JStrong: Malicious JavaScript detection based on code semantic representation and graph neural network

Web development technology has experienced significant progress. The creation of JavaScript has highly enriched the interactive ability of the client. However, the attacker uses the dynamic characteristics of the JavaScript language to embed malicious code into web pages to achieve the purpose of sm...

Celý popis

Uložené v:
Podrobná bibliografia
Vydané v:Computers & security Ročník 118; s. 102715
Hlavní autori: Fang, Yong, Huang, Chaoyi, Zeng, Minchuan, Zhao, Zhiying, Huang, Cheng
Médium: Journal Article
Jazyk:English
Vydavateľské údaje: Amsterdam Elsevier Ltd 01.07.2022
Elsevier Sequoia S.A
Predmet:
Classification
Code representation
Confusion
Dependency
Dynamic characteristics
Graph neural network
Graph neural networks
Graph theory
Graphical representations
Java
JavaScript
Malicious JavaScript
Malware
Networks
Neural networks
Program dependency graph
Scripts detection
Semantics
Smuggling
Source code
Syntax
Websites
Malicious JavaScript
Scripts detection
Program dependency graph
Code representation
Graph neural network
ISSN:0167-4048, 1872-6208
On-line prístup:Získať plný text
Tagy: Pridať tag
Žiadne tagy, Buďte prvý, kto otaguje tento záznam!
Abstract Web development technology has experienced significant progress. The creation of JavaScript has highly enriched the interactive ability of the client. However, the attacker uses the dynamic characteristics of the JavaScript language to embed malicious code into web pages to achieve the purpose of smuggling, redirection, and so on. Traditional methods based on static feature detection are therefore difficult to detect malicious code after confusion, and the method based on dynamic analysis is inefficient. To meet these challenges, this paper proposes a static detection model JStrong based on graph neural network. The model first generates an abstract syntax tree from the JavaScript source code, and then adds data flow and control flow information into the program dependency graph. In addition, we embed the nodes and edges of the graph into the feature vector and fully learn the features of the whole graph through the graph neural network. We take advantage of a real-world dataset collected from the top website and GitHub to evaluate JStrong and compare it to the state-of-the-art method. Experimental results show that JStrong achieves near-perfect classification performance and is superior to the state-of-the-art method.
AbstractList Web development technology has experienced significant progress. The creation of JavaScript has highly enriched the interactive ability of the client. However, the attacker uses the dynamic characteristics of the JavaScript language to embed malicious code into web pages to achieve the purpose of smuggling, redirection, and so on. Traditional methods based on static feature detection are therefore difficult to detect malicious code after confusion, and the method based on dynamic analysis is inefficient. To meet these challenges, this paper proposes a static detection model JStrong based on graph neural network. The model first generates an abstract syntax tree from the JavaScript source code, and then adds data flow and control flow information into the program dependency graph. In addition, we embed the nodes and edges of the graph into the feature vector and fully learn the features of the whole graph through the graph neural network. We take advantage of a real-world dataset collected from the top website and GitHub to evaluate JStrong and compare it to the state-of-the-art method. Experimental results show that JStrong achieves near-perfect classification performance and is superior to the state-of-the-art method.
ArticleNumber 102715
Author Zeng, Minchuan
Zhao, Zhiying
Huang, Chaoyi
Huang, Cheng
Fang, Yong
Author_xml – sequence: 1
  givenname: Yong
  surname: Fang
  fullname: Fang, Yong
– sequence: 2
  givenname: Chaoyi
  surname: Huang
  fullname: Huang, Chaoyi
– sequence: 3
  givenname: Minchuan
  surname: Zeng
  fullname: Zeng, Minchuan
– sequence: 4
  givenname: Zhiying
  surname: Zhao
  fullname: Zhao, Zhiying
– sequence: 5
  givenname: Cheng
  orcidid: 0000-0002-5871-946X
  surname: Huang
  fullname: Huang, Cheng
  email: opcodesec@gmail.com
BookMark eNp9kMFuEzEQhi3USqQtL8DJEucN9mSzdhAXVFFoVcShcLam49nikNqL7RT17euwPXHoaWzr_zz6vxNxFFNkId5qtdRKD--3S0qFl6AA2gMYvX4lFtoa6AZQ9kgsWsh0verta3FSylYpbQZrF2K8uqk5xbsP8hvuAoW0L_IKH_CGcpiq9FyZakhR3mJhL9uBkmdZ-B5jDSQzT5kLx4r_Uhi9vMs4_ZKR9xl3bdS_Kf8-E8cj7gq_eZ6n4ufF5x_nX7vr718uzz9dd7SCvnYbDwDDOAxgRiRtATdo1h4U0poUjWQ9G7S37QJgWLEio8ErY6FfedarU_Fu_nfK6c-eS3XbtM-xrXTQ-q43Q7_atJSdU5RTKZlHR2EuUDOGndPKHay6rTtYdQerbrbaUPgPnXK4x_z4MvRxhrhVfwicXaHAkdiH3PQ6n8JL-BO4-ZQC
CitedBy_id crossref_primary_10_1371_journal_pone_0277891
crossref_primary_10_3390_app122412916
crossref_primary_10_1016_j_cose_2025_104390
crossref_primary_10_1109_ACCESS_2023_3317266
crossref_primary_10_1016_j_asoc_2023_110138
crossref_primary_10_4218_etrij_2024_0255
crossref_primary_10_3390_info16060470
crossref_primary_10_1016_j_cose_2022_103015
crossref_primary_10_3390_app13053327
crossref_primary_10_1016_j_cosrev_2025_100810
Cites_doi 10.1016/j.cose.2021.102218
10.1109/TDSC.2018.2845851
10.1145/3436877
10.1145/24039.24041
10.1109/TIFS.2020.3044773
10.1016/j.aiopen.2021.01.001
10.1016/j.cose.2020.101764
10.1016/j.procs.2016.07.291
ContentType Journal Article
Copyright 2022 Elsevier Ltd
Copyright Elsevier Sequoia S.A. Jul 2022
Copyright_xml – notice: 2022 Elsevier Ltd
– notice: Copyright Elsevier Sequoia S.A. Jul 2022
DBID AAYXX
CITATION
7SC
8FD
JQ2
K7.
