Reading the tea leaves: A comparative analysis of threat intelligence
The term" threat intelligence" has swiftly become a staple buzzword in the computer security
industry. The entirely reasonable premise is that, by compiling up-to-date information about …
industry. The entirely reasonable premise is that, by compiling up-to-date information about …
Optimized invariant representation of network traffic for detecting unseen malware variants
New and unseen polymorphic malware, zero-day attacks, or other types of advanced
persistent threats are usually not detected by signature-based security devices, firewalls, or …
persistent threats are usually not detected by signature-based security devices, firewalls, or …
Xhound: Quantifying the fingerprintability of browser extensions
O Starov, N Nikiforakis - 2017 IEEE Symposium on Security …, 2017 - ieeexplore.ieee.org
In recent years, researchers have shown that unwanted web tracking is on the rise, as
advertisers are trying to capitalize on users' online activity, using increasingly intrusive and …
advertisers are trying to capitalize on users' online activity, using increasingly intrusive and …
An inside look into the practice of malware analysis
Malware analysis aims to understand how malicious software carries out actions necessary
for a successful attack and identify the possible impacts of the attack. While there has been …
for a successful attack and identify the possible impacts of the attack. While there has been …
If this then what? Controlling flows in IoT apps
IoT apps empower users by connecting a variety of otherwise unconnected services. These
apps (or applets) are triggered by external information sources to perform actions on …
apps (or applets) are triggered by external information sources to perform actions on …
" Get in Researchers; We're Measuring Reproducibility": A Reproducibility Study of Machine Learning Papers in Tier 1 Security Conferences
D Olszewski, A Lu, C Stillman, K Warren… - Proceedings of the …, 2023 - dl.acm.org
Reproducibility is crucial to the advancement of science; it strengthens confidence in
seemingly contradictory results and expands the boundaries of known discoveries …
seemingly contradictory results and expands the boundaries of known discoveries …
Doublex: Statically detecting vulnerable data flows in browser extensions at scale
Browser extensions are popular to enhance users' browsing experience. By design, they
have access to security-and privacy-critical APIs to perform tasks that web applications …
have access to security-and privacy-critical APIs to perform tasks that web applications …
CoCo: Efficient Browser Extension Vulnerability Detection via Coverage-guided, Concurrent Abstract Interpretation
Extensions complement web browsers with additional functionalities and also bring new
vulnerability venues, allowing privilege escalations from adversarial web pages to use …
vulnerability venues, allowing privilege escalations from adversarial web pages to use …
You've changed: Detecting malicious browser extensions through their update deltas
In this paper, we conduct the largest to-date analysis of browser extensions, by investigating
922,684 different extension versions collected in the past six years, and using this data to …
922,684 different extension versions collected in the past six years, and using this data to …
Extended tracking powers: Measuring the privacy diffusion enabled by browser extensions
O Starov, N Nikiforakis - … of the 26th International Conference on World …, 2017 - dl.acm.org
Users have come to rely on browser extensions to realize features that are not implemented
by browser vendors. Extensions offer users the ability to, among others, block ads, de-clutter …
by browser vendors. Extensions offer users the ability to, among others, block ads, de-clutter …