Fakeium: A dynamic execution environment for JavaScript program analysis
The JavaScript programming language, which began as a simple scripting language for the Web, has become ubiquitous, spanning desktop, mobile, and server applications. This increase in usage has made JavaScript an attractive target for nefarious actors, resulting in the proliferation of malicious bro...
Uložené v:
| Vydané v: | SoftwareX Ročník 31; s. 102301 |
|---|---|
| Hlavní autori: | , , |
| Médium: | Journal Article |
| Jazyk: | English |
| Vydavateľské údaje: |
Elsevier B.V
01.09.2025
Elsevier |
| Predmet: | |
| ISSN: | 2352-7110, 2352-7110 |
| On-line prístup: | Získať plný text |
| Tagy: |
Pridať tag
Žiadne tagy, Buďte prvý, kto otaguje tento záznam!
|
| Abstract | The JavaScript programming language, which began as a simple scripting language for the Web, has become ubiquitous, spanning desktop, mobile, and server applications. This increase in usage has made JavaScript an attractive target for nefarious actors, resulting in the proliferation of malicious browser extensions that steal user information and supply chain attacks that target the official Node.js package registry. To combat these threats, researchers have developed specialized tools and frameworks for analyzing the behavior of JavaScript programs to detect malicious patterns. Static analysis tools typically struggle with the highly dynamic nature of the language and fail to process obfuscated sources, while dynamic analysis pipelines take several minutes to run and require more resources per program, making them unfeasible for large-scale analyses. In this paper, we present Fakeium, a novel, open source, and lightweight execution environment designed under the twofold purpose of serving as a fast, fully automated tool for analyzing JavaScript at scale and as a flexible sandbox for manual investigation of complex sources. Built on top of the popular V8 engine, Fakeium complements traditional static analysis by providing additional API calls and string literals that would otherwise go unnoticed without the need for resource-intensive instrumented browsers or synthetic user input. Besides its negligible execution overhead, our tool is highly customizable and supports hooks for advanced analysis scenarios such as network traffic emulation. Fakeium’s flexibility and ability to detect hidden API calls, especially in obfuscated sources, highlights its potential as a valuable tool for security analysts to detect malicious behavior. |
|---|---|
| AbstractList | The JavaScript programming language, which began as a simple scripting language for the Web, has become ubiquitous, spanning desktop, mobile, and server applications. This increase in usage has made JavaScript an attractive target for nefarious actors, resulting in the proliferation of malicious browser extensions that steal user information and supply chain attacks that target the official Node.js package registry. To combat these threats, researchers have developed specialized tools and frameworks for analyzing the behavior of JavaScript programs to detect malicious patterns. Static analysis tools typically struggle with the highly dynamic nature of the language and fail to process obfuscated sources, while dynamic analysis pipelines take several minutes to run and require more resources per program, making them unfeasible for large-scale analyses. In this paper, we present Fakeium, a novel, open source, and lightweight execution environment designed under the twofold purpose of serving as a fast, fully automated tool for analyzing JavaScript at scale and as a flexible sandbox for manual investigation of complex sources. Built on top of the popular V8 engine, Fakeium complements traditional static analysis by providing additional API calls and string literals that would otherwise go unnoticed without the need for resource-intensive instrumented browsers or synthetic user input. Besides its negligible execution overhead, our tool is highly customizable and supports hooks for advanced analysis scenarios such as network traffic emulation. Fakeium’s flexibility and ability to detect hidden API calls, especially in obfuscated sources, highlights its potential as a valuable tool for security analysts to detect malicious behavior. |
