Automatic Simplification of Obfuscated JavaScript Code
نویسندگان
چکیده
Javascript is a scripting language that is commonly used to create sophisticated interactive client-side web applications. It can also be used to carry out browser-based attacks on users. Malicious JavaScript code is usually highly obfuscated, making detection a challenge. This paper describes a simple approach to deobfuscation of JavaScript code based on dynamic analysis and slicing. Experiments using a prototype implementation indicate that our approach is able to penetrate multiple layers of complex obfuscations and extract the core logic of the computation.
منابع مشابه
Automatic Detection for JavaScript Obfuscation Attacks in Web Pages through String Pattern Analysis
Recently, most of malicious web pages include obfuscated codes in order to circumvent the detection of signature-based detection systems .It is difficult to decide whether the sting is obfuscated because the shape of obfuscated strings are changed continuously. In this paper, we propose a novel methodology that can detect obfuscated strings in the malicious web pages. We extracted three metrics...
متن کاملThrowing a MonkeyWrench into Web Attackers Plans
Client-based attacks on internet users with malicious web pages represent a serious and rising threat. Internet Browsers with enabled active content technologies such as JavaScript are vulnerable to so-called drive-by downloads. Drive-by downloads are able to automatically infect a victim's system during a single visit of a crafted web page testing various vulnerabilities and installing e.g. ma...
متن کاملNext Generation Of Exploit Kit Detection By Building Simulated Obfuscators
Recently, drive-by downloads attacks have almost reached epidemic levels, and exploit-kit is the propulsion to signify the process of malware delivery. One of the key techniques used by exploit-kit to avoid firewall detection is obfuscating malicious JavaScript program. There exists an engine in each exploit kit, aka obfuscator, which transforms the malicious code to obfuscated code. In this pa...
متن کاملHybrid Analysis for JavaScript Security Assessment
With the proliferation of Web 2.0 technologies, functionality in web applications is increasingly moving from server-side to client-side code, primarily JavaScript. The dynamic and eventdriven nature of JavaScript code, which is often machine generated or obfuscated, combined with reliance on complex frameworks and asynchronous communication, makes it difficult to perform effective security aud...
متن کاملAutomatic Unit Test Generation and Execution for JavaScript Program through Symbolic Execution
JavaScript is expected to be a programming language of even wider use, considering demands for more interactive web/mobile applications. While reliability of JavaScript code will be of more importance, testing techniques for the language remain insufficient compared to other languages. We propose a technique to automatically generate high-coverage unit tests for JavaScript code. The technique m...
متن کاملذخیره در منابع من
با ذخیره ی این منبع در منابع من، دسترسی به آن را برای استفاده های بعدی آسان تر کنید
عنوان ژورنال:
دوره شماره
صفحات -
تاریخ انتشار 2011