L7M
L~C
L~D
DOI 10.1016/j.cose.2022.102715
DatabaseName CrossRef
Computer and Information Systems Abstracts
Technology Research Database
ProQuest Computer Science Collection
ProQuest Criminal Justice (Alumni)
Advanced Technologies Database with Aerospace
Computer and Information Systems Abstracts – Academic
Computer and Information Systems Abstracts Professional
DatabaseTitle CrossRef
ProQuest Criminal Justice (Alumni)
Technology Research Database
Computer and Information Systems Abstracts – Academic
ProQuest Computer Science Collection
Computer and Information Systems Abstracts
Advanced Technologies Database with Aerospace
Computer and Information Systems Abstracts Professional
DatabaseTitleList
ProQuest Criminal Justice (Alumni)
DeliveryMethod fulltext_linktorsrc
Discipline Computer Science
EISSN 1872-6208
ExternalDocumentID 10_1016_j_cose_2022_102715
S0167404822001110
GroupedDBID --K
--M
-~X
.DC
.~1
0R~
1B1
1RT
1~.
1~5
29F
4.4
457
4G.
5GY
5VS
7-5
71M
8P~
9JN
AACTN
AAEDT
AAEDW
AAIAV
AAIKJ
AAKOC
AALRI
AAOAW
AAQFI
AAQXK
AAXUO
AAYFN
ABBOA
ABFSI
ABMAC
ABXDB
ABYKQ
ACDAQ
ACGFO
ACGFS
ACNNM
ACRLP
ACZNC
ADBBV
ADEZE
ADHUB
ADJOM
ADMUD
AEBSH
AEKER
AENEX
AFFNX
AFKWA
AFTJW
AGHFR
AGUBO
AGYEJ
AHHHB
AHZHX
AIALX
AIEXJ
AIKHN
AITUG
AJBFU
AJOXV
ALMA_UNASSIGNED_HOLDINGS
AMFUW
AMRAJ
AOUOD
ASPBG
AVWKF
AXJTR
AZFZN
BKOJK
BKOMP
BLXMC
CS3
DU5
E.L
EBS
EFJIC
EFLBG
EJD
EO8
EO9
EP2
EP3
FDB
FEDTE
FGOYB
FIRID
FNPLU
FYGXN
G-2
G-Q
GBLVA
GBOLZ
HLX
HLZ
HVGLF
HZ~
IHE
J1W
KOM
LG8
LG9
M41
MO0
MS~
N9A
O-L
O9-
OAUVE
OZT
P-8
P-9
P2P
PC.
PQQKQ
Q38
R2-
RIG
RNS
ROL
RPZ
RXW
SBC
SBM
SDF
SDG
SDP
SES
SEW
SPC
SPCBC
SSV
SSZ
T5K
TAE
TN5
TWZ
WH7
WUQ
XJE
XPP
XSW
YK3
ZMT
~G-
9DU
AATTM
AAXKI
AAYWO
AAYXX
ABJNI
ABWVN
ACLOT
ACRPL
ACVFH
ADCNI
ADNMO
AEIPS
AEUPX
AFJKZ
AFPUW
AGQPQ
AIGII
AIIUN
AKBMS
AKRWK
AKYEP
ANKPU
APXCP
CITATION
EFKBS
~HD
7SC
8FD
JQ2
K7.
