A New Approach of Clustering Malicious Java']JavaScript

被引：0

作者：

Liu Biao ^{[1
]}

Zhang Kejun ^{[1
,2
]}

Feng Huamin ^{[1
,2
]}

Zhang Kejun ^{[1
,2
]}

Feng Huamin ^{[1
,2
]}

Li Yang ^{[2
]}

机构：

[1] Beijing Elect Sci & Technol Inst, Dept Comp Sci, Beijing, Peoples R China

[2] Xidian Univ, Sch Telecommun Engn, Xian, Peoples R China

来源：

2014 5TH IEEE INTERNATIONAL CONFERENCE ON SOFTWARE ENGINEERING AND SERVICE SCIENCE (ICSESS) | 2014年

关键词：

obfuscated; polymorphic; tree edit distance; abstract syntax tree;

D O I：

暂无

中图分类号：

TP31 [计算机软件];

学科分类号：

081202 ; 0835 ;

摘要：

In the recent years, many hostile websites have been using polymorphic JavaScript in order to conceal its code. The virtual execution is considered to be effective to process and detect such types of JavaScript. However, a challenge often encountered with that approach is the mandatory preparation of very detail-oriented environments that may also require specific user-driven events for the malicious JavaScript to execute properly as it was designed to. This paper proposes a hierarchical clustering algorithm based on tree edit distance to recognize and categorize hostile JavaScript. Firstly, the JavaScript's abstract syntax tree is constructed to be structural analysis. Secondly, the similarity of two JavaScript is calculated by tree-matching algorithm based on tree edit distance. Finally, the hierarchical clustering of malicious JavaScript is determined by predefined threshold. Our promising results confirm the effectiveness of the approach.

引用

页码：157 / 160

页数：4

共 50 条

[1] A deep learning approach for detecting malicious Java']JavaScript code
Wang, Yao
Cai, Wan-dong
Wei, Peng-cheng
[J]. SECURITY AND COMMUNICATION NETWORKS, 2016, 9 (11) : 1520 - 1534
[2] Malicious Java']JavaScript Detection by Features Extraction
Canfora, Gerardo
Mercaldo, Francesco
Visaggio, Corrado Aaron
[J]. E-INFORMATICA SOFTWARE ENGINEERING JOURNAL, 2014, 8 (01) : 65 - 78
[3] Detecting malicious Java']JavaScript code in Mozilla
Hallaraker, O
Vigna, G
[J]. ICECCS 2005: 10TH IEEE INTERNATIONAL CONFERENCE ON ENGINEERING OF COMPLEX COMPUTER SYSTEMS, PROCEEDINGS, 2005, : 85 - 94
[4] Detection of malicious java']javascript on an imbalanced dataset
Phung, Ngoc Minh
Mimura, Mamoru
[J]. INTERNET OF THINGS, 2021, 13
[5] Analysis and Identification of Malicious Java']JavaScript Code
Fraiwan, Mohammad
Al-Salman, Rami
Khasawneh, Natheer
Conrad, Stefan
[J]. INFORMATION SECURITY JOURNAL, 2012, 21 (01): : 1 - 11
[6] Detection of Obfuscated Malicious Java']JavaScript Code
Alazab, Ammar
Khraisat, Ansam
Alazab, Moutaz
Singh, Sarabjot
[J]. FUTURE INTERNET, 2022, 14 (08):
[7] Detecting Malicious Behaviors in Java']JavaScript Applications
Mao, Jian
Bian, Jingdong
Bai, Guangdong
Wang, Ruilong
Chen, Yue
Xiao, Yinhao
Liang, Zhenkai
[J]. IEEE ACCESS, 2018, 6 : 12284 - 12294
[8] Obfuscated Malicious Java']JavaScript Detection by Machine Learning
Pan, Jinkun
Mao, Xiaoguang
[J]. PROCEEDINGS OF THE 2ND INTERNATIONAL CONFERENCE ON ADVANCES IN MECHANICAL ENGINEERING AND INDUSTRIAL INFORMATICS (AMEII 2016), 2016, 73 : 805 - 810
[9] HIDENOSEEK: Camouflaging Malicious Java']JavaScript in Benign ASTs
Fass, Aurore
Backes, Michael
Stock, Ben
[J]. PROCEEDINGS OF THE 2019 ACM SIGSAC CONFERENCE ON COMPUTER AND COMMUNICATIONS SECURITY (CCS'19), 2019, : 1899 - 1913
[10] TransAST: A Machine Translation-Based Approach for Obfuscated Malicious Java']JavaScript Detection
Qin, Yan
Wang, Weiping
Chen, Zixian
Song, Hong
Zhang, Shigeng
[J]. 2023 53RD ANNUAL IEEE/IFIP INTERNATIONAL CONFERENCE ON DEPENDABLE SYSTEMS AND NETWORKS, DSN, 2023, : 327 - 338

← 1 2 3 4 5 →