{"id":"https://openalex.org/W1988146703","doi":"https://doi.org/10.1145/2076732.2076785","title":"Static detection of malicious JavaScript-bearing PDF documents","display_name":"Static detection of malicious JavaScript-bearing PDF documents","publication_year":2011,"publication_date":"2011-12-05","ids":{"openalex":"https://openalex.org/W1988146703","doi":"https://doi.org/10.1145/2076732.2076785","mag":"1988146703"},"language":"en","primary_location":{"id":"doi:10.1145/2076732.2076785","is_oa":false,"landing_page_url":"https://doi.org/10.1145/2076732.2076785","pdf_url":null,"source":null,"license":null,"license_id":null,"version":"publishedVersion","is_accepted":true,"is_published":true,"raw_source_name":"Proceedings of the 27th Annual Computer Security Applications Conference","raw_type":"proceedings-article"},"type":"article","indexed_in":["crossref"],"open_access":{"is_oa":false,"oa_status":"closed","oa_url":null,"any_repository_has_fulltext":false},"authorships":[{"author_position":"first","author":{"id":"https://openalex.org/A5089735573","display_name":"Pavel Laskov","orcid":"https://orcid.org/0000-0002-3212-7167"},"institutions":[{"id":"https://openalex.org/I8087733","display_name":"University of T\u00fcbingen","ror":"https://ror.org/03a1kwz48","country_code":"DE","type":"education","lineage":["https://openalex.org/I8087733"]}],"countries":["DE"],"is_corresponding":false,"raw_author_name":"Pavel Laskov","raw_affiliation_strings":["University of T\u00fcbingen, Sand, T\u00fcbingen, Germany"],"raw_orcid":null,"affiliations":[{"raw_affiliation_string":"University of T\u00fcbingen, Sand, T\u00fcbingen, Germany","institution_ids":["https://openalex.org/I8087733"]}]},{"author_position":"last","author":{"id":"https://openalex.org/A5007121882","display_name":"Nedim \u0160rndi\u0107","orcid":null},"institutions":[{"id":"https://openalex.org/I8087733","display_name":"University of T\u00fcbingen","ror":"https://ror.org/03a1kwz48","country_code":"DE","type":"education","lineage":["https://openalex.org/I8087733"]}],"countries":["DE"],"is_corresponding":false,"raw_author_name":"Nedim \u0160rndi\u0107","raw_affiliation_strings":["University of T\u00fcbingen, Sand, T\u00fcbingen, Germany"],"raw_orcid":null,"affiliations":[{"raw_affiliation_string":"University of T\u00fcbingen, Sand, T\u00fcbingen, Germany","institution_ids":["https://openalex.org/I8087733"]}]}],"institutions":[],"countries_distinct_count":1,"institutions_distinct_count":1,"corresponding_author_ids":[],"corresponding_institution_ids":["https://openalex.org/I8087733"],"apc_list":null,"apc_paid":null,"fwci":9.0495,"has_fulltext":false,"cited_by_count":162,"citation_normalized_percentile":{"value":0.98515238,"is_in_top_1_percent":false,"is_in_top_10_percent":true},"cited_by_percentile_year":{"min":97,"max":100},"biblio":{"volume":null,"issue":null,"first_page":"373","last_page":"382"},"is_retracted":false,"is_paratext":false,"is_xpac":false,"primary_topic":{"id":"https://openalex.org/T11241","display_name":"Advanced Malware Detection Techniques","score":1.0,"subfield":{"id":"https://openalex.org/subfields/1711","display_name":"Signal Processing"},"field":{"id":"https://openalex.org/fields/17","display_name":"Computer Science"},"domain":{"id":"https://openalex.org/domains/3","display_name":"Physical Sciences"}},"topics":[{"id":"https://openalex.org/T11241","display_name":"Advanced Malware Detection Techniques","score":1.0,"subfield":{"id":"https://openalex.org/subfields/1711","display_name":"Signal Processing"},"field":{"id":"https://openalex.org/fields/17","display_name":"Computer Science"},"domain":{"id":"https://openalex.org/domains/3","display_name":"Physical Sciences"}},{"id":"https://openalex.org/T10400","display_name":"Network Security and Intrusion Detection","score":0.9995999932289124,"subfield":{"id":"https://openalex.org/subfields/1705","display_name":"Computer Networks and Communications"},"field":{"id":"https://openalex.org/fields/17","display_name":"Computer Science"},"domain":{"id":"https://openalex.org/domains/3","display_name":"Physical Sciences"}},{"id":"https://openalex.org/T11644","display_name":"Spam and Phishing Detection","score":0.9991999864578247,"subfield":{"id":"https://openalex.org/subfields/1710","display_name":"Information