Syntax-Based Malicious JavaScript Code Detection Method
DOI:
Author:
Affiliation:

Clc Number:

TP391.1

Fund Project:

  • Article
  • |
  • Figures
  • |
  • Metrics
  • |
  • Reference
  • |
  • Related
  • |
  • Cited by
    Abstract:

    JavaScript is a dynamic scripting language originally designed to improve the interactive capabilities of web pages. However, attackers use this peculiarity to execute malicious code on web pages, posing a huge threat. The traditional method based on static feature detection is difficult to detect the malicious code after confusion, and the method based on dynamic analysis has low efficiency. This paper proposes a static detection model based on semantic analysis. By extracting the lexical unit sequence features of abstract syntax tree, the word vector is modeled by word2vec, and the generated features are input into the LSTM network to detect malicious JavaScript. Experiments show that the model can effectively detect confused malicious JavaScript code and improve the detection speed, with a precision of 99.94% and recall of 98.33%.

    Reference
    Related
    Cited by
Get Citation

Cite this article as: QIU YAOYAO, Fang Yong, Huang Cheng, Liu Liang, Zhang Xing. Syntax-Based Malicious JavaScript Code Detection Method [J]. J Sichuan Univ: Nat Sci Ed, 2019, 56: 273.

Copy
Share
Article Metrics
  • Abstract:
  • PDF:
  • HTML:
  • Cited by:
History
  • Received:December 13,2018
  • Revised:January 03,2019
  • Adopted:January 17,2019
  • Online: April 01,2019
  • Published: