| Today,with the rapid development of the Internet,the improvement and enrichment of network technologies have caused more and more websites to provide services in the form of Web applications,which has led to a multiple-fold increase in Web-based applications.As a language with complete functions,Java Script is widely used in the front-end development of Web applications.Although it brings a lot of convenience and a good interactive experience to users,it also brings a lot of threats and risks to Web user terminals.In order to deal with the network security problems caused by Java Script malicious code,academia has already proposed some detection methods,but the actual results are not satisfactory.There are many deficiencies.In order to obtain a Java Script malicious code detection system with better detection performance,the work and innovations of this article are as follows:First,after implementing the catch JS script grabbing tool process,Because a large number of Java Script malicious code detection systems have not considered comprehensively the extraction of script features in the past literature.and the Java Script language standard is updated annually.Through the latest ECMAScript2019 standard and the research on this year's mainstream Java Script attack technology,68 new script features are proposed from four aspects to improve the generalization of feature extraction?Then,considering the lack of consideration of traditional feature extraction for Java Script obfuscation techniques,each feature uses the same weight,lacks scientificity and generalizatio,The idea of text classification is applied to the malicious detection of Java Script scripts,and the traditional TF-IDF weighting algorithm is improved to get TF-NIDF weighting algorithm,which is more scientific and generalized weighting.ndirectly,it effectively improves the detection performance of Java Script malicious code classification model.Secondly,According to other researchers focus on the optimization of classification algorithms and feature extraction.and classification label errors of web page acquisition scripts are not considered carefully.The optimization of classification algorithm and feature extraction is focused on..The targeted improved MMV-detector script filtering algorithm based on negative selection performs noise reduction filtering on the captured Java Script script set,The accuracy of sample markup is guaranteed by distinguishing abnormal scripts such as plug-ins and ads from normal scripts.Reduce the noise of the training set,The noise of the training set is reduced,and the marking error is reduced.,and Java Script malicious code classification model performance is improved from the source The SVM classification algorithm of support vector machine is selected as the classification algorithm of this system after theoretical analysis and experimental comparison with the mainstream classification algorithm.Aiming at the problems of sample labeling in traditionalsupervised learning SVM algorithm,such as costly,time-efficient,and insufficient accuracy,SVM classification algorithm is added to active learning,and targeted to improve the selection strategy,optimize the query algorithm.An ASVM active learning classification algorithm based on value measures is obtained,Which improving the accuracy and efficiency of the classifier training process.Finally,a complete Java Script malicious code detection MNAS model is established by combining the MMV-detector script filtering module with TF-NIDF weighted algorithm feature extraction and ASVM active learning classification algorithm.The obtained classification model is applied to Java Script malicious code detection,and a Java Script malicious code detection prototype system is implemented.The efficiency and correctness of the system,as well as comprehensive analysis and experimental verification are carried out. |
PDF Full Text Request