Automatic Simplification of Obfuscated JavaScript Code (Extended Abstract)

Lu, Gen; Coogan, Kevin; Debray, Saumya

doi:10.1007/978-3-642-29166-1_31

Cited by 9 publications

(9 citation statements)

References 9 publications

Supporting

Mentioning

Contrasting

Order By: Relevance

“…A license often contains contractual restrictions on reverse engineering. For instance, using Google's JavaScript Client Library is subject to its terms of service, which state: 17 14 http://www.latestpatents.com/apple-patents-granted-on-12-march-2013/ 15 http://en.wikipedia.org/wiki/Eolas 16 Malicious JavaScript can be obfuscated to slip through malware detection programs [24]. As a result, research is actively working on de-obfuscation tools and approaches for malware detection, but, of course, these tools can be used for other purposes as well.…”

Section: Codementioning

confidence: 99%

Legal aspects of web systems

Kienle¹,

Müller

2013

2013 15th IEEE International Symposium on Web Systems Evolution (WSE)

View full text Add to dashboard Cite

The web offers a ubiquitous platform for commercial and information-sharing activities, which are realized by a broad spectrum of web systems. Not surprisingly, triggered by lawsuits, many legal aspects impacting web systems have emerged over time and they should be a concern for web systems operators, users and researchers. This paper identifies prominent legal issues relating to web systems access, content, design and code: copyright, patents, contracts, trespass, and others. Based on the identified issues we offer a number of observations on how the legal landscape has been shifting, on the role of contracts, and on the law's impact on case study research.

show abstract

Section: Codementioning

confidence: 99%

Legal aspects of web systems

Kienle¹,

Müller

2013

2013 15th IEEE International Symposium on Web Systems Evolution (WSE)

View full text Add to dashboard Cite

show abstract

“…Rozzle [30] adopts symbolic execution, multi-execute JavaScript code, and partially mitigates differences between multiple browsers. Other previous approaches [18,23,33,46] mostly execute JavaScript and acquire de-obfuscated JavaScript code. Revolver [29] compares the similarity between different JavaScript samples and cluster them based on AST features, however as shown in Figure 10, two samples with different ASTs can trigger the same vulnerability.…”

Section: Pre-exploit Stagementioning

confidence: 99%

JShield

Cao

Pan²,

Chen³

et al. 2014

Proceedings of the 30th Annual Computer Security Applications Conference

View full text Add to dashboard Cite

Drive-by download attacks, which exploit vulnerabilities of web browsers to control client computers, have become a major venue for attackers. To detect such attacks, researchers have proposed many approaches such as anomaly-based [22,23] and vulnerabilitybased [44,50] detections. However, anomaly-based approaches are vulnerable to data pollution, and existing vulnerability-based approaches cannot accurately describe the vulnerability condition of all the drive-by download attacks.

show abstract

“…The basic idea is to transform the program so that each goto is either replaced by some other construct, or the goto and its target are brought closer together in a semantics-preserving transformation. Space constraints preclude a detailed description of our transformation rules; interested readers are referred to the full version of the paper [12]. The fact that SpiderMonkey always generates byte-code with reducible CFGs (due to the lack of an aggressive code optimization phase) and the difference between JavaScript byte-code and Java byte-code, makes it possible for our algorithm to have a smaller set of tranformation rules.…”

Section: Decompilation and Code Transformationmentioning

confidence: 99%

“…Experiments using a prototype implementation indicate that this approach is able to penetrate multiple layers of complex obfuscations and extract the core logic of the underlying computation. Some of the details of this work have been omitted from this paper due to space constraints; interested readers are referred to the full version of the paper, which is available online [12].…”

Section: Introductionmentioning

confidence: 99%

Automatic Simplification of Obfuscated JavaScript Code: A Semantics-Based Approach

Debray

2012

2012 IEEE Sixth International Conference on Software Security and Reliability

Self Cite

View full text Add to dashboard Cite

Abstract. Javascript is a scripting language that is commonly used to create sophisticated interactive client-side web applications. It can also be used to carry out browser-based attacks on users. Malicious JavaScript code is usually highly obfuscated, making detection a challenge. This paper describes a simple approach to deobfuscation of JavaScript code based on dynamic analysis and slicing. Experiments using a prototype implementation indicate that our approach is able to penetrate multiple layers of complex obfuscations and extract the core logic of the computation.

show abstract

Automatic Simplification of Obfuscated JavaScript Code (Extended Abstract)

Cited by 9 publications

References 9 publications

Legal aspects of web systems

Legal aspects of web systems

JShield

Automatic Simplification of Obfuscated JavaScript Code: A Semantics-Based Approach

Contact Info

Product

Resources

About