Automatic Simplification of Obfuscated JavaScript Code

Date Added: Dec 2011
Format: PDF

Javascript is a scripting language that is commonly used to create sophisticated interactive client-side web applications. It can also be used to carry out browser-based attacks on users. Malicious JavaScript code is usually highly obfuscated, making detection a challenge. This paper describes a simple approach to deobfuscation of JavaScript code based on dynamic analysis and slicing. Experiments using a prototype implementation indicate that the authors' approach is able to penetrate multiple layers of complex obfuscations and extract the core logic of the computation.