It is the observation of the applicant that most malicious web-based activity involves javascript. Detecting and blocking malicious javascript is essential for preventing web-based compromises. Most malicious javascript is obfuscated, which renders static analysis, such as signature matching, approaches ineffective.
Legitimate javascript is also obfuscated to protect business intellectual property and enhance security so simply identifying obfuscation is insufficient. Too many false negative false positive fails. What is needed is a system to detect and prevent browser based malicious javascript contents and identify websites that attempt to download malicious javascripts.