L7M
L~C
L~D
ID FETCH-LOGICAL-c324t-9d2226f6627fac182a9a75d20ac5c0cfc8de7a8b5c0227e0e0c712d078243de13
ISICitedReferencesCount 19
ISICitedReferencesURI http://www.webofscience.com/api/gateway?GWVersion=2&SrcApp=Summon&SrcAuth=ProQuest&DestLinkType=CitingArticles&DestApp=WOS_CPL&KeyUT=000797949500017&url=https%3A%2F%2Fcvtisr.summon.serialssolutions.com%2F%23%21%2Fsearch%3Fho%3Df%26include.ft.matches%3Dt%26l%3Dnull%26q%3D
ISSN 0167-4048
IngestDate Thu Nov 20 01:17:07 EST 2025
Tue Nov 18 22:17:15 EST 2025
Sat Nov 29 07:25:26 EST 2025
Fri Feb 23 02:40:09 EST 2024
IsPeerReviewed true
IsScholarly true
Keywords Malicious JavaScript
Scripts detection
Program dependency graph
Code representation
Graph neural network
Language English
LinkModel OpenURL
MergedId FETCHMERGED-LOGICAL-c324t-9d2226f6627fac182a9a75d20ac5c0cfc8de7a8b5c0227e0e0c712d078243de13
Notes ObjectType-Article-1
SourceType-Scholarly Journals-1
ObjectType-Feature-2
content type line 14
ORCID 0000-0002-5871-946X
PQID 2688596439
PQPubID 46289
ParticipantIDs proquest_journals_2688596439
crossref_citationtrail_10_1016_j_cose_2022_102715
crossref_primary_10_1016_j_cose_2022_102715
elsevier_sciencedirect_doi_10_1016_j_cose_2022_102715
PublicationCentury 2000
PublicationDate July 2022
2022-07-00
20220701
PublicationDateYYYYMMDD 2022-07-01
PublicationDate_xml – month: 07
  year: 2022
  text: July 2022
PublicationDecade 2020
PublicationPlace Amsterdam
PublicationPlace_xml – name: Amsterdam
PublicationTitle Computers & security
PublicationYear 2022
Publisher Elsevier Ltd
Elsevier Sequoia S.A
Publisher_xml – name: Elsevier Ltd
– name: Elsevier Sequoia S.A
References Eshkevari, Mazinanian, Rostami, Tsantalis (bib0007) 2017
Hidayat, A., 2021. Esprima master documentation.
Curtsinger, Livshits, Zorn, Seifert (bib0006) 2011
Andreasen, Møller (bib0001) 2014
Fass, Krawczyk, Backes, Stock (bib0010) 2018
Mining node.js vulnerabilities via object dependence graph and query (bib0027) 2022
Fass, Backes, Stock (bib0009) 2019
Hamilton, Ying, Leskovec (bib0015) 2017; abs/1709.05584
Hamilton, Ying, Leskovec (bib0014) 2017
Hedin, Sabelfeld (bib0016) 2015
Mikolov, Sutskever, Chen, Corrado, Dean (bib0026) 2013
Tellenbach, Paganoni, Rennhard (bib0032) 2016; 9
Catal, Gunduz, Ozcan (bib0003) 2021; 10
Velickovic, Cucurull, Casanova, Romero, Liò, Bengio (bib0034) 2018
VirusTotal, 2021. Virustotal - analyze suspicious files and urls to detect types of malware, automatically share them with the security community.
Li, Zou, Xu, Jin, Zhu, Chen (bib0025) 2021
Ferrante, Ottenstein, Warren (bib0011) 1987; 9
Cho, Van Merriënboer, Gulcehre, Bahdanau, Bougares, Schwenk, Bengio (bib0005) 2014
Ndichu, Ozawa, Misu, Okada (bib0028) 2018
Fang, Huang, Su, Qiu (bib0008) 2020; 93
Kapravelos, Shoshitaishvili, Cova, Kruegel, Vigna (bib0019) 2013
GeeksOnSecurity, 2021. Malicious javascript dataset.
Le Pochat, Van Goethem, Tajalizadehkhoob, Korczyński, Joosen (bib0023) 2019
Li, Tarlow, Brockschmidt, Zemel (bib0024) 2016
Brown, Narayan, Wahby, Engler, Jhala, Stefan (bib0002) 2017
Huang, Li, Zhang, Li, Liu (bib0018) 2021; 104
Kipf, Welling (bib0022) 2017
Zhou, Cui, Hu, Zhang, Yang, Liu, Wang, Li, Sun (bib0040) 2020; 1
Gorji, Abadi (bib0013) 2014
Kim, Choi, Lee (bib0020) 2012; 6
Wang, Ye, Tang, Tan, Huang, Fang, Feng, Bian, Wang (bib0036) 2020; 16
Yamaguchi, Golde, Arp, Rieck (bib0039) 2014
urlscan.io, 2021. urlscan.io - website scanner for suspicious and malicious urls.
Cheng, Wang, Hua, Xu, Sui (bib0004) 2021; 30
.
Petrak, H., 2021. Javascript malware collection.
