Engineering heap overflow exploits with JavaScript

Defending Browsers against Drive-by Downloads: Mitigating Heap-Spraying Code Injection Attacks

DIMVA '09 Proceedings of the 6th International Conference on Detection of Intrusions and Malware, and Vulnerability Assessment

Preventing drive-by download via inter-module communication monitoring

ASIACCS '10 Proceedings of the 5th ACM Symposium on Information, Computer and Communications Security

Detection and analysis of drive-by-download attacks and malicious JavaScript code

Proceedings of the 19th international conference on World wide web

Cujo: efficient detection and prevention of drive-by-download attacks

Proceedings of the 26th Annual Computer Security Applications Conference

Heap Taichi: exploiting memory allocation granularity in heap-spraying attacks

Proceedings of the 26th Annual Computer Security Applications Conference

Atlantis: robust, extensible execution environments for web applications

SOSP '11 Proceedings of the Twenty-Third ACM Symposium on Operating Systems Principles

A survey on automated dynamic malware-analysis techniques and tools

ACM Computing Surveys (CSUR)

BuBBle: a javascript engine level countermeasure against heap-spraying attacks

ESSoS'10 Proceedings of the Second international conference on Engineering Secure Software and Systems

Gibraltar: exposing hardware devices to web pages using AJAX

WebApps'12 Proceedings of the 3rd USENIX conference on Web Application Development

Autonomous learning for detection of JavaScript attacks: vision or reality?

Proceedings of the 5th ACM workshop on Security and artificial intelligence

FlowFox: a web browser with flexible and precise information flow control

Proceedings of the 2012 ACM conference on Computer and communications security

Protecting function pointers in binary

Proceedings of the 8th ACM SIGSAC symposium on Information, computer and communications security

Analyzing and defending against web-based malware

ACM Computing Surveys (CSUR)