Abstract
JavaScripts are mostly used by the malicious websites to attack the client systems. To detect and prevent this, static and dynamic analysis systems are used which has problems like longer analysis time, setting up of virtual environment and prone to real attacks. Hence a new hybrid analysis system is proposed which reduces the shortcomings of the static and dynamic analysis systems. Additional features such as keywords to words ratio, average line length, presence of suspicious URLs and tags, whitespace percentage, number of redirections, and enigmatic variable names are used to measure the strength of the obfuscation. In this system performance is improved and the number of false positives and negatives are reduced. Based on the strength of obfuscation in the JavaScript code, a website is determined to be benign or malicious.
Keywords
- Malicious Web Sites
- JavaScript Obfuscation
- JavaScript Extraction
- Hybrid Strength Analysis System
Download conference paper PDF
References
Malzilla.org Rhino: JavaScript for Java, http://www.mozilla.org/rhino
Choi, Y.H., Kim, T.G., Choi, S.J.: Automatic Detection for Javascript Obfuscation Attacks in Web Pages through String Pattern Analysis. International Journal of Security and Its Applications 4(2), 13–26 (2010)
Lin, C.-H., Liu, J.-C., Chen, C.-R.: Access Log Generator for Analyzing Malicious Website Browsing Behaviors. In: Fifth International Conference on Information Assurance and Security (2009)
Ma, J., Saul, L.K., Savage, S., Voelker, G.M.: Beyond Blacklists: Learning to Detect Malicious Web Sites from Suspicious URLs. In: KDD 2009, Paris, France (2009)
Guan, D.J., Chen, C.-M., Luo, J.-S., Hou, Y.-T.: Malicious Web Page Detection Based on Anomaly Semantics. In: Fourth Joint Workshop on Information Security (JWIS 2009), Kaohsiung, Taiwan (2009)
Cova, M., Kruegel, C., Vigna, G.: Detection and Analsis of Drive-by-Download Attacks and Malicious JavaScript Code. Management of Computing and Information Systems (2010)
Bőscher, A., Meier, M., Benzmőller, R.: Throwing a MonkeyWrench into Web Attacks Plans. In: International Fedration for Information Processing, pp.28–39 (2010)
Kim, B.-I., Im, C.-T., Jung, H.-C.: Suspicious Malicious Web Site Detection with Strength Analysis of a JavaScript Obfuscation. International Journal of Advanced Science and Technology 26 (2011)
Author information
Authors and Affiliations
Editor information
Editors and Affiliations
Rights and permissions
Copyright information
© 2012 IFIP International Federation for Information Processing
About this paper
Cite this paper
Krishnaveni, R., Chellappan, C., Dhanalakshmi, R. (2012). Hybrid Obfuscated Javascript Strength Analysis System for Detection of Malicious Websites. In: Park, J.J., Zomaya, A., Yeo, SS., Sahni, S. (eds) Network and Parallel Computing. NPC 2012. Lecture Notes in Computer Science, vol 7513. Springer, Berlin, Heidelberg. https://doi.org/10.1007/978-3-642-35606-3_15
Download citation
DOI: https://doi.org/10.1007/978-3-642-35606-3_15
Publisher Name: Springer, Berlin, Heidelberg
Print ISBN: 978-3-642-35605-6
Online ISBN: 978-3-642-35606-3
eBook Packages: Computer ScienceComputer Science (R0)