Wang, Xue, Liu, Tan (bib0037) 2015
Zhou, Evans (bib0041) 2015
Seshagiri, Vazhayil, Sriram (bib0030) 2016; 93
Wang, Zheng, Ye, Gan, Li, Song, Zhou, Ma, Yu, Gai, Xiao, He, Karypis, Li, Zhang (bib0038) 2019
Song, Huang, Huang (bib0031) 2018; 17
Kim, Kim, Kim, Kwon, Zheng, Zhang, Xu (bib0021) 2017
Zhou, Liu, Siow, Du, Liu (bib0042) 2019
Curtsinger (10.1016/j.cose.2022.102715_bib0006) 2011
Cheng (10.1016/j.cose.2022.102715_bib0004) 2021; 30
Gorji (10.1016/j.cose.2022.102715_bib0013) 2014
Mikolov (10.1016/j.cose.2022.102715_bib0026) 2013
Mining node.js vulnerabilities via object dependence graph and query (10.1016/j.cose.2022.102715_sbref0027) 2022
Hamilton (10.1016/j.cose.2022.102715_sbref0015) 2017; abs/1709.05584
Kipf (10.1016/j.cose.2022.102715_sbref0022) 2017
Hamilton (10.1016/j.cose.2022.102715_bib0014) 2017
Le Pochat (10.1016/j.cose.2022.102715_bib0023) 2019
Seshagiri (10.1016/j.cose.2022.102715_bib0030) 2016; 93
10.1016/j.cose.2022.102715_bib0035
10.1016/j.cose.2022.102715_bib0012
10.1016/j.cose.2022.102715_bib0033
10.1016/j.cose.2022.102715_bib0017
Song (10.1016/j.cose.2022.102715_bib0031) 2018; 17
Li (10.1016/j.cose.2022.102715_sbref0024) 2016
Ferrante (10.1016/j.cose.2022.102715_bib0011) 1987; 9
Velickovic (10.1016/j.cose.2022.102715_sbref0034) 2018
Wang (10.1016/j.cose.2022.102715_bib0037) 2015
Yamaguchi (10.1016/j.cose.2022.102715_bib0039) 2014
Zhou (10.1016/j.cose.2022.102715_bib0040) 2020; 1
Fass (10.1016/j.cose.2022.102715_bib0010) 2018
Wang (10.1016/j.cose.2022.102715_bib0038) 2019
Andreasen (10.1016/j.cose.2022.102715_bib0001) 2014
Hedin (10.1016/j.cose.2022.102715_bib0016) 2015
Zhou (10.1016/j.cose.2022.102715_bib0041) 2015
Kapravelos (10.1016/j.cose.2022.102715_bib0019) 2013
Fang (10.1016/j.cose.2022.102715_bib0008) 2020; 93
Kim (10.1016/j.cose.2022.102715_bib0021) 2017
Brown (10.1016/j.cose.2022.102715_bib0002) 2017
Catal (10.1016/j.cose.2022.102715_bib0003) 2021; 10
Ndichu (10.1016/j.cose.2022.102715_bib0028) 2018
Kim (10.1016/j.cose.2022.102715_bib0020) 2012; 6
Fass (10.1016/j.cose.2022.102715_bib0009) 2019
Wang (10.1016/j.cose.2022.102715_bib0036) 2020; 16
Li (10.1016/j.cose.2022.102715_bib0025) 2021
Tellenbach (10.1016/j.cose.2022.102715_bib0032) 2016; 9
Eshkevari (10.1016/j.cose.2022.102715_bib0007) 2017
10.1016/j.cose.2022.102715_bib0029
Huang (10.1016/j.cose.2022.102715_bib0018) 2021; 104
Zhou (10.1016/j.cose.2022.102715_bib0042) 2019
Cho (10.1016/j.cose.2022.102715_bib0005) 2014
References_xml – year: 2017
  ident: bib0022
  article-title: Semi-supervised classification with graph convolutional networks
  publication-title: 5th International Conference on Learning Representations, ICLR 2017, Toulon, France, April 24–26, 2017, Conference Track Proceedings
– start-page: 559
  year: 2017
  end-page: 578
  ident: bib0002
  article-title: Finding and preventing bugs in javascript bindings
  publication-title: 2017 IEEE Symposium on Security and Privacy (SP)
– reference: Hidayat, A., 2021. Esprima master documentation.
– start-page: 257
  year: 2019
  end-page: 269
  ident: bib0009
  article-title: Jstap: A static pre-filter for malicious javascript detection
  publication-title: Proceedings of the 35th Annual Computer Security Applications Conference
– reference: VirusTotal, 2021. Virustotal - analyze suspicious files and urls to detect types of malware, automatically share them with the security community.
– year: 2019
  ident: bib0042
  article-title: Devign: Effective vulnerability identification by learning comprehensive program semantics via graph neural networks
  publication-title: NeurIPS
– year: 2016
  ident: bib0024
  article-title: Gated graph sequence neural networks
  publication-title: 4th International Conference on Learning Representations, ICLR 2016, San Juan, Puerto Rico, May 2–4, 2016, Conference Track Proceedings
– volume: 9
  start-page: 196
  year: 2016
  end-page: 206
  ident: bib0032
  article-title: Detecting obfuscated javascripts from known and unknown obfuscators using machine learning
  publication-title: International Journal on Advances in Security
– year: 2021
  ident: bib0025
  article-title: Sysevr: a framework for using deep learning to detect software vulnerabilities
  publication-title: IEEE Trans Dependable Secure Comput
– reference: GeeksOnSecurity, 2021. Malicious javascript dataset.
