Design And Implementation Of JavaScript Malicious Code Detection Model Based On Machine Learning

The advancement of science and technology often brings double-sided effects.While enjoying the convenience brought about by the development of Internet technology,criminals also use illegal means to capture and steal the private information of Internet users.The security of privacy and data has caused safety.The focus of the researcher's attention.How to prevent attacks,protect the legitimate rights and interests of users,and build information protection walls requires familiarity with the attack methods used by the attackers,research on countermeasures against various attack methods and design corresponding detection tools.This article will study The direction of attack means seeks a solution.JavaScript is a well-known programming language that can dynamically interact with the background and process information.However,because of its characteristics,it is also one of the important tools for attacking network Web clients.At present,many organizations in the market will use obfuscated code technology to protect their copyrights,that is,to achieve the purpose of protecting information by obfuscating the code to a certain degree.However,obfuscation can not only be used as a means to protect copyright,but attackers will also use the same method to disguise their attack code.Therefore,the first task of this article is to efficiently identify obfuscated malicious code.This article first uses the collaborative training design to detect the JavaScript-based Web attack model,combined with multiple experiments and experimental data,and finally selects the GBDT&RF collaborative training model to design and implement the obfuscated classifier and malicious classifier.Then,the deep learning algorithm CNN design is used to identify whether the JavaScript code is malicious,and the malicious type of the code is identified through 8 types of malicious code classification features.Finally,through the use of python,flask and Tomcat,a Chrome extension tool for real-time detection of malicious code was implemented and successfully applied to real-time detection of web pages.The corresponding results are as follows:The GBDT&RF collaborative training model is used to identify JavaScript malicious code features,and the corresponding obfuscated malicious code detection model is trained.In order to make the model achieve a more accurate classification effect,this paper needs to apply the model based on the credibility of the two types of features.The data set has been expanded accordingly.Supported by a large amount of experimental data,it is concluded that the method in this article has strong applicability and can still maintain a high accuracy rate even when the proportion of the training set is adjusted locally.In order to better classify the characteristics of malicious code and distinguish the attack methods,the CNN algorithm is used to further distinguish the attack types of malicious code.Through the CNN model,8 input nodes,8 output nodes,6 hidden layers and 8 nodes in each layer are designed.A large number of samples are used to train the CNN network structure,and the network structure obtained by the training realizes the identification and differentiation of corresponding malicious code features,and can realize accurate malicious identification and attack judgment on the samples and real web pages.Through the differentiation of local feature categories by the malicious code detection model,the above experience has been accumulated to propose a type of malicious code classification verification model based on deep learning.After adjustment,the classification model has reached preliminary expectations and not only can accurately detect malicious code,It can also identify the local characteristics of malicious code,and the accuracy of its detection experiment results provides a good identification basis for subsequent experiments.In addition,cross-classification and other related verification methods are used to evaluate and analyze the malicious code model created in this article.The experimental results prove that the classification model in this article is completely feasible.Construct a Chrome extension tool,and then use the designed recognition method to detect it in the web page.Through practical tests,it is proved that it is an effective tool for real-time detection.