Publications and Conference Talks

DoubleX: Statically Detecting Vulnerable Data Flows in Browser Extensions at Scale
Aurore Fass, Doliere Francis Some, Michael Backes, and Ben Stock
In ACM CCS, November 2021
Paper Code

Statically Detecting JavaScript Obfuscation and Minification Techniques in the Wild
Marvin Moog, Markus Demmel, Michael Backes, and Aurore Fass
In Dependable Systems and Networks (DSN), June 2021
Paper Code Slides Recording
Acceptance rate: 16% (48/295 full research papers)

Studying JavaScript Security Through Static Analysis
Aurore Fass
In PhD Thesis, Saarland University, October 2020
Paper Code

JStap: A Static Pre-Filter for Malicious JavaScript Detection
Aurore Fass, Michael Backes, and Ben Stock
In Annual Computer Security Applications Conference (ACSAC), December 2019
Paper Code Slides
Acceptance rate: 23% (60/266 full research papers)

HideNoSeek: Camouflaging Malicious JavaScript in Benign ASTs
Aurore Fass, Michael Backes, and Ben Stock
In ACM CCS, November 2019
Paper Code Slides 1 min video Recording
Acceptance rate: 14% (32/225 full research papers, February cycle)

JaSt: Fully Syntactic Detection of Malicious (Obfuscated) JavaScript
Aurore Fass, Robert Krawczyk, Michael Backes, and Ben Stock
In Detection of Intrusions and Malware, and Vulnerability Assessment (DIMVA), June 2018
Paper Code
Acceptance rate: 32% (18/56 full research papers)

Additional Talks

Studying JavaScript Security Through Static Analysis

Statically Analyzing Malicious JavaScript in the Wild

HideNoSeek: Camouflaging Malicious JavaScript in Benign ASTs

JaSt: Fully Syntactic Detection of Malicious (Obfuscated) JavaScript

Automated Clustering of File Samples for the Detection of Malware Contained in Obfuscated Script-Code