{"id":"https://openalex.org/W1981838014","doi":"https://doi.org/10.1109/tdsc.2014.2355847","title":"Between Worlds: Securing Mixed JavaScript/ActionScript Multi-Party Web Content","display_name":"Between Worlds: Securing Mixed JavaScript/ActionScript Multi-Party Web Content","publication_year":2014,"publication_date":"2014-09-10","ids":{"openalex":"https://openalex.org/W1981838014","doi":"https://doi.org/10.1109/tdsc.2014.2355847","mag":"1981838014"},"language":"en","primary_location":{"id":"doi:10.1109/tdsc.2014.2355847","is_oa":false,"landing_page_url":"https://doi.org/10.1109/tdsc.2014.2355847","pdf_url":null,"source":{"id":"https://openalex.org/S133795288","display_name":"IEEE Transactions on Dependable and Secure Computing","issn_l":"1545-5971","issn":["1545-5971","1941-0018","2160-9209"],"is_oa":false,"is_in_doaj":false,"is_core":true,"host_organization":"https://openalex.org/P4310320439","host_organization_name":"IEEE Computer Society","host_organization_lineage":["https://openalex.org/P4310320439","https://openalex.org/P4310319808"],"host_organization_lineage_names":["IEEE Computer Society","Institute of Electrical and Electronics Engineers"],"type":"journal"},"license":null,"license_id":null,"version":"publishedVersion","is_accepted":true,"is_published":true,"raw_source_name":"IEEE Transactions on Dependable and Secure Computing","raw_type":"journal-article"},"type":"article","indexed_in":["crossref"],"open_access":{"is_oa":false,"oa_status":"closed","oa_url":null,"any_repository_has_fulltext":false},"authorships":[{"author_position":"first","author":{"id":"https://openalex.org/A5090788160","display_name":"Phu H. Phung","orcid":"https://orcid.org/0000-0002-4674-1184"},"institutions":[{"id":"https://openalex.org/I39422238","display_name":"University of Illinois Chicago","ror":"https://ror.org/02mpq6x41","country_code":"US","type":"education","lineage":["https://openalex.org/I39422238"]},{"id":"https://openalex.org/I881427289","display_name":"University of Gothenburg","ror":"https://ror.org/01tm6cn81","country_code":"SE","type":"education","lineage":["https://openalex.org/I881427289"]}],"countries":["SE","US"],"is_corresponding":false,"raw_author_name":"Phu H. Phung","raw_affiliation_strings":["Department of Computer Science and Engineering, University of Gothenburg, Gothenburg, Sweden","Department of Computer Science, University of Illinois at Chicago, Chicago, IL"],"raw_orcid":null,"affiliations":[{"raw_affiliation_string":"Department of Computer Science and Engineering, University of Gothenburg, Gothenburg, Sweden","institution_ids":["https://openalex.org/I881427289"]},{"raw_affiliation_string":"Department of Computer Science, University of Illinois at Chicago, Chicago, IL","institution_ids":["https://openalex.org/I39422238"]}]},{"author_position":"middle","author":{"id":"https://openalex.org/A5017555276","display_name":"Maliheh Monshizadeh","orcid":null},"institutions":[{"id":"https://openalex.org/I39422238","display_name":"University of Illinois Chicago","ror":"https://ror.org/02mpq6x41","country_code":"US","type":"education","lineage":["https://openalex.org/I39422238"]}],"countries":["US"],"is_corresponding":false,"raw_author_name":"Maliheh Monshizadeh","raw_affiliation_strings":["Department of Computer Science, University of Illinois at Chicago, Chicago, IL"],"raw_orcid":null,"affiliations":[{"raw_affiliation_string":"Department of Computer Science, University of Illinois at Chicago, Chicago, IL","institution_ids":["https://openalex.org/I39422238"]}]},{"author_position":"middle","author":{"id":"https://openalex.org/A5045593113","display_name":"Meera