– start-page: 71
  year: 2017
  end-page: 74
  ident: bib0007
  article-title: Jsdeodorant: Class-awareness for javascript programs
  publication-title: 2017 IEEE/ACM 39th International Conference on Software Engineering Companion (ICSE-C)
– start-page: 1
  year: 2018
  end-page: 8
  ident: bib0028
  article-title: A machine learning approach to malicious javascript detection using fixed length vector representation
  publication-title: 2018 International Joint Conference on Neural Networks (IJCNN)
– reference: urlscan.io, 2021. urlscan.io - website scanner for suspicious and malicious urls.
– volume: abs/1709.05584
  year: 2017
  ident: bib0015
  article-title: Representation learning on graphs: methods and applications
  publication-title: CoRR
– year: 2022
  ident: bib0027
  article-title: In: 31st USENIX Security Symposium (USENIX Security 22)
– volume: 6
  start-page: 766
  year: 2012
  end-page: 783
  ident: bib0020
  article-title: Jssandbox: a framework for analyzing the behavior of malicious javascript code using internal function hooking
  publication-title: KSII Transactions on Internet and Information Systems (TIIS)
– start-page: 1
  year: 2019
  end-page: 15
  ident: bib0023
  article-title: Tranco: a research-oriented top sites ranking hardened against manipulation
  publication-title: Proceedings of the 26th Annual Network and Distributed System Security Symposium
– volume: 93
  start-page: 768
  year: 2016
  end-page: 773
  ident: bib0030
  article-title: Ama: static code analysis of web page for the detection of malicious scripts
  publication-title: Procedia Comput Sci
– start-page: 33
  year: 2011
  end-page: 48
  ident: bib0006
  article-title: Zozzle: fast and precise in-browser JavaScript malware detection
  publication-title: USENIX Security Symposium
– volume: 93
  start-page: 101764
  year: 2020
  ident: bib0008
  article-title: Detecting malicious javascript code based on semantic analysis
  publication-title: Computers & Security
– year: 2019
  ident: bib0038
  article-title: Deep graph library: a graph-centric, highly-performant package for graph neural networks
  publication-title: arXiv preprint arXiv:1909.01315
– start-page: 17
  year: 2014
  end-page: 31
  ident: bib0001
  article-title: Determinacy in static analysis for jQuery
  publication-title: Proceedings of the 2014 ACM International Conference on Object Oriented Programming Systems Languages & Applications
– start-page: 3111
  year: 2013
  end-page: 3119
  ident: bib0026
  article-title: Distributed representations of words and phrases and their compositionality
  publication-title: Proceedings of the 26th International Conference on Neural Information Processing Systems-Volume 2
– start-page: 109
  year: 2015
  end-page: 120
  ident: bib0037
  article-title: Jsdc: A hybrid approach for javascript malware detection and classification
  publication-title: Proceedings of the 10th ACM Symposium on Information, Computer and Communications Security
– year: 2014
  ident: bib0005
  article-title: Learning phrase representations using rnn encoder-decoder for statistical machine translation
  publication-title: arXiv preprint arXiv:1406.1078
– start-page: 1
  year: 2014
  end-page: 6
  ident: bib0013
  article-title: Detecting obfuscated javascript malware using sequences of internal function calls
  publication-title: Proceedings of the 2014 ACM Southeast Regional Conference
– year: 2018
  ident: bib0034
  article-title: Graph attention networks
  publication-title: 6th International Conference on Learning Representations, ICLR 2018, Vancouver, BC, Canada, April 30, - May 3, 2018, Conference Track Proceedings
– volume: 10
  start-page: 2534
  year: 2021
  ident: bib0003
  article-title: Malware detection based on graph attention networks for intelligent transportation systems
  publication-title: Electronics (Basel)
– volume: 17
  start-page: 1063
  year: 2018
  end-page: 1078
  ident: bib0031
  article-title: Understanding javascript vulnerabilities in large real-world android applications
  publication-title: IEEE Trans Dependable Secure Comput
– volume: 30
  start-page: 1
  year: 2021
  end-page: 33
  ident: bib0004
  article-title: Deepwukong: statically detecting software vulnerabilities using deep graph neural network
  publication-title: ACM Transactions on Software Engineering and Methodology (TOSEM)
– start-page: 850
  year: 2015
  end-page: 865
  ident: bib0041
  article-title: Understanding and monitoring embedded web scripts
  publication-title: 2015 IEEE Symposium on Security and Privacy
– volume: 16
  start-page: 1943
  year: 2020
  end-page: 1958
  ident: bib0036
  article-title: Combining graph-based learning with automated data collection for code vulnerability detection
  publication-title: IEEE Trans. Inf. Forensics Secur.
– reference: .
