A fine-grained classification and security analysis of web-based virtual machine vulnerabilities

Web-based virtual machines are one of the primary targets of attackers due to number of design flaws they contain and the connectivity provided by the Web. The design and implementation of Inscription, the first fully automated Adobe Flash binary code transformation system that can guard major Flash...

Celý popis

Uloženo v:
Podrobná bibliografie
Vydáno v:Computers & security Ročník 105; s. 102246
Hlavní autoři: Yilmaz, Fadi, Sridhar, Meera, Mohanty, Abhinav, Tendulkar, Vasant, Hamlen, Kevin W.
Médium: Journal Article
Jazyk:angličtina
Vydáno: Amsterdam Elsevier Ltd 01.06.2021
Elsevier Sequoia S.A
Témata:
Binary codes
Classification
Corruption
Cybersecurity
Enforcement
In-lined reference monitoring
Inscriptions
Machinery
Medical diagnosis
Memory
Memory corruption vulnerabilities
Mitigation
Multimedia
Overflow
Security
Transformation
Virtual environments
Vulnerability
Vulnerability classification
Vulnerability databases
Web security
Web-based virtual machines
Memory corruption vulnerabilities
In-lined reference monitoring
Web security
Web-based virtual machines
Vulnerability databases
Vulnerability classification
ISSN:0167-4048, 1872-6208
On-line přístup:Získat plný text
Tagy: Přidat tag
Žádné tagy, Buďte první, kdo vytvoří štítek k tomuto záznamu!
Abstract Web-based virtual machines are one of the primary targets of attackers due to number of design flaws they contain and the connectivity provided by the Web. The design and implementation of Inscription, the first fully automated Adobe Flash binary code transformation system that can guard major Flash vulnerability categories without modifying vulnerable Flash VMs, is presented and evaluated. Inscription affords a means of mitigating the significant class of web attacks that target unpatched, legacy Flash VMs and their apps. This new enforcement capability is most effective when supplied with security policies that accurately characterize VM security vulnerabilities and their mitigations. Researchers and security engineers commonly depend on well-known, public vulnerability databases that document such vulnerabilities and provide details about each; but vulnerability information that is inconsistent, inaccurate, or vague hinders diagnosis of vulnerabilities residing in the implementations of web-based VMs, which is one of the crucial prerequisites of building generic, comprehensive security solutions for mitigating them. For example, a large percentage of disclosed vulnerabilities of the ActionScript VM (AVM), which executes Flash binaries, are vaguely classified as “Memory Corruption” or “Unspecified”. Deeper analysis of these vulnerabilities reveals that most can be more precisely classified as (1) use-after-free, (2) double-free, (3) integer overflow, (4) buffer overflow, or (5) heap overflow vulnerability sub-classes. To improve web vulnerability analysis and mitigation, a more thorough, comprehensive and accurate reclassification of web-based vulnerabilities is presented, in which “Memory Corruption” and “Unspecified” vulnerabilities are reclassified into one of these fine-grained vulnerability sub-classes.
AbstractList Web-based virtual machines are one of the primary targets of attackers due to number of design flaws they contain and the connectivity provided by the Web. The design and implementation of Inscription, the first fully automated Adobe Flash binary code transformation system that can guard major Flash vulnerability categories without modifying vulnerable Flash VMs, is presented and evaluated. Inscription affords a means of mitigating the significant class of web attacks that target unpatched, legacy Flash VMs and their apps. This new enforcement capability is most effective when supplied with security policies that accurately characterize VM security vulnerabilities and their mitigations. Researchers and security engineers commonly depend on well-known, public vulnerability databases that document such vulnerabilities and provide details about each; but vulnerability information that is inconsistent, inaccurate, or vague hinders diagnosis of vulnerabilities residing in the implementations of web-based VMs, which is one of the crucial prerequisites of building generic, comprehensive security solutions for mitigating them. For example, a large percentage of disclosed vulnerabilities of the ActionScript VM (AVM), which executes Flash binaries, are vaguely classified as "Memory Corruption" or "Unspecified". Deeper analysis of these vulnerabilities reveals that most can be more precisely classified as (1) use-after-free, (2) double-free, (3) integer overflow, (4) buffer overflow, or (5) heap overflow vulnerability sub-classes. To improve web vulnerability analysis and mitigation, a more thorough, comprehensive and accurate reclassification of web-based vulnerabilities is presented, in which "Memory Corruption" and "Unspecified" vulnerabilities are reclassified into one of these fine-grained vulnerability sub-classes.
Web-based virtual machines are one of the primary targets of attackers due to number of design flaws they contain and the connectivity provided by the Web. The design and implementation of Inscription, the first fully automated Adobe Flash binary code transformation system that can guard major Flash vulnerability categories without modifying vulnerable Flash VMs, is presented and evaluated. Inscription affords a means of mitigating the significant class of web attacks that target unpatched, legacy Flash VMs and their apps. This new enforcement capability is most effective when supplied with security policies that accurately characterize VM security vulnerabilities and their mitigations. Researchers and security engineers commonly depend on well-known, public vulnerability databases that document such vulnerabilities and provide details about each; but vulnerability information that is inconsistent, inaccurate, or vague hinders diagnosis of vulnerabilities residing in the implementations of web-based VMs, which is one of the crucial prerequisites of building generic, comprehensive security solutions for mitigating them. For example, a large percentage of disclosed vulnerabilities of the ActionScript VM (AVM), which executes Flash binaries, are vaguely classified as “Memory Corruption” or “Unspecified”. Deeper analysis of these vulnerabilities reveals that most can be more precisely classified as (1) use-after-free, (2) double-free, (3) integer overflow, (4) buffer overflow, or (5) heap overflow vulnerability sub-classes. To improve web vulnerability analysis and mitigation, a more thorough, comprehensive and accurate reclassification of web-based vulnerabilities is presented, in which “Memory Corruption” and “Unspecified” vulnerabilities are reclassified into one of these fine-grained vulnerability sub-classes.
ArticleNumber 102246
Author Hamlen, Kevin W.
Yilmaz, Fadi
Tendulkar, Vasant
Sridhar, Meera
Mohanty, Abhinav
Author_xml – sequence: 1
  givenname: Fadi
  surname: Yilmaz
  fullname: Yilmaz, Fadi
  email: fadiyilmaz@ybu.edu.tr
  organization: Department of Computer Engineering, Ankara Yildirim Beyazit University, Turkey
– sequence: 2
  givenname: Meera
  surname: Sridhar
  fullname: Sridhar, Meera
  email: msridhar@uncc.edu
  organization: Department of Software and Information Systems, The University of North Carolina at Charlotte, 9201 University City Blvd. Charlotte, NC 28223, USA
– sequence: 3
  givenname: Abhinav
  surname: Mohanty
  fullname: Mohanty, Abhinav
  email: amohant1@uncc.edu
  organization: Department of Software and Information Systems, The University of North Carolina at Charlotte, 9201 University City Blvd. Charlotte, NC 28223, USA
– sequence: 4
  givenname: Vasant
  surname: Tendulkar
  fullname: Tendulkar, Vasant
  email: vtendulk@uncc.edu
  organization: Department of Software and Information Systems, The University of North Carolina at Charlotte, 9201 University City Blvd. Charlotte, NC 28223, USA
– sequence: 5
  givenname: Kevin W.
  orcidid: 0000-0003-0479-6280
  surname: Hamlen
  fullname: Hamlen, Kevin W.
