{"id":"https://openalex.org/W4383221463","doi":"https://doi.org/10.1145/3579856.3590342","title":"A Honey postMessage, but a Heart of Gall: Exploiting Push Service in Service Workers Via postMessage","display_name":"A Honey postMessage, but a Heart of Gall: Exploiting Push Service in Service Workers Via postMessage","publication_year":2023,"publication_date":"2023-07-05","ids":{"openalex":"https://openalex.org/W4383221463","doi":"https://doi.org/10.1145/3579856.3590342"},"language":"en","primary_location":{"id":"doi:10.1145/3579856.3590342","is_oa":false,"landing_page_url":"https://doi.org/10.1145/3579856.3590342","pdf_url":null,"source":null,"license":null,"license_id":null,"version":"publishedVersion","is_accepted":true,"is_published":true,"raw_source_name":"Proceedings of the ACM Asia Conference on Computer and Communications Security","raw_type":"proceedings-article"},"type":"article","indexed_in":["crossref"],"open_access":{"is_oa":false,"oa_status":"closed","oa_url":null,"any_repository_has_fulltext":false},"authorships":[{"author_position":"first","author":{"id":"https://openalex.org/A5103213070","display_name":"Yeomin Jeong","orcid":"https://orcid.org/0009-0007-0676-3198"},"institutions":[{"id":"https://openalex.org/I197347611","display_name":"Korea University","ror":"https://ror.org/047dqcg40","country_code":"KR","type":"education","lineage":["https://openalex.org/I197347611"]}],"countries":["KR"],"is_corresponding":false,"raw_author_name":"Yeomin Jeong","raw_affiliation_strings":["Korea University, Korea, South ? Republic of Korea"],"raw_orcid":"https://orcid.org/0009-0007-0676-3198","affiliations":[{"raw_affiliation_string":"Korea University, Korea, South ? Republic of Korea","institution_ids":["https://openalex.org/I197347611"]}]},{"author_position":"middle","author":{"id":"https://openalex.org/A5089897667","display_name":"W. Lee","orcid":"https://orcid.org/0000-0002-9984-6879"},"institutions":[{"id":"https://openalex.org/I197347611","display_name":"Korea University","ror":"https://ror.org/047dqcg40","country_code":"KR","type":"education","lineage":["https://openalex.org/I197347611"]}],"countries":["KR"],"is_corresponding":false,"raw_author_name":"Woonghee Lee","raw_affiliation_strings":["Korea University, Korea, South ? Republic of Korea"],"raw_orcid":"https://orcid.org/0000-0002-9984-6879","affiliations":[{"raw_affiliation_string":"Korea University, Korea, South ? Republic of Korea","institution_ids":["https://openalex.org/I197347611"]}]},{"author_position":"last","author":{"id":"https://openalex.org/A5059902523","display_name":"Junbeom Hur","orcid":"https://orcid.org/0000-0002-4823-4194"},"institutions":[{"id":"https://openalex.org/I197347611","display_name":"Korea University","ror":"https://ror.org/047dqcg40","country_code":"KR","type":"education","lineage":["https://openalex.org/I197347611"]}],"countries":["KR"],"is_corresponding":false,"raw_author_name":"Junbeom Hur","raw_affiliation_strings":["Korea University, Korea, South ? Republic of Korea"],"raw_orcid":"https://orcid.org/0000-0002-4823-4194","affiliations":[{"raw_affiliation_string":"Korea University, Korea, South ? Republic of Korea","institution_ids":["https://openalex.org/I197347611"]}]}],"institutions":[],"countries_distinct_count":1,"institutions_distinct_count":1,"corresponding_author_ids":[],"corresponding_institution_ids":["https://openalex.org/I197347611"],"apc_list":null,"apc_paid":null,"fwci":0.0,"has_fulltext":false,"cited_by_count":0,"citation_normalized_percentile":{"value":0.06721545,"is_in_top_1_percent":false,"is_in_top_10_percent":false},"cited_by_percentile_year":null,"biblio":{"volume":null,"issue":null,"first_page":"785","last_page":"796"},"is_retracted":false,"is_paratext":false,"is_xpac":false,"primary_topic":{"id":"https://openalex.org/T11241","display_name":"Advanced Malware Detection