Title :
Automatic Simplification of Obfuscated JavaScript Code: A Semantics-Based Approach
Author :
Lu, Gen ; Debray, Saumya
Author_Institution :
Dept. of Comput. Sci., Univ. of Arizona, Tucson, AZ, USA
Abstract :
JavaScript is a scripting language that is commonly used to create sophisticated interactive client-side web applications. However, JavaScript code can also be used to exploit vulnerabilities in the web browser and its extensions, and in recent years it has become a major mechanism for web-based malware delivery. In order to avoid detection, attackers often take advantage of the dynamic nature of JavaScript to create highly obfuscated code. This paper describes a semantics-based approach for automatic deobfuscation of JavaScript code. Experiments using a prototype implementation indicate that our approach is able to penetrate multiple layers of complex obfuscations and extract the core logic of the computation, which makes it easier to understand the behavior of the code.
Keywords :
Internet; authoring languages; invasive software; online front-ends; Web browser; Web-based malware delivery; automatic deobfuscation; obfuscated JavaScript code automatic simplification; scripting language; semantics-based approach; sophisticated interactive client-side Web applications; Browsers; Context; HTML; Heuristic algorithms; Malware; Runtime; Syntactics; deobfuscation; dynamic analysis; program slicing; web security;
Conference_Titel :
Software Security and Reliability (SERE), 2012 IEEE Sixth International Conference on
Conference_Location :
Gaithersburg, MD
Print_ISBN :
978-1-4673-2067-2
DOI :
10.1109/SERE.2012.13