Sridhar","orcid":"https://orcid.org/0000-0002-7508-5024"},"institutions":[{"id":"https://openalex.org/I102149020","display_name":"University of North Carolina at Charlotte","ror":"https://ror.org/04dawnj30","country_code":"US","type":"education","lineage":["https://openalex.org/I102149020"]}],"countries":["US"],"is_corresponding":false,"raw_author_name":"Meera Sridhar","raw_affiliation_strings":["Department of Software and Information Systems, University of North Carolina at Charlotte"],"raw_orcid":null,"affiliations":[{"raw_affiliation_string":"Department of Software and Information Systems, University of North Carolina at Charlotte","institution_ids":["https://openalex.org/I102149020"]}]},{"author_position":"middle","author":{"id":"https://openalex.org/A5051312448","display_name":"Kevin W. Hamlen","orcid":"https://orcid.org/0000-0003-0479-6280"},"institutions":[],"countries":[],"is_corresponding":false,"raw_author_name":"Kevin W. Hamlen","raw_affiliation_strings":["Department of Computer Science, University of Texas at Dallas, Dallas, TX"],"raw_orcid":null,"affiliations":[{"raw_affiliation_string":"Department of Computer Science, University of Texas at Dallas, Dallas, TX","institution_ids":[]}]},{"author_position":"last","author":{"id":"https://openalex.org/A5058117020","display_name":"V. N. Venkatakrishnan","orcid":"https://orcid.org/0000-0002-1690-9185"},"institutions":[{"id":"https://openalex.org/I39422238","display_name":"University of Illinois Chicago","ror":"https://ror.org/02mpq6x41","country_code":"US","type":"education","lineage":["https://openalex.org/I39422238"]}],"countries":["US"],"is_corresponding":false,"raw_author_name":"V.N. Venkatakrishnan","raw_affiliation_strings":["Department of Computer Science, University of Illinois at Chicago, Chicago, IL"],"raw_orcid":null,"affiliations":[{"raw_affiliation_string":"Department of Computer Science, University of Illinois at Chicago, Chicago, IL","institution_ids":["https://openalex.org/I39422238"]}]}],"institutions":[],"countries_distinct_count":2,"institutions_distinct_count":5,"corresponding_author_ids":[],"corresponding_institution_ids":[],"apc_list":null,"apc_paid":null,"fwci":5.7427,"has_fulltext":false,"cited_by_count":23,"citation_normalized_percentile":{"value":0.95643486,"is_in_top_1_percent":false,"is_in_top_10_percent":true},"cited_by_percentile_year":{"min":90,"max":98},"biblio":{"volume":"12","issue":"4","first_page":"443","last_page":"457"},"is_retracted":false,"is_paratext":false,"is_xpac":false,"primary_topic":{"id":"https://openalex.org/T12479","display_name":"Web Application Security Vulnerabilities","score":0.9998999834060669,"subfield":{"id":"https://openalex.org/subfields/1710","display_name":"Information Systems"},"field":{"id":"https://openalex.org/fields/17","display_name":"Computer Science"},"domain":{"id":"https://openalex.org/domains/3","display_name":"Physical Sciences"}},"topics":[{"id":"https://openalex.org/T12479","display_name":"Web Application Security Vulnerabilities","score":0.9998999834060669,"subfield":{"id":"https://openalex.org/subfields/1710","display_name":"Information Systems"},"field":{"id":"https://openalex.org/fields/17","display_name":"Computer Science"},"domain":{"id":"https://openalex.org/domains/3","display_name":"Physical Sciences"}},{"id":"https://openalex.org/T11424","display_name":"Security and Verification in Computing","score":0.9991999864578247,"subfield":{"id":"https://openalex.org/subfields/1702","display_name":"Artificial