Automatic simplification of obfuscated JavaScript code

Gen Lu, Kevin Coogan, Saumya Debray

Research output: Chapter in Book/Report/Conference proceedingConference contribution

3 Scopus citations

Abstract

Javascript is a scripting language that is commonly used to create sophisticated interactive client-side web applications. It can also be used to carry out browser-based attacks on users. Malicious JavaScript code is usually highly obfuscated, making detection a challenge. This paper describes a simple approach to deobfuscation of JavaScript code based on dynamic analysis and slicing. Experiments using a prototype implementation indicate that our approach is able to penetrate multiple layers of complex obfuscations and extract the core logic of the computation.

Original languageEnglish (US)
Title of host publicationInformation Systems, Technology and Management - 6th International Conference, ICISTM 2012, Proceedings
Pages348-359
Number of pages12
DOIs
StatePublished - May 22 2012
Event6th International Conference on Information Systems, Management and Technology, ICISTM 2012 - Grenoble, France
Duration: Mar 28 2012Mar 30 2012

Publication series

NameCommunications in Computer and Information Science
Volume285 CCIS
ISSN (Print)1865-0929

Other

Other6th International Conference on Information Systems, Management and Technology, ICISTM 2012
CountryFrance
CityGrenoble
Period3/28/123/30/12

    Fingerprint

ASJC Scopus subject areas

  • Computer Science(all)
  • Mathematics(all)

Cite this

Lu, G., Coogan, K., & Debray, S. (2012). Automatic simplification of obfuscated JavaScript code. In Information Systems, Technology and Management - 6th International Conference, ICISTM 2012, Proceedings (pp. 348-359). (Communications in Computer and Information Science; Vol. 285 CCIS). https://doi.org/10.1007/978-3-642-29166-1_31