Phu H. Phung scite author profile

This paper introduces a method to control JavaScript execution. The aim is to prevent or modify inappropriate behaviour caused by e.g. malicious injected scripts or poorly designed third-party code. The approach is based on modifying the code so as to make it self-protecting: the protection mechanism (security policy) is embedded into the code itself and intercepts security relevant API calls. The challenges come from the nature of the JavaScript language: any variables in the scope of the program can be redefined, and code can be created and run on-the-fly. This creates potential problems, respectively, for tamper-proofing the protection mechanism, and for ensuring that no security relevant events bypass the protection. Unlike previous approaches to instrument and monitor JavaScript to enforce or adjust behaviour, the solution we propose is lightweight in that (i) it does not require a modified browser, and (ii) it does not require any run-time parsing and transformation of code (including dynamically generated code). As a result, the method has low run-time overhead compared to other methods satisfying (i), and the lack of need for browser modifications means that the policy can even be applied on the server to mitigate some effects of cross-site scripting bugs.

show abstract

Safe Wrappers and Sane Policies for Self Protecting JavaScript

Magazinius

Phung

Sands

2012

View full text Add to dashboard Cite

Abstract. Phung et al (ASIACCS'09) describe a method for wrapping built-in methods of JavaScript programs in order to enforce security policies. The method is appealing because it requires neither deep transformation of the code nor browser modification. Unfortunately the implementation outlined suffers from a range of vulnerabilities, and policy construction is restrictive and error prone. In this paper we address these issues to provide a systematic way to avoid the identified vulnerabilities, and make it easier for the policy writer to construct declarative policies -i.e. policies upon which attacker code has no side effects.

show abstract

Vehicle ECU classification based on safety-security characteristics

Nilsson¹,

Phung²,

Larson³

2008

View full text Add to dashboard Cite

A Convolutional Transformation Network for Malware Classification

Nguyen

Nguyên

et al. 2019

View full text Add to dashboard Cite

Modern malware evolves various detection avoidance techniques to bypass the state-of-the-art detection methods. An emerging trend to deal with this issue is the combination of image transformation and machine learning techniques to classify and detect malware. However, existing works in this field only perform simple image transformation methods that limit the accuracy of the detection. In this paper, we introduce a novel approach to classify malware by using a deep network on images transformed from binary samples. In particular, we first develop a novel hybrid image transformation method to convert binaries into color images that convey the binary semantics. The images are trained by a deep convolutional neural network that later classifies the test inputs into benign or malicious categories. Through the extensive experiments, our proposed method surpasses all baselines and achieves 99.14% in terms of accuracy on the testing set.

show abstract

HIT4Mal: Hybrid image transformation for malware classification

Nguyen

Nguyên

et al. 2019

Trans Emerging Tel Tech

View full text Add to dashboard Cite

Modern malware evolves various detection avoidance techniques to bypass the state‐of‐the‐art detection methods. An emerging trend to deal with this issue is the combination of image transformation and machine learning models to classify and detect malware. However, existing works in this field only perform simple image transformation methods. These simple transformations have not considered color encoding and pixel rendering techniques on the performance of machine learning classifiers. In this article, we propose a novel approach to encoding and arranging bytes from binary files into images. These developed images contain statistical (eg, entropy) and syntactic artifacts (eg, strings), and their pixels are filled up using space‐filling curves. Thanks to these features, our encoding method surpasses existing methods demonstrated by extensive experiments. In particular, our proposed method achieved 93.01% accuracy using the combination of the entropy encoding and character class scheme on the Hilbert curve.

show abstract

scite is a Brooklyn-based organization that helps researchers better discover and understand research articles through Smart Citations–citations that display the context of the citation and describe whether the article provides supporting or contrasting evidence. scite is used by students and researchers from around the world and is funded in part by the National Science Foundation and the National Institute on Drug Abuse of the National Institutes of Health.

Contact Info

customersupport@researchsolutions.com

10624 S. Eastern Ave., Ste. A-614

Henderson, NV 89052, USA

This site is protected by reCAPTCHA and the Google Privacy Policy and Terms of Service apply.

Blog Terms and Conditions API Terms Privacy Policy Contact Cookie Preferences Do Not Sell or Share My Personal Information

Made with 💙 for researchers

Part of the Research Solutions Family.

Phu H. Phung

Lightweight self-protecting JavaScript

Safe Wrappers and Sane Policies for Self Protecting JavaScript

Vehicle ECU classification based on safety-security characteristics

A Convolutional Transformation Network for Malware Classification

HIT4Mal: Hybrid image transformation for malware classification

Contact Info

Product

Resources

About