Malicious JavaScript Detection by Features Extraction
Journal Title: e-Informatica Software Engineering Journal - Year 2014, Vol 8, Issue 1
Abstract
In recent years, JavaScript-based attacks have become one of the most common and successful types of attack. Existing techniques for detecting malicious JavaScripts could fail for different reasons. Some techniques are tailored on specific kinds of attacks, and are ineffective for others. Some other techniques require costly computational resources to be implemented. Other techniques could be circumvented with evasion methods. This paper proposes a method for detecting malicious JavaScript code based on five features that capture different characteristics of a script: execution time, external referenced domains and calls to JavaScript functions. Mixing different types of features could result in a more effective detection technique, and overcome the limitations of existing tools created for identifying malicious JavaScript. The experimentation carried out suggests that a combination of these features is able to successfully detect malicious JavaScript code (in the best cases we obtained a precision of 0.979 and a recall of 0.978).
Authors and Affiliations
C Visaggio, F Mercaldo, G Canfora
Keywords
Related Articles
- EP ID EP167090
- DOI 10.5277/e-Inf140105
- Views 50
- Downloads 0
NRFixer: Sentiment Based Model for Predicting the Fixability of Non-Reproducible Bugs
Software maintenance is an essential step in software development life cycle. Nowadays, software companies spend approximately 45% of total cost in maintenance activities. Large software projects maintain bug repositorie...
An Empirical Study on the Factors Affecting Software Development Productivity
Background : Software development productivity is widely investigated in the Software Engineering literature. However, continuously updated evidence on productivity is constantly needed, due to the rapid evolution of sof...
Generating Graphical User Interfaces from Precise Domain Specifications
Turning requirements into working systems is the essence of software engineering. This paper proposes automation of one of the aspects of this vast problem: generating user interfaces directly from requirements models. I...
The Use of Aspects to Simplify Concurrent Programming
Developers who create multi-threaded programs must pay attention to ensuring safe implementations that avoid problems and prevent introduction of a system in an inconsistent state. To achieve this objective programming l...
Milestone-Oriented Usage of Key Performance Indicators – An Industrial Case Study
Background: Key Performance Indicators are a common way of quantitative monitoring of project progress in modern companies. Although they are widely used in practice, there is little evidence on how they are set, and how...