Detecting Malicious Behaviors in JavaScript Applications

Mao, J; Bian, J; Bai, G; Wang, R; Chen, Y; Xiao, Y; Liang, Z

doi:10.1109/ACCESS.2018.2795383

View/Open

Bai213841-Published.pdf (8.842Mb)

File version

Version of Record (VoR)

Author(s)

Mao, J

Bian, J

Bai, G

Wang, R

Chen, Y

Xiao, Y

Liang, Z

Griffith University Author(s)

Bai, Guangdong

Year published

2018

Metadata

Show full item record

Abstract

JavaScript applications are widely used in a range of scenarios, including Web applications, mobile applications, and server-side applications. On one hand, due to its excellent cross-platform support, Javascript has become the core technology of social network platforms. On the other hand, the flexibility of the JavaScript language makes such applications prone to attacks that inject malicious behaviors. In this paper, we propose a detection technique to identify malicious behaviors in JavaScript applications. Our method models an application's normal behavior on function activation, which is used as a basis to detect ...
View more >JavaScript applications are widely used in a range of scenarios, including Web applications, mobile applications, and server-side applications. On one hand, due to its excellent cross-platform support, Javascript has become the core technology of social network platforms. On the other hand, the flexibility of the JavaScript language makes such applications prone to attacks that inject malicious behaviors. In this paper, we propose a detection technique to identify malicious behaviors in JavaScript applications. Our method models an application's normal behavior on function activation, which is used as a basis to detect attacks. We prototyped our solution on the popular JavaScript engine V8 and used it to detect attacks on the android system. Our evaluation shows the effectiveness of our approach in detecting injection attacks to JavaScript applications.
View less >

Journal Title

IEEE Access

Volume

DOI

https://doi.org/10.1109/ACCESS.2018.2795383

Copyright Statement

© The Author(s) 2018. This is an Open Access article distributed under the terms of the Creative Commons Attribution 4.0 International License (http://creativecommons.org/licenses/by/4.0/) which permits unrestricted use, distribution, and reproduction in any medium, provided the original work is properly cited.

Subject

Engineering

Publication URI

http://hdl.handle.net/10072/391154

Collection

Journal articles