A long way to the top: Significance, structure, and stability of internet top lists
A broad range of research areas including Internet measurement, privacy, and network
security rely on lists of target domains to be analysed; researchers make use of target lists …
security rely on lists of target domains to be analysed; researchers make use of target lists …
Crawlphish: Large-scale analysis of client-side cloaking techniques in phishing
Phishing is a critical threat to Internet users. Although an extensive ecosystem serves to
protect users, phishing websites are growing in sophistication, and they can slip past the …
protect users, phishing websites are growing in sophistication, and they can slip past the …
Towards measuring supply chain attacks on package managers for interpreted languages
R Duan, O Alrawi, RP Kasturi, R Elder… - arXiv preprint arXiv …, 2020 - arxiv.org
Package managers have become a vital part of the modern software development process.
They allow developers to reuse third-party code, share their own code, minimize their …
They allow developers to reuse third-party code, share their own code, minimize their …
A survey on automated dynamic malware analysis evasion and counter-evasion: Pc, mobile, and web
Automated dynamic malware analysis systems are important in combating the proliferation
of modern malware. Unfortunately, malware can often easily detect and evade these …
of modern malware. Unfortunately, malware can often easily detect and evade these …
oo7: Low-overhead defense against spectre attacks via program analysis
The Spectre vulnerability in modern processors has been widely reported. The key insight in
this vulnerability is that speculative execution in processors can be misused to access the …
this vulnerability is that speculative execution in processors can be misused to access the …
Selfpico: Self-guided partial code execution with llms
Code executability plays a vital role in software debugging and testing (eg, detecting runtime
exceptions or assertion violations). However, code execution, especially partial or arbitrary …
exceptions or assertion violations). However, code execution, especially partial or arbitrary …
Hidenoseek: Camouflaging malicious javascript in benign asts
In the malware field, learning-based systems have become popular to detect new malicious
variants. Nevertheless, attackers with specific and internal knowledge of a target system may …
variants. Nevertheless, attackers with specific and internal knowledge of a target system may …
Jstap: a static pre-filter for malicious javascript detection
Given the success of the Web platform, attackers have abused its main programming
language, namely JavaScript, to mount different types of attacks on their victims. Due to the …
language, namely JavaScript, to mount different types of attacks on their victims. Due to the …
Riding out domsday: Towards detecting and preventing dom cross-site scripting
Cross-site scripting (XSS) vulnerabilities are the most frequently reported web application
vulnerability. As com-plex JavaScript applications become more widespread, DOM …
vulnerability. As com-plex JavaScript applications become more widespread, DOM …
New Kid on the Web: A Study on the Prevalence of WebAssembly in the Wild
WebAssembly, or Wasm for short, is a new, low-level language that allows for near-native
execution performance and is supported by all major browsers as of today. In comparison to …
execution performance and is supported by all major browsers as of today. In comparison to …