Intelligence"},"field":{"id":"https://openalex.org/fields/17","display_name":"Computer Science"},"domain":{"id":"https://openalex.org/domains/3","display_name":"Physical Sciences"}},{"id":"https://openalex.org/T11241","display_name":"Advanced Malware Detection Techniques","score":0.9948999881744385,"subfield":{"id":"https://openalex.org/subfields/1711","display_name":"Signal Processing"},"field":{"id":"https://openalex.org/fields/17","display_name":"Computer Science"},"domain":{"id":"https://openalex.org/domains/3","display_name":"Physical Sciences"}}],"keywords":[{"id":"https://openalex.org/keywords/javascript","display_name":"JavaScript","score":0.9632542133331299},{"id":"https://openalex.org/keywords/unobtrusive-javascript","display_name":"Unobtrusive JavaScript","score":0.9240086078643799},{"id":"https://openalex.org/keywords/computer-science","display_name":"Computer science","score":0.8371993899345398},{"id":"https://openalex.org/keywords/actionscript","display_name":"ActionScript","score":0.642837643623352},{"id":"https://openalex.org/keywords/world-wide-web","display_name":"World Wide Web","score":0.5655199289321899},{"id":"https://openalex.org/keywords/web-application","display_name":"Web application","score":0.5199569463729858},{"id":"https://openalex.org/keywords/web-page","display_name":"Web page","score":0.5036041140556335},{"id":"https://openalex.org/keywords/computer-security","display_name":"Computer security","score":0.48845043778419495},{"id":"https://openalex.org/keywords/exploit","display_name":"Exploit","score":0.4826289117336273},{"id":"https://openalex.org/keywords/flash","display_name":"Flash (photography)","score":0.4690105617046356},{"id":"https://openalex.org/keywords/dynamic-web-page","display_name":"Dynamic web page","score":0.46575289964675903},{"id":"https://openalex.org/keywords/web-content","display_name":"Web content","score":0.4470319151878357},{"id":"https://openalex.org/keywords/web-application-security","display_name":"Web application security","score":0.4260620176792145},{"id":"https://openalex.org/keywords/rich-internet-application","display_name":"Rich Internet application","score":0.3247452676296234},{"id":"https://openalex.org/keywords/web-development","display_name":"Web development","score":0.27135559916496277}],"concepts":[{"id":"https://openalex.org/C544833334","wikidata":"https://www.wikidata.org/wiki/Q2005","display_name":"JavaScript","level":2,"score":0.9632542133331299},{"id":"https://openalex.org/C198240166","wikidata":"https://www.wikidata.org/wiki/Q2298909","display_name":"Unobtrusive JavaScript","level":4,"score":0.9240086078643799},{"id":"https://openalex.org/C41008148","wikidata":"https://www.wikidata.org/wiki/Q21198","display_name":"Computer science","level":0,"score":0.8371993899345398},{"id":"https://openalex.org/C111471085","wikidata":"https://www.wikidata.org/wiki/Q234657","display_name":"ActionScript","level":3,"score":0.642837643623352},{"id":"https://openalex.org/C136764020","wikidata":"https://www.wikidata.org/wiki/Q466","display_name":"World Wide Web","level":1,"score":0.5655199289321899},{"id":"https://openalex.org/C118643609","wikidata":"https://www.wikidata.org/wiki/Q189210","display_name":"Web application","level":2,"score":0.5199569463729858},{"id":"https://openalex.org/C21959979","wikidata":"https://www.wikidata.org/wiki/Q36774","display_name":"Web page","level":2,"score":0.5036041140556335},{"id":"https://openalex.org/C38652104","wikidata":"https://www.wikidata.org/wiki/Q3510521","display_name":"Computer