Detection of Obfuscated Malicious JavaScript Code
Websites on the Internet are becoming increasingly vulnerable to malicious JavaScript code because of its strong impact and dramatic effect. Numerous recent cyberattacks use JavaScript vulnerabilities, and in some cases employ obfuscation to conceal their malice and elude detection. To secure Intern...
| Published in: | Future Internet |
|---|---|
| Main Authors: | , , , |
| Format: | Article |
| Language: | English |
| Published: |
MDPI AG
2022-07-01
|
| Subjects: | |
| Online Access: | https://www.mdpi.com/1999-5903/14/8/217 |
| _version_ | 1850375086820818944 |
|---|---|
| author | Ammar Alazab Ansam Khraisat Moutaz Alazab Sarabjot Singh |
| author_facet | Ammar Alazab Ansam Khraisat Moutaz Alazab Sarabjot Singh |
| author_sort | Ammar Alazab |
| collection | DOAJ |
| container_title | Future Internet |
| description | Websites on the Internet are becoming increasingly vulnerable to malicious JavaScript code because of its strong impact and dramatic effect. Numerous recent cyberattacks use JavaScript vulnerabilities, and in some cases employ obfuscation to conceal their malice and elude detection. To secure Internet users, an adequate intrusion-detection system (IDS) for malicious JavaScript must be developed. This paper proposes an automatic IDS of obfuscated JavaScript that employs several features and machine-learning techniques that effectively distinguish malicious and benign JavaScript codes. We also present a new set of features, which can detect obfuscation in JavaScript. The features are selected based on identifying obfuscation, a popular method to bypass conventional malware detection systems. The performance of the suggested approach has been tested on JavaScript obfuscation attacks. The studies have shown that IDS based on selected features has a detection rate of 94% for malicious samples and 81% for benign samples within the dimension of the feature vector of 60. |
| format | Article |
| id | doaj-art-e2fa7807e7e643e98d2b76506dbc7dd6 |
| institution | Directory of Open Access Journals |
| issn | 1999-5903 |
| language | English |
| publishDate | 2022-07-01 |
| publisher | MDPI AG |
| record_format | Article |
| spelling | doaj-art-e2fa7807e7e643e98d2b76506dbc7dd62025-08-19T22:59:41ZengMDPI AGFuture Internet1999-59032022-07-0114821710.3390/fi14080217Detection of Obfuscated Malicious JavaScript CodeAmmar Alazab0Ansam Khraisat1Moutaz Alazab2Sarabjot Singh3School of Information Technology and Engineering, Melbourne Institute of Technology, Melbourne, VIC 3000, AustraliaSchool of Information Technology and Engineering, Melbourne Institute of Technology, Melbourne, VIC 3000, AustraliaFaculty of Artificial Intelligence, Al-Balqa Applied University, Amman 1705, JordanSchool of Information Technology and Engineering, Melbourne Institute of Technology, Melbourne, VIC 3000, AustraliaWebsites on the Internet are becoming increasingly vulnerable to malicious JavaScript code because of its strong impact and dramatic effect. Numerous recent cyberattacks use JavaScript vulnerabilities, and in some cases employ obfuscation to conceal their malice and elude detection. To secure Internet users, an adequate intrusion-detection system (IDS) for malicious JavaScript must be developed. This paper proposes an automatic IDS of obfuscated JavaScript that employs several features and machine-learning techniques that effectively distinguish malicious and benign JavaScript codes. We also present a new set of features, which can detect obfuscation in JavaScript. The features are selected based on identifying obfuscation, a popular method to bypass conventional malware detection systems. The performance of the suggested approach has been tested on JavaScript obfuscation attacks. The studies have shown that IDS based on selected features has a detection rate of 94% for malicious samples and 81% for benign samples within the dimension of the feature vector of 60.https://www.mdpi.com/1999-5903/14/8/217malware detectionintrusion detectionobfuscated maliciousmachine learningmalicious JavaScript |
| spellingShingle | Ammar Alazab Ansam Khraisat Moutaz Alazab Sarabjot Singh Detection of Obfuscated Malicious JavaScript Code malware detection intrusion detection obfuscated malicious machine learning malicious JavaScript |
| title | Detection of Obfuscated Malicious JavaScript Code |
| title_full | Detection of Obfuscated Malicious JavaScript Code |
| title_fullStr | Detection of Obfuscated Malicious JavaScript Code |
| title_full_unstemmed | Detection of Obfuscated Malicious JavaScript Code |
| title_short | Detection of Obfuscated Malicious JavaScript Code |
| title_sort | detection of obfuscated malicious javascript code |
| topic | malware detection intrusion detection obfuscated malicious machine learning malicious JavaScript |
| url | https://www.mdpi.com/1999-5903/14/8/217 |
| work_keys_str_mv | AT ammaralazab detectionofobfuscatedmaliciousjavascriptcode AT ansamkhraisat detectionofobfuscatedmaliciousjavascriptcode AT moutazalazab detectionofobfuscatedmaliciousjavascriptcode AT sarabjotsingh detectionofobfuscatedmaliciousjavascriptcode |