A Novel approach for analyzing and classifying malicious web pages

Date of Award

2021

Degree Name

M.C.S. (Master of Computer Science)

Department

Department of Computer Science

Advisor/Chair

Phu H. Phung

Abstract

Malicious webpages with JavaScript code that launch attacks on web browsers have become an increasing problem in recent years. JavaScript is a scripting language that allows developers to create sophisticated client-side interfaces for web applications. However, JavaScript code is also used to carry out attacks against the user’s browser such as stealing the user’s credentials or downloading additional malware. JavaScript detection tools and commercial anti-virus tools mostly use signature-based approaches to detecting JavaScript malware. Unfortunately, the dynamic nature of the JavaScript language and its tight integration with the browser make it difficult to detect and block malicious JavaScript code. This work presents a novel approach to analyzing and detecting malicious JavaScript code in webpages. Our method combines a static analysis algorithm and a runtime monitoring mechanism to extract rich features of JavaScript code. We have built several machine-learning models to classify the maliciousness of webpages based on the extracted features. The experiments on a dataset of 11,000 malicious and 11,000 benign samples demonstrate that our method achieves a great accuracy of 99.97 percentage. We also show that our method can be adopted into future browsers to provide real-time detection of malicious webpages to protect web users.

Keywords

Computer Science, Computer Engineering, Information Science, Information Technology, Security

Rights Statement

Copyright © 2021, author.

Link to Full Text

Share

COinS