– volume: 104
  start-page: 102218
  year: 2021
  ident: bib0018
  article-title: Jscontana: malicious javascript detection using adaptable context analysis and key feature extraction
  publication-title: Computers & Security
– start-page: 1025
  year: 2017
  end-page: 1035
  ident: bib0014
  article-title: Inductive representation learning on large graphs
  publication-title: Proceedings of the 31st International Conference on Neural Information Processing Systems
– volume: 1
  start-page: 57
  year: 2020
  end-page: 81
  ident: bib0040
  article-title: Graph neural networks: a review of methods and applications
  publication-title: AI Open
– start-page: 637
  year: 2013
  end-page: 652
  ident: bib0019
  article-title: Revolver: An automated approach to the detection of evasive web-based malware
  publication-title: 22nd
– start-page: 590
  year: 2014
  end-page: 604
  ident: bib0039
  article-title: Modeling and discovering vulnerabilities with code property graphs
  publication-title: 2014 IEEE Symposium on Security and Privacy
– start-page: 303
  year: 2018
  end-page: 325
  ident: bib0010
  article-title: Jast: Fully syntactic detection of malicious (obfuscated) javascript
  publication-title: International Conference on Detection of Intrusions and Malware, and Vulnerability Assessment
– start-page: 897
  year: 2017
  end-page: 906
  ident: bib0021
  article-title: J-force: forced execution on JavaScript
  publication-title: Proceedings of the 26th International Conference on World Wide Web
– volume: 9
  start-page: 319
  year: 1987
  end-page: 349
  ident: bib0011
  article-title: The program dependence graph and its use in optimization
  publication-title: ACM Transactions on Programming Languages and Systems (TOPLAS)
– start-page: 16
  year: 2015
  end-page: 19
  ident: bib0016
  article-title: Web application security using jsflow
  publication-title: 2015 17th International Symposium on Symbolic and Numeric Algorithms for Scientific Computing (SYNASC)
– reference: Petrak, H., 2021. Javascript malware collection.
– volume: 104
  start-page: 102218
  year: 2021
  ident: 10.1016/j.cose.2022.102715_bib0018
  article-title: Jscontana: malicious javascript detection using adaptable context analysis and key feature extraction
  publication-title: Computers & Security
  doi: 10.1016/j.cose.2021.102218
– start-page: 637
  year: 2013
  ident: 10.1016/j.cose.2022.102715_bib0019
  article-title: Revolver: An automated approach to the detection of evasive web-based malware
– volume: 17
  start-page: 1063
  issue: 5
  year: 2018
  ident: 10.1016/j.cose.2022.102715_bib0031
  article-title: Understanding javascript vulnerabilities in large real-world android applications
  publication-title: IEEE Trans Dependable Secure Comput
  doi: 10.1109/TDSC.2018.2845851
– year: 2018
  ident: 10.1016/j.cose.2022.102715_sbref0034
  article-title: Graph attention networks
– start-page: 1
  year: 2014
  ident: 10.1016/j.cose.2022.102715_bib0013
  article-title: Detecting obfuscated javascript malware using sequences of internal function calls
– year: 2019
  ident: 10.1016/j.cose.2022.102715_bib0038
  article-title: Deep graph library: a graph-centric, highly-performant package for graph neural networks
  publication-title: arXiv preprint arXiv:1909.01315
– start-page: 1025
  year: 2017
  ident: 10.1016/j.cose.2022.102715_bib0014
  article-title: Inductive representation learning on large graphs
– start-page: 17
  year: 2014
  ident: 10.1016/j.cose.2022.102715_bib0001
  article-title: Determinacy in static analysis for jQuery
– year: 2022
  ident: 10.1016/j.cose.2022.102715_sbref0027
– volume: 30
  start-page: 1
  issue: 3
  year: 2021
  ident: 10.1016/j.cose.2022.102715_bib0004
  article-title: Deepwukong: statically detecting software vulnerabilities using deep graph neural network
  publication-title: ACM Transactions on Software Engineering and Methodology (TOSEM)
  doi: 10.1145/3436877
– volume: 9
  start-page: 319
  issue: 3
  year: 1987
  ident: 10.1016/j.cose.2022.102715_bib0011
  article-title: The program dependence graph and its use in optimization
  publication-title: ACM Transactions on Programming Languages and Systems (TOPLAS)
  doi: 10.1145/24039.24041
– start-page: 897
  year: 2017
  ident: 10.1016/j.cose.2022.102715_bib0021
  article-title: J-force: forced execution on JavaScript
– start-page: 1
  year: 2019
  ident: 10.1016/j.cose.2022.102715_bib0023
  article-title: Tranco: a research-oriented top sites ranking hardened against manipulation
– year: 2016
  ident: 10.1016/j.cose.2022.102715_sbref0024
  article-title: Gated graph sequence neural networks
– volume: 9
  start-page: 196
  issue: 3/4
  year: 2016
  ident: 10.1016/j.cose.2022.102715_bib0032
  article-title: Detecting obfuscated javascripts from known and unknown obfuscators using machine learning
  publication-title: International Journal on Advances in Security
– volume: 16
  start-page: 1943
  year: 2020
  ident: 10.1016/j.cose.2022.102715_bib0036
  article-title: Combining graph-based learning with automated data collection for code vulnerability detection
  publication-title: IEEE Trans. Inf. Forensics Secur.