| ArticleNumber | 102301 |
| Author | Tapiador, Juan Moreno, José Miguel Vallina-Rodriguez, Narseo |
| Author_xml | – sequence: 1 givenname: José Miguel orcidid: 0009-0009-0849-204X surname: Moreno fullname: Moreno, José Miguel email: josemore@pa.uc3m.es organization: Universidad Carlos III de Madrid, Avda. de la Universidad 30, Leganés, Spain – sequence: 2 givenname: Narseo surname: Vallina-Rodriguez fullname: Vallina-Rodriguez, Narseo email: narseo.vallina@imdea.org organization: IMDEA Networks Institute, Avda. del Mar Mediterráneo 22, Leganés, Spain – sequence: 3 givenname: Juan surname: Tapiador fullname: Tapiador, Juan email: jestevez@inf.uc3m.es organization: Universidad Carlos III de Madrid, Avda. de la Universidad 30, Leganés, Spain |
| BookMark | eNp9kMFOAjEQhhuDiag8gZd9AbDtbre7Jh4IEcGYeFDPzdBOSZFtSbsQeHsXMMaTp5lM8n_557smPR88EnLH6IhRVt6vRinYdj_ilIvuwnPKLkif54IPJWO092e_IoOUVpRSJngleNEnsyl8ods2D9k4MwcPjdMZ7lFvWxd8hn7nYvAN-jazIWYvsIN3Hd2mzTYxLCM0GXhYH5JLt-TSwjrh4GfekM_p08dkNnx9e55Pxq9DnZdlO6zMQvBaL4pSUCu5AS4WVDAURtSm0iihrjWUXdeFsbQShcmtFDUtQZoKDOY3ZH7mmgArtYmugXhQAZw6HUJcKoit02tUNdWGSsEBSlkwYytZ6YIyW_BS5tLyjpWfWTqGlCLaXx6j6uhWrdTJrTq6VWe3XerxnMLuzZ3DqJJ26DUaF1G3XQ_3b_4bn_yEzQ |
| Cites_doi | 10.1007/978-3-642-03237-0_17 10.1145/3355369.3355599 10.1145/3338906.3338933 10.1145/3359789.3359813 10.1145/3106739 10.1145/3038912.3052674 10.14722/ndss.2018.23131 10.1145/2635868.2635904 10.1007/978-3-642-15769-1_20 10.1145/2025113.2025125 10.1145/2001420.2001442 10.1145/3419394.3423616 10.1145/3106741 10.1145/3460120.3484535 |
| ContentType | Journal Article |
| Copyright | 2025 The Authors |
| Copyright_xml | – notice: 2025 The Authors |
| DBID | 6I. AAFTH AAYXX CITATION DOA |
| DOI | 10.1016/j.softx.2025.102301 |
| DatabaseName | ScienceDirect Open Access Titles Elsevier:ScienceDirect:Open Access CrossRef DOAJ Directory of Open Access Journals |
| DatabaseTitle | CrossRef |
| DatabaseTitleList | |
| Database_xml | – sequence: 1 dbid: DOA name: DOAJ Directory of Open Access Journals url: https://www.doaj.org/ sourceTypes: Open Website |
| DeliveryMethod | fulltext_linktorsrc |
| Discipline | Computer Science |
| EISSN | 2352-7110 |
| ExternalDocumentID | oai_doaj_org_article_90cd0752aa6741df878c401f426737f2 10_1016_j_softx_2025_102301 S2352711025002675 |
| GroupedDBID | 0R~ 457 5VS 6I. AAEDW AAFTH AALRI AAXUO AAYWO ABMAC ACGFS ACVFH ADBBV ADCNI ADEZE ADVLN AEUPX AEXQZ AFJKZ AFPUW AFTJW AGHFR AIGII AITUG AKBMS AKRWK AKYEP ALMA_UNASSIGNED_HOLDINGS AMRAJ APXCP BCNDV EBS EJD FDB GROUPED_DOAJ IPNFZ IXB KQ8 M~E O9- OK1 RIG ROL SSZ AAYXX CITATION |
| ID | FETCH-LOGICAL-c366t-8db529cb4650f72da25b051e5d59d8ce7a99ca6110bdf0854d3f75906a7d8ade3 |
| IEDL.DBID | DOA |
| ISICitedReferencesCount | 0 |
| ISICitedReferencesURI | http://www.webofscience.com/api/gateway?GWVersion=2&SrcApp=Summon&SrcAuth=ProQuest&DestLinkType=CitingArticles&DestApp=WOS_CPL&KeyUT=001561526000001&url=https%3A%2F%2Fcvtisr.summon.serialssolutions.com%2F%23%21%2Fsearch%3Fho%3Df%26include.ft.matches%3Dt%26l%3Dnull%26q%3D |
| ISSN | 2352-7110 |
| IngestDate | Fri Oct 03 12:46:25 EDT 2025 Sat Nov 29 07:25:20 EST 2025 Sat Oct 25 17:26:29 EDT 2025 |
| IsDoiOpenAccess | true |
| IsOpenAccess | true |
| IsPeerReviewed | true |
| IsScholarly | true |
| Keywords | Chromium Web security Obfuscation Dynamic analysis JavaScript Sandbox |
