Title :
Obfuscated malicious javascript detection using classification techniques
Author :
Likarish, Peter ; Jung, Eunjin EJ ; Jo, Insoon
Author_Institution :
Dept. of Comput. Sci., Univ. of Iowa, Iowa City, IA, USA
Abstract :
As the World Wide Web expands and more users join, it becomes an increasingly attractive means of distributing malware. Malicious javascript frequently serves as the initial infection vector for malware. We train several classifiers to detect malicious javascript and evaluate their performance. We propose features focused on detecting obfuscation, a common technique to bypass traditional malware detectors. As the classifiers show a high detection rate and a low false alarm rate, we propose several uses for the classifiers, including selectively suppressing potentially malicious javascript based on the classifier´s recommendations, achieving a compromise between usability and security.
Keywords :
invasive software; World Wide Web; classification techniques; malware detectors; obfuscated malicious javascript detection; Blogs; Cities and towns; Codecs; Computer science; Computer vision; Detectors; Distributed computing; Java; Usability; Web sites;
Conference_Titel :
Malicious and Unwanted Software (MALWARE), 2009 4th International Conference on
Conference_Location :
Montreal, QC
Print_ISBN :
978-1-4244-5786-1
DOI :
10.1109/MALWARE.2009.5403020
