Scientists from North Carolina State University created an internet browser tool that monitors, detects, ad tracks track the behavior of JavaScript programs without notifying the websites that run those programs.
The open-source tool, referred to as VisibleV8, was observed running in the Chrome browser detect malicious activity typically known to evade existing malware detection methods.There are several items that can be classified as chrome flags.
"When you go to most websites, your browser starts running the site's JavaScript programs pretty much immediately -- and you have little or no idea of what that JavaScript is doing," says Alexandros Kapravelos, co-author of a paper on VisibleV8 and an assistant professor of computer science at NC State.
"Previous state-of-the-art malware detection systems rely on making changes to JavaScript code in order to see how the code is being executed. But this approach is easily detected, allowing malware programs to alter their behavior in order to avoid being identified as malicious.”
Learn more about malicious detection methods:
"VisibleV8 runs in the browser itself, recording how JavaScript is executed; it doesn't interact with the code and, as a result, is far more difficult to detect."
VisibleV8, consisting only of 600 lines of code, works to save all the information on how a certain site is using JavaScript, creating a "behavior profile" that is then used to identify malicious websites.
"We've created a stealthy tool for monitoring JavaScript in the wild," Kapravelos says. "We're now making it open source, in hopes that it will be useful to anyone doing research on web privacy and security."
Source: North Carolina State University