| Language | English |
| License | This is an open access article under the CC BY license. |
| LinkModel | DirectLink |
| MergedId | FETCHMERGED-LOGICAL-c366t-8db529cb4650f72da25b051e5d59d8ce7a99ca6110bdf0854d3f75906a7d8ade3 |
| ORCID | 0009-0009-0849-204X |
| OpenAccessLink | https://doaj.org/article/90cd0752aa6741df878c401f426737f2 |
| ParticipantIDs | doaj_primary_oai_doaj_org_article_90cd0752aa6741df878c401f426737f2 crossref_primary_10_1016_j_softx_2025_102301 elsevier_sciencedirect_doi_10_1016_j_softx_2025_102301 |
| PublicationCentury | 2000 |
| PublicationDate | September 2025 2025-09-00 2025-09-01 |
| PublicationDateYYYYMMDD | 2025-09-01 |
| PublicationDate_xml | – month: 09 year: 2025 text: September 2025 |
| PublicationDecade | 2020 |
| PublicationTitle | SoftwareX |
| PublicationYear | 2025 |
| Publisher | Elsevier B.V Elsevier |
| Publisher_xml | – name: Elsevier B.V – name: Elsevier |
| References | Google Chrome Developers (b53) 2012 Toulas (b4) 2024 Vasilakis, Karel, Roessler, Dautenhahn, DeHon, Smith (b31) 2018 Ng, Zhu, Jùnliàng, Smyth, Ribaudo, Sauleau (b8) 2024 Cutsem (b41) 2012 Jueckstock, Kapravelos (b33) 2019 Moog, Demmel, Backes, Fass (b28) 2021 Fass, Backes, Stock (b26) 2019 MDN contributors (b47) 2024 Li, Vadrevu, Lee, Perdisci, Liu, Rahbarinia (b12) 2018; vol. 122 Guarnieri, Pistoia, Tripp, Dolby, Teilhet, Berg (b22) 2011 Palant (b1) 2023 Gruber (b40) 2018 Kachalov, Open-source contributors (b51) 2024 Kirkman, Davis, Cowley, Open-source contributors (b50) 2024 Unit 42 (b5) 2023 Kolbitsch, Livshits, Zorn, Seifert (b29) 2012 ReasonLabs Research Team (b3) 2023 MDN contributors (b46) 2024 Kashyap, Dewey, Kuefner, Wagner, Gibbons, Sarracino (b23) 2014 Socket Inc (b48) 2024 Android developers (b15) 2023 Curtsinger, Livshits, Zorn, Seifert (b36) 2011 Denicola, Open-source contributors (b54) 2025 Ren, Qiang, Wu, Zhou, Zou, Jin (b27) 2023 Jensen, Madsen, Møller (b21) 2011 Google Chrome Developers (b49) 2024 MDN contributors (b42) 2024 Osame, Open-source contributors (b44) 2024 Pantelaios, Kapravelos (b34) 2024 Wallace, Open-source contributors (b52) 2024 Vasilakis, Staicu, Ntousakis, Kallas, Karel, DeHon (b37) 2021 Koishybayev, Kapravelos (b25) 2020 Laverdet, Open-source contributors (b39) 2024 Titterington (b2) 2023 Check Point Research Team (b6) 2024 Yang, Allen, Landen, Perdisci, Lee (b13) 2023 Rauschmayer (b10) 2024 The Chromium Authors (b16) 2024 Jensen, Møller, Thiemann (b19) 2009 Gelb (b7) 2024 Zakas, Djermanovic, Open-source contributors (b43) 2024 MDN contributors (b45) 2024 Moreno, Vallina-Rodriguez, Tapiador (b17) 2024 Xie, Murali, Pearce, Li (b14) 2024 Andreasen, Gong, Møller, Pradel, Selakovic, Sen (b9) 2017; 50 Nielsen, Hassanshahi, Gauthier (b24) 2019 Kapravelos, Grier, Chachra, Kruegel, Vigna, Paxson (b11) 2014 Ahmadpanah, Hedin, Balliu, Olsson, Sabelfeld (b35) 2021 Ingram, Walfish (b30) 2012 Sun, Ryu (b18) 2017; 50 Kim, Kim, Kim, Kwon, Zheng, Zhang (b32) 2017 Jensen, Møller, Thiemann (b20) 2010 Sarker, Jueckstock, Kapravelos (b38) 2020 Google Chrome Developers (10.1016/j.softx.2025.102301_b53) 2012 Kolbitsch (10.1016/j.softx.2025.102301_b29) 2012 Osame (10.1016/j.softx.2025.102301_b44) 2024 Check Point Research Team (10.1016/j.softx.2025.102301_b6) 2024 MDN contributors (10.1016/j.softx.2025.102301_b46) 2024 Android developers (10.1016/j.softx.2025.102301_b15) 2023 Jensen (10.1016/j.softx.2025.102301_b20) 2010 Socket Inc (10.1016/j.softx.2025.102301_b48) 2024 The Chromium Authors (10.1016/j.softx.2025.102301_b16) 2024 MDN contributors (10.1016/j.softx.2025.102301_b42) 2024 Rauschmayer (10.1016/j.softx.2025.102301_b10) 2024 Laverdet (10.1016/j.softx.2025.102301_b39) 2024 Kim (10.1016/j.softx.2025.102301_b32) 2017 Ng (10.1016/j.softx.2025.102301_b8) 2024 MDN contributors (10.1016/j.softx.2025.102301_b45) 2024 Fass (10.1016/j.softx.2025.102301_b26) 2019 Andreasen (10.1016/j.softx.2025.102301_b9) 2017; 50 Wallace (10.1016/j.softx.2025.102301_b52) 2024 Ahmadpanah (10.1016/j.softx.2025.102301_b35) 2021 Cutsem (10.1016/j.softx.2025.102301_b41) 2012 Jensen (10.1016/j.softx.2025.102301_b19) 2009 Nielsen (10.1016/j.softx.2025.102301_b24) 2019 Unit 42 (10.1016/j.softx.2025.102301_b5) 2023 Kachalov (10.1016/j.softx.2025.102301_b51) 2024 Vasilakis (10.1016/j.softx.2025.102301_b37) 2021 Sun (10.1016/j.softx.2025.102301_b18) 2017; 50 Li (10.1016/j.softx.2025.102301_b12) 2018; vol. 122 Google Chrome Developers (10.1016/j.softx.2025.102301_b49) 2024 Kirkman (10.1016/j.softx.2025.102301_b50) 2024 Yang (10.1016/j.softx.2025.102301_b13) 2023 Ren (10.1016/j.softx.2025.102301_b27) 2023 Xie (10.1016/j.softx.2025.102301_b14) 2024 Jensen (10.1016/j.softx.2025.102301_b21) 2011 Toulas (10.1016/j.softx.2025.102301_b4) 2024 Jueckstock (10.1016/j.softx.2025.102301_b33) 2019 Gruber (10.1016/j.softx.2025.102301_b40) 2018 Sarker (10.1016/j.softx.2025.102301_b38) 2020 Titterington (10.1016/j.softx.2025.102301_b2) 2023 Gelb (10.1016/j.softx.2025.102301_b7) 2024 Palant (10.1016/j.softx.2025.102301_b1) 2023 Denicola (10.1016/j.softx.2025.102301_b54) 2025 Ingram (10.1016/j.softx.2025.102301_b30) 2012 ReasonLabs Research Team (10.1016/j.softx.2025.102301_b3) 2023 Zakas (10.1016/j.softx.2025.102301_b43) 2024 Kashyap (10.1016/j.softx.2025.102301_b23) 2014 Curtsinger (10.1016/j.softx.2025.102301_b36) 2011 MDN contributors (10.1016/j.softx.2025.102301_b47) 2024 Koishybayev (10.1016/j.softx.2025.102301_b25) 2020 Moreno (10.1016/j.softx.2025.102301_b17) 2024 Pantelaios (10.1016/j.softx.2025.102301_b34) 2024 Guarnieri (10.1016/j.softx.2025.102301_b22) 2011 Moog (10.1016/j.softx.2025.102301_b28) 2021 Vasilakis (10.1016/j.softx.2025.102301_b31) 2018 Kapravelos (10.1016/j.softx.2025.102301_b11) 2014 |
| References_xml | – year: 2024 ident: b44 article-title: pkgroll – Zero-config package bundler for Node.js + TypeScript – year: 2024 ident: b7 article-title: Year-long campaign of malicious npm packages targeting roblox users – year: 2018 ident: b40 article-title: Embedded builtins – V8 – start-page: 2899 year: 2021 end-page: 2916 ident: b35 article-title: SandTrap: Securing JavaScript-driven trigger-action platforms publication-title: Proceedings of the 30th USENIX security symposium – year: 2024 ident: b17 article-title: Did I vet you before? Assessing the chrome web store vetting process through browser extension similarity – year: 2024 ident: b39 article-title: isolated-vm – secure & isolated JS environments for nodejs – year: 2024 ident: b45 article-title: Reflect – year: 2012 ident: b53 article-title: Manifest file format – start-page: 4607 year: 2024 end-page: 4624 ident: b14 article-title: Arcanum: Detecting and evaluating the privacy risks of browser extensions on web pages and web content publication-title: Proceedings of the 33rd USENIX security symposium – year: 2024 ident: b42 article-title: Proxy – year: 2024 ident: b50 article-title: cdnjs – the #1 free and open source CDN built to make life easier for developers – start-page: 641 year: 2014 end-page: 654 ident: b11 article-title: Hulk: Eliciting malicious behavior in browser extensions publication-title: Proceedings of the 23rd USENIX conference on security symposium – year: 2011 ident: b36 article-title: ZOZZLE: Fast and precise in-browser JavaScript malware detection publication-title: Proceedings of the 20th USENIX security symposium – year: 2012 ident: b41 article-title: Membranes in JavaScript – start-page: 121 year: 2020 end-page: 134 ident: b25 article-title: Mininode: Reducing the attack surface of node.js applications publication-title: Proceedings of the 23rd international symposium on