I gave the keynote at SecWeb 2024 focusing specifically on the thread of our work that evolves around VisibleV8. Here are the details of the talk:
Unveiling Web Threats: Insights from JavaScript Behavior
The web has become an integral part of our daily lives, enabling communication, commerce, and access to information. However, the increasing complexity of web applications and the JavaScript language that powers them has also opened the door to security threats. Malicious actors exploit JavaScript to track users, deliver malware, and launch sophisticated attacks that compromise user privacy and security. Understanding and mitigating these threats requires deep visibility into real-world JavaScript behavior and the ability to detect emerging attack techniques.
In this keynote, I will present our research on uncovering web threats through analysis of JavaScript behavior in the wild. We built VisibleV8 to enable in-browser monitoring of JavaScript execution across the web, providing unprecedented insights into the scripts that web pages run. Leveraging this visibility, we developed techniques to automatically discover new browser fingerprinting methods that websites use to stealthily track users. A novel approach to detect JavaScript obfuscation that hides malicious behavior was also created by identifying scripts’ usage of concealed browser APIs. Finally, I will discuss work on conducting realistic and reproducible web crawl measurements, which is critical for understanding the web threat landscape. Together, this body of research enables a novel way of studying security and privacy threats on the web.
FV8: A Forced Execution JavaScript Engine for Detecting Evasive Techniques
Nikolaos Pantelaios,
Alexandros Kapravelos
Proceedings of the USENIX Security Symposium, 2024
[PDF][Bibtex][code]
×
@inproceedings{fv8-sec24,
title = {{FV8: A Forced Execution JavaScript Engine for Detecting Evasive Techniques}},
author = {Pantelaios, Nikolaos and Kapravelos, Alexandros},
booktitle = {{Proceedings of the USENIX Security Symposium}},
code = {{https://github.com/wspr-ncsu/FV8}},
month = aug,
tag = {vv8},
year = {2024}
}
Automatic Discovery of Emerging Browser Fingerprinting Techniques
Junhua Su,
Alexandros Kapravelos
Proceedings of The Web Conference (WWW), 2023
[PDF][Bibtex][code]
×
@inproceedings{fptechniques-www23,
title = {{Automatic Discovery of Emerging Browser Fingerprinting Techniques}},
author = {Su, Junhua and Kapravelos, Alexandros},
booktitle = {{Proceedings of The Web Conference (WWW)}},
month = apr,
code = {{https://github.com/wspr-ncsu/BrowserFingerprintingAD}},
pages = {2178--2188},
tag = {vv8},
year = {2023}
}
Hiding in Plain Site: Detecting JavaScript Obfuscation through Concealed Browser API Usage
Shaown Sarker,
Jordan Jueckstock,
Alexandros Kapravelos
Proceedings of the ACM Internet Measurement Conference (IMC), 2020
[PDF][Bibtex]
×
@inproceedings{jsobf-imc20,
title = {{Hiding in Plain Site: Detecting JavaScript Obfuscation through Concealed Browser API Usage}},
author = {Sarker, Shaown and Jueckstock, Jordan and Kapravelos, Alexandros},
booktitle = {{Proceedings of the ACM Internet Measurement Conference (IMC)}},
pages = {648–661},
month = oct,
tag = {vv8},
year = {2020}
}
VisibleV8: In-browser Monitoring of JavaScript in the Wild
Jordan Jueckstock,
Alexandros Kapravelos
Proceedings of the ACM Internet Measurement Conference (IMC), 2019
[PDF][Bibtex][website][slides][talk][code]
×
@inproceedings{vv8-imc19,
title = {{VisibleV8: In-browser Monitoring of JavaScript in the Wild}},
author = {Jueckstock, Jordan and Kapravelos, Alexandros},
booktitle = {{Proceedings of the ACM Internet Measurement Conference (IMC)}},
pages = {393–405},
month = oct,
howpublished = {/projects/vv8/},
code = {{https://github.com/wspr-ncsu/visiblev8}},
slides = {/presentations/vv8-imc19.pdf},
talk = {https://vimeo.com/showcase/6531379/video/369121825#t=3500s},
tag = {vv8},
year = {2019}
}