/publications\/policies\/copyright_policy#Background"}],"funder":[{"DOI":"10.13039\/100007458","name":"Qatar Foundation","doi-asserted-by":"publisher","award":["SP0022512"],"award-info":[{"award-number":["SP0022512"]}],"id":[{"id":"10.13039\/100007458","id-type":"DOI","asserted-by":"publisher"}]},{"DOI":"10.13039\/501100001809","name":"National Natural Science Foundation of China","doi-asserted-by":"publisher","award":["61472209"],"award-info":[{"award-number":["61472209"]}],"id":[{"id":"10.13039\/501100001809","id-type":"DOI","asserted-by":"publisher"}]}],"content-domain":{"domain":["dl.acm.org"],"crossmark-restriction":true},"short-container-title":[],"published-print":{"date-parts":[[2014,12,8]]},"DOI":"10.1145\/2664243.2664256","type":"proceedings-article","created":{"date-parts":[[2014,12,8]],"date-time":"2014-12-08T16:30:28Z","timestamp":1418056228000},"page":"466-475","update-policy":"https:\/\/doi.org\/10.1145\/crossmark-policy","source":"Crossref","is-referenced-by-count":21,"title":["JShield"],"prefix":"10.1145","author":[{"given":"Yinzhi","family":"Cao","sequence":"first","affiliation":[{"name":"Columbia University"}],"role":[{"role":"author","vocabulary":"crossref"}]},{"given":"Xiang","family":"Pan","sequence":"additional","affiliation":[{"name":"Northwestern University"}],"role":[{"role":"author","vocabulary":"crossref"}]},{"given":"Yan","family":"Chen","sequence":"additional","affiliation":[{"name":"Northwestern University"}],"role":[{"role":"author","vocabulary":"crossref"}]},{"given":"Jianwei","family":"Zhuge","sequence":"additional","affiliation":[{"name":"Tsinghua University"}],"role":[{"role":"author","vocabulary":"crossref"}]}],"member":"320","published-online":{"date-parts":[[2014,12,8]]},"reference":[{"key":"e_1_3_2_1_1_1","unstructured":"2013 compare the best antivirus software products. http:\/\/anti-virus-software-review.toptenreviews.com\/.  2013 compare the best antivirus software products. http:\/\/anti-virus-software-review.toptenreviews.com\/."},{"key":"e_1_3_2_1_2_1","unstructured":"Address space layout randomization. http:\/\/en.wikipedia.org\/wiki\/Address_space_layout_randomization#Microsoft_Windows.  Address space layout randomization. http:\/\/en.wikipedia.org\/wiki\/Address_space_layout_randomization#Microsoft_Windows."},{"key":"e_1_3_2_1_3_1","unstructured":"Alexa Top Websites. http:\/\/www.alexa.com\/topsites.  Alexa Top Websites. http:\/\/www.alexa.com\/topsites."},{"key":"e_1_3_2_1_4_1","unstructured":"Apple hit by hackers who struck facebook. http:\/\/online.wsj.com\/article\/SB10001424127887324449104578314321123497696.html.  Apple hit by hackers who struck facebook. http:\/\/online.wsj.com\/article\/SB10001424127887324449104578314321123497696.html."},{"key":"e_1_3_2_1_5_1","unstructured":"Cisco ips signatures. http:\/\/tools.cisco.com\/security\/center\/ipshome.x?i=62&shortna=CiscoIPSSignatures#CiscoIPSSignatures.  Cisco ips signatures. http:\/\/tools.cisco.com\/security\/center\/ipshome.x?i=62&shortna=CiscoIPSSignatures#CiscoIPSSignatures."},{"key":"e_1_3_2_1_6_1","unstructured":"Cisco ironport. http:\/\/www.cisco.com\/web\/ironport\/index.html.  Cisco ironport. http:\/\/www.cisco.com\/web\/ironport\/index.html."},{"key":"e_1_3_2_1_7_1","unstructured":"Doxygen. http:\/\/www.stack.nl\/~dimitri\/doxygen\/.  Doxygen. http:\/\/www.stack.nl\/~dimitri\/doxygen\/."},{"key":"e_1_3_2_1_8_1","unstructured":"Embedding perl (using perl from c). http:\/\/docstore.mik.ua\/orelly\/perl\/prog3\/ch21_04.htm.  Embedding perl (using perl from c). http:\/\/docstore.mik.ua\/orelly\/perl\/prog3\/ch21_04.htm."},{"key":"e_1_3_2_1_9_1","unstructured":"Google safe browsing. https:\/\/developers.google.com\/safe-browsing\/.  Google safe browsing. https:\/\/developers.google.com\/safe-browsing\/."