security","level":1,"score":0.48845043778419495},{"id":"https://openalex.org/C165696696","wikidata":"https://www.wikidata.org/wiki/Q11287","display_name":"Exploit","level":2,"score":0.4826289117336273},{"id":"https://openalex.org/C2777526259","wikidata":"https://www.wikidata.org/wiki/Q221836","display_name":"Flash (photography)","level":2,"score":0.4690105617046356},{"id":"https://openalex.org/C100158260","wikidata":"https://www.wikidata.org/wiki/Q1650567","display_name":"Dynamic web page","level":3,"score":0.46575289964675903},{"id":"https://openalex.org/C2776324614","wikidata":"https://www.wikidata.org/wiki/Q3948731","display_name":"Web content","level":3,"score":0.4470319151878357},{"id":"https://openalex.org/C59241245","wikidata":"https://www.wikidata.org/wiki/Q4781497","display_name":"Web application security","level":4,"score":0.4260620176792145},{"id":"https://openalex.org/C103048170","wikidata":"https://www.wikidata.org/wiki/Q725485","display_name":"Rich Internet application","level":3,"score":0.3247452676296234},{"id":"https://openalex.org/C79373723","wikidata":"https://www.wikidata.org/wiki/Q386275","display_name":"Web development","level":3,"score":0.27135559916496277},{"id":"https://openalex.org/C142362112","wikidata":"https://www.wikidata.org/wiki/Q735","display_name":"Art","level":0,"score":0.0},{"id":"https://openalex.org/C153349607","wikidata":"https://www.wikidata.org/wiki/Q36649","display_name":"Visual arts","level":1,"score":0.0}],"mesh":[],"locations_count":4,"locations":[{"id":"doi:10.1109/tdsc.2014.2355847","is_oa":false,"landing_page_url":"https://doi.org/10.1109/tdsc.2014.2355847","pdf_url":null,"source":{"id":"https://openalex.org/S133795288","display_name":"IEEE Transactions on Dependable and Secure Computing","issn_l":"1545-5971","issn":["1545-5971","1941-0018","2160-9209"],"is_oa":false,"is_in_doaj":false,"is_core":true,"host_organization":"https://openalex.org/P4310320439","host_organization_name":"IEEE Computer Society","host_organization_lineage":["https://openalex.org/P4310320439","https://openalex.org/P4310319808"],"host_organization_lineage_names":["IEEE Computer Society","Institute of Electrical and Electronics Engineers"],"type":"journal"},"license":null,"license_id":null,"version":"publishedVersion","is_accepted":true,"is_published":true,"raw_source_name":"IEEE Transactions on Dependable and Secure Computing","raw_type":"journal-article"},{"id":"pmh:oai:CiteSeerX.psu:10.1.1.697.9264","is_oa":false,"landing_page_url":"http://citeseerx.ist.psu.edu/viewdoc/summary?doi=10.1.1.697.9264","pdf_url":null,"source":null,"license":null,"license_id":null,"version":"submittedVersion","is_accepted":false,"is_published":false,"raw_source_name":"http://www.utdallas.edu/%7Ehamlen/phung15tdsc.pdf","raw_type":"text"},{"id":"pmh:oai:publications.lib.chalmers.se:220407","is_oa":false,"landing_page_url":"http://publications.lib.chalmers.se/publication/220407-between-worlds-securing-mixed-javascriptactionscript-multi-party-web-content","pdf_url":null,"source":{"id":"https://openalex.org/S4377196470","display_name":"Chalmers Publication Library (Chalmers University of Technology)","issn_l":null,"issn":null,"is_oa":false,"is_in_doaj":false,"is_core":false,"host_organization":"https://openalex.org/I66862912","host_organization_name":"Chalmers University of Technology","host_organization_lineage":["https://openalex.org/I66862912"],"host_organization_lineage_names":[],"type":"repository"},"license":null,"license_id":null,"version":"submittedVersion","is_accepted":false,"is_published":false,"raw_source_name":"","raw_type":"Text.Article.Journal.PeerReviewed"},{"id":"pmh:oai:research.chalmers.se:220407","is_oa":false,"landing_page_url":"https://research.chalmers.se/en/publication/220407","pdf_url":null,"source":{"id":"https://openalex.org/S4306402469","display_name":"Chalmers