  email: hamlen@utdallas.edu
  organization: Computer Science Department, The University of Texas at Dallas, 800 W. Campbell Rd., Richardson, TX 75080, USA
BookMark eNp9kD1PwzAQhi1UJNrCH2CKxJxiO07sSCxVxZdUiQVm4zhncJXGxXaK-u9xCRNDp9Od3ud098zQpHc9IHRN8IJgUt1uFtoFWFBMSRpQyqozNCWC07yiWEzQNIV4zjATF2gWwgZjwishpuh9mRnbQ_7hVSptpjsVgjVWq2hdn6m-zQLowdt4SI3qDsGGzJnsG5q8USERe-vjoLpsq_RnWpHth64Hrxrb2WghXKJzo7oAV391jt4e7l9XT_n65fF5tVznuqAi5sQQUtZFDdwYzoqGMSVoVWKuRQUCSK01oQWuFat0aXgBZaMIbmuogRKm62KObsa9O---BghRbtzg08VB0rKgFS8pxilFx5T2LgQPRu683Sp_kATLo0m5kUeT8mhSjiYTJP5B2sZfPzFZ606jdyMK6fW9BS-DttBraK0HHWXr7Cn8BykjkUI
CitedBy_id crossref_primary_10_1007_s11277_023_10524_y
crossref_primary_10_1016_j_cose_2024_103908
Cites_doi 10.1109/TDSC.2014.2355847
10.1145/364955.364966
10.1145/1111596.1111601
10.1016/j.neunet.2014.09.003
10.1007/978-3-642-34407-7_1
10.1016/j.scico.2014.02.024
10.1149/MA2016-02/54/4155
10.1016/S1353-4858(15)30092-1
ContentType Journal Article
Copyright 2021
Copyright Elsevier Sequoia S.A. Jun 2021
Copyright_xml – notice: 2021
– notice: Copyright Elsevier Sequoia S.A. Jun 2021
DBID AAYXX
CITATION
7SC
8FD
JQ2
K7.
L7M
L~C
L~D
DOI 10.1016/j.cose.2021.102246
DatabaseName CrossRef
Computer and Information Systems Abstracts
Technology Research Database
ProQuest Computer Science Collection
ProQuest Criminal Justice (Alumni)
Advanced Technologies Database with Aerospace
Computer and Information Systems Abstracts – Academic
Computer and Information Systems Abstracts Professional
DatabaseTitle CrossRef
ProQuest Criminal Justice (Alumni)
Technology Research Database
Computer and Information Systems Abstracts – Academic
ProQuest Computer Science Collection
Computer and Information Systems Abstracts
Advanced Technologies Database with Aerospace
Computer and Information Systems Abstracts Professional
DatabaseTitleList ProQuest Criminal Justice (Alumni)
DeliveryMethod fulltext_linktorsrc
Discipline Computer Science
EISSN 1872-6208
ExternalDocumentID 10_1016_j_cose_2021_102246
S0167404821000705
GrantInformation_xml – fundername: the U
  funderid: https://doi.org/10.13039/100007249
GroupedDBID --K
--M
-~X
.DC
.~1
0R~
1B1
1RT
1~.
1~5
29F
4.4
457
4G.
5GY
5VS
7-5
71M
8P~
9JN
AACTN
AAEDT
AAEDW
AAIAV
AAIKJ
AAKOC
AALRI
AAOAW
AAQFI
AAQXK
AAXUO
AAYFN
ABBOA
ABFSI
ABMAC
ABXDB
ABYKQ
ACDAQ
ACGFO
ACGFS
ACNNM
ACRLP
ACZNC
ADBBV
ADEZE
ADHUB
ADJOM
ADMUD
AEBSH
AEKER
AENEX
AFFNX
AFKWA
AFTJW
AGHFR
AGUBO
AGYEJ
AHHHB
AHZHX
AIALX
AIEXJ
AIKHN
AITUG
AJBFU
AJOXV
ALMA_UNASSIGNED_HOLDINGS
AMFUW
AMRAJ
AOUOD
ASPBG
AVWKF
AXJTR
AZFZN
BKOJK
BKOMP
BLXMC
CS3
DU5
E.L
EBS
EFJIC
EFLBG
EJD
EO8
EO9
EP2
EP3
FDB
FEDTE
FGOYB
FIRID
FNPLU
FYGXN
G-2
G-Q
GBLVA
GBOLZ
HLX
HLZ
HVGLF
HZ~
IHE
J1W
KOM
LG8
LG9
M41
MO0
MS~
N9A
O-L
O9-
OAUVE
OZT
P-8
P-9
P2P
PC.
PQQKQ
Q38
R2-
RIG
RNS
ROL
RPZ
RXW
SBC
SBM
SDF
SDG
SDP
SES
SEW
SPC
SPCBC
SSV
SSZ
T5K
TAE
TN5
TWZ
WH7
WUQ
XJE
XPP
XSW
YK3
ZMT
~G-
9DU
AATTM
AAXKI
AAYWO
AAYXX
ABJNI
ABWVN
ACLOT
ACRPL
ACVFH
ADCNI
ADNMO
AEIPS
AEUPX
AFJKZ
AFPUW
AGQPQ
AIGII
AIIUN
AKBMS
AKRWK
AKYEP
ANKPU
APXCP
CITATION
EFKBS
~HD
7SC
8FD
JQ2
K7.
L7M
L~C
L~D
ID FETCH-LOGICAL-c328t-1f115939e7ff743b44a826507c86e8e19cc12309a46c5f73e5ba10d9e9e214c93
ISICitedReferencesCount 2
ISICitedReferencesURI http://www.webofscience.com/api/gateway?GWVersion=2&SrcApp=Summon&SrcAuth=ProQuest&DestLinkType=CitingArticles&DestApp=WOS_CPL&KeyUT=000643675100003&url=https%3A%2F%2Fcvtisr.summon.serialssolutions.com%2F%23%21%2Fsearch%3Fho%3Df%26include.ft.matches%3Dt%26l%3Dnull%26q%3D
ISSN 0167-4048
IngestDate Thu Nov 20 00:59:38 EST 2025
Sat Nov 29 07:24:50 EST 2025
Tue Nov 18 20:40:39 EST 2025
Fri Feb 23 02:44:14 EST 2024
IsPeerReviewed true
IsScholarly true
Keywords Memory corruption vulnerabilities
In-lined reference monitoring
Web security
Web-based virtual machines
Vulnerability databases
Vulnerability classification
Language English
LinkModel OpenURL
MergedId FETCHMERGED-LOGICAL-c328t-1f115939e7ff743b44a826507c86e8e19cc12309a46c5f73e5ba10d9e9e214c93
Notes ObjectType-Article-1
SourceType-Scholarly Journals-1
ObjectType-Feature-2
content type line 14
ORCID 0000-0003-0479-6280
PQID 2532675200
PQPubID 46289
ParticipantIDs proquest_journals_2532675200
crossref_primary_10_1016_j_cose_2021_102246
crossref_citationtrail_10_1016_j_cose_2021_102246
elsevier_sciencedirect_doi_10_1016_j_cose_2021_102246
PublicationCentury 2000
PublicationDate June 2021
2021-06-00
20210601
PublicationDateYYYYMMDD 2021-06-01
PublicationDate_xml – month: 06
  year: 2021
  text: June 2021
PublicationDecade 2020
PublicationPlace Amsterdam
PublicationPlace_xml – name: Amsterdam
PublicationTitle Computers & security
PublicationYear 2021
Publisher Elsevier Ltd
Elsevier Sequoia S.A
Publisher_xml – name: Elsevier Ltd
– name: Elsevier Sequoia S.A
References snyk Security, 2019b. The stat of javascript frameworks security report 2019.
Ford, Cova, Kruegel, Vigna (bib0029) 2009
Offensive Security, 2016. Exploits database by offensive security.
Adobe, Inc., 2007. ActionScript Virtual Machine 2 (AVM2) Overview.
Neuhaus, Zimmermann (bib0083) 2010
MITRE, Inc., 2020o. CWE-843: Access of Resource Using Incompatible Type (’Type Confusion’).
MITRE, Inc., 2020i. CWE-191: Integer underflow (wrap or wraparound).
MITRE, Inc., 2015a. CVE-2015-0310.
Computer Incident Response Center Luxembourg, 2020. circl.lu.
Middelkoop, A., Elyasov, A. B., Prasetya, W., 2011. Functional instrumentation of ActionScript programs with Asil, 1–16.
Pfaff, Hack, Hammer (bib0091) 2015
MITRE, Inc., 2020j. CWE-358: Improperly Implemented Security Check for Standard.
Sridhar, Wartell, Hamlen (bib0111) 2014; 93
Accessed: 2017-10-30.
Paola, S. D., 2007. Testing flash applications. Presented at the 6th OWASP AppSec Confererence.
