CoCo: Efficient Browser Extension Vulnerability Detection via Coverage-guided, Concurrent Abstract Interpretation
Extensions complement web browsers with additional functionalities and also bring new
vulnerability venues, allowing privilege escalations from adversarial web pages to use …
vulnerability venues, allowing privilege escalations from adversarial web pages to use …
Detection of obfuscated malicious JavaScript code
A Alazab, A Khraisat, M Alazab, S Singh - Future Internet, 2022 - mdpi.com
Websites on the Internet are becoming increasingly vulnerable to malicious JavaScript code
because of its strong impact and dramatic effect. Numerous recent cyberattacks use …
because of its strong impact and dramatic effect. Numerous recent cyberattacks use …
Hidenoseek: Camouflaging malicious javascript in benign asts
In the malware field, learning-based systems have become popular to detect new malicious
variants. Nevertheless, attackers with specific and internal knowledge of a target system may …
variants. Nevertheless, attackers with specific and internal knowledge of a target system may …
Deep learning with customized abstract syntax tree for bug localization
H Liang, L Sun, M Wang, Y Yang - IEEE Access, 2019 - ieeexplore.ieee.org
Given a bug report, bug localization technique can help developers automatically locate
potential buggy files. Information retrieval and deep learning approaches have been applied …
potential buggy files. Information retrieval and deep learning approaches have been applied …
Jstap: a static pre-filter for malicious javascript detection
Given the success of the Web platform, attackers have abused its main programming
language, namely JavaScript, to mount different types of attacks on their victims. Due to the …
language, namely JavaScript, to mount different types of attacks on their victims. Due to the …
Wobfuscator: Obfuscating javascript malware via opportunistic translation to webassembly
To protect web users from malicious JavaScript code, various malware detectors have been
proposed, which analyze and classify code as malicious or benign. State-of-the-art detectors …
proposed, which analyze and classify code as malicious or benign. State-of-the-art detectors …
A systematic literature review and quality analysis of Javascript malware detection
MF Sohan, A Basalamah - IEEE Access, 2020 - ieeexplore.ieee.org
Context: JavaScript (JS) is an often-used programming language by millions of web pages
and is also affected by thousands of malicious attacks. Objective: In this investigation, we …
and is also affected by thousands of malicious attacks. Objective: In this investigation, we …
Scaling javascript abstract interpretation to detect and exploit node. js taint-style vulnerability
Taint-style vulnerabilities, such as OS command injection and path traversal, are common
and severe software weaknesses. There exists an inherent trade-off between analysis …
and severe software weaknesses. There exists an inherent trade-off between analysis …
An empirical study on the effects of obfuscation on static machine learning-based malicious javascript detectors
K Ren, W Qiang, Y Wu, Y Zhou, D Zou… - Proceedings of the 32nd …, 2023 - dl.acm.org
Machine learning is increasingly being applied to malicious JavaScript detection in
response to the growing number of Web attacks and the attendant costly manual …
response to the growing number of Web attacks and the attendant costly manual …
Supply-chain vulnerability elimination via active learning and regeneration
Software supply-chain attacks target components that are integrated into client applications.
Such attacks often target widely-used components, with the attack taking place via …
Such attacks often target widely-used components, with the attack taking place via …