A Survey on Current Malicious JavaScript Behavior of infected Web Content in Detection of Malicious Web pages

In recent years, the advance growth of cybercrime has become an urgent issue to the security authorities. With the improvement of web technologies enable attackers to launch the web-based attacks and other malicious code easily without having prior expert knowledge. Recently, JavaScript has become t...

Full description

Saved in:
Bibliographic Details
Published in:IOP conference series. Materials Science and Engineering Vol. 769; no. 1; pp. 12074 - 12081
Main Authors: Nurulsafawati Wan Manan, Wan, Nizam Mohmad Kahar, Mohd, Mohd Ali, Noorlin
Format: Journal Article
Language:English
Published: Bristol IOP Publishing 01.02.2020
Subjects:
Applications programs
Crime
False alarms
Java
JavaScript
Malware
Threat evaluation
User interfaces
Websites
ISSN:1757-8981, 1757-899X
Online Access:Get full text
Tags: Add Tag
No Tags, Be the first to tag this record!
Description
Summary:In recent years, the advance growth of cybercrime has become an urgent issue to the security authorities. With the improvement of web technologies enable attackers to launch the web-based attacks and other malicious code easily without having prior expert knowledge. Recently, JavaScript has become the most common attack construction language as it is the primary browser scripting language which allow developer to develop sophisticated client-side interfaces for web application. This lead to the growth of malicious websites and as main platform for distributing malware or malicious script to the user's computer when the user access to these webpages. Initial act and detection on such threats early in a timely manner is vital in order to reduce the damages which have caused billions of dollars lost every year. A number of approaches have been proposed to detect malicious web pages. However, the efficient detection of malicious web pages previously has generated many false alarm by the use of sophisticated obfuscation techniques in benign JavaScript code in web pages. Therefore, in this paper, a thoroughly survey and detailed understanding of malicious JavaScript code features will be provided, which have been collected from the web content. We conduct a thorough analysis and studies on the usage of different JavaScript features and JavaScript detection technique systematically and present the most important features of malicious threats in web pages. Then the analysis will be presented along with different dimensions (features representation, detection techniques analysis, and sample of malicious script).
Bibliography:ObjectType-Article-1
SourceType-Scholarly Journals-1
ObjectType-Feature-2
content type line 14
ISSN:1757-8981
1757-899X
DOI:10.1088/1757-899X/769/1/012074