Sridhar, Chirva, Ferrell, Karamchandani, Hamlen (bib0108) 2017; 13
MITRE, Inc., 2015d. CVE-2015-5125.
Recorded Future, 2016. New Kit and Same Player: Top 10 Vulnerabilities Used by Exploit Kits in 2016.
Sivakumar, Garg (bib0105) 2007
Adobe, Inc., 2020b. Bitmapdata - as3.
MITRE, Inc., 2015b. CVE-2015-5119.
.
Vigna, Kruegel, Cova, Ford (bib0117) 2009
Lindner, F., 2010. Preventing adobe flash exploitation.
Sridhar, Hamlen (bib0109) 2010
Adobe, Inc., 2016. SWF file format specification version 19.
GNU, 2019. GDB: The GNU Project Debugger.
Accessed on 04-10-2016.
Check Point Advisories, 2015. Adobe Flash Player Memory Corruption (APSB15-04: CVE-2015-0318).
ENISA, 2019. The state of cybersecurity vulnerabilities 2018–2019.
MITRE, Inc., 2020m. CWE-466: Return of pointer value outside of expected range.
Shacham (bib0100) 2007
Panteleev, V., 2016. Robust ABC [Dis-]Assembler.
Accessed: 2016-03-22.
MITRE, Inc., 2015c. CVE-2015-5122.
NIST, 2020b. National vulnerability database.
Microsoft, 2016. 2016 Trends in Cybersecurity: A Quick Guide to the Most Important Insights in Security.
MITRE, Inc., 2020p. flash.utils IExternalizable.
Evans, C., 2015. Issue 482: Flash: bypass of vector. length vs. cookie validation.
Bootstrap Team, 2020. Bootstrap.
Angular, 2020. One framework. mobile & desktop.
Li, B., 2015. Trendlabs security intelligence bloghacking team flash zero-day integrated into exploit kits.
MITRE, Inc., 2016. Common vulnerabilities and exposures.
MITRE, Inc., 2021. CVE details - The ultimate security vulnerability datasource.
Silvanovich, N., 2015. Issue 547: Adobe flash: Type confusion in iexternalizable.writeexternal when performing local serialization.
Gnash, 2016. Gnu gnash.
Accessed: 2016-12-03.
MITRE, Inc., 2020b. About CWE - history.
Chatterji, S., 2008. Flash security and advanced CSRF. Presented at the OWASP Delhi Chapter Meet.
Shahriar, Zulkernine (bib0102) 2011
McAfee Labs, 2019. Mcafee labs threats report - august 2019.
Bravo, Mauricio (bib0011) 2018
MITRE, Inc., 2017. Vulnerability type distributions in cve.
Overveldt, Kruegel, Vigna (bib0088) 2012
CyberSecurity and Infrastructure Security Agency, 2009. Understanding denial-of-service attacks.
Levchenko, Pitsillidis, Chachra, Enright, Halvorson, Kanich, Kreibich, Liu, McCoy, Weaver, Paxson, Voelker, Savage (bib0044) 2011
Kernel Mode, 2016. KernelMode.info.
Rouse, M., 2014. address space layout randomization.
Kaspersky, 2015. Kaspersky security bulletin 2015. The overall statistics for 2015.
Symantec, 2015. Web attack: Adobe Flash Player CVE-2015-0313.
Pham, T. T., 2016. Trusted access report microsoft edition: The current state of device security health.
Accessed on 2016-04-10.
MITRE, Inc., 2020c. Common vulnerabilities and exposures database.
Amit, Y., 2010. Cross-site scripting through flash in gmail based services. IBM application security insider.
TrustWave, 2016. Trustwave SpiderLabs.
Accessed: 2016-12-02.
Shacham, Page, Pfaff, Goh, Modadugu, Boneh (bib0101) 2004
Accessed: 2016-04-10.
Accessed 2020-03-15.
paloalto Networks, 2015. Understanding flash exploitation and the alleged cve-2015-0359 exploit.
Neal Poole, 2012. XSS and CSRF via SWF applets (SWFUpload, Plupload).
Backes, Rieck, Skoruppa, Stock, Yamaguchi (bib0008) 2017
FireEye, 2018. Attacks leveraging adobe zero-day (cve-2018-4878) threat attribution, attack scenario and recommendations.
Google Security Research Database, 2020. Issues - project-zero - project zero - monorail.
Shmatikov, V., 2009. Basic integer overflows.
TrendMicro Research, 2015. Research and analysis TrendMicro USA.
McAfee, 2016. McAfee labs 2016 threats predictions.
MITRE, Inc., 2014. CVE-2015-0359.
Constantin, L., 2012. Iranian nuclear program used as lure in flash-based targeted attacks.
Garnaeva, M., Sinitsyn, F., Namestnikov, Y., Makrushin, D., Liskin, A., 2016. Kaspersky security bulletin: Overall statistic for 2016.
Rapid7, 2020. metasploit-framework.
Zhou Li and XiaoFeng Wang (bib0120) 2010
CISCO, 2016. CISCO 2016 Midyear Security Report.
Accessed: 2016-03-25.
Dunn, J. E., 2019. September 2019s patch tuesday: 2 zero-days, 17 critical bugs.
Ligatti, Bauer, Walker (bib0047) 2005
Yilmaz, Sridhar (bib0119) 2019
MITRE, Inc., 2020n. CWE-824: Access of uninitialized pointer.
Security Focus, 2020. Vulnerabilities.
Accessed: 2018-01-24.
Developers, T. L., 2016. Lightspark.
Liu, B., 2014. Detection of heap spraying by flash with an actionscript.
Buchanan, Roemer, Shacham, Savage (bib0013) 2008
Hayak, B., Davidi, A., 2014. Deep analysis of CVE-2014-0502 a double free story.
Accessed: 2020-05-31.
MITRE, Inc., 2020g. CWE-122: Heap-based buffer overflow.
Mansfield-Devine (bib0050) 2015; 2015
Phung, Monshizadeh, Sridhar, Hamlen, Venkatakrishnan (bib0093) 2015; 12
Schmidhuber (bib0097) 2015; 61
The jQuery Foundation, 2020. write less, do more.
Google Security Research Database, 2015. Issue 633 - project-zero - Adobe Flash: H264 file causes stack corruption - Monorail.
Johns, Lekies, Stock (bib0040) 2013
Wressnegger, Yamaguchi, Arp, Rieck (bib0118) 2015
Accessed: 2017-5-20.
FireEye, 2016. FireEye Blog - Threat research and analysis.
Dong, Guo, Chen, Xing, Zhang, Wang (bib0022) 2019
Retrieved 10-1-2016.
Accessed: 2019-1-7.
Exploit Database, 2020. Exploit database.
Accessed: 2017-5-29.
Gootooru, N., 2013. Doubly linked list implementation.
Brown (bib0012) 1965; 8
Hamlen, Morrisett, Schneider (bib0037) 2006; 28
MITRE, Inc., 2020l. CWE-416: Use after free.
NIST, 2020a. National vulnerability database.
NIST, 2016. CVE-2016-4155 Detail.
Accessed on = 3/5/2020.
Accessed: 12-12-2018.
MITRE, Inc., 2020f. CWE-121: Stack-based buffer overflow.
Adobe, Inc., 2020a. Bitmap - as3.
MITRE, Inc., 2020a. About CWE - frequently asked questions.
Check Point Advisories, 2016. Check point advisories adobe flash player memory corruption (apsb16-39: Cve-2016-7874).
Sridhar, Mohanty, Yilmaz, Tendulkar, Hamlen (bib0110) 2018
Jung, W., Kim, S., Choi, S., 2015. Poster: Deep learning for zero-day Flash malware detection.
MITRE, Inc., 2020d. Common weakness enumeration - a community-developed list of software & hardware weakness types.
Thomas, Grier, Ma, Paxson, Song (bib0114) 2011
MITRE, Inc., 2020h. CWE-125: Out-of-bounds read.
hiddencodes, 2015. Understanding cve-2015-0310 flash vulnerability.
MITRE, Inc., 2020k. CWE-416: Double free.
Accessed: 04-01-2020.
Li, H., 2016. A root cause analysis of the recent flash zero-day vulnerability, cve-2016-1010.
