Detecting obfuscated suspicious JavaScript based on collaborative training

In the field of JavaScript malicious code detection, there has been a lot of research and application of machine learning methods. However, most of the researches use obfuscation recognition and then dynamic detection to deal with obfuscation malicious code. It is found that the structural features,...

Full description

Saved in:
Bibliographic Details
Published in:Proceedings (International Conference on Communication Technology. Online) pp. 1962 - 1966
Main Authors: Wu, Hongcheng, Qin, Sujuan
Format: Conference Proceeding
Language:English
Published: IEEE 01.10.2017
Subjects:
Collaboration
collaborative training
Data models
Feature extraction
Machine learning
malicious code detection
malicious features
Malware
obfuscation features
Training
ISSN:2576-7828
Online Access:Get full text
Tags: Add Tag
No Tags, Be the first to tag this record!
Description
Summary:In the field of JavaScript malicious code detection, there has been a lot of research and application of machine learning methods. However, most of the researches use obfuscation recognition and then dynamic detection to deal with obfuscation malicious code. It is found that the structural features, grammatical features and operation code features of JavaScript can be classified into two categories: obfuscation features which could easily recognize obfuscation and malicious features which could easily identify malicious code. Then, according to the cooperative relation of these two characteristics, this paper summarizes the collaborative training model, and uses the trained obfuscation recognizer and the malicious recognizer to decide whether the code is malicious or not. Through the experiment, the malicious code detection achieves 98.2% accuracy, and has completed the static detection part to the malicious detection.
ISSN:2576-7828
DOI:10.1109/ICCT.2017.8359972