Detecting Malicious Behaviors in JavaScript Applications

Loading...
Thumbnail Image
File version

Version of Record (VoR)

Author(s)
Mao, J
Bian, J
Bai, G
Wang, R
Chen, Y
Xiao, Y
Liang, Z
Griffith University Author(s)
Primary Supervisor
Other Supervisors
Editor(s)
Date
2018
Size
File type(s)
Location
Abstract

JavaScript applications are widely used in a range of scenarios, including Web applications, mobile applications, and server-side applications. On one hand, due to its excellent cross-platform support, Javascript has become the core technology of social network platforms. On the other hand, the flexibility of the JavaScript language makes such applications prone to attacks that inject malicious behaviors. In this paper, we propose a detection technique to identify malicious behaviors in JavaScript applications. Our method models an application's normal behavior on function activation, which is used as a basis to detect attacks. We prototyped our solution on the popular JavaScript engine V8 and used it to detect attacks on the android system. Our evaluation shows the effectiveness of our approach in detecting injection attacks to JavaScript applications.

Journal Title

IEEE Access

Conference Title
Book Title
Edition
Volume

6

Issue
Thesis Type
Degree Program
School
Publisher link
Patent number
Funder(s)
Grant identifier(s)
Rights Statement
Rights Statement

© The Author(s) 2018. This is an Open Access article distributed under the terms of the Creative Commons Attribution 4.0 International License (http://creativecommons.org/licenses/by/4.0/) which permits unrestricted use, distribution, and reproduction in any medium, provided the original work is properly cited.

Item Access Status
Note
Access the data
Related item(s)
Subject

Engineering

Persistent link to this record
Citation

Mao, J; Bian, J; Bai, G; Wang, R; Chen, Y; Xiao, Y; Liang, Z, Detecting Malicious Behaviors in JavaScript Applications, IEEE Access, 2018, 6, pp. 12284-12294

Collections