Research (Chalmers University of Technology)","issn_l":null,"issn":null,"is_oa":false,"is_in_doaj":false,"is_core":false,"host_organization":"https://openalex.org/I66862912","host_organization_name":"Chalmers University of Technology","host_organization_lineage":["https://openalex.org/I66862912"],"host_organization_lineage_names":[],"type":"repository"},"license":null,"license_id":null,"version":"submittedVersion","is_accepted":false,"is_published":false,"raw_source_name":"","raw_type":""}],"best_oa_location":null,"sustainable_development_goals":[{"score":0.4099999964237213,"display_name":"Partnerships for the goals","id":"https://metadata.un.org/sdg/17"}],"awards":[{"id":"https://openalex.org/G5517596624","display_name":null,"funder_award_id":"1054629","funder_id":"https://openalex.org/F4320306076","funder_display_name":"National Science Foundation"},{"id":"https://openalex.org/G6849728216","display_name":null,"funder_award_id":"1069311","funder_id":"https://openalex.org/F4320306076","funder_display_name":"National Science Foundation"},{"id":"https://openalex.org/G7996563787","display_name":null,"funder_award_id":"1065216","funder_id":"https://openalex.org/F4320306076","funder_display_name":"National Science Foundation"},{"id":"https://openalex.org/G8119765078","display_name":null,"funder_award_id":"1065134","funder_id":"https://openalex.org/F4320306076","funder_display_name":"National Science Foundation"},{"id":"https://openalex.org/G955156393","display_name":null,"funder_award_id":"1065537","funder_id":"https://openalex.org/F4320306076","funder_display_name":"National Science Foundation"}],"funders":[{"id":"https://openalex.org/F4320306076","display_name":"National Science Foundation","ror":"https://ror.org/021nxhr62"},{"id":"https://openalex.org/F4320322581","display_name":"Vetenskapsr\u00e5det","ror":"https://ror.org/03zttf063"}],"has_content":{"pdf":false,"grobid_xml":false},"content_urls":null,"referenced_works_count":56,"referenced_works":["https://openalex.org/W25266476","https://openalex.org/W36927914","https://openalex.org/W186100614","https://openalex.org/W1486603200","https://openalex.org/W1554476771","https://openalex.org/W1579453661","https://openalex.org/W1849635621","https://openalex.org/W1974977720","https://openalex.org/W1984478483","https://openalex.org/W1988111369","https://openalex.org/W2003189607","https://openalex.org/W2005476560","https://openalex.org/W2014742088","https://openalex.org/W2036910349","https://openalex.org/W2039999720","https://openalex.org/W2041755664","https://openalex.org/W2044852276","https://openalex.org/W2055098165","https://openalex.org/W2060857434","https://openalex.org/W2068341689","https://openalex.org/W2077204203","https://openalex.org/W2083785453","https://openalex.org/W2103834013","https://openalex.org/W2108962885","https://openalex.org/W2112019167","https://openalex.org/W2121194882","https://openalex.org/W2121780525","https://openalex.org/W2123582298","https://openalex.org/W2126040767","https://openalex.org/W2132733485","https://openalex.org/W2137584523","https://openalex.org/W2139672701","https://openalex.org/W2149684006","https://openalex.org/W2156456150","https://openalex.org/W2156965348","https://openalex.org/W2157800990","https://openalex.org/W2162124074","https://openalex.org/W2164532721","https://openalex.org/W2166406630","https://