This type of obfuscation technique manipulates the execution paths of the JavaScript codes by changing the logic structure without affecting the original semantics. JS.Encode is a method created by Microsoft to encode JavaScript code. The last would be to use encryption and decryption methods to the JavaScript obfuscation. The second method is to use the customized encoding function to create an obfuscated code and attach a decoding function to decode it during execution. The first way is to convert the given code into the escaped ASCII characters, Unicode or hexadecimal representations. Normally 3 methods are used to encode the original code. String splitting is usually used along with document.write() or eval() functions to execute the concatenated strings in a browser. String splitting is a technique where it converts a string into the concatenation of several substrings. They also adopt other techniques like string splitting and keyword substitution. Attackers usually achieve this by converting a variable or constant into one or several variables or constants. Data Obfuscationĭata obfuscation is a form of data masking where the data is purposely scrambled so that it becomes very difficult for a person to understand the semantics of the code. Sometimes attackers also combine two or more randomization techniques to avoid detection. Some of the techniques include removing white spaces, changing the variable names that will look gibberish to you. Randomization obfuscation is a technique where attackers randomly insert or change some elements of the JavaScript code without changing the semantics of the code. In order to understand the code obfuscation techniques briefly, let’s just first classify the obfuscation techniques into the following four categories namely:- Randomization Obfuscation Also identifying malicious JavaScript code is not easy since benign web pages also use code obfuscation techniques to protect intellectual property. For example, the characters in the string can be encoded in various ways e.g., using % encoding (a as %61, b as %62, …), Unicode (a as a, b as b, …), Base-64, etc. The nature of the JavaScript code is such that it makes possible to create a variety of obfuscation techniques. Attackers usually take advantage of the dynamic nature of JavaScript to create highly obfuscated code to thwart the defence mechanisms that are in place. JavaScript-based attacks have been reported as the top Internet security threats in recent years and have become a major mechanism for web-based malware delivery. JavaScript code obfuscation techniques play a key role in delivering a malicious payload when an attackers want to target their users and they achieve this by hiding their code so that it could evade the detection of anti-virus software.
0 Comments
Leave a Reply. |
AuthorWrite something about yourself. No need to be fancy, just an overview. ArchivesCategories |