JSDES - An automated de-obfuscation system for malicious javascript

Malicious scripts used in web-based attacks have recently been reported as one of the top internet security threats. However, anti-malware solutions develop and integrate various techniques to defend against malicious scripts, attackers have been increasingly applying different counter techniques to hide their malicious intents and evade detection. One of the most popular techniques used is code obfuscation. In this research, an enhanced system is proposed to automate the process of de-obfuscating malicious JavaScript code. The proposed system was tested on real-world malicious JavaScript samples. Based on the analysis results, the cause of popularity of certain obfuscation techniques is identified. In addition, a set of improvements to the currently used malware detection techniques is proposed. © 2017 Association for Computing Machinery.