Detection of Heap-Spraying Attacks Using String Trace Graph

Heap-spraying is an attack technique that exploits memory corruptions in web browsers. A realtime detection of heap-spraying is difficult because of dynamic nature of JavaScript and monitoring overheads. In this paper, we propose a runtime detector of heap-spraying attacks in web browsers. We build a string trace graph by tracing all string objects and string operations in JavaScript. The graph is used for detecting abnormal behaviors of JavaScript. We detect heap-spraying attacks with low false positive rate and overheads.1110Nsciescopu