research in attacks, intrusions and defenses – year: 2024 ident: b47 article-title: URL – start-page: 177 year: 2011 end-page: 187 ident: b22 article-title: Saving the world wide web from vulnerable JavaScript publication-title: Proceedings of the 2011 international symposium on software testing and analysis – year: 2018 ident: b31 article-title: BreakApp: Automated, flexible application compartmentalization publication-title: Proceedings of the 2018 network and distributed system security (NDSS) symposium – year: 2024 ident: b16 article-title: V8 JavaScript engine – start-page: 6701 year: 2023 end-page: 6718 ident: b13 article-title: TRIDENT: Towards detecting and mitigating web-based social engineering attacks publication-title: proceedings of the 32nd USENIX security symposium (USENIX security 23) – start-page: 569 year: 2021 end-page: 580 ident: b28 article-title: Statically detecting JavaScript obfuscation and minification techniques in the wild publication-title: Proceedings of the 51st annual IEEE/iFIP international conference on dependable systems and networks – start-page: 153 year: 2012 end-page: 164 ident: b30 article-title: Treehouse: Javascript sandboxes to help web developers help themselves publication-title: Proceedings of the 2012 USENIX annual technical conference – start-page: 257 year: 2019 end-page: 269 ident: b26 article-title: JStap: a static pre-filter for malicious JavaScript detection publication-title: Proceedings of the 35th annual computer security applications conference – year: 2024 ident: b52 article-title: esbuild – An extremely fast bundler for the web – year: 2024 ident: b4 article-title: Malware force-installs chrome extensions on 300,000 browsers, patches DLLs – start-page: 59 year: 2011 end-page: 69 ident: b21 article-title: Modeling the HTML DOM and browser API in static analysis of JavaScript web applications publication-title: Proceedings of the 19th ACM SIGSOFT symposium and the 13th European conference on foundations of software engineering – start-page: 121 year: 2014 end-page: 132 ident: b23 article-title: JSAI: a static analysis platform for JavaScript publication-title: Proceedings of the 22nd ACM SIGSOFT international symposium on foundations of software engineering – start-page: 455 year: 2019 end-page: 465 ident: b24 article-title: Nodest: feedback-driven static analysis of node.js applications publication-title: Proceedings of the 2019 27th ACM joint meeting on European software engineering conference and symposium on the foundations of software engineering – year: 2023 ident: b1 article-title: More malicious extensions in chrome web store – volume: 50 year: 2017 ident: b9 article-title: A survey of dynamic analysis and test generation for JavaScript publication-title: ACM Comput Surv – volume: 50 year: 2017 ident: b18 article-title: Analysis of JavaScript programs: Challenges and research trends publication-title: ACM Comput Surv – start-page: 339 year: 2023 end-page: 351 ident: b27 article-title: JSRevealer: A robust malicious JavaScript detector against obfuscation publication-title: Proceedings of the 53rd annual IEEE/iFIP international conference on dependable systems and networks – year: 2024 ident: b46 article-title: The structured clone algorithm – year: 2023 ident: b5 article-title: Hacking employers and seeking employment: Two job-related campaigns bear hallmarks of north Korean threat actors – start-page: 320 year: 2010 end-page: 339 ident: b20 article-title: Interprocedural analysis with lazy propagation publication-title: International static analysis symposium – year: 2024 ident: b10 article-title: Exploring JavaScript – year: 2023 ident: b15 article-title: UI/Application exerciser monkey – start-page: 393 year: 2019 end-page: 405 ident: b33 article-title: VisibleV8: In-browser