• DocumentCode
    2933574
  • Title

    A novel algorithm for obfuscated code analysis

  • Author

    Pinto, Breno Silva ; Barnett, Reggie

  • Author_Institution
    Trustwave Spiderlabs, United Arab Emirates
  • fYear
    2011
  • fDate
    Nov. 29 2011-Dec. 2 2011
  • Firstpage
    1
  • Lastpage
    5
  • Abstract
    Obfuscated code is machine or source code that is made difficult to be read by humans. It is usually done to hide some important business logic or to hide malicious intent. There has been a dramatic increase in the use of obfuscated codes for drive-by-download web browser attacks using javascripts. In this paper we will present a novel approach for detecting this type of code without the need for de-obfuscation, allowing its usage on real-time traffic analysis programs like Intrusion Prevention Systems or Web Application Firewalls.
  • Keywords
    Java; authoring languages; authorisation; online front-ends; Javascripts; Web application firewalls; business logic hiding; drive-by-download Web browser attacks; intrusion prevention system; malicious intent hiding; obfuscated code analysis; real-time traffic analysis program; source code; Browsers; Business; Fires; Humans; Real time systems; Training; Information security; drive-by-downloads; machine learning; malicious code; obfuscated code javascript;
  • fLanguage
    English
  • Publisher
    ieee
  • Conference_Titel
    Information Forensics and Security (WIFS), 2011 IEEE International Workshop on
  • Conference_Location
    Iguacu Falls
  • Print_ISBN
    978-1-4577-1017-9
  • Electronic_ISBN
    978-1-4577-1018-6
  • Type

    conf

  • DOI
    10.1109/WIFS.2011.6123157
  • Filename
    6123157
    • Link To Document
    https://search.isc.ac/dl/search/defaultta.aspx?DTC=49&DC=2933574