摘要
传统的静态检测恶意JavaScript代码方法十分依赖于已有的恶意代码特征,无法有效提取混淆恶意代码特征,导致检测混淆恶意JavaScript代码的精确率低。针对该问题提出基于双向长短期记忆网络(Bidirectional Long Short-term Memory, Bi-LSTM)的恶意代码检测模型。通过抽象语法树将JavaScript代码转化为句法单元序列,通过Doc2Vec算法将句法单元序列用分布式向量表示,将句向量矩阵送入Bi-LSTM模型进行检测。实验结果表明,该方法对于混淆恶意JavaScript代码具有良好的检测效果且检测效率高,准确率为97.03%,召回率为97.10%。
syntax tree,and used the Doc2Vec algorithm to represent the syntactic unit sequence with distributed vectors.The sentence vector matrix was sent to the Bi-LSTM model for detection.The experimental results show that this method has good detection effect and high detection efficiency for obfuscated malicious JavaScript code,with the accuracy rate of 97.03%and the recall rate of 97.10%.
作者
纪育青
方艳红
谭顺华
王学渊
Ji Yuqing;Fang Yanhong;Tan Shunhua;Wang Xueyuan(School of Information Engineering,Southwest University of Science and Technology,Mianyang 621010,Sichuan,China;Key Laboratory of Robot Technology Used for Special Environment of Sichuan Province,Southwest University of Science and Technology,Mianyang 621010,Sichuan,China)
出处
《计算机应用与软件》
北大核心
2024年第9期357-362,共6页
Computer Applications and Software
基金
国家自然科学基金项目(61771411)。