monitoring of JavaScript in the wild publication-title: Proceedings of the 2019 internet measurement conference – start-page: 3747 year: 2024 end-page: 3764 ident: b34 article-title: FV8: A forced execution JavaScript engine for detecting evasive techniques publication-title: Proceedings of the 33rd international symposium on research in attacks, intrusions and defenses – year: 2024 ident: b8 article-title: Babel – year: 2024 ident: b48 article-title: noblox.js-async / postinstall.js – year: 2023 ident: b2 article-title: Dangerous browser extensions – year: 2024 ident: b6 article-title: Check point CloudGuard spectral detects malicious crypto-mining packages on NPM – volume: vol. 122 start-page: 132 year: 2018 ident: b12 article-title: JSgraph: Enabling reconstruction of web attacks via efficient tracking of live in-browser JavaScript executions publication-title: Proceedings of the 2018 network and distributed system security (NDSS) symposium – year: 2025 ident: b54 article-title: jsdom – A JavaScript implementation of various web standards, for use with Node.js – year: 2024 ident: b49 article-title: Chrome web store – start-page: 1821 year: 2021 end-page: 1838 ident: b37 article-title: Preventing dynamic library compromise on node.js via RWX-based privilege reduction publication-title: Proceedings of the 2021 ACM SIGSAC conference on computer and communications security – start-page: 238 year: 2009 end-page: 255 ident: b19 article-title: Type analysis for JavaScript publication-title: International static analysis symposium – year: 2024 ident: b51 article-title: JavaScript obfuscator tool – year: 2024 ident: b43 article-title: ESLint – find and fix problems in your JavaScript code – start-page: 897 year: 2017 end-page: 906 ident: b32 article-title: J-Force: Forced execution on JavaScript publication-title: Proceedings of the 26th international conference on world wide web – year: 2023 ident: b3 article-title: The cashback extension killer – start-page: 443 year: 2012 end-page: 457 ident: b29 article-title: Rozzle: De-cloaking internet malware publication-title: Proceedings of the 2012 IEEE symposium on security and privacy – start-page: 648 year: 2020 end-page: 661 ident: b38 article-title: Hiding in plain site: Detecting JavaScript obfuscation through concealed browser API usage publication-title: Proceedings of the 2020 ACM internet measurement conference – start-page: 3747 year: 2024 ident: 10.1016/j.softx.2025.102301_b34 article-title: FV8: A forced execution JavaScript engine for detecting evasive techniques – year: 2023 ident: 10.1016/j.softx.2025.102301_b15 – start-page: 641 year: 2014 ident: 10.1016/j.softx.2025.102301_b11 article-title: Hulk: Eliciting malicious behavior in browser extensions – year: 2024 ident: 10.1016/j.softx.2025.102301_b4 – start-page: 238 year: 2009 ident: 10.1016/j.softx.2025.102301_b19 article-title: Type analysis for JavaScript doi: 10.1007/978-3-642-03237-0_17 – start-page: 393 year: 2019 ident: 10.1016/j.softx.2025.102301_b33 article-title: VisibleV8: In-browser monitoring of JavaScript in the wild doi: 10.1145/3355369.3355599 – year: 2024 ident: 10.1016/j.softx.2025.102301_b39 – start-page: 455 year: 2019 ident: 10.1016/j.softx.2025.102301_b24 article-title: Nodest: feedback-driven static analysis of node.js applications doi: 10.1145/3338906.3338933 – start-page: 569 year: 2021 ident: 10.1016/j.softx.2025.102301_b28 article-title: Statically detecting JavaScript obfuscation and minification techniques in the wild – start-page: 257 year: 2019 ident: 10.1016/j.softx.2025.102301_b26 article-title: JStap: a static pre-filter for malicious JavaScript detection doi: 10.1145/3359789.3359813 – year: 2024 ident: 10.1016/j.softx.2025.102301_b10 – year: 2012 ident: 10.1016/j.softx.2025.102301_b53 – volume: 