Jun 15, 2020
Support System for Assessing Anti-analysis JavaScript Code by Using Proxy Objects
- Volume
- 61
- Number
- 6
- First page
- 1134
- Last page
- 1145
- Language
- Japanese
- Publishing type
- Research paper (scientific journal)
JavaScript code used by web-based attacks is usually protected by some anti-analysis techniques such as obfuscation or cloaking in order to hide its intent or avoid detection. Analyzing such code becomes an urgent task to counter cyber attacks. Therefore, we propose an analysis support system for anti-analysis JavaScript code. The proposed system comprehensively monitors browser API operations and outputs API operation logs for helping analyst's understanding the behavior of code. By using Proxy objects to capture API operations, the proposed system successfuly monitors API operations that could not be captured completely by existing methods. In addition, by replacing variable references, it is able to comprementally monitor API operations for non-replaceable APIs. In this paper, we describe the concept of the proposed system and the implementation of analysis method. We also report the result of analyzing anti-analysis JavaScript codes as an evaluation.
- Link information
-
- CiNii Articles
- http://ci.nii.ac.jp/naid/170000181975
- CiNii Books
- http://ci.nii.ac.jp/ncid/AN00116647
- URL
- http://id.nii.ac.jp/1001/00204778/
- ID information
-
- ISSN : 1882-7764
- CiNii Articles ID : 170000181975
- CiNii Books ID : AN00116647