摘要
JavaScript作为一种编程/脚本语言,已经广泛应用于Web开发,以增加更多的动态功能和效果,最终改善用户体验。然而它的动态特征在提升用户与网站的交互能力的同时也带来了安全问题。通过注入恶意JavaScript代码,攻击者可在网页中加入恶意内容,传播病毒、木马,实现网络钓鱼攻击。通过对大量网页恶意代码的研究,对网页JavaScript恶意代码特征进行分类,构建了基于JavaScript代码基本统计信息,基于混淆技术、基于URL重定向技术,基于恶意攻击过程四类特征的分类模型。采用多种基于机器学习的分类方法对恶意代码样本进行检测,完成对该分类模型的验证。实验表明,基于上述特征形成的分类模型对恶意代码具有较好的识别能力。
JavaScript, as a programming/scripting language, has been widely used in web development for adding more dynamic functions and effects, and eventually improve users' experiences. Because of its dynamic characteristics, however the security problem is also imported while raising the interaction capability between users and web sites. By injecting malicious JavaScript code, the attackers can insert malicious contents to web pages, as well as spread viruses or Trojans, etc. and implement phishing attacks. Based on the study of large number of malicious code in web pages, we made the classification on the features of malicious JavaScript code in web pages, and built the classification models for four kinds of feathers : the JavaScript code-based basic statistical information feature, the obfuscation techniques-based feature, the URL redirection technology-based feature, and the malicious attacks-based feature. We used a couple of machine learning-based classification algorithms to detect the malicious code samples to complete the verification of these classification models. Experiment showed that these classification models formed based on the above features have good capability in identifying the malicious codes.
出处
《计算机应用与软件》
CSCD
2015年第7期293-296,共4页
Computer Applications and Software
基金
四川省学术和技术带头人后备人选培养基金支持项目(X800912371309)
