View in EDS PDF Full Text

A deep learning approach for detecting malicious JavaScript code.

Saved in:
Bibliographic Details
Title: A deep learning approach for detecting malicious JavaScript code.
Authors: Wang, Yao, Cai, Wan-dong, Wei, Peng-cheng
Source: Security & Communication Networks; 7/25/2016, Vol. 9 Issue 11, p1520-1534, 15p
Subject Terms: JAVASCRIPT programming language, MACHINE learning, DATA transmission systems, LOGISTIC regression analysis
Abstract: Malicious JavaScript code in webpages on the Internet is an emergent security issue because of its universality and potentially severe impact. Because of its obfuscation and complexities, detecting it has a considerable cost. Over the last few years, several machine learning-based detection approaches have been proposed; most of them use shallow discriminating models with features that are constructed with artificial rules. However, with the advent of the big data era for information transmission, these existing methods already cannot satisfy actual needs. In this paper, we present a new deep learning framework for detection of malicious JavaScript code, from which we obtained the highest detection accuracy compared with the control group. The architecture is composed of a sparse random projection, deep learning model, and logistic regression. Stacked denoising auto-encoders were used to extract high-level features from JavaScript code; logistic regression as a classifier was used to distinguish between malicious and benign JavaScript code. Experimental results indicated that our architecture, with over 27 000 labeled samples, can achieve an accuracy of up to 95%, with a false positive rate less than 4.2% in the best case. Copyright © 2016 John Wiley & Sons, Ltd. [ABSTRACT FROM AUTHOR]
Copyright of Security & Communication Networks is the property of Wiley-Blackwell and its content may not be copied or emailed to multiple sites without the copyright holder's express written permission. Additionally, content may not be used with any artificial intelligence tools or machine learning technologies. However, users may print, download, or email articles for individual use. This abstract may be abridged. No warranty is given about the accuracy of the copy. Users should refer to the original published version of the material for the full abstract. (Copyright applies to all Abstracts.)
Database: Complementary Index
FullText Links:
  – Type: pdflink
Text:
  Availability: 0
Header DbId: edb
DbLabel: Complementary Index
An: 116123715
RelevancyScore: 853
AccessLevel: 6
PubType: Academic Journal
PubTypeId: academicJournal
PreciseRelevancyScore: 853.196594238281
IllustrationInfo
Items – Name: Title
  Label: Title
  Group: Ti
  Data: A deep learning approach for detecting malicious JavaScript code.
– Name: Author
  Label: Authors
  Group: Au
  Data: <searchLink fieldCode="AR" term="%22Wang%2C+Yao%22">Wang, Yao</searchLink><br /><searchLink fieldCode="AR" term="%22Cai%2C+Wan-dong%22">Cai, Wan-dong</searchLink><br /><searchLink fieldCode="AR" term="%22Wei%2C+Peng-cheng%22">Wei, Peng-cheng</searchLink>
– Name: TitleSource
  Label: Source
  Group: Src
  Data: Security & Communication Networks; 7/25/2016, Vol. 9 Issue 11, p1520-1534, 15p
– Name: Subject
  Label: Subject Terms
  Group: Su
  Data: <searchLink fieldCode="DE" term="%22JAVASCRIPT+programming+language%22">JAVASCRIPT programming language</searchLink><br /><searchLink fieldCode="DE" term="%22MACHINE+learning%22">MACHINE learning</searchLink><br /><searchLink fieldCode="DE" term="%22DATA+transmission+systems%22">DATA transmission systems</searchLink><br /><searchLink fieldCode="DE" term="%22LOGISTIC+regression+analysis%22">LOGISTIC regression analysis</searchLink>
– Name: Abstract
  Label: Abstract
  Group: Ab
  Data: Malicious JavaScript code in webpages on the Internet is an emergent security issue because of its universality and potentially severe impact. Because of its obfuscation and complexities, detecting it has a considerable cost. Over the last few years, several machine learning-based detection approaches have been proposed; most of them use shallow discriminating models with features that are constructed with artificial rules. However, with the advent of the big data era for information transmission, these existing methods already cannot satisfy actual needs. In this paper, we present a new deep learning framework for detection of malicious JavaScript code, from which we obtained the highest detection accuracy compared with the control group. The architecture is composed of a sparse random projection, deep learning model, and logistic regression. Stacked denoising auto-encoders were used to extract high-level features from JavaScript code; logistic regression as a classifier was used to distinguish between malicious and benign JavaScript code. Experimental results indicated that our architecture, with over 27 000 labeled samples, can achieve an accuracy of up to 95%, with a false positive rate less than 4.2% in the best case. Copyright © 2016 John Wiley & Sons, Ltd. [ABSTRACT FROM AUTHOR]
– Name: Abstract
  Label:
  Group: Ab
  Data: <i>Copyright of Security & Communication Networks is the property of Wiley-Blackwell and its content may not be copied or emailed to multiple sites without the copyright holder's express written permission. Additionally, content may not be used with any artificial intelligence tools or machine learning technologies. However, users may print, download, or email articles for individual use. This abstract may be abridged. No warranty is given about the accuracy of the copy. Users should refer to the original published version of the material for the full abstract.</i> (Copyright applies to all Abstracts.)
PLink https://erproxy.cvtisr.sk/sfx/access?url=https://search.ebscohost.com/login.aspx?direct=true&site=eds-live&db=edb&AN=116123715
RecordInfo BibRecord:
  BibEntity:
    Identifiers:
      – Type: doi
        Value: 10.1002/sec.1441
    Languages:
      – Code: eng
        Text: English
    PhysicalDescription:
      Pagination:
        PageCount: 15
        StartPage: 1520
    Subjects:
      – SubjectFull: JAVASCRIPT programming language
        Type: general
      – SubjectFull: MACHINE learning
        Type: general
      – SubjectFull: DATA transmission systems
        Type: general
      – SubjectFull: LOGISTIC regression analysis
        Type: general
    Titles:
      – TitleFull: A deep learning approach for detecting malicious JavaScript code.
        Type: main
  BibRelationships:
    HasContributorRelationships:
      – PersonEntity:
          Name:
            NameFull: Wang, Yao
      – PersonEntity:
          Name:
            NameFull: Cai, Wan-dong
      – PersonEntity:
          Name:
            NameFull: Wei, Peng-cheng
    IsPartOfRelationships:
      – BibEntity:
          Dates:
            – D: 25
              M: 07
              Text: 7/25/2016
              Type: published
              Y: 2016
          Identifiers:
            – Type: issn-print
              Value: 19390114
          Numbering:
            – Type: volume
              Value: 9
            – Type: issue
              Value: 11
          Titles:
            – TitleFull: Security & Communication Networks
              Type: main
ResultId 1