Accessed: 2020-02-26.
Google Project Zero, 2015. Issue 318 - project-zero - flash: memory corruption with shaderjob width and height toctou condition.
MITRE, Inc., 2015e. CVE-2015-7645.
Morphisec Lab, 2018. Threat alert: Adobe flash zero-day cve-2018-15982.
Brand, M., Evans, C., 2015. Significant flash exploit mitigations are live in v18.0.0.209.
MITRE, Inc., 2020e. CWE-119: Improper restriction of operations within the bounds of a memory buffer.
snyk Security, 2019a..NET open source security insights.
Schwarz, Lipp, Gruss (bib0098) 2018; 18
Adobe, Inc., 2010.
Ligatti (10.1016/j.cose.2021.102246_bib0047) 2005
Thomas (10.1016/j.cose.2021.102246_bib0114) 2011
Ford (10.1016/j.cose.2021.102246_bib0029) 2009
Backes (10.1016/j.cose.2021.102246_bib0008) 2017
10.1016/j.cose.2021.102246_bib0103
10.1016/j.cose.2021.102246_bib0104
10.1016/j.cose.2021.102246_bib0068
10.1016/j.cose.2021.102246_bib0069
10.1016/j.cose.2021.102246_bib0107
Vigna (10.1016/j.cose.2021.102246_bib0117) 2009
Neuhaus (10.1016/j.cose.2021.102246_bib0083) 2010
10.1016/j.cose.2021.102246_bib0106
Yilmaz (10.1016/j.cose.2021.102246_bib0119) 2019
10.1016/j.cose.2021.102246_bib0073
10.1016/j.cose.2021.102246_bib0074
10.1016/j.cose.2021.102246_bib0071
10.1016/j.cose.2021.102246_bib0072
10.1016/j.cose.2021.102246_bib0077
10.1016/j.cose.2021.102246_bib0078
10.1016/j.cose.2021.102246_bib0075
10.1016/j.cose.2021.102246_bib0076
Buchanan (10.1016/j.cose.2021.102246_bib0013) 2008
10.1016/j.cose.2021.102246_bib0070
Sridhar (10.1016/j.cose.2021.102246_bib0110) 2018
Shacham (10.1016/j.cose.2021.102246_bib0100) 2007
Hamlen (10.1016/j.cose.2021.102246_bib0037) 2006; 28
10.1016/j.cose.2021.102246_bib0059
10.1016/j.cose.2021.102246_bib0057
10.1016/j.cose.2021.102246_bib0058
10.1016/j.cose.2021.102246_bib0062
Sridhar (10.1016/j.cose.2021.102246_bib0109) 2010
10.1016/j.cose.2021.102246_bib0063
10.1016/j.cose.2021.102246_bib0060
10.1016/j.cose.2021.102246_bib0061
10.1016/j.cose.2021.102246_bib0066
10.1016/j.cose.2021.102246_bib0067
10.1016/j.cose.2021.102246_bib0064
10.1016/j.cose.2021.102246_bib0065
Brown (10.1016/j.cose.2021.102246_bib0012) 1965; 8
10.1016/j.cose.2021.102246_bib0048
10.1016/j.cose.2021.102246_bib0049
10.1016/j.cose.2021.102246_bib0046
10.1016/j.cose.2021.102246_bib0051
Wressnegger (10.1016/j.cose.2021.102246_bib0118) 2015
10.1016/j.cose.2021.102246_bib0052
10.1016/j.cose.2021.102246_bib0055
10.1016/j.cose.2021.102246_bib0056
Pfaff (10.1016/j.cose.2021.102246_bib0091) 2015
10.1016/j.cose.2021.102246_bib0053
10.1016/j.cose.2021.102246_bib0054
Overveldt (10.1016/j.cose.2021.102246_bib0088) 2012
Schmidhuber (10.1016/j.cose.2021.102246_bib0097) 2015; 61
10.1016/j.cose.2021.102246_bib0038
10.1016/j.cose.2021.102246_bib0035
10.1016/j.cose.2021.102246_bib0036
10.1016/j.cose.2021.102246_bib0039
10.1016/j.cose.2021.102246_bib0041
10.1016/j.cose.2021.102246_bib0045
10.1016/j.cose.2021.102246_bib0042
10.1016/j.cose.2021.102246_bib0043
10.1016/j.cose.2021.102246_bib0026
10.1016/j.cose.2021.102246_bib0027
10.1016/j.cose.2021.102246_bib0024
10.1016/j.cose.2021.102246_bib0025
10.1016/j.cose.2021.102246_bib0028
10.1016/j.cose.2021.102246_bib0030
10.1016/j.cose.2021.102246_bib0033
10.1016/j.cose.2021.102246_bib0034
10.1016/j.cose.2021.102246_bib0031
10.1016/j.cose.2021.102246_bib0032
Mansfield-Devine (10.1016/j.cose.2021.102246_bib0050) 2015; 2015
10.1016/j.cose.2021.102246_bib0015
10.1016/j.cose.2021.102246_bib0016
10.1016/j.cose.2021.102246_bib0014
Phung (10.1016/j.cose.2021.102246_bib0093) 2015; 12
10.1016/j.cose.2021.102246_bib0019
10.1016/j.cose.2021.102246_bib0017
10.1016/j.cose.2021.102246_bib0018
10.1016/j.cose.2021.102246_bib0023
Schwarz (10.1016/j.cose.2021.102246_bib0098) 2018; 18
10.1016/j.cose.2021.102246_bib0020
Sivakumar (10.1016/j.cose.2021.102246_bib0105) 2007
10.1016/j.cose.2021.102246_bib0021
Shacham (10.1016/j.cose.2021.102246_bib0101) 2004
Johns (10.1016/j.cose.2021.102246_bib0040) 2013
Sridhar (10.1016/j.cose.2021.102246_bib0111) 2014; 93
10.1016/j.cose.2021.102246_bib0004
10.1016/j.cose.2021.102246_bib0005
10.1016/j.cose.2021.102246_bib0002
Sridhar (10.1016/j.cose.2021.102246_bib0108) 2017; 13
10.1016/j.cose.2021.102246_bib0003
10.1016/j.cose.2021.102246_bib0009
10.1016/j.cose.2021.102246_bib0006
10.1016/j.cose.2021.102246_bib0007
10.1016/j.cose.2021.102246_bib0095
10.1016/j.cose.2021.102246_bib0096
10.1016/j.cose.2021.102246_bib0094
10.1016/j.cose.2021.102246_bib0099
10.1016/j.cose.2021.102246_bib0010
Zhou Li and XiaoFeng Wang (10.1016/j.cose.2021.102246_bib0120) 2010
10.1016/j.cose.2021.102246_bib0092
10.1016/j.cose.2021.102246_bib0090
Bravo (10.1016/j.cose.2021.102246_bib0011) 2018
10.1016/j.cose.2021.102246_bib0115
10.1016/j.cose.2021.102246_bib0079
10.1016/j.cose.2021.102246_bib0112
10.1016/j.cose.2021.102246_bib0113
10.1016/j.cose.2021.102246_bib0116
Shahriar (10.1016/j.cose.2021.102246_bib0102) 2011
Levchenko (10.1016/j.cose.2021.102246_bib0044) 2011
10.1016/j.cose.2021.102246_bib0084
10.1016/j.cose.2021.102246_bib0085
10.1016/j.cose.2021.102246_bib0082
10.1016/j.cose.2021.102246_bib0001
10.1016/j.cose.2021.102246_bib0089
10.1016/j.cose.2021.102246_bib0086
10.1016/j.cose.2021.102246_bib0087
10.1016/j.cose.2021.102246_bib0080
10.1016/j.cose.2021.102246_bib0081
Dong (10.1016/j.cose.2021.102246_bib0022) 2019
References_xml – start-page: 869
  year: 2019
  end-page: 885
  ident: bib0022
  article-title: Towards the detection of inconsistencies in public security vulnerability reports
  publication-title: 28th
– reference: Check Point Advisories, 2016. Check point advisories adobe flash player memory corruption (apsb16-39: Cve-2016-7874).
