Title :
A novel algorithm for obfuscated code analysis
Author :
Pinto, Breno Silva ; Barnett, Reggie
Author_Institution :
Trustwave Spiderlabs, United Arab Emirates
fDate :
Nov. 29 2011-Dec. 2 2011
Abstract :
Obfuscated code is machine or source code that is made difficult to be read by humans. It is usually done to hide some important business logic or to hide malicious intent. There has been a dramatic increase in the use of obfuscated codes for drive-by-download web browser attacks using javascripts. In this paper we will present a novel approach for detecting this type of code without the need for de-obfuscation, allowing its usage on real-time traffic analysis programs like Intrusion Prevention Systems or Web Application Firewalls.
Keywords :
Java; authoring languages; authorisation; online front-ends; Javascripts; Web application firewalls; business logic hiding; drive-by-download Web browser attacks; intrusion prevention system; malicious intent hiding; obfuscated code analysis; real-time traffic analysis program; source code; Browsers; Business; Fires; Humans; Real time systems; Training; Information security; drive-by-downloads; machine learning; malicious code; obfuscated code javascript;
Conference_Titel :
Information Forensics and Security (WIFS), 2011 IEEE International Workshop on
Conference_Location :
Iguacu Falls
Print_ISBN :
978-1-4577-1017-9
Electronic_ISBN :
978-1-4577-1018-6
DOI :
10.1109/WIFS.2011.6123157