  doi: 10.1109/TIFS.2020.3044773
– volume: 10
  start-page: 2534
  issue: 20
  year: 2021
  ident: 10.1016/j.cose.2022.102715_bib0003
  article-title: Malware detection based on graph attention networks for intelligent transportation systems
  publication-title: Electronics (Basel)
– volume: 1
  start-page: 57
  year: 2020
  ident: 10.1016/j.cose.2022.102715_bib0040
  article-title: Graph neural networks: a review of methods and applications
  publication-title: AI Open
  doi: 10.1016/j.aiopen.2021.01.001
– start-page: 590
  year: 2014
  ident: 10.1016/j.cose.2022.102715_bib0039
  article-title: Modeling and discovering vulnerabilities with code property graphs
– ident: 10.1016/j.cose.2022.102715_bib0017
– start-page: 850
  year: 2015
  ident: 10.1016/j.cose.2022.102715_bib0041
  article-title: Understanding and monitoring embedded web scripts
– year: 2017
  ident: 10.1016/j.cose.2022.102715_sbref0022
  article-title: Semi-supervised classification with graph convolutional networks
– start-page: 1
  year: 2018
  ident: 10.1016/j.cose.2022.102715_bib0028
  article-title: A machine learning approach to malicious javascript detection using fixed length vector representation
– year: 2021
  ident: 10.1016/j.cose.2022.102715_bib0025
  article-title: Sysevr: a framework for using deep learning to detect software vulnerabilities
  publication-title: IEEE Trans Dependable Secure Comput
– start-page: 33
  year: 2011
  ident: 10.1016/j.cose.2022.102715_bib0006
  article-title: Zozzle: fast and precise in-browser JavaScript malware detection
– start-page: 71
  year: 2017
  ident: 10.1016/j.cose.2022.102715_bib0007
  article-title: Jsdeodorant: Class-awareness for javascript programs
– year: 2014
  ident: 10.1016/j.cose.2022.102715_bib0005
  article-title: Learning phrase representations using rnn encoder-decoder for statistical machine translation
  publication-title: arXiv preprint arXiv:1406.1078
– volume: abs/1709.05584
  year: 2017
  ident: 10.1016/j.cose.2022.102715_sbref0015
  article-title: Representation learning on graphs: methods and applications
  publication-title: CoRR
– ident: 10.1016/j.cose.2022.102715_bib0029
– start-page: 303
  year: 2018
  ident: 10.1016/j.cose.2022.102715_bib0010
  article-title: Jast: Fully syntactic detection of malicious (obfuscated) javascript
– ident: 10.1016/j.cose.2022.102715_bib0033
– start-page: 257
  year: 2019
  ident: 10.1016/j.cose.2022.102715_bib0009
  article-title: Jstap: A static pre-filter for malicious javascript detection
– ident: 10.1016/j.cose.2022.102715_bib0012
– volume: 6
  start-page: 766
  issue: 2
  year: 2012
  ident: 10.1016/j.cose.2022.102715_bib0020
  article-title: Jssandbox: a framework for analyzing the behavior of malicious javascript code using internal function hooking
  publication-title: KSII Transactions on Internet and Information Systems (TIIS)
– start-page: 559
  year: 2017
  ident: 10.1016/j.cose.2022.102715_bib0002
  article-title: Finding and preventing bugs in javascript bindings
– start-page: 16
  year: 2015
  ident: 10.1016/j.cose.2022.102715_bib0016
  article-title: Web application security using jsflow
– start-page: 109
  year: 2015
  ident: 10.1016/j.cose.2022.102715_bib0037
  article-title: Jsdc: A hybrid approach for javascript malware detection and classification
– volume: 93
  start-page: 101764
  year: 2020
  ident: 10.1016/j.cose.2022.102715_bib0008
  article-title: Detecting malicious javascript code based on semantic analysis
  publication-title: Computers & Security
  doi: 10.1016/j.cose.2020.101764
– volume: 93
  start-page: 768
  year: 2016
  ident: 10.1016/j.cose.2022.102715_bib0030
  article-title: Ama: static code analysis of web page for the detection of malicious scripts
  publication-title: Procedia Comput Sci
  doi: 10.1016/j.procs.2016.07.291
– start-page: 3111
  year: 2013
  ident: 10.1016/j.cose.2022.102715_bib0026
  article-title: Distributed representations of words and phrases and their compositionality
– ident: 10.1016/j.cose.2022.102715_bib0035
– year: 2019
  ident: 10.1016/j.cose.2022.102715_bib0042
  article-title: Devign: Effective vulnerability identification by learning comprehensive program semantics via graph neural networks
SSID ssj0017688
Score 2.4268224
Snippet Web development technology has experienced significant progress. The creation of JavaScript has highly enriched the interactive ability of the client. However,...