openalex.org/W2167056683","https://openalex.org/W2168563136","https://openalex.org/W2189109560","https://openalex.org/W2400162242","https://openalex.org/W2405466026","https://openalex.org/W3125518450","https://openalex.org/W4247465700","https://openalex.org/W6601065174","https://openalex.org/W6601458311","https://openalex.org/W6633188775","https://openalex.org/W6651475701","https://openalex.org/W6661071113","https://openalex.org/W6679363136","https://openalex.org/W6684020698","https://openalex.org/W6687134312","https://openalex.org/W6712787764","https://openalex.org/W6713572482"],"related_works":["https://openalex.org/W1569598199","https://openalex.org/W36303035","https://openalex.org/W2467761687","https://openalex.org/W2475037646","https://openalex.org/W2069307783","https://openalex.org/W2914791830","https://openalex.org/W2351260183","https://openalex.org/W600054858","https://openalex.org/W1965995882","https://openalex.org/W4205164203"],"abstract_inverted_index":{"Mixed":[0],"Flash":[1,27,96,119,132],"and":[2,28,120,131,151,153],"JavaScript":[3,29,98,130],"content":[4,39,83,133],"has":[5,18,31,43],"become":[6],"increasingly":[7],"prevalent;":[8],"its":[9,149],"purveyance":[10],"of":[11,37,63,68,74,81,147,186],"dynamic":[12],"features":[13],"unique":[14],"to":[15,90,172],"each":[16],"platform":[17],"popularized":[19],"it":[20],"for":[21],"myriad":[22],"web":[23,64,135,188],"development":[24,73],"projects.":[25],"Although":[26],"security":[30,36,62,80,99,156],"been":[32],"examined":[33,95],"extensively,":[34],"the":[35,61,72,79,104,184],"untrusted":[38,129],"that":[40,59,77,93,111,116,168,182],"combines":[41],"both":[42,118],"received":[44],"considerably":[45],"less":[46],"attention.":[47],"This":[48],"article":[49,105],"considers":[50],"this":[51,102],"fusion":[52,185],"in":[53,88,134],"detail,":[54],"outlining":[55],"several":[56],"practical":[57],"scenarios":[58],"threaten":[60],"applications.":[65],"The":[66,145],"severity":[67],"these":[69,187],"attacks":[70],"warrants":[71],"new":[75],"techniques":[76],"address":[78],"Flash-JavaScript":[82],"considered":[84],"as":[85],"a":[86,108,154],"whole,":[87],"contrast":[89],"prior":[91],"solutions":[92],"have":[94],"or":[97,141],"individually.":[100],"Toward":[101],"end,":[103],"presents":[106],"FlashJaX,":[107,148],"cross-platform":[109],"solution":[110],"enforces":[112],"fine-grained,":[113],"history-based":[114],"policies":[115],"span":[117],"JavaScript.":[121],"Using":[122],"in-lined":[123],"reference":[124],"monitoring,":[125],"FlashJaX":[126,169],"safely":[127],"embeds":[128],"pages":[136],"without":[137],"modifying":[138],"browser":[139],"clients":[140],"using":[142],"special":[143],"plug-ins.":[144],"architecture":[146],"design":[150],"implementation,":[152],"detailed":[155],"analysis":[157],"are":[158],"exposited.":[159],"Experiments":[160],"with":[161],"advertisements":[162],"from":[163],"popular":[164],"ad":[165],"networks":[166],"demonstrate":[167],"is":[170],"transparent":[171],"policy-compliant":[173],"advertisement":[174],"content,":[175],"yet":[176],"blocks":[177],"many":[178],"common":[179],"attack":[180],"vectors":[181],"exploit":[183],"platforms.":[189]},"counts_by_year":[{"year":2025,"cited_by_count":1},{"year":2024,"cited_by_count":2},{"year":2021,"cited_by_count":3},{"year":2020,"cited_by_count":4},{"year":2019,"cited_by_count":3},{"year":2018,"cited_by_count":3},{"year":2017,"cited_by_count":1},{"year":2016,"cited_by_count":4},{"year":2015,"cited_by_count":2}],"updated_date":"2026-06-11T09:08:48.828518","created_date":"2025-10-10T00:00:00"}