Techniques","score":0.9998999834060669,"subfield":{"id":"https://openalex.org/subfields/1711","display_name":"Signal Processing"},"field":{"id":"https://openalex.org/fields/17","display_name":"Computer Science"},"domain":{"id":"https://openalex.org/domains/3","display_name":"Physical Sciences"}},"topics":[{"id":"https://openalex.org/T11241","display_name":"Advanced Malware Detection Techniques","score":0.9998999834060669,"subfield":{"id":"https://openalex.org/subfields/1711","display_name":"Signal Processing"},"field":{"id":"https://openalex.org/fields/17","display_name":"Computer Science"},"domain":{"id":"https://openalex.org/domains/3","display_name":"Physical Sciences"}},{"id":"https://openalex.org/T12479","display_name":"Web Application Security Vulnerabilities","score":0.9998999834060669,"subfield":{"id":"https://openalex.org/subfields/1710","display_name":"Information Systems"},"field":{"id":"https://openalex.org/fields/17","display_name":"Computer Science"},"domain":{"id":"https://openalex.org/domains/3","display_name":"Physical Sciences"}},{"id":"https://openalex.org/T11644","display_name":"Spam and Phishing Detection","score":0.9995999932289124,"subfield":{"id":"https://openalex.org/subfields/1710","display_name":"Information Systems"},"field":{"id":"https://openalex.org/fields/17","display_name":"Computer Science"},"domain":{"id":"https://openalex.org/domains/3","display_name":"Physical Sciences"}}],"keywords":[{"id":"https://openalex.org/keywords/world-wide-web","display_name":"World Wide Web","score":0.7162015438079834},{"id":"https://openalex.org/keywords/computer-science","display_name":"Computer science","score":0.7073509693145752},{"id":"https://openalex.org/keywords/denial-of-service-attack","display_name":"Denial-of-service attack","score":0.5413545966148376},{"id":"https://openalex.org/keywords/service","display_name":"Service (business)","score":0.517767071723938},{"id":"https://openalex.org/keywords/web-service","display_name":"Web service","score":0.508801281452179},{"id":"https://openalex.org/keywords/javascript","display_name":"JavaScript","score":0.4937916696071625},{"id":"https://openalex.org/keywords/computer-security","display_name":"Computer security","score":0.4890516698360443},{"id":"https://openalex.org/keywords/internet-privacy","display_name":"Internet privacy","score":0.4880203306674957},{"id":"https://openalex.org/keywords/push-technology","display_name":"Push technology","score":0.45399436354637146},{"id":"https://openalex.org/keywords/the-internet","display_name":"The Internet","score":0.3099616467952728},{"id":"https://openalex.org/keywords/business","display_name":"Business","score":0.09808212518692017}],"concepts":[{"id":"https://openalex.org/C136764020","wikidata":"https://www.wikidata.org/wiki/Q466","display_name":"World Wide Web","level":1,"score":0.7162015438079834},{"id":"https://openalex.org/C41008148","wikidata":"https://www.wikidata.org/wiki/Q21198","display_name":"Computer science","level":0,"score":0.7073509693145752},{"id":"https://openalex.org/C38822068","wikidata":"https://www.wikidata.org/wiki/Q131406","display_name":"Denial-of-service attack","level":3,"score":0.5413545966148376},{"id":"https://openalex.org/C2780378061","wikidata":"https://www.wikidata.org/wiki/Q25351891","display_name":"Service (business)","level":2,"score":0.517767071723938},{"id":"https://openalex.org/C35578498","wikidata":"https://www.wikidata.org/wiki/Q193424","display_name":"Web service","level":2,"score":0.508801281452179},{"id":"https://openalex.org/C544833334","wikidata":"https://www.wikidata.org/wiki/Q2005","display_name":"JavaScript","level":2,"score":0.4937916696071625},{"id":"https://openalex.org/C38652104","wikidata":"https://www.wikidata.org/wiki/Q3510521","display_name":"Computer security","level":1,"score":0.4890516698360443},{"id":"https://openalex.org/C108827166","wikidata":"https://www.wikidata.org/wiki/Q175975","display_name":"Internet