Hybrid Obfuscated Javascript Strength Analysis System for Detection of Malicious Websites

Abstract : JavaScripts are mostly used by the malicious websites to attack the client systems. To detect and prevent this, static and dynamic analysis systems are used which has problems like longer analysis time, setting up of virtual environment and prone to real attacks. Hence a new hybrid analysis system is proposed which reduces the shortcomings of the static and dynamic analysis systems. Additional features such as keywords to words ratio, average line length, presence of suspicious URLs and tags, whitespace percentage, number of redirections, and enigmatic variable names are used to measure the strength of the obfuscation. In this system performance is improved and the number of false positives and negatives are reduced. Based on the strength of obfuscation in the JavaScript code, a website is determined to be benign or malicious.
Type de document :
Communication dans un congrès
James J. Park; Albert Zomaya; Sang-Soo Yeo; Sartaj Sahni. 9th International Conference on Network and Parallel Computing (NPC), Sep 2012, Gwangju, South Korea. Springer, Lecture Notes in Computer Science, LNCS-7513, pp.129-137, 2012, Network and Parallel Computing. 〈10.1007/978-3-642-35606-3_15〉
Liste complète des métadonnées

Littérature citée [7 références]  Voir  Masquer  Télécharger

https://hal.inria.fr/hal-01551330
Contributeur : Hal Ifip <>
Soumis le : vendredi 30 juin 2017 - 10:35:45
Dernière modification le : mardi 17 avril 2018 - 11:52:04
Document(s) archivé(s) le : lundi 22 janvier 2018 - 21:12:54

Fichier

978-3-642-35606-3_15_Chapter.p...
Fichiers produits par l'(les) auteur(s)

Licence


Distributed under a Creative Commons Paternité 4.0 International License

Identifiants

Citation

R. Krishnaveni, C. Chellappan, R. Dhanalakshmi. Hybrid Obfuscated Javascript Strength Analysis System for Detection of Malicious Websites. James J. Park; Albert Zomaya; Sang-Soo Yeo; Sartaj Sahni. 9th International Conference on Network and Parallel Computing (NPC), Sep 2012, Gwangju, South Korea. Springer, Lecture Notes in Computer Science, LNCS-7513, pp.129-137, 2012, Network and Parallel Computing. 〈10.1007/978-3-642-35606-3_15〉. 〈hal-01551330〉

Partager

Métriques

Consultations de la notice

49

Téléchargements de fichiers

33