Advanced transcriptase for JavaScript malware

Fabio Di Troia; Corrado Aaron Visaggio; Thomas H. Austin; Mark Stamp

doi:10.1109/MALWARE.2016.7888737

2016 11th International Conference on Malicious and Unwanted Software (MALWARE)

Advanced transcriptase for JavaScript malware

Year: 2016, Pages: 1-8

DOI Bookmark: 10.1109/MALWARE.2016.7888737

Authors

Fabio Di Troia, Department of Computer Science San Jose State University
Corrado Aaron Visaggio, Department of Engineering Universita degli Studi del Sannio
Thomas H. Austin, Department of Computer Science San Jose State University
Mark Stamp, Department of Computer Science San Jose State University

Abstract

Previous work has shown that JavaScript malware can manipulate its internal code with relative ease using an approach known as Transcriptase. However, the resulting malware remained susceptible to software similarity based scoring techniques. In this research, we develop and analyze an advanced version of Transcriptase that is entirely practical and is not detectable using any of several scoring techniques considered. Our technique, which is based on entropy manipulations and multiple layers of encryption, is applicable generally for use in malware obfuscation.

Like what you’re reading?

Already a member?

Get this article FREE with a new membership!

Rozzle: De-cloaking Internet Malware
2012 IEEE Symposium on Security and Privacy
A framework for empirical evaluation of malware detection resilience against behavior obfuscation
2015 10th International Conference on Malicious and Unwanted Software (MALWARE)
Abusing File Processing in Malware Detectors for Fun and Profit
2012 IEEE Symposium on Security and Privacy
Detect Android Malware Variants Using Component Based Topology Graph
2014 IEEE 13th International Conference on Trust, Security and Privacy in Computing and Communications (TrustCom)
Malware Obfuscation Detection via Maximal Patterns
2009 Third International Symposium on Intelligent Information Technology Application
BinGraph: Discovering mutant malware using hierarchical semantic signatures
2012 7th International Conference on Malicious and Unwanted Software
Malware Obfuscation Techniques: A Brief Survey
2010 International Conference on Broadband, Wireless Computing, Communication and Applications
AndroOBFS: Time-tagged Obfuscated Android Malware Dataset with Family Information
2022 IEEE/ACM 19th International Conference on Mining Software Repositories (MSR)
Wobfuscator: Obfuscating JavaScript Malware via Opportunistic Translation to WebAssembly
2022 IEEE Symposium on Security and Privacy (SP)
Compiling and Analyzing Open Source Malware for Research Purposes
2020 International Conference on Software Security and Assurance (ICSSA)

Advanced transcriptase for JavaScript malware

Authors

Abstract

Related Articles