Research On Detection Methods For Malicious JavaScript

Posted on:2019-03-31

Degree:Master

Type:Thesis

Country:China

Candidate:J L Zhang

Full Text:PDF

GTID:2348330542998887

Subject:Computer technology

Abstract/Summary:

PDF Full Text Request

At present,some detection methods for malicious JavaScript have been proposed.However,with the gradual application of obfuscation techniques and ECMAScript6 standard,malicious JavaScript in more diversified forms,its concealment is also higher and higher,which poses new challenges for related research and detection work,and leads to the performance of existing detection methods is unsatisfactory.So,the research on detection methods for malicious JavaScript is of great value.In this thesis,we detect malicious JavaScript in many aspects and propose two detection methods for malicious JavaScript.The main contributions of this thesis are summarized as follows:1.Based on the negative selection algorithm V-detector,we proposed a JavaScript filtering algorithm LMV-detector and used it to filter JavaScript.The experimental results show that the LMV-detector can quickly distinguish between normal samples and other abnormal samples such as ads,plug-ins and so on,and accelerate the marking of samples.In addition,we implemented a JavaScript crawler that can fetch JavaScript from some given websites.2.We analyzed the obfuscation techniques for JavaScript and the related features of browser-side JavaScript.On this basis,four kinds of static detection features were extracted,and the principal component analysis was used to reduce the dimensionality of the original eigenvector.We used the machine learning technique to verify the features.The experimental results show that four kinds of static detection features proposed in this thesis have a high recognition rate for malicious JavaScript.3.We proposed a formula to calculate the harmfulness coefficient of the behavioral features based on mutual information,and established an evaluation indicator system for malicious JavaScript combined with the dynamic behavior features.We parsed and executed JavaScript in a simulation environment and extracted its dynamic behavior features,and used the evaluation indicator to process them.The processed features were verified by SVM algorithm.The experimental results show that the detection accuracy is 99.6%.

Keywords/Search Tags:

JavaScript, Malicious JavaScript detection, Negative selection algorithms, Machine learning, Dynamic behavior features

PDF Full Text Request

Related items

1	Design And Implementation Of JavaScript Malicious Code Detection Model Based On Machine Learning
2	Design And Implementation Of JavaScript Malicious Code Detection Technology Based On Machine Learning
3	Research And Implementation Of JavaScript Malware Detection System Based On Machine Learning
4	Research On JavaScript Malicious Code Detection Technology
5	Research On JavaScript Imalicious Code Detection Technology Based On Machine Learning
6	Research On JavaScript Malicious Code Detection Model Based On Anti-obfuscated Technology
7	JavaScript Malicious Code Detection System
8	Research On The Methods For Javascript Malicious Code Detection
9	Research For Techniques Of Anti-evasion Of JavaScript Malware Detection Systems
10	Anomaly Detection Of JavaScript-based Malicious Web Pages