Microsoft Research Develops Zozzle JavaScript Malware Detection Tool | threatpost.
Microsoft Research just released a paper on Zozzle, software they developed to detect certain types of JavaScript malware.
There are two ways Zozzle can be used:
- In the browser to block malicious JavaScript before it does any damage
- Scanning websites to detect malware-laden pages which can then be blacklisted
The question is, is this going to be a valuable tool for detecting and stopping malicious JavaScript? For some comments, I went to slashdot.org – Microsoft Builds JavaScript Malware Detection Tool.
Clearly, the slashdot crowd is anti-Microsoft, but it seems to me there was one insightful comment which I have paraphrased:
- Using a classifier that needs to be trained is hopeless because there are “an infinite number of ways of doing the same thing in JavaScript.”
- JavaScript is fundamentally flawed because it has an eval() function. A better approach is sandboxing JavaScript.
