Paper Abstract and Keywords |
Presentation |
2018-11-04 11:30
A Machine Learning-based Method for Detecting Malicious JavaScript using Information based on Abstract Syntax Tree Ryota Sano, Junko Sato, Yoichi Murakami, Masaki Hanada, Eiji Nunohiro (Tokyo Univ. of Information Sciences) ISEC2018-75 SITE2018-53 LOIS2018-35 |
Abstract |
(in Japanese) |
(See Japanese page) |
(in English) |
The number of Drive-by-Download attacks, which can be infected with malware via websites, has recently been increased. Since JavaScript is often used in those attacks, an efficient method for detecting malicious JavaScript with high accuracy is strongly required. In this paper, we propose a new machine learning-based method of detecting such JavaScript using three features -- keywords (character strings) appeared in the abstract syntax tree of JavaScript code, its attributes and hierarchical structure of the tree. The proposed method is evaluated based on the cross-validation on the two datasets, one is the dataset from Government related websites, the other is the MWS D3M dataset. Furthermore, the usefulness of the proposed method will be shown from the viewpoint of detection performance of malicious JavaScript. |
Keyword |
(in Japanese) |
(See Japanese page) |
(in English) |
Drive-by Download Attack / JavaScript / Machine Learning / / / / / |
Reference Info. |
IEICE Tech. Rep., vol. 118, no. 279, ISEC2018-75, pp. 63-68, Nov. 2018. |
Paper # |
ISEC2018-75 |
Date of Issue |
2018-10-27 (ISEC, SITE, LOIS) |
ISSN |
Print edition: ISSN 0913-5685 Online edition: ISSN 2432-6380 |
Copyright and reproduction |
All rights are reserved and no part of this publication may be reproduced or transmitted in any form or by any means, electronic or mechanical, including photocopy, recording, or any information storage and retrieval system, without permission in writing from the publisher. Notwithstanding, instructors are permitted to photocopy isolated articles for noncommercial classroom use without fee. (License No.: 10GA0019/12GB0052/13GB0056/17GB0034/18GB0034) |
Download PDF |
ISEC2018-75 SITE2018-53 LOIS2018-35 |
|