},{"key":"e_1_3_2_1_10_1","unstructured":"JIT spraying. http:\/\/en.wikipedia.org\/wiki\/JIT_spraying.  JIT spraying. http:\/\/en.wikipedia.org\/wiki\/JIT_spraying."},{"key":"e_1_3_2_1_11_1","unstructured":"National vulnerability database. http:\/\/nvd.nist.gov\/.  National vulnerability database. http:\/\/nvd.nist.gov\/."},{"key":"e_1_3_2_1_12_1","unstructured":"Regular expression library in c++. http:\/\/www.cplusplus.com\/reference\/std\/regex\/.  Regular expression library in c++. http:\/\/www.cplusplus.com\/reference\/std\/regex\/."},{"key":"e_1_3_2_1_13_1","unstructured":"Snort rules. http:\/\/www.snort.org\/snort-rules\/.  Snort rules. http:\/\/www.snort.org\/snort-rules\/."},{"key":"e_1_3_2_1_14_1","unstructured":"Spidermonkey javascript engine. https:\/\/developer.mozilla.org\/en-US\/docs\/SpiderMonkey.  Spidermonkey javascript engine. https:\/\/developer.mozilla.org\/en-US\/docs\/SpiderMonkey."},{"key":"e_1_3_2_1_15_1","unstructured":"Standard template library. http:\/\/www.sgi.com\/tech\/stl\/.  Standard template library. http:\/\/www.sgi.com\/tech\/stl\/."},{"key":"e_1_3_2_1_16_1","unstructured":"V8 javascript engine. https:\/\/code.google.com\/p\/v8\/.  V8 javascript engine. https:\/\/code.google.com\/p\/v8\/."},{"key":"e_1_3_2_1_17_1","unstructured":"Webkit source codes. http:\/\/webkit.org\/building\/checkout.html.  Webkit source codes. http:\/\/webkit.org\/building\/checkout.html."},{"key":"e_1_3_2_1_18_1","unstructured":"Wepawet. http:\/\/wepawet.iseclab.org\/.  Wepawet. http:\/\/wepawet.iseclab.org\/."},{"key":"e_1_3_2_1_19_1","doi-asserted-by":"publisher","DOI":"10.1145\/1455770.1455782"},{"key":"e_1_3_2_1_20_1","doi-asserted-by":"publisher","DOI":"10.1109\/SP.2006.41"},{"key":"e_1_3_2_1_21_1","doi-asserted-by":"publisher","DOI":"10.1145\/1963405.1963436"},{"key":"e_1_3_2_1_22_1","doi-asserted-by":"publisher","DOI":"10.1145\/1772690.1772720"},{"key":"e_1_3_2_1_23_1","volume-title":"the 20th USENIX conference on Security","author":"Curtsinger C.","year":"2011","unstructured":"Curtsinger , C. , Livshits , B. , Zorn , B. , and Seifert , C . Zozzle: fast and precise in-browser javascript malware detection . In the 20th USENIX conference on Security ( 2011 ). Curtsinger, C., Livshits, B., Zorn, B., and Seifert, C. Zozzle: fast and precise in-browser javascript malware detection. In the 20th USENIX conference on Security (2011)."},{"key":"e_1_3_2_1_24_1","doi-asserted-by":"publisher","DOI":"10.1145\/1920261.1920310"},{"key":"e_1_3_2_1_25_1","doi-asserted-by":"publisher","DOI":"10.1007\/978-3-642-02918-9_6"},{"key":"e_1_3_2_1_26_1","doi-asserted-by":"publisher","DOI":"10.1109\/SP.2008.19"},{"key":"e_1_3_2_1_27_1","volume-title":"-H. Browserguard: A behavior-based solution to drive-by-download attacks. Selected Areas in Communications","author":"Hsu F.-H.","year":"2011","unstructured":"Hsu , F.-H. , Tso , C.-K. , Yeh , Y.-C. , Wang , W.-J. , and Chen , L . -H. Browserguard: A behavior-based solution to drive-by-download attacks. Selected Areas in Communications , IEEE Journal on ( 2011 ). Hsu, F.-H., Tso, C.-K., Yeh, Y.-C., Wang, W.-J., and Chen, L.-H. Browserguard: A behavior-based solution to drive-by-download attacks. Selected Areas in Communications, IEEE Journal on (2011)."},{"key":"e_1_3_2_1_28_1","doi-asserted-by":"publisher","DOI":"10.1007\/978-3-642-03237-0_17"},{"key":"e_1_3_2_1_29_1","volume-title":"USNIX Security Symposium","author":"Kapravelos A.","year":"2013","unstructured":"Kapravelos , A. , Shoshitaishvili , Y. , Cova , M. , Kruegel , C. , and Vigna , G . Revolver: An automated approach to the detection of evasive web-based malware . In USNIX Security Symposium ( 2013 ). Kapravelos, A., Shoshitaishvili, Y., Cova, M., Kruegel, C., and Vigna, G. Revolver: An automated approach to the detection of evasive web-based malware. In USNIX Security Symposium (2013)."