SourceID proquest
crossref
elsevier
SourceType Aggregation Database
Enrichment Source
Index Database
Publisher
StartPage 102715
SubjectTerms Classification
Code representation
Confusion
Dependency
Dynamic characteristics
Graph neural network
Graph neural networks
Graph theory
Graphical representations
Java
JavaScript
Malicious JavaScript
Malware
Networks
Neural networks
Program dependency graph
Scripts detection
Semantics
Smuggling
Source code
Syntax
Websites
Title JStrong: Malicious JavaScript detection based on code semantic representation and graph neural network
URI https://dx.doi.org/10.1016/j.cose.2022.102715
https://www.proquest.com/docview/2688596439
Volume 118
WOSCitedRecordID wos000797949500017&url=https%3A%2F%2Fcvtisr.summon.serialssolutions.com%2F%23%21%2Fsearch%3Fho%3Df%26include.ft.matches%3Dt%26l%3Dnull%26q%3D
hasFullText 1
inHoldings 1
isFullTextHit
isPrint
journalDatabaseRights – providerCode: PRVESC
  databaseName: Elsevier SD Freedom Collection Journals 2021
  customDbUrl:
  eissn: 1872-6208
  dateEnd: 99991231
  omitProxy: false
  ssIdentifier: ssj0017688
  issn: 0167-4048
  databaseCode: AIEXJ
  dateStart: 19950101
  isFulltext: true
  titleUrlDefault: https://www.sciencedirect.com
  providerName: Elsevier
link http://cvtisr.summon.serialssolutions.com/2.0.0/link/0/eLvHCXMwtV3NT9swFLe6ssMu-57GxpAPu1WpEreu490QArFqoEkwqdslsh1HLYK0IqWCG386z58ZRaBx2CVKLOfJyvvlvefn94HQVwkwoozxhMgRT4ZslCaioiwpcyG5ljSTynYt-cGOjvLJhP_sdG5CLszqjNV1fnXFF_-V1TAGzDaps09gdyQKA3APTIcrsB2u_8T48bHxbtss5kMwspUNch2LlTi2AqJX6qV2_cGNBivNaYHJa-81-hy-sq3ovGhzklyssi1r3TO1L4GjtYsc_9usDb0hGoukxvfEi9jwPunfc68mLYz84O5UzK9n0X-t3ejhrFbTyxa5f2CWPUeZzq6DsvW-CtLGtUb3pamynrramlH-egHsJCgYPMwleN4T7s7PcNo3kfx9Q77fTr5bSXtNw8W4wxDSdloYGoWhUTgaz9AGYZTnXbSx831vMo4nUbAdy2N9eFi5T7xyMYLrK3nIuFlT89Z2OXmNXvpNB95xYHmDOrp-i14FpmEv39-hymPnG47IwS1ycEQOtsjBcGOQgwNy8F3kYEAOtsjBDjnYI-c9-rW_d7J7kPhGHIkCe3uZ8BKsyFFlegVUQsGOVHDBaElSoahKVaXyUjORS3gghOlUp4plpDTW53BQ6mzwAXXrea0_IlxVQEEKYUrpgS1MRCWGjMo8yyohs4HaRFn4goXyVepNs5Sz4mHebaJefGfharQ8OpsGxhTeynTWYwE4e_S9rcDFwv_uTUEAHdSUtOOfnrSIz-hF-39soe7y4lJ_Qc_VajlrLrY9Bm8Bx2uqNw
linkProvider Elsevier
openUrl ctx_ver=Z39.88-2004&ctx_enc=info%3Aofi%2Fenc%3AUTF-8&rfr_id=info%3Asid%2Fsummon.serialssolutions.com&rft_val_fmt=info%3Aofi%2Ffmt%3Akev%3Amtx%3Ajournal&rft.genre=article&rft.atitle=JStrong%3A+Malicious+JavaScript+detection+based+on+code+semantic+representation+and+graph+neural+network&rft.jtitle=Computers+%26+security&rft.au=Fang%2C+Yong&rft.au=Huang%2C+Chaoyi&rft.au=Zeng%2C+Minchuan&rft.au=Zhao%2C+Zhiying&rft.date=2022-07-01&rft.issn=0167-4048&rft.volume=118&rft.spage=102715&rft_id=info:doi/10.1016%2Fj.cose.2022.102715&rft.externalDBID=n%2Fa&rft.externalDocID=10_1016_j_cose_2022_102715
thumbnail_l http://covers-cdn.summon.serialssolutions.com/index.aspx?isbn=/lc.gif&issn=0167-4048&client=summon
thumbnail_m http://covers-cdn.summon.serialssolutions.com/index.aspx?isbn=/mc.gif&issn=0167-4048&client=summon
thumbnail_s http://covers-cdn.summon.serialssolutions.com/index.aspx?isbn=/sc.gif&issn=0167-4048&client=summon