| With the rapid development of network information technology,the Internet is fully integrated into all areas of modern today's society,and Web applications have become one of the main ways to obtain and publish information.The Internet not only creates new space for human life,but also provides a lot of convenience for people's daily life,so people's dependence on the network is gradually deepened.According to relevant research reports,Trojan propagation is the most important threat to current cyber security issues,and more than 90% of Trojans are spread through web pages.Compared with traditional Trojans,web Trojans are more destructive,faster spreading,and more threatening to network security.Therefore,how to prevent web trojan attacks quickly and effectively and ensure users to securely access web pages has become one of the problems that need to be solved urgently.Firstly,aiming at the timeliness and effectiveness of webpage feature extraction,this thesis proposes a hybrid feature extraction model for webpage Trojan detection.The model performs stream analysis on webpage data,extracts HTML page tags,JavaScript script functions and malicious traffic of webpage Trojans used by webpage Trojans through AC multi-mode matching,and uses tokenization algorithm to complete cross-packet features,thereby ensuring the effectiveness of Trojan feature extraction.For different sizes of web pages,the method of this thesis is compared with the traditional DOM-based parsing method in terms of parsing time and memory occupancy.It proves that the hybrid feature extraction model for webpage Trojan detection has advantages in analyzing timeliness and reducing storage pressure.Secondly,in order to improve the accuracy of webpage Trojan detection,this thesis proposes an integrated webpage Trojan detection model.The extracted HTML webpage static features,webpage Trojan traffic characteristics and JavaScript function code features are input into the nonlinear SVM classifier,the linear SVM classifier and the decision tree classifier for training,respectively.Then,the Bagging algorithm based on logistic regression combination strategy is used to integrate the three classifiers to generate the final webpage Trojan detection model.The experimental results show that the detection method proposed in this thesis has significantly improved the accuracy of webpage Trojan detection. |
PDF Full Text Request