– reference: Paola, S. D., 2007. Testing flash applications. Presented at the 6th OWASP AppSec Confererence.
– volume: 18
  start-page: 12
  year: 2018
  ident: bib0098
  article-title: Javascript zero: Real javascript and zero side-channel attacks.
  publication-title: NDSS
– start-page: 274
  year: 2012
  end-page: 293
  ident: bib0088
  article-title: FlashDetect: ActionScript 3 malware detection
  publication-title: Proceedings of the 15th International Symposium on Research in Attacks and Intrusions, and Defenses and (RAID)
– reference: Evans, C., 2015. Issue 482: Flash: bypass of vector.<uint> length vs. cookie validation.
– reference: NIST, 2020a. National vulnerability database.
– reference: Google Security Research Database, 2015. Issue 633 - project-zero - Adobe Flash: H264 file causes stack corruption - Monorail.
– reference: MITRE, Inc., 2021. CVE details - The ultimate security vulnerability datasource.
– start-page: 298
  year: 2004
  end-page: 307
  ident: bib0101
  article-title: On the effectiveness of address-space randomization
  publication-title: Proceedings of the 11th ACM conference on Computer and communications security
– reference: Computer Incident Response Center Luxembourg, 2020. circl.lu.
– reference: Developers, T. L., 2016. Lightspark.
– reference: Gootooru, N., 2013. Doubly linked list implementation.
– reference: hiddencodes, 2015. Understanding cve-2015-0310 flash vulnerability.
– reference: TrendMicro Research, 2015. Research and analysis TrendMicro USA.
– reference: Kernel Mode, 2016. KernelMode.info.
– reference: Adobe, Inc., 2020a. Bitmap - as3.
– reference: . Accessed: 2018-01-24.
– start-page: 111
  year: 2010
  end-page: 120
  ident: bib0083
  article-title: Security trend analysis with CVE topic models
  publication-title: 2010 IEEE 21st International Symposium on Software Reliability Engineering
– reference: MITRE, Inc., 2020p. flash.utils IExternalizable.
– reference: MITRE, Inc., 2020f. CWE-121: Stack-based buffer overflow.
– reference: MITRE, Inc., 2020e. CWE-119: Improper restriction of operations within the bounds of a memory buffer.
– reference: . Accessed: 2017-5-20.
– reference: Constantin, L., 2012. Iranian nuclear program used as lure in flash-based targeted attacks.
– reference: Exploit Database, 2020. Exploit database.
– reference: Offensive Security, 2016. Exploits database by offensive security.
– reference: Garnaeva, M., Sinitsyn, F., Namestnikov, Y., Makrushin, D., Liskin, A., 2016. Kaspersky security bulletin: Overall statistic for 2016.
– reference: Neal Poole, 2012. XSS and CSRF via SWF applets (SWFUpload, Plupload).
– reference: Rouse, M., 2014. address space layout randomization.
– start-page: 447
  year: 2011
  end-page: 462
  ident: bib0114
  article-title: Design and evaluation of a real-time URL spam filtering service
  publication-title: Proc. of the 32
– reference: FireEye, 2018. Attacks leveraging adobe zero-day (cve-2018-4878) threat attribution, attack scenario and recommendations.
– reference: Gnash, 2016. Gnu gnash.
– reference: MITRE, Inc., 2016. Common vulnerabilities and exposures.
– reference: Li, H., 2016. A root cause analysis of the recent flash zero-day vulnerability, cve-2016-1010.
– reference: MITRE, Inc., 2015e. CVE-2015-7645.
– reference: . Accessed: 2016-03-25.
– reference: . Accessed: 2020-05-31.
– start-page: 104
  year: 2011
  end-page: 109
  ident: bib0102
  article-title: Injecting comments to detect javascript code injection attacks
  publication-title: 2011 IEEE 35th Annual Computer Software and Applications Conference Workshops
– start-page: 27
  year: 2008
  end-page: 38
  ident: bib0013
  article-title: When good instructions go bad: Generalizing return-oriented programming to risc
  publication-title: Proceedings of the 15th ACM Conference on Computer and Communications Security (CCS)
– volume: 13
  start-page: 59
  year: 2017
  end-page: 96
  ident: bib0108
  article-title: Flash in the dark: illuminating the landscape of ActionScript web security trends and threats
  publication-title: Journal of Information Systems Security (JISSec)
– reference: . Accessed on 2016-04-10.
– reference: Silvanovich, N., 2015. Issue 547: Adobe flash: Type confusion in iexternalizable.writeexternal when performing local serialization.
– reference: Rapid7, 2020. metasploit-framework.
– reference: . Accessed: 2020-02-26.
– reference: Recorded Future, 2016. New Kit and Same Player: Top 10 Vulnerabilities Used by Exploit Kits in 2016.
– start-page: 363
  year: 2009
  end-page: 372
  ident: bib0117
  article-title: Analyzing and detecting malicious flash advertisements
  publication-title: Proceedings of the 25th Annual Computer Security Applications Conference (ACSAC)
– reference: snyk Security, 2019a..NET open source security insights.
– start-page: 621
  year: 2013
  end-page: 636
  ident: bib0040
  article-title: Eradicating DNS rebinding with the extended same-origin policy
  publication-title: Proceedings of the 22nd USENIX Security Symposium (SS)
– reference: MITRE, Inc., 2015b. CVE-2015-5119.
– start-page: 1
  year: 2019
  end-page: 8
  ident: bib0119
  article-title: A survey of in-lined reference monitors: Policies, applications and challenges
  publication-title: 16th ACS/IEEE International Conference on Computer Systems and Applications (AICCSA)
– reference: . Accessed: 2016-12-03.
– reference: Dunn, J. E., 2019. September 2019s patch tuesday: 2 zero-days, 17 critical bugs.
– reference: MITRE, Inc., 2015a. CVE-2015-0310.
– volume: 61
  start-page: 85
  year: 2015
  end-page: 117
  ident: bib0097
  article-title: Deep learning in neural networks: an overview
  publication-title: Neural Networks
– reference: MITRE, Inc., 2015d. CVE-2015-5125.
– start-page: 277
  year: 2007
  end-page: 291
  ident: bib0105
  article-title: Constructing a common Cross Site Scripting Vulnerabilities Enumeration (CXE) using CWE and CVE
  publication-title: International Conference on Information Systems Security
– reference: The jQuery Foundation, 2020. write less, do more.
– reference: . Accessed: 12-12-2018.
– volume: 2015
  start-page: 13
  year: 2015
  end-page: 20
  ident: bib0050
  article-title: The growth and evolution of ddos
  publication-title: Network Security
– reference: . Retrieved 10-1-2016.
– reference: , Accessed: 2016-04-10.
– reference: MITRE, Inc., 2020h. CWE-125: Out-of-bounds read.
– reference: , Accessed: 2017-5-29.
– reference: Panteleev, V., 2016. Robust ABC [Dis-]Assembler.
– reference: MITRE, Inc., 2020n. CWE-824: Access of uninitialized pointer.
– reference: Microsoft, 2016. 2016 Trends in Cybersecurity: A Quick Guide to the Most Important Insights in Security.
– reference: McAfee, 2016. McAfee labs 2016 threats predictions.
– reference: MITRE, Inc., 2020k. CWE-416: Double free.
– reference: FireEye, 2016. FireEye Blog - Threat research and analysis.
– reference: Symantec, 2015. Web attack: Adobe Flash Player CVE-2015-0313.
– reference: MITRE, Inc., 2015c. CVE-2015-5122.
– reference: . Accessed on = 3/5/2020.
– reference: . Accessed: 2017-10-30.
– reference: GNU, 2019. GDB: The GNU Project Debugger.
– reference: CISCO, 2016. CISCO 2016 Midyear Security Report.
– reference: MITRE, Inc., 2020m. CWE-466: Return of pointer value outside of expected range.
– reference: Google Project Zero, 2015. Issue 318 - project-zero - flash: memory corruption with shaderjob width and height toctou condition.
– reference: , Accessed: 2017-10-30.
– reference: MITRE, Inc., 2020o. CWE-843: Access of Resource Using Incompatible Type (’Type Confusion’).
