Citation: Quan Chen, Peter Snyder, Ben Livshits, Alexandros Kapravelos Detecting Filter List Evasion with Event-Loop-Turn Granularity JavaScript Signatures.
Internet Archive Scholar (search for fulltext): Detecting Filter List Evasion with Event-Loop-Turn Granularity JavaScript Signatures
Wikidata (metadata): Q109655725
Download: https://www.doc.ic.ac.uk/~livshits/papers/pdf/oakland21.pdf
Tagged:

Summary

Current URL-targeting blocks of harmful JavaScript can be circumvented by moving to an unmatched URL or by mixing harmful JavaScript with necessary or common JavaScript. The latter circumvention causes some known harmful JavaScript to be unblocked by popular blocklists. Authors use known harmful JavaScript and code analysis to identify additional harmful JavaScript and have proposed additions to popular blocklists as a result. Similar analysis could be used to block harmful JavaScript delivered at unmatched URLs or bundled with necessary or common JavaScript.