期刊文献+
任意字段
题名或关键词
题名
关键词
文摘
作者
第一作者
机构
刊名
分类号
参考文献
作者简介
基金资助
栏目信息

基于字符熵的JavaScript代码混淆自动检测方法 被引量:5

CHARACTER ENTROPY-BASED AUTOMATIC JAVASCRIPT OBFUSCATION DETECTION
下载PDF
导出
摘要 首先综述JavaScript代码混淆的各种技术和方法。在分析JavaScript代码混淆特征的基础上,提出一种基于字符熵和Ngram方法相结合的快速自动检测方法。实验表明,N-gram方法取不同N时的字符串熵对代码是否混淆均具有明显的区分能力。通过大量随机爬取的JS代码分析测试,该方法可快速完成JavaScript代码混淆的自动检测,有助于更深入分析Java Script恶意代码。 The techniques and methods of JavaScript obfuscation are overviewed firstly in this paper. Based on analysing the specifications of JavaScript obfuscation, we propose a fast automatic detection scheme which is based on the combination of character entropy and N-gram approaches. Experiments show that the character string entropy has clear distinguishing ability in whether or not the JavaScript codes are obfuscatedwhen employing different values of the parameter N in N-gram. By analysing and testing a great deal of JS codes stochastically crawled, the proposed scheme is demonstrated to be able to fast complete automatic JavaScript obfuscation detection, and is conducive to more thorough analysing JaveScript malicious code.
作者 宣以广 周华
机构地区 浙江省电子信息产品检验所
出处 《计算机应用与软件》 CSCD 2015年第1期309-312,共4页 Computer Applications and Software
关键词 JAVASCRIPT 代码混淆 字符熵 N-GRAM JavaScript Code obfuscation Character entropy N-gram
分类号 TP309.5 [自动化与计算机技术—计算机系统结构]
  • 相关文献

参考文献8

  • 1吴丹飞,王春刚,郝兴伟.恶意代码的变形技术研究[J].计算机应用与软件,2012,29(3):74-77. 被引量:7
  • 2Free Obfuscator[OL].http://www.minifyjs.com/javascript-obfuscator/.
  • 3Javascript Obfuscator[OL].http://javascriptobfuscator.com/.
  • 4Choi Y H,Kim T G,Choi S J.Automatic Detection for Javascript Obfuscation Attacks in Web Pages through String Pattern Analysis[J].International Journal of Security and Its Applications,2010,4(2):13-26.
  • 5Kim B I,Im C T,Jung H C.Suspicious malicious web site detection with strength analysis of a Javascript obfuscation[J].International journal of advanced science and technology,2011,26:19-32.
  • 6Ching S.N-Gram Statistics for Natural Language Understanding and Text Processingp[J].IEEE Transactions on Pattern Analysis and Machine Intelligence,1979,1(2):164-172.
  • 7Choi J,Kim H,Choi C.Efficient malicious code detection using ngram analysis and SVM[C]//2011 14th International Conference on Network-Based Information Systems(NBi S).IEEE,2011:618-621.
  • 8Kim H,Choi J,Choi D.Detection of unknown malicious script code using a conceptual graph and SVM[C]//Proceedings of the 2012 ACM Research in Applied Computation Symposium.ACM,2012:310-315.

二级参考文献31

  • 1Roger A.Melicious Mobile Code:Virus Protection for Windows[M].O'Reilly Media,2001.
  • 2Beaucamps P.Advanced Metamorphic Techniques in Computer Viruses[C]//International Conference on Computer,Electrical,and SystemsScience,and Engineering,CESSE'07,2007.
  • 3http://virus.wikia.com/wiki/Cascade.
  • 4Konstantinou E.Metamorphic Virus:Analysis and Detection[D].Royal Holloway,University of London,Department of Mathematics,Egham,England,2008.
  • 5http://virus.wikia.com/wiki/Chameleon.
  • 6Kaspersky E,Bogdanov V.Strange-A New Way to Hide[J].VirusBulletin,1993(4):12-13.
  • 7Bashari B,Masrom M.Metamorphic Virus Detection in Portable Exe-cutables Using Opcodes Statistical Feature[C]//Proceeding of the In-ternational Conference on Advanced Science,Engineering and Informa-tion Technology,2011.
  • 8Filiol E,Helenius M S.Open problems in computer virology[J].Journal in Computer Virology,Springer-Verlag,2005,1(3-4).
  • 9Spinellis D.Reliable identification of nounded-length viruses is NP-com-plete[J].IEEE Transactions in Information Theory,2003,49(1).
  • 10Lakhotia A,Kapoor A,et al.Are Metamorphic Viruses Really Invinci-ble?[C]//Part I.Virus Bulletin,2004:5-7.

共引文献6

同被引文献26

引证文献5

二级引证文献8

计算机应用与软件
2015年 第1期

相关作者

内容加载中请稍等...

相关机构

内容加载中请稍等...

相关主题

内容加载中请稍等...

浏览历史

内容加载中请稍等...
;
使用帮助 返回顶部