– volume: 93
  start-page: 110
  year: 2014
  end-page: 124
  ident: bib0111
  article-title: Hippocratic binary instrumentation: first do no harm
  publication-title: Science of Computer Programming (SCP) and Special Issue on Invariant Generation
– reference: MITRE, Inc., 2020l. CWE-416: Use after free.
– reference: Adobe, Inc., 2020b. Bitmapdata - as3.
– reference: Hayak, B., Davidi, A., 2014. Deep analysis of CVE-2014-0502 a double free story.
– reference: MITRE, Inc., 2020g. CWE-122: Heap-based buffer overflow.
– reference: snyk Security, 2019b. The stat of javascript frameworks security report 2019.
– reference: Li, B., 2015. Trendlabs security intelligence bloghacking team flash zero-day integrated into exploit kits.
– reference: NIST, 2016. CVE-2016-4155 Detail.
– reference: MITRE, Inc., 2020i. CWE-191: Integer underflow (wrap or wraparound).
– start-page: 504
  year: 2018
  end-page: 515
  ident: bib0110
  article-title: Inscription: Thwarting ActionScript web attacks from within
  publication-title: Proceedings of the 17th IEEE International Conference On Trust and Security and Privacy In Computing and Communications
– reference: ENISA, 2019. The state of cybersecurity vulnerabilities 2018–2019.
– start-page: 355
  year: 2005
  end-page: 373
  ident: bib0047
  article-title: Enforcing non-safety security policies with program monitors
  publication-title: Proceedings of the 10th European Symposium on Research in Computer Security (ESORICS)
– reference: . Accessed: 2019-1-7.
– start-page: 181
  year: 2010
  end-page: 190
  ident: bib0120
  article-title: FIRM: Capability-based inline mediation of Flash behaviors
  publication-title: Proc. of the 26
– reference: . Accessed 2020-03-15.
– reference: TrustWave, 2016. Trustwave SpiderLabs.
– reference: Adobe, Inc., 2007. ActionScript Virtual Machine 2 (AVM2) Overview.
– reference: McAfee Labs, 2019. Mcafee labs threats report - august 2019.
– reference: MITRE, Inc., 2020a. About CWE - frequently asked questions.
– reference: Kaspersky, 2015. Kaspersky security bulletin 2015. The overall statistics for 2015.
– volume: 12
  start-page: 443
  year: 2015
  end-page: 457
  ident: bib0093
  article-title: Between worlds: securing mixed JavaScript/ActionScript multi-party web content
  publication-title: IEEE Trans. on Dependable and Secure Computing (TDSC)
– reference: Brand, M., Evans, C., 2015. Significant flash exploit mitigations are live in v18.0.0.209.
– reference: Check Point Advisories, 2015. Adobe Flash Player Memory Corruption (APSB15-04: CVE-2015-0318).
– reference: Pham, T. T., 2016. Trusted access report microsoft edition: The current state of device security health.
– start-page: 68
  year: 2015
  end-page: 85
  ident: bib0091
  article-title: Proceedings of the 7th International Symposium on Engineering Secure Software and Systems (ESSoS)
– reference: . Accessed on 04-10-2016.
– reference: Google Security Research Database, 2020. Issues - project-zero - project zero - monorail.
– reference: Jung, W., Kim, S., Choi, S., 2015. Poster: Deep learning for zero-day Flash malware detection.
– reference: . Accessed: 2016-03-22.
– start-page: 552
  year: 2007
  end-page: 561
  ident: bib0100
  article-title: The geometry of innocent flesh on the bone: Return-into-libc without function calls (on the x86)
  publication-title: Proceedings of the 14th ACM conference on Computer and communications security (CCS)
– reference: , Accessed: 2016-12-02.
– reference: Angular, 2020. One framework. mobile & desktop.
– reference: NIST, 2020b. National vulnerability database.
– reference: Adobe, Inc., 2010.
– reference: MITRE, Inc., 2020j. CWE-358: Improperly Implemented Security Check for Standard.
– start-page: 312
  year: 2010
  end-page: 327
  ident: bib0109
  article-title: Model-checking in-lined reference monitors
  publication-title: Proceedings of the 11th International Conference on Verification and Model Checking and Abstract Interpretation (VMCAI)
– reference: Middelkoop, A., Elyasov, A. B., Prasetya, W., 2011. Functional instrumentation of ActionScript programs with Asil, 1–16.
– reference: CyberSecurity and Infrastructure Security Agency, 2009. Understanding denial-of-service attacks.
– start-page: 334
  year: 2017
  end-page: 349
  ident: bib0008
  article-title: Efficient and flexible discovery of php application vulnerabilities
  publication-title: Proceedings of the IEEE european symposium on security and privacy (EuroS&P)
– reference: . Accessed: 2017-5-29.
– reference: . Accessed: 2016-04-10.
– reference: Chatterji, S., 2008. Flash security and advanced CSRF. Presented at the OWASP Delhi Chapter Meet.
– volume: 28
  start-page: 175
  year: 2006
  end-page: 205
  ident: bib0037
  article-title: Computability classes for enforcement mechanisms
  publication-title: ACM Trans. on Programming Languages and Systems (TOPLAS)
– reference: Liu, B., 2014. Detection of heap spraying by flash with an actionscript.
– reference: Lindner, F., 2010. Preventing adobe flash exploitation.
– reference: MITRE, Inc., 2014. CVE-2015-0359.
– start-page: 431
  year: 2011
  end-page: 446
  ident: bib0044
  article-title: Click trajectories: End-to-end analysis of the spam value chain
  publication-title: Proceedings of the 32nd IEEE Symposiuym Security & Privacy (S&P)
– reference: MITRE, Inc., 2020b. About CWE - history.
– volume: 8
  year: 1965
  ident: bib0012
  article-title: An operating environment for dynamic-recursive computer programming systems
  publication-title: Communications of the ACM (CACM)
– reference: Security Focus, 2020. Vulnerabilities.
– start-page: 97
  year: 2018
  end-page: 100
  ident: bib0011
  article-title: Ddos attack detection mechanism in the application layer using user features
  publication-title: 2018 International Conference on Information and Computer Technologies (ICICT)
– reference: Adobe, Inc., 2016. SWF file format specification version 19.
– reference: .
– reference: Morphisec Lab, 2018. Threat alert: Adobe flash zero-day cve-2018-15982.
– reference: MITRE, Inc., 2020d. Common weakness enumeration - a community-developed list of software & hardware weakness types.
– reference: Shmatikov, V., 2009. Basic integer overflows.
– reference: Bootstrap Team, 2020. Bootstrap.
– reference: MITRE, Inc., 2020c. Common vulnerabilities and exposures database.
– start-page: 363
  year: 2009
  end-page: 372
  ident: bib0029
  article-title: Analyzing and detecting malicious Flash advertisements
  publication-title: Proc. of Annual Computer Security Applications Conf. (ACSAC)
– reference: MITRE, Inc., 2017. Vulnerability type distributions in cve.
– reference: paloalto Networks, 2015. Understanding flash exploitation and the alleged cve-2015-0359 exploit.
– reference: . Accessed: 04-01-2020.
– year: 2015
  ident: bib0118
  article-title: Analyzing and Detecting Flash-based Malware Using Lightweight Multi-path Exploration
  publication-title: Technical Report
– reference: Amit, Y., 2010. Cross-site scripting through flash in gmail based services. IBM application security insider.
