A Static Malicious Javascript Detection Using SVM

Malicious script,such as JavaScript, is one of the primary threats of the network security. JavaScript is not only a browser scripting language that allows developers to create sophisticated client-side interfaces for web applications, but also used to carry out attacks taht used to steal users' credentials and lure users into providing sensitive information to unauthorized parties. We propose a static malicious JavaScript detection techniques based on SVM(Support Vector Machine). Our approach combines static detection with machine learning technique, to analyze and extract malicious script features,and use the machine learning technology,SVM, to classify the scripts.This technique has the characteristics of high detection rate,low false positive rate and the detection of unknown attacks. Applied to experiments on the prepared data set, we achieved excellent detection performance. Keywords-Keywords; SVM; static detection; malicious script detection

[1]  Eunjin Jung,et al.  Obfuscated malicious javascript detection using classification techniques , 2009, 2009 4th International Conference on Malicious and Unwanted Software (MALWARE).

[2]  Dawei Wang,et al.  Malicious Web Pages Detection Based on Abnormal Visibility Recognition , 2009, 2009 International Conference on E-Business and Information System Security.

[3]  Giovanni Vigna,et al.  Detecting malicious JavaScript code in Mozilla , 2005, 10th IEEE International Conference on Engineering of Complex Computer Systems (ICECCS'05).

[4]  Alain J. Mayer,et al.  Secure Web Scripting , 1998, IEEE Internet Comput..

[5]  David Flanagan,et al.  JavaScript: The Definitive Guide , 1996 .

[6]  Vladimir N. Vapnik,et al.  The Nature of Statistical Learning Theory , 2000, Statistics for Engineering and Information Science.

[7]  Yan Qi-sheng SVM with RBF kernel and its application research , 2006 .

[8]  Byung-Ik Kim,et al.  Suspicious Malicious Web Site Detection with Strength Analysis of a JavaScript Obfuscation , 2010 .