摘要
传统的机器学习方法在检测JavaScript恶意代码时,存在提取特征过程复杂、计算量大、代码被恶意混淆导致难以检测的问题,不利于当前JavaScript恶意代码检测准确性和实时性的要求.基于此,提出一种基于双向长短时神经网络(BiLSTM)的JavaScript恶意代码检测方法.首先,将得到的样本数据经过代码反混淆,数据分词,代码向量化后得到适应于神经网络输入的标准化数据.其次,利用BiLSTM算法对向量化数据进行训练,学习JavaScript恶意代码的抽象特征.最后,利用学习到的特征对代码进行分类.将本文方法与深度学习方法和主流机器学习方法进行比较,结果表明该方法具有较高的准确率和较低的误报率.
The JavaScript malicious code detection by existing machine learning methods is complex,with large amount of calculation and difficult detection caused by maliciously confused codes.Existing approaches,therefore,fail to realize accurate and real-time detection.For this reason,a method based on Bidirectional Long Short-Term Memory(BiLSTM)-based method for JavaScript malicious code detection is proposed.Firstly,standardized data adapting to be input into the neural network is obtained by code de-obfuscation,data segmentation,and code vectorization.Secondly,the BiLSTM algorithm is used to train the vectorized data and learn the abstract features of JavaScript malicious code.Finally,the abstract features are used to assort codes.The proposed method is compared with deep learning and existing mainstream machine learning approaches,and the results show that this method exhibits a higher accuracy rate and a lower false alarm rate.
作者
雷天翔
万良
于淼
褚堃
LEI Tian-Xiang;WAN Liang;YU Miao;CHU Kun(College of Computer Science and Technology,Guizhou University,Guiyang 550025,China;Institute of Computer Software and Theory,Guizhou University,Guiyang 550025,China)
出处
《计算机系统应用》
2021年第8期266-273,共8页
Computer Systems & Applications
基金
国家自然科学基金(62062020)。