},{"key":"e_1_3_2_1_30_1","doi-asserted-by":"publisher","DOI":"10.1109\/SP.2012.48"},{"key":"e_1_3_2_1_31_1","volume-title":"NDSS","author":"Li Z.","year":"2011","unstructured":"Li , Z. , Tang , Y. , Cao , Y. , Rastogi , V. , Chen , Y. , Liu , B. , and Sbisa , C . Webshield: Enabling various web defense techniques without client side modifications . In NDSS ( 2011 ). Li, Z., Tang, Y., Cao, Y., Rastogi, V., Chen, Y., Liu, B., and Sbisa, C. Webshield: Enabling various web defense techniques without client side modifications. In NDSS (2011)."},{"key":"e_1_3_2_1_32_1","doi-asserted-by":"publisher","DOI":"10.1145\/1851182.1851216"},{"key":"e_1_3_2_1_33_1","doi-asserted-by":"publisher","DOI":"10.1007\/978-3-642-29166-1_31"},{"key":"e_1_3_2_1_34_1","doi-asserted-by":"publisher","DOI":"10.1145\/1866307.1866356"},{"key":"e_1_3_2_1_35_1","doi-asserted-by":"publisher","DOI":"10.1109\/HICSS.2013.166"},{"key":"e_1_3_2_1_36_1","doi-asserted-by":"publisher","DOI":"10.1145\/1557019.1557153"},{"key":"e_1_3_2_1_37_1","volume-title":"16th USENIX Security Symposium","author":"Moshchuk A.","year":"2007","unstructured":"Moshchuk , A. , Bragin , T. , Deville , D. , Gribble , S. , and Levy , H . Spyproxy: Execution-based detection of malicious web content . In 16th USENIX Security Symposium ( 2007 ). Moshchuk, A., Bragin, T., Deville, D., Gribble, S., and Levy, H. Spyproxy: Execution-based detection of malicious web content. In 16th USENIX Security Symposium (2007)."},{"key":"e_1_3_2_1_38_1","volume-title":"NDSS","author":"Moshchuk A.","year":"2006","unstructured":"Moshchuk , A. , Bragin , T. , Gribble , S. D. , and Levy , H. M . A crawler-based study of spyware on the web . In NDSS ( 2006 ). Moshchuk, A., Bragin, T., Gribble, S. D., and Levy, H. M. A crawler-based study of spyware on the web. In NDSS (2006)."},{"key":"e_1_3_2_1_39_1","unstructured":"Mozilla. Narcissus javascript engine. http:\/\/mxr.mozilla.org\/mozilla\/source\/js\/narcissus\/.  Mozilla. Narcissus javascript engine. http:\/\/mxr.mozilla.org\/mozilla\/source\/js\/narcissus\/."},{"key":"e_1_3_2_1_40_1","doi-asserted-by":"publisher","DOI":"10.1145\/1866307.1866371"},{"key":"e_1_3_2_1_41_1","doi-asserted-by":"publisher","DOI":"10.1109\/SP.2006.26"},{"key":"e_1_3_2_1_42_1","volume-title":"17th USENIX Security Symposium","author":"Provos N.","year":"2008","unstructured":"Provos , N. , Mavrommatis , P. , Rajab , M. A. , and Monrose , F . All your iframes point to us . In 17th USENIX Security Symposium ( 2008 ). Provos, N., Mavrommatis, P., Rajab, M. A., and Monrose, F. All your iframes point to us. In 17th USENIX Security Symposium (2008)."},{"key":"e_1_3_2_1_43_1","volume-title":"18th USENIX Security Symposium","author":"Ratanaworabhan P.","year":"2009","unstructured":"Ratanaworabhan , P. , Livshits , B. , and Zorn , B . Nozzle: A defense against heap-spraying code injection attacks . In 18th USENIX Security Symposium ( 2009 ). Ratanaworabhan, P., Livshits, B., and Zorn, B. Nozzle: A defense against heap-spraying code injection attacks. In 18th USENIX Security Symposium (2009)."},{"key":"e_1_3_2_1_44_1","volume-title":"OSDI","author":"Reis C.","year":"2006","unstructured":"Reis , C. , Dunagan , J. , Wang , H. J. , Dubrovsky , O. , and Esmeir , S . Browsershield: vulnerability-driven filtering of dynamic html . In OSDI ( 2006 ). Reis, C., Dunagan, J., Wang, H. J., Dubrovsky, O., and Esmeir, S. Browsershield: vulnerability-driven filtering of dynamic html. In OSDI (2006)."},{"key":"e_1_3_2_1_45_1","doi-asserted-by":"publisher","DOI":"10.1145\/1519065.1519090"},{"key":"e_1_3_2_1_46_1","doi-asserted-by":"publisher","DOI":"10.1145\/1920261.1920267"},{"key":"e_1_3_2_1_47_1","unstructured":"Seifert C. Steenson R. Holz T. Yuan B. and Davis M. A. Know your enemy: Malicious web servers. http:\/\/www.honeynet.org\/papers\/mws\/.  