– ident: 10.1016/j.cose.2021.102246_bib0005
– start-page: 363
  year: 2009
  ident: 10.1016/j.cose.2021.102246_bib0117
  article-title: Analyzing and detecting malicious flash advertisements
– ident: 10.1016/j.cose.2021.102246_bib0086
– ident: 10.1016/j.cose.2021.102246_bib0028
– ident: 10.1016/j.cose.2021.102246_bib0063
– start-page: 363
  year: 2009
  ident: 10.1016/j.cose.2021.102246_bib0029
  article-title: Analyzing and detecting malicious Flash advertisements
– ident: 10.1016/j.cose.2021.102246_bib0043
– ident: 10.1016/j.cose.2021.102246_bib0020
– volume: 12
  start-page: 443
  issue: 4
  year: 2015
  ident: 10.1016/j.cose.2021.102246_bib0093
  article-title: Between worlds: securing mixed JavaScript/ActionScript multi-party web content
  publication-title: IEEE Trans. on Dependable and Secure Computing (TDSC)
  doi: 10.1109/TDSC.2014.2355847
– start-page: 298
  year: 2004
  ident: 10.1016/j.cose.2021.102246_bib0101
  article-title: On the effectiveness of address-space randomization
– start-page: 621
  year: 2013
  ident: 10.1016/j.cose.2021.102246_bib0040
  article-title: Eradicating DNS rebinding with the extended same-origin policy
– start-page: 355
  year: 2005
  ident: 10.1016/j.cose.2021.102246_bib0047
  article-title: Enforcing non-safety security policies with program monitors
– ident: 10.1016/j.cose.2021.102246_bib0095
– ident: 10.1016/j.cose.2021.102246_bib0057
– ident: 10.1016/j.cose.2021.102246_bib0019
– ident: 10.1016/j.cose.2021.102246_bib0034
– ident: 10.1016/j.cose.2021.102246_bib0072
– ident: 10.1016/j.cose.2021.102246_bib0002
– ident: 10.1016/j.cose.2021.102246_bib0048
– ident: 10.1016/j.cose.2021.102246_bib0060
– ident: 10.1016/j.cose.2021.102246_bib0023
– ident: 10.1016/j.cose.2021.102246_bib0069
– ident: 10.1016/j.cose.2021.102246_bib0081
– start-page: 274
  year: 2012
  ident: 10.1016/j.cose.2021.102246_bib0088
  article-title: FlashDetect: ActionScript 3 malware detection
– ident: 10.1016/j.cose.2021.102246_bib0092
– ident: 10.1016/j.cose.2021.102246_bib0016
– start-page: 111
  year: 2010
  ident: 10.1016/j.cose.2021.102246_bib0083
  article-title: Security trend analysis with CVE topic models
– ident: 10.1016/j.cose.2021.102246_bib0089
– start-page: 312
  year: 2010
  ident: 10.1016/j.cose.2021.102246_bib0109
  article-title: Model-checking in-lined reference monitors
– start-page: 431
  year: 2011
  ident: 10.1016/j.cose.2021.102246_bib0044
  article-title: Click trajectories: End-to-end analysis of the spam value chain
– ident: 10.1016/j.cose.2021.102246_bib0075
– ident: 10.1016/j.cose.2021.102246_bib0078
– volume: 8
  issue: 6
  year: 1965
  ident: 10.1016/j.cose.2021.102246_bib0012
  article-title: An operating environment for dynamic-recursive computer programming systems
  publication-title: Communications of the ACM (CACM)
  doi: 10.1145/364955.364966
– start-page: 1
  year: 2019
  ident: 10.1016/j.cose.2021.102246_bib0119
  article-title: A survey of in-lined reference monitors: Policies, applications and challenges
– ident: 10.1016/j.cose.2021.102246_bib0116
– ident: 10.1016/j.cose.2021.102246_bib0003
– volume: 28
  start-page: 175
  issue: 1
  year: 2006
  ident: 10.1016/j.cose.2021.102246_bib0037
  article-title: Computability classes for enforcement mechanisms
  publication-title: ACM Trans. on Programming Languages and Systems (TOPLAS)
  doi: 10.1145/1111596.1111601
– ident: 10.1016/j.cose.2021.102246_bib0045
– ident: 10.1016/j.cose.2021.102246_bib0065
– ident: 10.1016/j.cose.2021.102246_bib0017
– volume: 13
  start-page: 59
  issue: 2
  year: 2017
  ident: 10.1016/j.cose.2021.102246_bib0108
  article-title: Flash in the dark: illuminating the landscape of ActionScript web security trends and threats
  publication-title: Journal of Information Systems Security (JISSec)
– ident: 10.1016/j.cose.2021.102246_bib0036
– ident: 10.1016/j.cose.2021.102246_bib0107
– ident: 10.1016/j.cose.2021.102246_bib0059
– start-page: 552
  year: 2007
  ident: 10.1016/j.cose.2021.102246_bib0100
  article-title: The geometry of innocent flesh on the bone: Return-into-libc without function calls (on the x86)
– start-page: 181
  year: 2010
  ident: 10.1016/j.cose.2021.102246_bib0120
  article-title: FIRM: Capability-based inline mediation of Flash behaviors
– ident: 10.1016/j.cose.2021.102246_bib0070
– ident: 10.1016/j.cose.2021.102246_bib0051
– ident: 10.1016/j.cose.2021.102246_bib0113
– ident: 10.1016/j.cose.2021.102246_bib0031
– ident: 10.1016/j.cose.2021.102246_bib0025
– ident: 10.1016/j.cose.2021.102246_bib0087
– ident: 10.1016/j.cose.2021.102246_bib0062
– ident: 10.1016/j.cose.2021.102246_bib0042
– ident: 10.1016/j.cose.2021.102246_bib0073
– ident: 10.1016/j.cose.2021.102246_bib0014
– ident: 10.1016/j.cose.2021.102246_bib0090
– ident: 10.1016/j.cose.2021.102246_bib0039
– ident: 10.1016/j.cose.2021.102246_bib0056
– ident: 10.1016/j.cose.2021.102246_bib0030
– volume: 61
  start-page: 85
  year: 2015
  ident: 10.1016/j.cose.2021.102246_bib0097
  article-title: Deep learning in neural networks: an overview
  publication-title: Neural Networks
  doi: 10.1016/j.neunet.2014.09.003
– ident: 10.1016/j.cose.2021.102246_bib0099
– ident: 10.1016/j.cose.2021.102246_bib0001
– ident: 10.1016/j.cose.2021.102246_bib0024
– ident: 10.1016/j.cose.2021.102246_bib0054
  doi: 10.1007/978-3-642-34407-7_1
– ident: 10.1016/j.cose.2021.102246_bib0082
– ident: 10.1016/j.cose.2021.102246_bib0009
– ident: 10.1016/j.cose.2021.102246_bib0067
– ident: 10.1016/j.cose.2021.102246_bib0015
– volume: 93
  start-page: 110
  issue: B
  year: 2014
  ident: 10.1016/j.cose.2021.102246_bib0111
  article-title: Hippocratic binary instrumentation: first do no harm
  publication-title: Science of Computer Programming (SCP) and Special Issue on Invariant Generation
  doi: 10.1016/j.scico.2014.02.024
– ident: 10.1016/j.cose.2021.102246_bib0076
– ident: 10.1016/j.cose.2021.102246_bib0053
– ident: 10.1016/j.cose.2021.102246_bib0038
– ident: 10.1016/j.cose.2021.102246_bib0006
– ident: 10.1016/j.cose.2021.102246_bib0079
– ident: 10.1016/j.cose.2021.102246_bib0115
– ident: 10.1016/j.cose.2021.102246_bib0085
– ident: 10.1016/j.cose.2021.102246_bib0027
– ident: 10.1016/j.cose.2021.102246_bib0064
– start-page: 27
  year: 2008
  ident: 10.1016/j.cose.2021.102246_bib0013
  article-title: When good instructions go bad: Generalizing return-oriented programming to risc
– ident: 10.1016/j.cose.2021.102246_bib0104
– start-page: 68
  year: 2015
  ident: 10.1016/j.cose.2021.102246_bib0091
– ident: 10.1016/j.cose.2021.102246_bib0096
– ident: 10.1016/j.cose.2021.102246_bib0033
– volume: 18
  start-page: 12
  year: 2018
  ident: 10.1016/j.cose.2021.102246_bib0098
  article-title: Javascript zero: Real javascript and zero side-channel attacks.
