New tool to find vulnerabilities in the way applications like Microsoft Word and Adobe Acrobat process JavaScript: Cooperative mutation attack

  • Object clustering: To begin, Cooper analyzes the given sample documents to extract native objects. to reduce the object search space the tool classifies objects according to their attributes
  • Relationship inference: Subsequently, the tool produces a large number of documents by combining different object classes and API groups, recording the execution results of the built-in scripts. based on the success rate of script execution and the distribution of object classes cooper infers the relationships between api groups and object classes
  • Relationship-guided mutation: Finally, Cooper leverages the inferred relationship to guide object selection, script generation, and object mutation



Knowledge belongs to the world

Love podcasts or audiobooks? Learn on the go with our new app.

Get the Medium app

A button that says 'Download on the App Store', and if clicked it will lead you to the iOS App store
A button that says 'Get it on, Google Play', and if clicked it will lead you to the Google Play store