IEEE Access (Jan 2018)

Detecting Malicious Behaviors in JavaScript Applications

  • Jian Mao,
  • Jingdong Bian,
  • Guangdong Bai,
  • Ruilong Wang,
  • Yue Chen,
  • Yinhao Xiao,
  • Zhenkai Liang

DOI
https://doi.org/10.1109/ACCESS.2018.2795383
Journal volume & issue
Vol. 6
pp. 12284 – 12294

Abstract

Read online

JavaScript applications are widely used in a range of scenarios, including Web applications, mobile applications, and server-side applications. On one hand, due to its excellent cross-platform support, Javascript has become the core technology of social network platforms. On the other hand, the flexibility of the JavaScript language makes such applications prone to attacks that inject malicious behaviors. In this paper, we propose a detection technique to identify malicious behaviors in JavaScript applications. Our method models an application's normal behavior on function activation, which is used as a basis to detect attacks. We prototyped our solution on the popular JavaScript engine V8 and used it to detect attacks on the android system. Our evaluation shows the effectiveness of our approach in detecting injection attacks to JavaScript applications.

Keywords