50 issn: 0360-0300 issue: 5 year: 2017 ident: 10.1016/j.softx.2025.102301_b9 article-title: A survey of dynamic analysis and test generation for JavaScript publication-title: ACM Comput Surv doi: 10.1145/3106739 – year: 2023 ident: 10.1016/j.softx.2025.102301_b5 – start-page: 897 year: 2017 ident: 10.1016/j.softx.2025.102301_b32 article-title: J-Force: Forced execution on JavaScript doi: 10.1145/3038912.3052674 – year: 2024 ident: 10.1016/j.softx.2025.102301_b52 – year: 2024 ident: 10.1016/j.softx.2025.102301_b50 – start-page: 6701 year: 2023 ident: 10.1016/j.softx.2025.102301_b13 article-title: TRIDENT: Towards detecting and mitigating web-based social engineering attacks – year: 2024 ident: 10.1016/j.softx.2025.102301_b45 – year: 2024 ident: 10.1016/j.softx.2025.102301_b49 – year: 2018 ident: 10.1016/j.softx.2025.102301_b31 article-title: BreakApp: Automated, flexible application compartmentalization doi: 10.14722/ndss.2018.23131 – year: 2024 ident: 10.1016/j.softx.2025.102301_b8 – start-page: 121 year: 2014 ident: 10.1016/j.softx.2025.102301_b23 article-title: JSAI: a static analysis platform for JavaScript doi: 10.1145/2635868.2635904 – year: 2024 ident: 10.1016/j.softx.2025.102301_b47 – start-page: 4607 year: 2024 ident: 10.1016/j.softx.2025.102301_b14 article-title: Arcanum: Detecting and evaluating the privacy risks of browser extensions on web pages and web content – start-page: 153 year: 2012 ident: 10.1016/j.softx.2025.102301_b30 article-title: Treehouse: Javascript sandboxes to help web developers help themselves – year: 2023 ident: 10.1016/j.softx.2025.102301_b3 – year: 2023 ident: 10.1016/j.softx.2025.102301_b2 – year: 2024 ident: 10.1016/j.softx.2025.102301_b46 – year: 2025 ident: 10.1016/j.softx.2025.102301_b54 – year: 2018 ident: 10.1016/j.softx.2025.102301_b40 – year: 2023 ident: 10.1016/j.softx.2025.102301_b1 – start-page: 320 year: 2010 ident: 10.1016/j.softx.2025.102301_b20 article-title: Interprocedural analysis with lazy propagation doi: 10.1007/978-3-642-15769-1_20 – year: 2024 ident: 10.1016/j.softx.2025.102301_b48 – year: 2011 ident: 10.1016/j.softx.2025.102301_b36 article-title: ZOZZLE: Fast and precise in-browser JavaScript malware detection – volume: vol. 122 start-page: 132 year: 2018 ident: 10.1016/j.softx.2025.102301_b12 article-title: JSgraph: Enabling reconstruction of web attacks via efficient tracking of live in-browser JavaScript executions – start-page: 2899 year: 2021 ident: 10.1016/j.softx.2025.102301_b35 article-title: SandTrap: Securing JavaScript-driven trigger-action platforms – year: 2024 ident: 10.1016/j.softx.2025.102301_b44 – year: 2024 ident: 10.1016/j.softx.2025.102301_b17 – start-page: 59 year: 2011 ident: 10.1016/j.softx.2025.102301_b21 article-title: Modeling the HTML DOM and browser API in static analysis of JavaScript web applications doi: 10.1145/2025113.2025125 – year: 2024 ident: 10.1016/j.softx.2025.102301_b6 – start-page: 177 year: 2011 ident: 10.1016/j.softx.2025.102301_b22 article-title: Saving the world wide web from vulnerable JavaScript doi: 10.1145/2001420.2001442 – year: 2012 ident: 10.1016/j.softx.2025.102301_b41 – year: 2024 ident: 10.1016/j.softx.2025.102301_b7 – start-page: 339 year: 2023 ident: 10.1016/j.softx.2025.102301_b27 article-title: JSRevealer: A robust malicious JavaScript detector against obfuscation – year: 2024 ident: 10.1016/j.softx.2025.102301_b16 – year: 2024 ident: 10.1016/j.softx.2025.102301_b42 – start-page: 648 year: 2020 ident: 10.1016/j.softx.2025.102301_b38 article-title: Hiding in plain site: Detecting JavaScript obfuscation through concealed browser API usage doi: 10.1145/3419394.3423616 – volume: 50 issn: 0360-0300 issue: 4 year: 2017 ident: 10.1016/j.softx.2025.102301_b18 article-title: Analysis of JavaScript programs: Challenges and research