Research And Implementation Of JavaScript Malware Detection System Based On Machine Learning

With the development of web technologies,there are more and more interactive ways between websites and their users which result in a phenomenon that users' privacy or information on websites are more easily to be captured or stolen by cyber criminals.Among those cyber crimes,JavaScript become a main tool because it is widely-used and capable of communicating with the background.In response to constantly emerging web detection tools,attackers are also developing more and more ways to protect their attack programs from being detected.Nowadays,a common way is to obfuscate the source code while in most cases,network organizations also take advantage of such obfuscation means to protect their copyright for the code which makes it quite vital to recognize malicious obfuscated code with an effective and accurate method.This thesis takes advantage of machine learning to detect web attacks based on JavaScript and designs a method to judge whether JavaScript is a malicious obfuscated code and recognize its malicious type and by the method it has developed a Chrome extensive tool which is able to detect web codes in real-time.Concrete achievements are as follows:1.Based on features analysis of data set's codes,we have put forth a detection model which makes use of the co-training method to recognize the malicious features of JavaScript.The model,based on creditability of the two features,is able to achieve data augmentation of small data sets to acquire a more accurate effect of classification.The experiments demonstrate under the circumstance of adjusting the ratio of training sets our method remains a high accuracy.Therefore,we have basically solved the problem presented in the first paragraph.2.By classification of malicious codes,we have put forth a classification model based on deep learning.The model can recognize local features of a code to provide good feature basis for the detection result.We take advantage of simple cross validation to judge our model and the experimental result proves that the model designed by us is reliable.3.Finally,we have constructed the extensive tool of Chrome to apply the designed method of recognition to real-time detection of websites.The practical operation results show that it is an effective tool for real-time detection.