期刊文献+
任意字段
题名或关键词
题名
关键词
文摘
作者
第一作者
机构
刊名
分类号
参考文献
作者简介
基金资助
栏目信息

基于机器学习的网页恶意代码检测方法 被引量:5

Malicious Web Pages Detection Based on Machine Learning
下载PDF
导出
摘要 网络中大量的恶意网页已经成为网络用户的主要安全威胁。本文提出了一种基于机器学习分类器的网页恶意JavaScript代码分析方法。通过对训练样本训练学习,建立分类模型,最后对测试样本检测。实验表明,本方法能够有效的检测出大部分恶意网页JavaScript代码,检测准确率达到88.5% A large number of malicious website in the network has become a major security threat of network users. This paper puts forward a kind of malicious JavaScript code analysis method based on machine learning classifier. Through the study of the training sample training, establish the classification model, finally, the detectin is tested on soonples. The experimental results show that this method can more effectively detect the most malicious JavaScript code, accuracy up to 88.5 %.
作者 李洋 刘飚 封化民
机构地区 西安电子科技大学 通信工程学院 北京电子科技学院
出处 《北京电子科技学院学报》 2012年第4期36-40,12,共6页 Journal of Beijing Electronic Science And Technology Institute
基金 国家自然科学基金项目"基于多模态特征的多媒体语义分析关键理论与技术研究(NO.60972139)" 北京市自然科学基金项目"基于网络多媒体信息语义的网络舆情分析研究(NO.4092041)"的资助
关键词 恶意网页代码 JAVASCRIPT 特征提取 malicious web page javascript feature extraction
分类号 TP393.081 [自动化与计算机技术—计算机应用技术]
  • 相关文献

参考文献12

  • 1http ://user. qzone, qq. com/95007917/blog/1274004740.
  • 2M. Johns. On javascript malware and related threats[C]. Computer Virology, Jan 2008.
  • 3黄建军,梁彬.基于植入特征的网页恶意代码检测[J].清华大学学报(自然科学版),2009(S2):2208-2214. 被引量:5
  • 4Egele. M, E. Kirda, and C. Kruegel. Defending browsers against drive-by downloads: Mitigating heap-spra- ying code injection attacks. Detection of Intrusions and Malware, Jan 2009.
  • 5Hallaraker. O and G. Vigna. Detecting malicious javascript code in mozilla. Engineering of Complex Com- puter Systems, Jan 2005.
  • 6Reis C,Dunagany J,Wang H J, et al. BrowserShield: Vulnerability-driven filtering of dynamic HTML[J]. ACM Transactions on the Web,2007,3(1) :11.
  • 7Seifert, I. Welch, and P. Komisarczuk. Identification of malicious web pages with static heuristics[C]. In Australasian Telecommunication Networks and Applications Conference, Jan 2008.
  • 8Craioveanu. Server-side polymorphism: Techniques of analysis and defense. [C] In 3rd International Confer- ence on Malicious and Unwanted Software,2008.
  • 9http: //www. alexa, com/topsites.
  • 10Google, Inc. Google safe browsing API. http://code, google, com/apis/ safebrowsing /.

二级参考文献12

  • 1Honeypot.. http://en.wikipedia.org/wiki/Honeypot_ (computing) . 2009
  • 2Capture-HPC.. https://projects.honeynet.org/capture-hpc/ . 2009
  • 3Wang Y,Beck D,Jiang X,et al.Automated web patrol withstrider Honey Monkeys:Finding web sites that exploitbrowser vulnerabilities. Proc the 13th Network andDistributed System Security Symposium (NDSS 2006) . 2006
  • 4Provos N,McNamee D,Mavrommatis P,et al.The ghost inthe browser:analysis of web-based mal ware. Proc FirstWorkshop on Hot Topics in Understanding Botnets . 2007
  • 5Moshchuk A,Bragin T,Gribble S D,et al.Acrawler-basedstudy of spyware on the web. Proc the 13th Networkand Distributed Systems Security Symposium (NDSS 2006) . 2006
  • 6Seifert C,Welch I,Komisarczuk P.HoneyC—Thelow-interaction client Honeypot. Proc the 5th NewZealand Computer Science Research Student Conference (NZCSRSC 07) . 2007
  • 7Roesch,M.Snort—lightweight intrusion detection fornetworks. Proc the 13th Large Systems AdministrationConference . 1999
  • 8Trends in badware 2007.. http://www.stopbadware.org/home/trends2007 . 2009
  • 9HTML Parser. http://ht mlparser.sourceforge.net/ . 2009
  • 10Bergman M.The‘Deep’web:surfacing hidden value.. http://brightplanet.com/white-papers/119.ht ml?task=view . 2009

共引文献4

同被引文献25

  • 1苏贵洋,李建华,马颖华,李生红.用于中文色情文本过滤的近邻法构造算法[J].上海交通大学学报,2004,38(z1):76-79. 被引量:6
  • 2宋江春,沈钧毅.一种新的Web用户群体和URL聚类算法的研究[J].控制与决策,2007,22(3):284-288. 被引量:11
  • 3恶意网站实验室[EB/OL] ? http://www. mwsl. org.cn/,2015-05-11.
  • 4Braun B, Johns M, Koestler J. PhishSafe: Leveragingmodem JavaScript API’s for transparent and robustprotection[ EB/OL]. http://web, sec. uni-passau. de/papers/2014 - Braun - Koestler _Johns_Pose^a-PhishSafe_Leveraging_Modem _ JavaScript _ APIs _for_Transparent 一and_Robust_Protection. pdf ,2015-04-18.
  • 5Urvoy T,Chauveau E,Filoche P. Tracking web spam withHTML style similarities [ J ]. TWEB ,2008,2 (1) : 1 -28.
  • 6Apache. Hadoop information [ EB/OL]. http://hadoop. apache, org/,2015-05-11.
  • 7Dean J, Ghemawat S. MapReduce; Simplified dataprocessing on large clusters [ EB/OL ]. http://citeseerx. ist. psu. edu/viewdoc/summary? doi = 10. 1.1.135.4448&or=7,2015-04-18.
  • 8Akoglu L, Mcglohon M, Faloutsos C. OddBall: Spottinganomalies in weighted graphs [ EB/OL ]. http://citeseerx. ist. psu. edu/viewdoc/summary? doi= 10. 1.1.168.6324,2015-04-18.
  • 9Ma J, Saul L K, Savage S, et al. Beyond blacklists:Learning to detect malicious web sites from suspiciousURLs[ EB/OL] _ http://citeseerx. ist. psu. edu/viewdoc/summary? doi = 10.1.1.153.3276,2015—04—18.
  • 10Ma J, Saul L K, Savage S. Identifying suspiciousURLs : An application of large-scale online learning[EB/OL]. http://citeseerx. ist. psu. edu/viewdoc/summary? doi= 10.1.1.153. 3318 ,2015—04—18.

引证文献5

二级引证文献13

北京电子科技学院学报
2012年 第4期

相关作者

内容加载中请稍等...

相关机构

内容加载中请稍等...

相关主题

内容加载中请稍等...

浏览历史

内容加载中请稍等...
;
使用帮助 返回顶部