2500                                   Journal of Software  软件学报 Vol.32, No.8,  August 2021

                 [19]    Blazakis D. Interpreter exploitation. In: Proc. of the 2010 USENIX Conf. on Offensive Technologies (WOOT 2010). 2010. 1−9.
                 [20]    Athanasakis  M, Athanasopoulos E,  Polychronakis M,  et  al.  The devil is  in the  constants:  Bypassing defenses in browser  JIT
                      engines. In: Proc. of the 2015 Network and Distributed System Security Symp. (NDSS 2015). 2015.
                 [21]    Maisuradze G, Backes M, Rossow C. Dachshund: Digging for and securing (non-) blinded constants in JIT code. In: Proc. of the
                      2017 Network and Distributed System Security Symp. (NDSS 2017). 2017.
                 [22]    Jia Y, Chua ZL, Hu H, et al. The Web/local boundary is fuzzy: A security study of chrome’s process-based sandboxing. In: Proc.
                      of the 2016 ACM SIGSAC Conf. on Computer and Communications Security (CCS 2016). 2016. 791−804. [doi: 10.1145/29767
                      49.2978414]
                 [23]    Rogowski R, Morton M, Li F, et al. Revisiting browser security in the modern era: New data-only attacks and defenses. In: Proc.
                      of the 2017 IEEE European Symp. on Security and Privacy (EuroS&P 2017). 2017. 366−381. [doi: 10.1109/EuroSP.2017.39]
                 [24]    Reis C, Gribble SD. Isolating Web programs in modern browser architectures. In: Proc. of the 2009 ACM European Conf. on
                      Computer Systems (EuroSys 2009). 2009. 219−232. [doi: 10.1145/1519065.1519090]
                 [25]    Chrome Team. Chromium’s process models. 2020. https://www.chromium.org/developers/design-documents/process-models
                 [26]    OWASP Foundation. Cross-site scripting (XSS). https://www.owasp.org/index.php/Cross-site_Scripting_(XSS)
                 [27]    Lekies S, Stock  B, Johns M. 25  million flows  later:  Large-scale detection of  DOM-based  XSS. In: Proc. of  the 2013  ACM
                      SIGSAC Conf. on Computer and Communications Security (CCS 2013). 2013. 1193−1204. [doi: 10.1145/2508859.2516703]
                 [28]    Stock B, Lekies S, Mueller T, et al. Precise client-side protection against DOM-based cross-site scripting. In: Proc. of the 2014
                      USENIX Security Symp. (USENIX Security 2014). 2014. 655−670.
                 [29]    Melicher W, Das A, Sharif M, et al. Riding out DOMsday: Towards detecting and preventing DOM cross-site scripting. In: Proc.
                      of the 2018 Network and Distributed System Security Symp. (NDSS 2018). 2018.
                 [30]    Ingram L, Walfish M. TreeHouse: JavaScript sandboxes to helpWeb developers help themselves. In: Proc. of the 2012 USENIX
                      Conf. on Annual Technical Conf. (ATC 2012). 2012. 153−164.
                 [31]    Lerner A,  Kohno  T,  Roesner F.  Rewriting history:  Changing the  archived Web from  the  present. In: Proc.  of the 2017  ACM
                      SIGSAC Conf. on Computer and Communications Security (CCS 2017). 2017. 1741−1755. [doi: 10.1145/3133956.3134042]
                 [32]    Snow  KZ, Monrose  F, Davi L,  et  al. Just-in-time  code reuse:  On the  effectiveness of fine-grained  address space  layout
                      randomization. In: Proc. of the 2013 IEEE Symp. on Security and Privacy (SP 2013). 2013. 574−588. [doi: 10.1109/SP.2013.45]
                 [33]    Reis C, Moshchuk A, Oskov N. Site isolation: Process separation for Web sites within the browser. In: Proc. of the 2019 USENIX
                      Security Symp. (USENIX Security 2019). 2019. 1661−1678.
                 [34]    Yue C, Wang H. Characterizing insecure JavaScript practices on the Web. In: Proc. of the 2009 Int’l Conf. on World Wide Web
                      (WWW 2009). 2009. 961−970. [doi: 10.1145/1526709.1526838]
                 [35]    Stock B, Pfistner S, Kaiser B, et al. From facepalm to brain bender: Exploring client-side cross-site scripting. In: Proc. of the
                      2015 ACM SIGSAC Conf. on Computer and Communications Security (CCS 2015). 2015. 1419−1430. [doi: 10.1145/2810103.28
                      13625]
                 [36]    Lauinger T, Chaabane A, Arshad S, et al. Thou shalt not depend on me: Analysing the use of outdated JavaScript libraries on the
                      Web. In: Proc. of the 2017 Network and Distributed System Security Symp. (NDSS 2017). 2017.
                 [37]    Kumar D, Ma Z, Durumeric Z, et al. Security challenges in an increasingly tangled Web. In: Proc. of the 2017 Int’l Conf. on
                      World Wide Web (WWW 2017). 2017. 677−684. [doi: 10.1145/3038912.3052686]
                 [38]    Laperdrix  P, Rudametkin W, Baudry B. Beauty and  the  beast: Diverting modern Web browsers to  build  unique  browser
                      fingerprints. In: Proc. of the 2016 IEEE Symp. on Security and Privacy (SP 2016). 2016. 878−894. [doi: 10.1109/SP.2016.57]
                 [39]    Hayes J, Danezis G. k-fingerprinting: A robust scalable website fingerprinting technique. In: Proc. of the 2016 USENIX Security
                      Symp. (USENIX Security 2016). 2016. 1187−1203.
                 [40]    Wang T, Goldberg I. Walkie-Talkie: An efficient defense against passive Website fingerprinting attacks. In: Proc. of the 2017
                      USENIX Security Symp. (USENIX Security 2017). 2017. 1375−1390.
                 [41]    Vastel A, Laperdrix P, Rudametkin W, et al. FP-STALKER: Tracking browser fingerprint evolutions. In: Proc. of the 2018 IEEE
                      Symp. on Security and Privacy (SP 2018). 2018. 728−741. [doi: 10.1109/SP.2018.00008]