Systems"},"field":{"id":"https://openalex.org/fields/17","display_name":"Computer Science"},"domain":{"id":"https://openalex.org/domains/3","display_name":"Physical Sciences"}}],"keywords":[{"id":"https://openalex.org/keywords/javascript","display_name":"JavaScript","score":0.9131160974502563},{"id":"https://openalex.org/keywords/malware","display_name":"Malware","score":0.8877568244934082},{"id":"https://openalex.org/keywords/computer-science","display_name":"Computer science","score":0.8174083232879639},{"id":"https://openalex.org/keywords/upload","display_name":"Upload","score":0.7122847437858582},{"id":"https://openalex.org/keywords/overhead","display_name":"Overhead (engineering)","score":0.6604087352752686},{"id":"https://openalex.org/keywords/static-analysis","display_name":"Static analysis","score":0.5937026739120483},{"id":"https://openalex.org/keywords/exploit","display_name":"Exploit","score":0.5872962474822998},{"id":"https://openalex.org/keywords/code","display_name":"Code (set theory)","score":0.5119901299476624},{"id":"https://openalex.org/keywords/instrumentation","display_name":"Instrumentation (computer programming)","score":0.46789729595184326},{"id":"https://openalex.org/keywords/computer-security","display_name":"Computer security","score":0.361007422208786},{"id":"https://openalex.org/keywords/operating-system","display_name":"Operating system","score":0.2907678484916687},{"id":"https://openalex.org/keywords/world-wide-web","display_name":"World Wide Web","score":0.13571783900260925},{"id":"https://openalex.org/keywords/programming-language","display_name":"Programming language","score":0.13067296147346497}],"concepts":[{"id":"https://openalex.org/C544833334","wikidata":"https://www.wikidata.org/wiki/Q2005","display_name":"JavaScript","level":2,"score":0.9131160974502563},{"id":"https://openalex.org/C541664917","wikidata":"https://www.wikidata.org/wiki/Q14001","display_name":"Malware","level":2,"score":0.8877568244934082},{"id":"https://openalex.org/C41008148","wikidata":"https://www.wikidata.org/wiki/Q21198","display_name":"Computer science","level":0,"score":0.8174083232879639},{"id":"https://openalex.org/C71901391","wikidata":"https://www.wikidata.org/wiki/Q7126699","display_name":"Upload","level":2,"score":0.7122847437858582},{"id":"https://openalex.org/C2779960059","wikidata":"https://www.wikidata.org/wiki/Q7113681","display_name":"Overhead (engineering)","level":2,"score":0.6604087352752686},{"id":"https://openalex.org/C97686452","wikidata":"https://www.wikidata.org/wiki/Q7604153","display_name":"Static analysis","level":2,"score":0.5937026739120483},{"id":"https://openalex.org/C165696696","wikidata":"https://www.wikidata.org/wiki/Q11287","display_name":"Exploit","level":2,"score":0.5872962474822998},{"id":"https://openalex.org/C2776760102","wikidata":"https://www.wikidata.org/wiki/Q5139990","display_name":"Code (set theory)","level":3,"score":0.5119901299476624},{"id":"https://openalex.org/C118530786","wikidata":"https://www.wikidata.org/wiki/Q1134732","display_name":"Instrumentation (computer programming)","level":2,"score":0.46789729595184326},{"id":"https://openalex.org/C38652104","wikidata":"https://www.wikidata.org/wiki/Q3510521","display_name":"Computer security","level":1,"score":0.361007422208786},{"id":"https://openalex.org/C111919701","wikidata":"https://www.wikidata.org/wiki/Q9135","display_name":"Operating system","level":1,"score":0.2907678484916687},{"id":"https://openalex.org/C136764020","wikidata":"https://www.wikidata.org/wiki/Q466","display_name":"World Wide Web","level":1,"score":0.13571783900260925},{"id":"https://openalex.org/C199360897","wikidata":"https://www.wikidata.org/wiki/Q9143","display_name":"Programming language","level":1,"score":0.13067296147346497},{"id":"https://openalex.org/C177264268","wikidata":"https://www.wikidata.org/wiki/Q1514741","display_name":"Set (abstract data type)","level":2,"score":0.0}],"mesh":[],"locations_count":2,"locations":[{"id":"doi:10.1145/2076732.2076785","is_oa":false,"landing_page_url":"https://doi.org/10.1145/2076732.2076785","pdf_url":null,"source":null,"license":null,"license_id":null,"version":"publishedVersion","is_accepted":true,"is_published":true,"raw_source_name":"Proceedings