Abstract

Attackers use a variety of techniques to insert redirection JavaScript that leads a user to a malicious webpage, where a drive-by-download attack is executed. In particular, the redirection JavaScript in the landing site is obfuscated to avoid detection systems. In this paper, we propose a lightweight detection system based on static analysis to classify the obfuscation type and to promptly detect the obfuscated redirection JavaScript. The proposed model detects the obfuscated redirection JavaScript by converting the JavaScript into an abstract syntax tree (AST). Then, the structure and token information are extracted. Specifically, we propose a lightweight AST to identify the obfuscation type and the revised term frequency-inverse document frequency to efficiently detect the malicious redirection JavaScript. This approach enables rapid identification of the obfuscated redirection JavaScript and proactive blocking of the webpages that are used in drive-by-download attacks.

Highlights

  • The number of cyber-attacks that occur has continued to grow exponentially as web-related technologies and infrastructures have continually advanced

  • At the token similarity computation step, we check whether the JavaScript contains redirection code by using the average of term frequency–inverse document frequency (TF-IDF) of tokens corresponding to the obfuscation type

  • We proposed a static analysis system based on an abstract syntax tree (AST) to detect obfuscated JavaScript

Read more

Summary

Introduction

The number of cyber-attacks that occur has continued to grow exponentially as web-related technologies and infrastructures have continually advanced. Malicious files downloaded to a user’s computer can harm the user by leaking the user’s credentials, including personal information. This attack may affect governments or any other organization by the subsequent execution of distributed denial of service attacks. Kishore et al [2] introduced a relation of drive-by-download and obfuscated JavaScript well and proposed their detection system. Attackers can bypass these detection systems based on static analysis by applying obfuscation tools to the JavaScript. Obfuscation was originally used to prevent the direct exposure of source code; attackers began exploiting obfuscation tools to hide their malicious JavaScript.

Related Work
System Structure
Lightweight AST
Obfuscation-Type Classification Accuracy
Reduction
Revised TF-IDF
Experimental Environment
Analysis of the Average Reduction Rate of Lightweight ASTs
Analysis of the Structure Similarity Computation Time
Classification Accuracy of Obfuscation Type Using Lightweight AST
Structure similarity of of data compared type1 with 1 with a conventional
Structure similarity of data compared obfuscation type a lightweight
Result
Malicious Signature Inspection
Revised
TF-IDF
10. TF-IDF
Comparison
Findings
Discussion
Conclusions
Full Text
Paper version not known

Talk to us

Join us for a 30 min session where you can share your feedback and ask us any queries you have

Schedule a call

Similar Papers

Paper Title
Journal
Date
Author
Concrete Syntax with Black Box Parsers
Rodin Aarssen ... Tijs Van Der Storm
The Art, Science, and Engineering of Programming | VOL. 3
Rodin Aarssen, et. al.Rodin Aarssen ... Tijs Van Der Storm
01 Feb 2019
DAISY: A Detection and Mitigation System Against Denial-of-Service Attacks in Software-Defined Networks
Muhammad Imran ... Farrukh Aslam Khan
IEEE Systems Journal | VOL. 14
Muhammad Imran, et. al.Muhammad Imran ... Farrukh Aslam Khan
29 Aug 2019
Static semantic analysis and theorem proving for CASL
Till Mossakowski ... Bernd Krieg-Brückner
-
Till Mossakowski, et. al.Till Mossakowski ... Bernd Krieg-Brückner
01 Jan 1998
Rule based graph visualization for software systems
Tibor Brunner ... Máté Cserép
-
Tibor Brunner, et. al.Tibor Brunner ... Máté Cserép
01 Jan 2015
View more papers

More From: Applied Sciences

Paper Title
Journal
Date
Author
Research on Ecological Lawn Regulation and Storage System in Flight Area Based on Sponge Airport
Gelan Wang ... Jiahao Qin
Applied Sciences | VOL. -
Gelan Wang, et. al.Gelan Wang ... Jiahao Qin
30 Aug 2024
Hydrothermal Manufacture of Zeolitic Lightweight Aggregates from Clay and Marine Plastic Litter
José Manuel Moreno-Maroto ... Jacinto Alonso-Azcárate
Applied Sciences | VOL. -
José Manuel Moreno-Maroto, et. al.José Manuel Moreno-Maroto ... Jacinto Alonso-Azcárate
30 Aug 2024
Rosehip Seed Oil-Incorporated Chitosan Films for Potential Fruit Packaging Applications
Maria Marudova ... Snezhana Rusinova-Videva
Applied Sciences | VOL. -
Maria Marudova, et. al.Maria Marudova ... Snezhana Rusinova-Videva
30 Aug 2024
MILP-Based Approach for High-Altitude Region Pavement Maintenance Decision Optimization
Wu Bo ... Jiazhe Zhang
Applied Sciences | VOL. -
Wu Bo, et. al.Wu Bo ... Jiazhe Zhang
30 Aug 2024
View more papers

Disclaimer: All third-party content on this website/platform is and will remain the property of their respective owners and is provided on "as is" basis without any warranties, express or implied. Use of third-party content does not indicate any affiliation, sponsorship with or endorsement by them. Any references to third-party content is to identify the corresponding services and shall be considered fair use under The CopyrightLaw.