TY - GEN
T1 - Automatic simplification of obfuscated JavaScript code
AU - Lu, Gen
AU - Coogan, Kevin
AU - Debray, Saumya
N1 - Funding Information:
This work was supported in part by the National Science Foundation via grant nos. CNS-1016058 and CNS-1115829, the Air Force Office of Scientific Research via grant no. FA9550-11-1-0191, and by a GAANN fellowship from the Department of Education award no. P200A070545.
PY - 2012
Y1 - 2012
N2 - Javascript is a scripting language that is commonly used to create sophisticated interactive client-side web applications. It can also be used to carry out browser-based attacks on users. Malicious JavaScript code is usually highly obfuscated, making detection a challenge. This paper describes a simple approach to deobfuscation of JavaScript code based on dynamic analysis and slicing. Experiments using a prototype implementation indicate that our approach is able to penetrate multiple layers of complex obfuscations and extract the core logic of the computation.
AB - Javascript is a scripting language that is commonly used to create sophisticated interactive client-side web applications. It can also be used to carry out browser-based attacks on users. Malicious JavaScript code is usually highly obfuscated, making detection a challenge. This paper describes a simple approach to deobfuscation of JavaScript code based on dynamic analysis and slicing. Experiments using a prototype implementation indicate that our approach is able to penetrate multiple layers of complex obfuscations and extract the core logic of the computation.
UR - http://www.scopus.com/inward/record.url?scp=84861117546&partnerID=8YFLogxK
UR - http://www.scopus.com/inward/citedby.url?scp=84861117546&partnerID=8YFLogxK
U2 - 10.1007/978-3-642-29166-1_31
DO - 10.1007/978-3-642-29166-1_31
M3 - Conference contribution
AN - SCOPUS:84861117546
SN - 9783642291654
T3 - Communications in Computer and Information Science
SP - 348
EP - 359
BT - Information Systems, Technology and Management - 6th International Conference, ICISTM 2012, Proceedings
T2 - 6th International Conference on Information Systems, Management and Technology, ICISTM 2012
Y2 - 28 March 2012 through 30 March 2012
ER -