Automatic simplification of obfuscated JavaScript code: A semantics-based approach

Research output: Chapter in Book/Report/Conference proceedingConference contribution

23 Scopus citations

Abstract

JavaScript is a scripting language that is commonly used to create sophisticated interactive client-side web applications. However, JavaScript code can also be used to exploit vulnerabilities in the web browser and its extensions, and in recent years it has become a major mechanism for web-based malware delivery. In order to avoid detection, attackers often take advantage of the dynamic nature of JavaScript to create highly obfuscated code. This paper describes a semantics-based approach for automatic deobfuscation of JavaScript code. Experiments using a prototype implementation indicate that our approach is able to penetrate multiple layers of complex obfuscations and extract the core logic of the computation, which makes it easier to understand the behavior of the code.

Original languageEnglish (US)
Title of host publicationProceedings of the 2012 IEEE 6th International Conference on Software Security and Reliability, SERE 2012
Pages31-40
Number of pages10
DOIs
StatePublished - 2012
Event2012 IEEE 6th International Conference on Software Security and Reliability, SERE 2012 - Gaithersburg, MD, United States
Duration: Jun 20 2012Jun 22 2012

Publication series

NameProceedings of the 2012 IEEE 6th International Conference on Software Security and Reliability, SERE 2012

Other

Other2012 IEEE 6th International Conference on Software Security and Reliability, SERE 2012
CountryUnited States
CityGaithersburg, MD
Period6/20/126/22/12

Keywords

  • Deobfuscation
  • Dynamic analysis
  • Program slicing
  • Web security

ASJC Scopus subject areas

  • Software
  • Safety, Risk, Reliability and Quality

Fingerprint Dive into the research topics of 'Automatic simplification of obfuscated JavaScript code: A semantics-based approach'. Together they form a unique fingerprint.

Cite this