The power of obfuscation techniques in malicious JavaScript code: A measurement study

Wei Xu, Fangfang Zhang, Sencun Zhu

Research output: Chapter in Book/Report/Conference proceedingConference contribution

42 Scopus citations

Abstract

JavaScript based attacks have been reported as the top Internet security threats in recent years. Since most of the Internet users rely on anti-virus software to protect themselves from malicious JavaScript code, attackers exploit JavaScript obfuscation techniques to evade the detection of anti-virus software. To better understand the obfuscation techniques adopted by malicious JavaScript code, we conduct a measurement study. We first categorize observed JavaScript obfuscation techniques. Then we conduct a statistic analysis on the usage of different categories of obfuscation techniques in real-world malicious JavaScript samples. We also study the detection effectiveness of 20 most popular anti-virus software against obfuscation techniques. Based on the results, we analyze the cause of the popularity of obfuscation in malicious JavaScript code; the reason behind the choice of obfuscation techniques and the difference between benign obfuscation and malicious obfuscation. Moreover, we also provide suggestions for designing effective obfuscation detection approaches in future.

Original languageEnglish (US)
Title of host publicationProceedings of the 2012 7th International Conference on Malicious and Unwanted Software, Malware 2012
Pages9-16
Number of pages8
DOIs
StatePublished - Dec 1 2012
Event2012 7th International Conference on Malicious and Unwanted Software, Malware 2012 - Fajardo, PR, United States
Duration: Oct 16 2012Oct 18 2012

Publication series

NameProceedings of the 2012 7th International Conference on Malicious and Unwanted Software, Malware 2012

Other

Other2012 7th International Conference on Malicious and Unwanted Software, Malware 2012
CountryUnited States
CityFajardo, PR
Period10/16/1210/18/12

All Science Journal Classification (ASJC) codes

  • Software

Fingerprint Dive into the research topics of 'The power of obfuscation techniques in malicious JavaScript code: A measurement study'. Together they form a unique fingerprint.

Cite this