首页    期刊浏览 2024年12月03日 星期二
登录注册

文章基本信息

  • 标题:Automatic Detection for JavaScript Obfuscation Attacks in Web Pages through String Pattern Analysis
  • 本地全文:下载
  • 作者:YoungHan Choi ; TaeGhyoon Kim ; SeokJin Choi
  • 期刊名称:International Journal of Security and Its Applications
  • 印刷版ISSN:1738-9976
  • 出版年度:2010
  • 卷号:4
  • 期号:2
  • 出版社:SERSC
  • 摘要:Recently, most of malicious web pages include obfuscated codes in order to circumvent the detection of signature-based detection systems .It is difficult to decide whether the sting is obfuscated because the shape of obfuscated strings are changed continuously. In this paper, we propose a novel methodology that can detect obfuscated strings in the malicious web pages. We extracted three metrics as rules for detecting obfuscated strings by analyzing patterns of normal and malicious JavaScript codes. They are N-gram, Entropy, and Word Size. N-gram checks how many each byte code is used in strings. Entropy checks distributed of used byte codes. Word size checks whether there is used very long string. Based on the metrics, we implemented a practical tool for our methodology and evaluated it using read malicious web pages. The experiment results showed that our methodology can detect obfuscated strings in web pages effectively.
  • 关键词:JavaScript Obfuscation; Malicious Code Detection
国家哲学社会科学文献中心版权所有