of the 27th Annual Computer Security Applications Conference","raw_type":"proceedings-article"},{"id":"pmh:oai:CiteSeerX.psu:10.1.1.369.7192","is_oa":false,"landing_page_url":"http://citeseerx.ist.psu.edu/viewdoc/summary?doi=10.1.1.369.7192","pdf_url":null,"source":null,"license":null,"license_id":null,"version":"submittedVersion","is_accepted":false,"is_published":false,"raw_source_name":"","raw_type":"text"}],"best_oa_location":null,"sustainable_development_goals":[],"awards":[],"funders":[{"id":"https://openalex.org/F4320320879","display_name":"Deutsche Forschungsgemeinschaft","ror":"https://ror.org/018mejw64"}],"has_content":{"grobid_xml":false,"pdf":false},"content_urls":null,"referenced_works_count":24,"referenced_works":["https://openalex.org/W40177048","https://openalex.org/W58852127","https://openalex.org/W1520941164","https://openalex.org/W1571989395","https://openalex.org/W1970088130","https://openalex.org/W1970867218","https://openalex.org/W1985987493","https://openalex.org/W1987644478","https://openalex.org/W1993651556","https://openalex.org/W2095610745","https://openalex.org/W2097101478","https://openalex.org/W2111038628","https://openalex.org/W2111165162","https://openalex.org/W2111216264","https://openalex.org/W2125908420","https://openalex.org/W2153635508","https://openalex.org/W2158302406","https://openalex.org/W2160289821","https://openalex.org/W2167464078","https://openalex.org/W2350778671","https://openalex.org/W3019899668","https://openalex.org/W4248768526","https://openalex.org/W6601628813","https://openalex.org/W6674628898"],"related_works":["https://openalex.org/W4387456547","https://openalex.org/W2392118929","https://openalex.org/W1566603754","https://openalex.org/W65788704","https://openalex.org/W2610659201","https://openalex.org/W2290206096","https://openalex.org/W2527850347","https://openalex.org/W4285507391","https://openalex.org/W2949337025","https://openalex.org/W2148261527"],"abstract_inverted_index":{"Despite":[0],"the":[1,28,31,38,107],"recent":[2],"security":[3],"improvements":[4],"in":[5,27],"Adobe's":[6],"PDF":[7,24,54],"viewer,":[8],"its":[9,91],"underlying":[10],"code":[11],"base":[12],"remains":[13],"vulnerable":[14],"to":[15,65,90,96,116],"novel":[16,34],"exploits.":[17],"A":[18],"steady":[19],"flow":[20],"of":[21,51,60,78],"rapidly":[22],"evolving":[23],"malware":[25,109,124],"observed":[26],"wild":[29],"substantiates":[30],"need":[32],"for":[33,49,127],"protection":[35],"instruments":[36],"beyond":[37],"classical":[39],"signature-based":[40],"scanners.":[41],"In":[42],"this":[43],"contribution":[44],"we":[45,93],"present":[46],"a":[47],"technique":[48],"detection":[50],"JavaScript-bearing":[52],"malicious":[53],"documents":[55],"based":[56,69],"on":[57,70,99],"static":[58],"analysis":[59],"extracted":[61],"JavaScript":[62],"code.":[63],"Compared":[64],"previous":[66],"work,":[67],"mostly":[68],"dynamic":[71],"analysis,":[72],"our":[73],"method":[74,113],"incurs":[75],"an":[76,100],"order":[77],"magnitude":[79],"lower":[80],"run-time":[81],"overhead":[82],"and":[83,122,125],"does":[84],"not":[85],"require":[86],"special":[87],"instrumentation.":[88],"Due":[89],"efficiency":[92],"were":[94],"able":[95],"evaluate":[97],"it":[98],"extremely":[101],"large":[102],"real-life":[103],"dataset":[104],"obtained":[105],"from":[106],"VirusTotal":[108],"upload":[110],"portal.":[111],"Our":[112],"has":[114],"proved":[115],"be":[117],"effective":[118],"against":[119],"both":[120],"known":[121],"unknown":[123],"suitable":[126],"large-scale":[128],"batch":[129],"processing.":[130]},"counts_by_year":[{"year":2025,"cited_by_count":7},{"year":2024,"cited_by_count":13},{"year":2023,"cited_by_count":18},{"year":2022,"cited_by_count":5},{"year":2021,"cited_by_count":17},{"year":2020,"cited_by_count":15},{"year":2019,"cited_by_count":15},{"year":2018,"cited_by_count":12},{"year":2017,"cited_by_count":10},{"year":2016,"cited_by_count":14},{"year":2015,"cited_by_count":7},{"year":2014,"cited_by_count":12},{"year":2013,"cited_by_count":12},{"year":2012,"cited_by_count":5}],"updated_date":"2026-06-26T08:34:08.712188","created_date":"2025-10-10T00:00:00"}