privacy","level":1,"score":0.4880203306674957},{"id":"https://openalex.org/C180652500","wikidata":"https://www.wikidata.org/wiki/Q1351910","display_name":"Push technology","level":2,"score":0.45399436354637146},{"id":"https://openalex.org/C110875604","wikidata":"https://www.wikidata.org/wiki/Q75","display_name":"The Internet","level":2,"score":0.3099616467952728},{"id":"https://openalex.org/C144133560","wikidata":"https://www.wikidata.org/wiki/Q4830453","display_name":"Business","level":0,"score":0.09808212518692017},{"id":"https://openalex.org/C162853370","wikidata":"https://www.wikidata.org/wiki/Q39809","display_name":"Marketing","level":1,"score":0.0}],"mesh":[],"locations_count":1,"locations":[{"id":"doi:10.1145/3579856.3590342","is_oa":false,"landing_page_url":"https://doi.org/10.1145/3579856.3590342","pdf_url":null,"source":null,"license":null,"license_id":null,"version":"publishedVersion","is_accepted":true,"is_published":true,"raw_source_name":"Proceedings of the ACM Asia Conference on Computer and Communications Security","raw_type":"proceedings-article"}],"best_oa_location":null,"sustainable_development_goals":[],"awards":[],"funders":[],"has_content":{"grobid_xml":false,"pdf":false},"content_urls":null,"referenced_works_count":13,"referenced_works":["https://openalex.org/W1991074244","https://openalex.org/W2060218972","https://openalex.org/W2101678831","https://openalex.org/W2290717642","https://openalex.org/W2400353634","https://openalex.org/W2890733335","https://openalex.org/W2896287242","https://openalex.org/W2901089484","https://openalex.org/W2962940036","https://openalex.org/W3007732466","https://openalex.org/W3046732376","https://openalex.org/W3112391078","https://openalex.org/W3205176130"],"related_works":["https://openalex.org/W4247088668","https://openalex.org/W2783826416","https://openalex.org/W2514578026","https://openalex.org/W4376486703","https://openalex.org/W2489835271","https://openalex.org/W17533771","https://openalex.org/W2389103123","https://openalex.org/W3213611189","https://openalex.org/W2181308531","https://openalex.org/W2604746202"],"abstract_inverted_index":{"Progressive":[0],"web":[1,8,24,87],"app":[2],"(PWA)":[3],"is":[4,11,43,71],"a":[5,23,28,36,46,82,91,120],"kind":[6],"of":[7,22,74,85,119],"apps,":[9],"which":[10,42],"designed":[12],"to":[13,96,142],"enhance":[14],"users\u2019":[15,144],"browsing":[16],"experience":[17],"by":[18],"combining":[19],"the":[20,50,69,77,108,117,129,134,139],"advantages":[21],"app\u2019s":[25,30],"reachability":[26],"and":[27,64],"native":[29],"diverse":[31],"functionalities.":[32],"PWA":[33],"sites":[34,99],"have":[35,111],"special":[37],"JavaScript":[38],"file,":[39],"service":[40,66,78,110,122],"worker,":[41],"executed":[44],"in":[45,113],"different":[47],"thread":[48],"from":[49,133],"browser\u2019s":[51],"main":[52,83],"page.":[53],"It":[54],"thus":[55],"can":[56,126],"support":[57],"unique":[58],"functionalities":[59],"such":[60,89,100],"as":[61,90,101],"offline":[62],"usage":[63],"push":[65,109,131,140],"even":[67],"after":[68],"browser":[70],"closed.":[72],"Because":[73],"these":[75],"features,":[76],"worker":[79,123],"has":[80],"been":[81],"target":[84],"many":[86],"attacks":[88,106],"DDOS":[92],"attack,":[93],"or":[94,124],"abused":[95],"generate":[97],"illegal":[98],"darknet":[102],"sites.":[103],"However,":[104],"previous":[105],"exploiting":[107],"limitations":[112],"that":[114],"they":[115],"need":[116],"pre-installation":[118],"malicious":[121],"only":[125],"passively":[127],"utilize":[128],"existing":[130],"notification":[132,141],"legitimate":[135],"site":[136],"(e.g.,":[137],"hijacking":[138],"track":[143],"location).":[145]},"counts_by_year":[],"updated_date":"2026-06-26T08:34:08.712188","created_date":"2025-10-10T00:00:00"}
