• DocumentCode
    2845027
  • Title

    Automatic Simplification of Obfuscated JavaScript Code: A Semantics-Based Approach

  • Author

    Lu, Gen ; Debray, Saumya

  • Author_Institution
    Dept. of Comput. Sci., Univ. of Arizona, Tucson, AZ, USA
  • fYear
    2012
  • fDate
    20-22 June 2012
  • Firstpage
    31
  • Lastpage
    40
  • Abstract
    JavaScript is a scripting language that is commonly used to create sophisticated interactive client-side web applications. However, JavaScript code can also be used to exploit vulnerabilities in the web browser and its extensions, and in recent years it has become a major mechanism for web-based malware delivery. In order to avoid detection, attackers often take advantage of the dynamic nature of JavaScript to create highly obfuscated code. This paper describes a semantics-based approach for automatic deobfuscation of JavaScript code. Experiments using a prototype implementation indicate that our approach is able to penetrate multiple layers of complex obfuscations and extract the core logic of the computation, which makes it easier to understand the behavior of the code.
  • Keywords
    Internet; authoring languages; invasive software; online front-ends; Web browser; Web-based malware delivery; automatic deobfuscation; obfuscated JavaScript code automatic simplification; scripting language; semantics-based approach; sophisticated interactive client-side Web applications; Browsers; Context; HTML; Heuristic algorithms; Malware; Runtime; Syntactics; deobfuscation; dynamic analysis; program slicing; web security;
  • fLanguage
    English
  • Publisher
    ieee
  • Conference_Titel
    Software Security and Reliability (SERE), 2012 IEEE Sixth International Conference on
  • Conference_Location
    Gaithersburg, MD
  • Print_ISBN
    978-1-4673-2067-2
  • Type

    conf

  • DOI
    10.1109/SERE.2012.13
  • Filename
    6258292
    • Link To Document
    https://search.isc.ac/dl/search/defaultta.aspx?DTC=49&DC=2845027