Automatic Detection for JavaScript Obfuscation Attacks in Web Pages through String Pattern Analysis

Provided by: Science & Engineering Research Support soCiety (SERSC)
Topic: Enterprise Software
Format: PDF
Recently, most of malicious web pages include obfuscated codes in order to circumvent the detection of signature-based detection systems. It is difficult to decide whether the sting is obfuscated because the shape of obfuscated strings is changed continuously. In this paper, the authors propose a novel methodology that can detect obfuscated strings in the malicious web pages. They extracted three metrics as rules for detecting obfuscated strings by analyzing patterns of normal and malicious JavaScript codes.

Find By Topic