"Advanced Transcriptase for JavaScript malware" by Fabio Di Troia

Selected Works of Mark Stamp

Follow Contact

Contribution to Book

Advanced Transcriptase for JavaScript malware

2016 11th International Conference on Malicious and Unwanted Software (MALWARE) (2016)

Fabio Di Troia, San Jose State University
Mark Stamp, San Jose State University
Visaggio Aaron Corrado, Università degli Studi del Sannio

Link

Abstract

Previous work has shown that JavaScript malware can manipulate its internal code with relative ease using an approach known as Transcriptase. However, the resulting malware remained susceptible to software similarity based scoring techniques. In this research, we develop and analyze an advanced version of Transcriptase that is entirely practical and is not detectable using any of several scoring techniques considered. Our technique, which is based on entropy manipulations and multiple layers of encryption, is applicable generally for use in malware obfuscation.

Disciplines

Publication Date

October 18, 2016

Publisher

IEEE

ISBN

978-1-5090-4542-6

DOI

10.1109/MALWARE.2016.7888737

Publisher Statement

SJSU users: use the follow link to log in and access the article via SJSU databases.

Citation Information

Fabio Di Troia, Mark Stamp and Visaggio Aaron Corrado. "Advanced Transcriptase for JavaScript malware" Fajardo, Puerto Rico2016 11th International Conference on Malicious and Unwanted Software (MALWARE) (2016) p. 121 - 128
Available at: http://works.bepress.com/mark_stamp/60/