Detection of Obfuscated Malicious JavaScript Code

作     者：Alazab, Ammar Khraisat, Ansam Alazab, Moutaz Singh, Sarabjot 

作者机构：Melbourne Inst Technol Sch Informat Technol & Engn Melbourne Vic 3000 Australia Balqa Appl Univ Fac Artificial Intelligence Amman 1705 Jordan 

出 版 物：《FUTURE INTERNET》 (未来互联网)

年 卷 期：2022年第14卷第8期

页      面：217-217页

核心收录：

学科分类：08[工学] 0812[工学-计算机科学与技术（可授工学、理学学位）] 

基　　金：Melbourne Institute Technology - Melbourne Institute Technology 

主　　题：malware detection intrusion detection obfuscated malicious machine learning malicious JavaScript 

摘      要：Websites on the Internet are becoming increasingly vulnerable to malicious JavaScript code because of its strong impact and dramatic effect. Numerous recent cyberattacks use JavaScript vulnerabilities, and in some cases employ obfuscation to conceal their malice and elude detection. To secure Internet users, an adequate intrusion-detection system (IDS) for malicious JavaScript must be developed. This paper proposes an automatic IDS of obfuscated JavaScript that employs several features and machine-learning techniques that effectively distinguish malicious and benign JavaScript codes. We also present a new set of features, which can detect obfuscation in JavaScript. The features are selected based on identifying obfuscation, a popular method to bypass conventional malware detection systems. The performance of the suggested approach has been tested on JavaScript obfuscation attacks. The studies have shown that IDS based on selected features has a detection rate of 94% for malicious samples and 81% for benign samples within the dimension of the feature vector of 60.