Seifert C. Steenson R. Holz T. Yuan B. and Davis M. A. Know your enemy: Malicious web servers. http:\/\/www.honeynet.org\/papers\/mws\/."},{"key":"e_1_3_2_1_48_1","doi-asserted-by":"publisher","DOI":"10.1109\/ATNAC.2008.4783302"},{"key":"e_1_3_2_1_49_1","volume-title":"Identification of malicious web","author":"Seifert C.","year":"2008","unstructured":"Seifert , C. , Welch , I. , Komisarczuk , P. , Aval , C. U. , and Endicott -popovsky, B . Identification of malicious web pages through analysis of underlying dns and web server relationships. In LCN: Local Computer Networks ( 2008 ). Seifert, C.,Welch, I., Komisarczuk, P., Aval, C. U., and Endicott-popovsky, B. Identification of malicious web pages through analysis of underlying dns and web server relationships. In LCN: Local Computer Networks (2008)."},{"key":"e_1_3_2_1_50_1","doi-asserted-by":"publisher","DOI":"10.1145\/1755688.1755705"},{"key":"e_1_3_2_1_51_1","volume-title":"OSDI","author":"Tang S.","year":"2010","unstructured":"Tang , S. , Mai , H. , and King , S. T . Trust and protection in the illinois browser operating system . In OSDI ( 2010 ). Tang, S., Mai, H., and King, S. T. Trust and protection in the illinois browser operating system. In OSDI (2010)."},{"key":"e_1_3_2_1_52_1","volume-title":"30th IEEE Symposium on Security and Privacy","author":"Ter Louw M.","year":"2009","unstructured":"Ter Louw , M. , and Venkatakrishnan , V . Blueprint: Precise browser-neutral prevention of cross-site scripting attacks . In 30th IEEE Symposium on Security and Privacy ( 2009 ). Ter Louw, M., and Venkatakrishnan, V. Blueprint: Precise browser-neutral prevention of cross-site scripting attacks. In 30th IEEE Symposium on Security and Privacy (2009)."},{"key":"e_1_3_2_1_53_1","doi-asserted-by":"publisher","DOI":"10.5555\/1855768.1855794"},{"key":"e_1_3_2_1_54_1","doi-asserted-by":"publisher","DOI":"10.1145\/1015467.1015489"},{"key":"e_1_3_2_1_55_1","volume-title":"NDSS","author":"Wang Y.","year":"2006","unstructured":"Wang , Y. , Beck , D. , Jiang , X. , and Roussev , R . Automated web patrol with strider honeymonkeys: Finding web sites that exploit browser vulnerabilities . In NDSS ( 2006 ). Wang, Y., Beck, D., Jiang, X., and Roussev, R. Automated web patrol with strider honeymonkeys: Finding web sites that exploit browser vulnerabilities. In NDSS (2006)."}],"event":{"name":"ACSAC '14: Annual Computer Security Applications Conference","sponsor":["ACSA Applied Computing Security Assoc"],"location":"New Orleans Louisiana USA","acronym":"ACSAC '14"},"container-title":["Proceedings of the 30th Annual Computer Security Applications Conference"],"original-title":[],"link":[{"URL":"https:\/\/dl.acm.org\/doi\/10.1145\/2664243.2664256","content-type":"unspecified","content-version":"vor","intended-application":"text-mining"},{"URL":"https:\/\/dl.acm.org\/doi\/pdf\/10.1145\/2664243.2664256","content-type":"unspecified","content-version":"vor","intended-application":"similarity-checking"}],"deposited":{"date-parts":[[2025,6,18]],"date-time":"2025-06-18T06:12:01Z","timestamp":1750227121000},"score":1,"resource":{"primary":{"URL":"https:\/\/dl.acm.org\/doi\/10.1145\/2664243.2664256"}},"subtitle":["towards real-time and vulnerability-based detection of polluted drive-by download attacks"],"short-title":[],"issued":{"date-parts":[[2014,12,8]]},"references-count":55,"alternative-id":["10.1145\/2664243.2664256","10.1145\/2664243"],"URL":"https:\/\/doi.org\/10.1145\/2664243.2664256","relation":{},"subject":[],"published":{"date-parts":[[2014,12,8]]},"assertion":[{"value":"2014-12-08","order":2,"name":"published","label":"Published","group":{"name":"publication_history","label":"Publication History"}}]}}