CISPA
Browse

Studying JavaScript Security Through Static Analysis

Download (3.41 MB)
thesis
posted on 2023-11-29, 18:05 authored by Aurore FassAurore Fass
As the Internet keeps on growing, so does the interest of malicious actors. While the Internet has become widespread and popular to interconnect billions of people, this interconnectivity also simplifies the spread of malicious software. Specifically, JavaScript has become a popular attack vector, as it enables to stealthily exploit bugs and further vulnerabilities to compromise the security and privacy of Internet users. In this thesis, we approach these issues by proposing several systems to statically analyze real-world JavaScript code at scale. First, we focus on the detection of malicious JavaScript samples. To this end, we propose two learning-based pipelines, which leverage syntactic, control and data-flow based features to distinguish benign from malicious inputs. Subsequently, we evaluate the robustness of such static malicious JavaScript detectors in an adversarial setting. For this purpose, we introduce a generic camouflage attack, which consists in rewriting malicious samples to reproduce existing benign syntactic structures. Finally, we consider vulnerable browser extensions. In particular, we abstract an extension source code at a semantic level, including control, data, and message flows, and pointer analysis, to detect suspicious data flows from and toward an extension privileged context. Overall, we report on 184 Chrome extensions that attackers could exploit to, e.g., execute arbitrary code in a victim's browser.

History

Preferred Citation

Aurore Fass. Studying JavaScript Security Through Static Analysis. Doctoral Thesis, Saarland University. 2020.

Supervisor

Stock, Ben; Backes, Michael

Primary Research Area

  • Threat Detection and Defenses

Secondary Research Area

  • Empirical and Behavioral Security

Legacy Posted Date

2021-08-24

Institution

Saarland University

Open Access Type

  • Unknown

Thesis Type

  • PhD Thesis

BibTeX

@phdthesis{cispa_all_3471, title = "Studying JavaScript Security Through Static Analysis", author = "Fass, Aurore", school = "Saarland University", year="2020", }

Usage metrics

    Categories

    No categories selected

    Exports

    RefWorks
    BibTeX
    Ref. manager
    Endnote
    DataCite
    NLM
    DC