English
Related papers

Related papers: FV8: A Forced Execution JavaScript Engine for Dete…

200 papers

The JavaScript programming language, which began as a simple scripting language for the Web, has become ubiquitous, spanning desktop, mobile, and server applications. This increase in usage has made JavaScript an attractive target for…

Cryptography and Security · Computer Science 2024-10-29 José Miguel Moreno , Narseo Vallina-Rodriguez , Juan Tapiador

The drastic increase of JavaScript exploitation attacks has led to a strong interest in developing techniques to enable malicious JavaScript analysis. Existing analysis tech- niques fall into two general categories: static analysis and…

Cryptography and Security · Computer Science 2017-01-30 Xunchao Hu , Yao Cheng , Yue Duan , Andrew Henderson , Heng Yin

Code obfuscation is widely adopted in modern software development to protect intellectual property and hinder reverse engineering, but it also provides attackers with a powerful means to conceal malicious logic inside otherwise legitimate…

Cryptography and Security · Computer Science 2026-04-02 Francesco Pagano , Lorenzo Pisu , Leonardo Regano , Davide Maiorca , Alessio Merlo , Giorgio Giacinto

Context: Exhaustive fuzzing of modern JavaScript engines is infeasible due to the vast number of program states and execution paths. Coverage-guided fuzzers waste effort on low-risk inputs, often ignoring vulnerability-triggering ones that…

Software Engineering · Computer Science 2025-12-23 Kishan Kumar Ganguly , Tim Menzies

This work addresses JavaScript malware detection to enhance client-side web application security with a behavior-based system. The ability to detect malicious JavaScript execution sequences is a critical problem in modern web security as…

Cryptography and Security · Computer Science 2025-05-28 Pedro Pereira , José Gonçalves , João Vitorino , Eva Maia , Isabel Praça

Both malware and antivirus detection tools advance in their capabilities. Malware aim is to evade the detection while antivirus is to detect the malware. Over time, the detection techniques evolved from simple static signature matching over…

Cryptography and Security · Computer Science 2019-06-26 Ivica Stipovic

We use browsers daily to access all sorts of information. Because browsers routinely process scripts, media, and executable code from unknown sources, they form a critical security boundary between users and adversaries. A common attack…

Cryptography and Security · Computer Science 2025-09-11 Nils Bars , Lukas Bernhard , Moritz Schloegel , Thorsten Holz

During the past four years, Flash malware has become one of the most insidious threats to detect, with almost 600 critical vulnerabilities targeting Adobe Flash disclosed in the wild. Research has shown that machine learning can be…

Cryptography and Security · Computer Science 2020-07-15 Davide Maiorca , Ambra Demontis , Battista Biggio , Fabio Roli , Giorgio Giacinto

The NPM ecosystem has become a primary target for software supply chain attacks, yet existing detection tools are evaluated in isolation on incompatible datasets, making cross-tool comparison unreliable. We conduct a benchmark-driven…

Software Engineering · Computer Science 2026-03-31 Wenbo Guo , Zhongwen Chen , Zhengzi Xu , Chengwei Liu , Ming Kang , Shiwen Song , Chengyue Liu , Yijia Xu , Weisong Sun , Yang Liu

It is well known that antivirus engines are vulnerable to evasion techniques (e.g., obfuscation) that transform malware into its variants. However, it cannot be necessarily attributed to the effectiveness of these evasions, and the limits…

Cryptography and Security · Computer Science 2025-07-29 Guozhu Meng , Zhixiu Guo , Xiaodong Zhang , Haoyu Wang , Kai Chen , Yang Liu

JavaScript is a popular attack vector for releasing malicious payloads on unsuspecting Internet users. Authors of this malicious JavaScript often employ numerous obfuscation techniques in order to prevent the automatic detection by…

Cryptography and Security · Computer Science 2020-09-22 Adrian Herrera

JavaScript's widespread adoption has made it an attractive target for malicious attackers who employ sophisticated obfuscation techniques to conceal harmful code. Current deobfuscation tools suffer from critical limitations that severely…

Cryptography and Security · Computer Science 2025-12-17 Dongchao Zhou , Lingyun Ying , Huajun Chai , Dongbin Wang

The popularity of the PDF format and the rich JavaScript environment that PDF viewers offer make PDF documents an attractive attack vector for malware developers. PDF documents present a serious threat to the security of organizations…

Cryptography and Security · Computer Science 2018-10-31 Alexander Jordan , François Gauthier , Behnaz Hassanshahi , David Zhao

Modern software supply chains face an increasing threat from malicious code hidden in trusted components such as browser extensions, IDE extensions, and open-source packages. This paper introduces JavaSith, a novel client-side framework for…

Cryptography and Security · Computer Science 2025-05-28 Avihay Cohen

By their very nature, malware samples employ a variety of techniques to conceal their malicious behavior and hide it from analysis tools. To mitigate the problem, a large number of different evasion techniques have been documented over the…

Cryptography and Security · Computer Science 2021-12-22 Lorenzo Maffia , Dario Nisi , Platon Kotzias , Giovanni Lagorio , Simone Aonzo , Davide Balzarotti

Machine learning-based malware detectors are widely deployed in antivirus and endpoint detection systems, yet their reliance on static features makes them vulnerable to adversarial manipulation. This paper investigates whether a malware…

Cryptography and Security · Computer Science 2026-05-19 Juozas Dautartas , Olga Kurasova , Juozapas Rokas Čypas , Viktor Medvedev

JavaScript, a scripting language employed to augment the capabilities of web browsers within web pages or browser extensions, utilizes code segments termed JavaScript inclusions. While the security aspects of JavaScript inclusions in web…

Cryptography and Security · Computer Science 2025-05-27 Chong Guan

With the emergence of the Node.js ecosystem, JavaScript has become a widely-used programming language for implementing server-side web applications. In this paper, we present the first empirical study of static code analysis tools for…

Cryptography and Security · Computer Science 2023-08-07 Tiago Brito , Mafalda Ferreira , Miguel Monteiro , Pedro Lopes , Miguel Barros , José Fragoso Santos , Nuno Santos

WebAssembly has become a crucial part of the modern web, offering a faster alternative to JavaScript in browsers. While boosting rich applications in browser, this technology is also very efficient to develop cryptojacking malware. This has…

Software Engineering · Computer Science 2023-06-08 Javier Cabrera-Arteaga , Martin Monperrus , Tim Toady , Benoit Baudry

Malware scanners try to protect users from opening malicious documents by statically or dynamically analyzing documents. However, malware developers may apply evasions that conceal the maliciousness of a document. Given the variety of…

Cryptography and Security · Computer Science 2019-01-23 Saeed Ehteshamifar , Antonio Barresi , Thomas R. Gross , Michael Pradel
‹ Prev 1 2 3 10 Next ›