– ident: 10.1016/j.cose.2021.102246_bib0058
– ident: 10.1016/j.cose.2021.102246_bib0071
– ident: 10.1016/j.cose.2021.102246_bib0084
  doi: 10.1149/MA2016-02/54/4155
– start-page: 504
  year: 2018
  ident: 10.1016/j.cose.2021.102246_bib0110
  article-title: Inscription: Thwarting ActionScript web attacks from within
– ident: 10.1016/j.cose.2021.102246_bib0007
– ident: 10.1016/j.cose.2021.102246_bib0032
– ident: 10.1016/j.cose.2021.102246_bib0112
– ident: 10.1016/j.cose.2021.102246_bib0061
– start-page: 104
  year: 2011
  ident: 10.1016/j.cose.2021.102246_bib0102
  article-title: Injecting comments to detect javascript code injection attacks
– ident: 10.1016/j.cose.2021.102246_bib0026
– ident: 10.1016/j.cose.2021.102246_bib0068
– ident: 10.1016/j.cose.2021.102246_bib0049
– ident: 10.1016/j.cose.2021.102246_bib0080
– ident: 10.1016/j.cose.2021.102246_bib0041
– ident: 10.1016/j.cose.2021.102246_bib0103
– start-page: 277
  year: 2007
  ident: 10.1016/j.cose.2021.102246_bib0105
  article-title: Constructing a common Cross Site Scripting Vulnerabilities Enumeration (CXE) using CWE and CVE
– start-page: 97
  year: 2018
  ident: 10.1016/j.cose.2021.102246_bib0011
  article-title: Ddos attack detection mechanism in the application layer using user features
– ident: 10.1016/j.cose.2021.102246_bib0074
– ident: 10.1016/j.cose.2021.102246_bib0055
– ident: 10.1016/j.cose.2021.102246_bib0004
– ident: 10.1016/j.cose.2021.102246_bib0077
– year: 2015
  ident: 10.1016/j.cose.2021.102246_bib0118
  article-title: Analyzing and Detecting Flash-based Malware Using Lightweight Multi-path Exploration
– ident: 10.1016/j.cose.2021.102246_bib0010
– ident: 10.1016/j.cose.2021.102246_bib0046
– start-page: 869
  year: 2019
  ident: 10.1016/j.cose.2021.102246_bib0022
  article-title: Towards the detection of inconsistencies in public security vulnerability reports
– volume: 2015
  start-page: 13
  issue: 10
  year: 2015
  ident: 10.1016/j.cose.2021.102246_bib0050
  article-title: The growth and evolution of ddos
  publication-title: Network Security
  doi: 10.1016/S1353-4858(15)30092-1
– ident: 10.1016/j.cose.2021.102246_bib0066
– ident: 10.1016/j.cose.2021.102246_bib0018
– ident: 10.1016/j.cose.2021.102246_bib0021
– ident: 10.1016/j.cose.2021.102246_bib0106
– start-page: 334
  year: 2017
  ident: 10.1016/j.cose.2021.102246_bib0008
  article-title: Efficient and flexible discovery of php application vulnerabilities
– ident: 10.1016/j.cose.2021.102246_bib0035
– ident: 10.1016/j.cose.2021.102246_bib0094
– ident: 10.1016/j.cose.2021.102246_bib0052
– start-page: 447
  year: 2011
  ident: 10.1016/j.cose.2021.102246_bib0114
  article-title: Design and evaluation of a real-time URL spam filtering service
SSID ssj0017688
Score 2.3066773
Snippet Web-based virtual machines are one of the primary targets of attackers due to number of design flaws they contain and the connectivity provided by the Web. The...
SourceID proquest
crossref
elsevier
SourceType Aggregation Database
Enrichment Source
Index Database
Publisher
StartPage 102246
SubjectTerms Binary codes
Classification
Corruption
Cybersecurity
Enforcement
In-lined reference monitoring
Inscriptions
Machinery
Medical diagnosis
Memory
Memory corruption vulnerabilities
Mitigation
Multimedia
Overflow
Security
Transformation
Virtual environments
Vulnerability
Vulnerability classification
Vulnerability databases
Web security
Web-based virtual machines
Title A fine-grained classification and security analysis of web-based virtual machine vulnerabilities
URI https://dx.doi.org/10.1016/j.cose.2021.102246
https://www.proquest.com/docview/2532675200
Volume 105
WOSCitedRecordID wos000643675100003&url=https%3A%2F%2Fcvtisr.summon.serialssolutions.com%2F%23%21%2Fsearch%3Fho%3Df%26include.ft.matches%3Dt%26l%3Dnull%26q%3D
hasFullText 1
inHoldings 1
isFullTextHit
isPrint
journalDatabaseRights – providerCode: PRVESC
  databaseName: Elsevier SD Freedom Collection Journals 2021
  customDbUrl:
  eissn: 1872-6208
  dateEnd: 99991231
  omitProxy: false
  ssIdentifier: ssj0017688
  issn: 0167-4048
  databaseCode: AIEXJ
  dateStart: 19950101
  isFulltext: true
  titleUrlDefault: https://www.sciencedirect.com
  providerName: Elsevier
link http://cvtisr.summon.serialssolutions.com/2.0.0/link/0/eLvHCXMwtV1bb9MwFLbKxgMv3BGDgfzAnipXuTiN_RhBK0BdQVo39c0kjrNllLTrTfs1_FaOYzvtKqjggZeoTesk8vfl-Jzjc0HoXVeqVDGmiKJ5RmiWU8JZzolSnmTdKOBBnUh7MYiHQzYe86-t1k-XC7OexFXFbm_57L9CDecAbJ06-w9wNxeFE_AZQIcjwA7HvwI-aRegOZJL3fsBtEmp1WMdD2SQrv3ktmcdfNlUJAFxSvSSlrfX5dwkldRxlqq9Xk10aeo6itaFHLraBrYnxKJmkLtuI0nKyY-0dlD307xsfDnzMr8yYd2nSs2bZeF0egUo15gnme7qvW68CqrKV5PvZsxFukhtrI51VgRbQVXGg-ayaM7UzWpapu2zTrLt3NQ12D1TebOjjEBmcUC6gcfuSGwv2pK5_m9XAuOUuO7osP-OfpSOKZ63WffcXv_wi-ifDwZi1BuPTsL-7IbonmR67_4k_GD4cQ8dBnHEQfAfJp9648_NPhUYa6ypHg9PbtOyTATh7q3_pPrsKAG1ZjN6jB5akwQnhkpPUEtVT9EjBy220v8Z-pbgbWbhu8zCwCzsGIAds_C0wA2zsGUWtszCO8x6js77vdH7j8Q26CAyDNiS-AXYEzzkKi4K0EQzSlOwVsHCgNdcMeVzKUEx8nhKuzIq4lBFWep7OVdcBT6VPHyBDqpppV4iHFKeFxHNQpkzGsU0jRlYJkxnloMCz-kR8t3cCWmr1-smKhPhwhSvhZ5voedbmPk-Qu1mzMzUbtn778hBIqz2abRKAZTaO-7Y4SesGFiIIAKzKNYlzV7t__k1erB5T47RwXK-Um_Qfblelov5W0u3X1C8rvw
linkProvider Elsevier
openUrl ctx_ver=Z39.88-2004&ctx_enc=info%3Aofi%2Fenc%3AUTF-8&rfr_id=info%3Asid%2Fsummon.serialssolutions.com&rft_val_fmt=info%3Aofi%2Ffmt%3Akev%3Amtx%3Ajournal&rft.genre=article&rft.atitle=A+fine-grained+classification+and+security+analysis+of+web-based+virtual+machine+vulnerabilities&rft.jtitle=Computers+%26+security&rft.au=Yilmaz%2C+Fadi&rft.au=Sridhar%2C+Meera&rft.au=Mohanty%2C+Abhinav&rft.au=Tendulkar%2C+Vasant&rft.date=2021-06-01&rft.pub=Elsevier+Sequoia+S.A&rft.issn=0167-4048&rft.eissn=1872-6208&rft.volume=105&rft.spage=1&rft_id=info:doi/10.1016%2Fj.cose.2021.102246&rft.externalDBID=NO_FULL_TEXT
thumbnail_l http://covers-cdn.summon.serialssolutions.com/index.aspx?isbn=/lc.gif&issn=0167-4048&client=summon
thumbnail_m http://covers-cdn.summon.serialssolutions.com/index.aspx?isbn=/mc.gif&issn=0167-4048&client=summon
thumbnail_s http://covers-cdn.summon.serialssolutions.com/index.aspx?isbn=/sc.gif&issn=0167-4048&client=summon