| JavaScript script language has been widely used in the era of rapid development of the Internet,but it has also brought great challenges to the web network security.Attackers use the dynamic characteristics of JavaScript language to carry out malicious attacks: stealing user information,forging identity,attacking servers and so on.Aiming at detecting malicious JavaScript code,researchers put forward malicious JavaScript code detection technology from three perspectives: static,dynamic and the combination of static and dynamic by analyzing characteristics of malicious JavaScript code.In view of the harm caused by malicious JavaScript code to network security,based on the existing deep learning methods and detection technologies,two malicious JavaScript code detection models using static analysis detection technology are proposed according to different application environments.The main work and content of the thesis are as follows:(1)The malicious JavaScript code detection technology based on semantic analysis is proposed.In conventional security software,high accuracy of malicious code detection is required while traditional static detection model is difficult to extract semantic information of JavaScript code,and the accuracy is slightly insufficient.Therefore,a malicious JavaScript code detection technology based on semantic analysis is proposed: semantic information between words is extracted fully by word vector model,contextual semantic information is extracted by cyclic neural network,and code features are extracted and classified by deep learning algorithm.Firstly,the model extracts word vector containing JavaScript code through Fast Text,and then extracts word vector fully containing semantic information through Bi-LSTM.Finally,the deep pyramid convolutional neural network DPCNN is used to classify the JavaScript code.Experiments show that the accuracy of the model is increased by 1.0%.(2)The malicious JavaScript code detection technology based on Res Net is proposed.Traditional static detection technology is not suitable for web browsing requiring high response which has a complex process.Therefore,a lightweight malicious JavaScript code detection technique is proposed and implemented.Due to the similarity of malicious JavaScript data sets,the hash strings converted by the locally sensitive hash algorithm have similar characteristics.Then N-Grams model is used to vectorize the string.Finally,the feature of malicious code is extracted and classified through Res Net network which combines attention mechanism.The experimental results show that the accuracy of the model is increased by 0.2% and the detection time is reduced by 1.6ms. |
PDF Full Text Request