{"status":"ok","message-type":"work","message-version":"1.0.0","message":{"indexed":{"date-parts":[[2026,2,20]],"date-time":"2026-02-20T07:03:30Z","timestamp":1771571010388,"version":"3.50.1"},"reference-count":8,"publisher":"Wiley","license":[{"start":{"date-parts":[[2018,1,1]],"date-time":"2018-01-01T00:00:00Z","timestamp":1514764800000},"content-version":"unspecified","delay-in-days":0,"URL":"http:\/\/creativecommons.org\/licenses\/by\/4.0\/"}],"funder":[{"name":"Shaanxi Science and Technology Industrial Research Office","award":["2015GY015"],"award-info":[{"award-number":["2015GY015"]}]}],"content-domain":{"domain":[],"crossmark-restriction":false},"short-container-title":["Security and Communication Networks"],"published-print":{"date-parts":[[2018]]},"abstract":"<jats:p>Ill-intentioned browser extensions pose an emergent security risk and have become one of the most common attack vectors on the Internet due to their wide popularity and high privilege. Once installed, malicious extensions are executed and attempt to compromise a victim\u2019s browser. To detect malicious browser extensions, security researchers have put forward several techniques. These techniques primarily concentrate on the usage of API calls by malicious extensions, imposing restricted policies for extensions, and monitoring extension\u2019s activities. In this paper, we propose a machine-learning-based approach to detect malicious extensions. We apply static and dynamic techniques to analyse an extension for extracting features. The analysis process extracts features from the source codes including JavaScript codes, HTML pages, and CSS files and the execution activities of an extension. To guarantee the robustness of the features, a feature selection method is then applied to retain the most relevant features while discarding low-correlated features. The detection models based on machine-learning techniques are subsequently constructed by leveraging these features. As can be seen from evaluation results, our detection model, containing over 4,600 labelled extension samples, is able to detect malicious extensions with an accuracy of 96.52% in validation set and 95.18% in test set, with a false positive rate of 2.38% in validation set and 3.66% in test set.<\/jats:p>","DOI":"10.1155\/2018\/7087239","type":"journal-article","created":{"date-parts":[[2018,5,2]],"date-time":"2018-05-02T19:39:32Z","timestamp":1525289972000},"page":"1-16","source":"Crossref","is-referenced-by-count":12,"title":["A Combined Static and Dynamic Analysis Approach to Detect Malicious Browser Extensions"],"prefix":"10.1155","volume":"2018","author":[{"ORCID":"https:\/\/orcid.org\/0000-0002-4578-4932","authenticated-orcid":true,"given":"Yao","family":"Wang","sequence":"first","affiliation":[{"name":"Department of Computer Science and Technology, Northwestern Polytechnical University, Xi\u2019an 710129, China"}]},{"given":"Wandong","family":"Cai","sequence":"additional","affiliation":[{"name":"Department of Computer Science and Technology, Northwestern Polytechnical University, Xi\u2019an 710129, China"}]},{"given":"Pin","family":"Lyu","sequence":"additional","affiliation":[{"name":"Department of Computer Science and Technology, Northwestern Polytechnical University, Xi\u2019an 710129, China"}]},{"given":"Wei","family":"Shao","sequence":"additional","affiliation":[{"name":"School of Science, RMIT University, Melbourne, VIC 3000, Australia"}]}],"member":"311","reference":[{"key":"1","year":"2016"},{"key":"34","doi-asserted-by":"publisher","DOI":"10.1002\/sec.1441"},{"key":"11","doi-asserted-by":"publisher","DOI":"10.1007\/978-3-642-10509-8_19"},{"key":"5","doi-asserted-by":"publisher","DOI":"10.1002\/sec.1579"},{"key":"19","doi-asserted-by":"publisher","DOI":"10.1016\/j.jnca.2016.10.007"},{"key":"21","doi-asserted-by":"publisher","DOI":"10.1016\/j.cose.2014.06.005"},{"key":"12","doi-asserted-by":"publisher","DOI":"10.1007\/978-3-642-31057-7_16"},{"key":"35","first-page":"65","volume":"36","year":"2008","journal-title":"Advances in Information Security"}],"container-title":["Security and Communication Networks"],"original-title":[],"language":"en","link":[{"URL":"http:\/\/downloads.hindawi.com\/journals\/scn\/2018\/7087239.pdf","content-type":"application\/pdf","content-version":"vor","intended-application":"text-mining"},{"URL":"http:\/\/downloads.hindawi.com\/journals\/scn\/2018\/7087239.xml","content-type":"application\/xml","content-version":"vor","intended-application":"text-mining"},{"URL":"http:\/\/downloads.hindawi.com\/journals\/scn\/2018\/7087239.pdf","content-type":"unspecified","content-version":"vor","intended-application":"similarity-checking"}],"deposited":{"date-parts":[[2018,5,2]],"date-time":"2018-05-02T19:40:06Z","timestamp":1525290006000},"score":1,"resource":{"primary":{"URL":"https:\/\/www.hindawi.com\/journals\/scn\/2018\/7087239\/"}},"subtitle":[],"short-title":[],"issued":{"date-parts":[[2018]]},"references-count":8,"alternative-id":["7087239","7087239"],"URL":"https:\/\/doi.org\/10.1155\/2018\/7087239","relation":{},"ISSN":["1939-0114","1939-0122"],"issn-type":[{"value":"1939-0114","type":"print"},{"value":"1939-0122","type":"electronic"}],"subject":[],"published":{"date-parts":[[2018]]}}}