trends publication-title: ACM Comput Surv doi: 10.1145/3106741 – start-page: 121 year: 2020 ident: 10.1016/j.softx.2025.102301_b25 article-title: Mininode: Reducing the attack surface of node.js applications – year: 2024 ident: 10.1016/j.softx.2025.102301_b43 – start-page: 1821 year: 2021 ident: 10.1016/j.softx.2025.102301_b37 article-title: Preventing dynamic library compromise on node.js via RWX-based privilege reduction doi: 10.1145/3460120.3484535 – year: 2024 ident: 10.1016/j.softx.2025.102301_b51 – start-page: 443 year: 2012 ident: 10.1016/j.softx.2025.102301_b29 article-title: Rozzle: De-cloaking internet malware |
| SSID | ssj0001528524 |
| Score | 2.311243 |
| Snippet | The JavaScript programming language, which began as a simple scripting language for the Web, has become ubiquitous, spanning desktop, mobile, and server... |
| SourceID | doaj crossref elsevier |
| SourceType | Open Website Index Database Publisher |
| StartPage | 102301 |
| SubjectTerms | Chromium Dynamic analysis JavaScript Obfuscation Sandbox Web security |
| Title | Fakeium: A dynamic execution environment for JavaScript program analysis |
| URI | https://dx.doi.org/10.1016/j.softx.2025.102301 https://doaj.org/article/90cd0752aa6741df878c401f426737f2 |
| Volume | 31 |
| WOSCitedRecordID | wos001561526000001&url=https%3A%2F%2Fcvtisr.summon.serialssolutions.com%2F%23%21%2Fsearch%3Fho%3Df%26include.ft.matches%3Dt%26l%3Dnull%26q%3D |
| hasFullText | 1 |
| inHoldings | 1 |
| isFullTextHit | |
| isPrint | |
| journalDatabaseRights | – providerCode: PRVAON databaseName: DOAJ Directory of Open Access Journals customDbUrl: eissn: 2352-7110 dateEnd: 99991231 omitProxy: false ssIdentifier: ssj0001528524 issn: 2352-7110 databaseCode: DOA dateStart: 20150101 isFulltext: true titleUrlDefault: https://www.doaj.org/ providerName: Directory of Open Access Journals – providerCode: PRVHPJ databaseName: ROAD: Directory of Open Access Scholarly Resources customDbUrl: eissn: 2352-7110 dateEnd: 99991231 omitProxy: false ssIdentifier: ssj0001528524 issn: 2352-7110 databaseCode: M~E dateStart: 20150101 isFulltext: true titleUrlDefault: https://road.issn.org providerName: ISSN International Centre |
| link | http://cvtisr.summon.serialssolutions.com/2.0.0/link/0/eLvHCXMwrV3LSsQwFA0iLtz4FscXWbi02MmjSdyN4jAIDoIKswt5FUZxlHkxK7_d26SVrnTjpoUSknJuknMCN-cidEEcDaQsaCYtlxkztBvXXGa7Xhjmfa5CKjYhhkM5GqnHVqmvKics2QMn4K5U7jzQGjGmAPLzpRTSwZmgBGYRVJRx982Fah2m0v1gIjlhjc1QTOiawb62ghMh4dGvoC4D01BRdOxvMVKLZfo7aKuWh7iXfmsXrYXJHtpuSi_geiXuo0HfvIXx4v0a97BPReVxWAUXpxFu3V7DIErxvVmap7g94DofC5vajOQAvfTvnm8HWV0UIXO0KOaZ9JYT5SwDaVUK4g3hFhZW4J4rL10QRilnCmB160vQU8zTUnCVF0Z4aXygh2h98jEJRwiDVuCM2dwpqlhXghjwOYQNgCMG3raDLht89GfyvtBNUtirjnDqCk6d4OygmwrDn6aVcXX8AOHUdTj1X-HsoKKJgK41QOJ26Gr82-jH_zH6Cdqsukw5ZKdofT5dhDO04Zbz8Wx6HqcYPB--7r4Bui3VQg |
| linkProvider | Directory of Open Access Journals |
| openUrl | ctx_ver=Z39.88-2004&ctx_enc=info%3Aofi%2Fenc%3AUTF-8&rfr_id=info%3Asid%2Fsummon.serialssolutions.com&rft_val_fmt=info%3Aofi%2Ffmt%3Akev%3Amtx%3Ajournal&rft.genre=article&rft.atitle=Fakeium%3A+A+dynamic+execution+environment+for+JavaScript+program+analysis&rft.jtitle=SoftwareX&rft.au=Moreno%2C+Jos%C3%A9+Miguel&rft.au=Vallina-Rodriguez%2C+Narseo&rft.au=Tapiador%2C+Juan&rft.date=2025-09-01&rft.issn=2352-7110&rft.eissn=2352-7110&rft.volume=31&rft.spage=102301&rft_id=info:doi/10.1016%2Fj.softx.2025.102301&rft.externalDBID=n%2Fa&rft.externalDocID=10_1016_j_softx_2025_102301 |
| thumbnail_l | http://covers-cdn.summon.serialssolutions.com/index.aspx?isbn=/lc.gif&issn=2352-7110&client=summon |
| thumbnail_m | http://covers-cdn.summon.serialssolutions.com/index.aspx?isbn=/mc.gif&issn=2352-7110&client=summon |
| thumbnail_s | http://covers-cdn.summon.serialssolutions.com/index.aspx?isbn=/sc.gif&issn=2352-7110&client=summon |