講演抄録/キーワード |
講演名 |
2016-03-04 10:00
A fast detecting method for obfuscated malicious JavaScript based on text pattern analysis ○Jiawei Su・Katsunari Yoshioka・Junji Shikata・Tsutomu Matsumoto(YNU) ICSS2015-58 |
抄録 |
(和) |
(まだ登録されていません) |
(英) |
The malicious JavaScript is a common springboard for attackers to launch several types of network attacks, such as Drive-by-Download and malicious PDF delivery attacks. In order to elude detection of signature matching, malicious JavaScript is always packed (so-called “obfuscation”) with diversified algorithms therefore the occurrence of obfuscation is always a good pointer for potential maliciousness. In this investigation, we propose a light – weight approach for quickly filtering obfuscated JavaScript based on a novel approach of tokenizing JavaScript text at letter level and information-theoretic measure, based on the previous work in the domain of detecting obfuscated malicious code as well as the pattern analysis of natural languages. The new approach is obviously time efficient compared to existing systems since it processes much less objects while we also proved that the approach could also reach the acceptable detection accuracies. |
キーワード |
(和) |
/ / / / / / / |
(英) |
Text Classification / Obfuscated JavaScript / Information theoretic measures / feature selection / novelty detection / / / |
文献情報 |
信学技報, vol. 115, no. 488, ICSS2015-58, pp. 65-70, 2016年3月. |
資料番号 |
ICSS2015-58 |
発行日 |
2016-02-25 (ICSS) |
ISSN |
Print edition: ISSN 0913-5685 Online edition: ISSN 2432-6380 |
著作権に ついて |
技術研究報告に掲載された論文の著作権は電子情報通信学会に帰属します.(許諾番号:10GA0019/12GB0052/13GB0056/17GB0034/18GB0034) |
PDFダウンロード |
ICSS2015-58 |
|