| In this era of information technology,the way people access to information resources mainly relies on web browsing,so the attacker gradually turns attention to an attack way of malicious web pages,which brings potential safety hazard to users.Malicious web pages are usually written with the script language,and attackers often encrypt these pages or obfuscate them in order to evade the detection of antivirus software.There are two main methods to detect malicious web pages including static detection and dynamic detection.Static detection is based on a feature library,its accuracy depends on library's size and accuracy.However,it is poorly efficient in the detection of obfuscated web pages.Dynamic detection is mainly based on sandbox detection by monitoring the interactions between browser client and web server,if the abnormal state exists,the webpage will be judged to be malicious.Dynamic detection greatly improves accuracy,especially on the obfuscated pages.But it is less efficient on large-scale detection,and it costs more system resources.According to these problems of malicious web pages detection,this paper designs and realizes a malicious web pages detection system based on static detection.The system can effectively detect obfuscated web pages by combining the feature base matching with the V8 engine technology.At the same time,the system can select typical eigenvector and establish a classification model using machine learning algorithms to detect unknown web pages.Finally,the system is tested,the test results show that the system testing effect is all right and the expected goals has been reached,which verify the effectiveness of this system.The main work of this paper is as follows:1.The malicious web attack principle and common attack methods are studied,and this paper summarizes and compares the current domestic and international of malicious web pages detection means,and on the basis of previous research,it proposes a detection scheme based on a feature library classification matching technique and machine learning classification technique.2.A malicious web page detection system is designed and implemented,this paper designs the feature library format,and establishes a good machine learning classification model through experiment,also optimizes the detection procedure based on feature library matching.Firstly the system can leverage feature database to detect web pages,and then those pages which are not determined will be detected by machine learning classification to improve the accuracy of detection.The feature library management module realizes functionality of automatic updating and maintaining feature database,and reduces the false alarm rate based on feature base detection.3.The performance test of the system is carried out from different angles by leveraging the collected test samples,the test process is introduced in detail,and the test results are compared and analyzed in this paper. |
PDF Full Text Request