Abstract
Inspired by the process of immunoglobulin secretion in biological body, we present a Web Page Malicious Script Detection Method (WPMSD). In this paper, Firstly, the basic definitions of artificial immune items are given. Secondly, according to the spreading range of malicious script, the immunoglobulin number is changed as the detector clone proliferation is stimulated by malicious scripts. Further more, the nonlinear dynamics of antibody number is discussed. Thirdly, we propose a probability approach to trigger alarms to inform that the detected scripts are harmful. Finally, the WPMSD collects the effective immunoglobulin set based on Hidden Markov Model (HMM) to update the detector gene library. Compared with the traditional immune based detection methods, such as Negative Selection Algorithm (NSA), Dynamic Colonel Selection (DynamiCS), and Variable size Detector (Vdetector), the false alarm rate of WPMSD has been reduced by 18.09%, 12.6%, and 7.47% respectively.
Highlights
In order to promote the interaction between clients and web pages, many types of scripts have been embedded into the web pages
Inspired by the process of immunoglobulin secretion in Biological Immune System (BIS), we present a Web Page Malicious Script Detection Method(WPMSD) to reduce the high false alarm rate in traditional web page malicious script detection methods based on immune system
In order to test the performance of WPMSD, we use web page malicious scripts to test our model and compare it with the traditional immune based detection methods, including NSA2, DynamiCS3, V-detector[4]
Summary
In order to promote the interaction between clients and web pages, many types of scripts have been embedded into the web pages. The problems in Biological Immune System (BIS) are similar to the ones in the web page malicious script detection method. In 1994, Forrest et al 2 proposed Negative Selection Algorithm (NSA) that simulates the new immune cell tolerance process in BIS to avoid mismatching any normal script patterns. Algorithm in which the malicious scripts can be defined as the changed elements to reduce false detection. After antigens have been eliminated, the immune cell clone proliferation is suppressed and the immunoglobulin density decreased simultaneously. Inspired by the process of immunoglobulin secretion in BIS, we present a Web Page Malicious Script Detection Method(WPMSD) to reduce the high false alarm rate in traditional web page malicious script detection methods based on immune system
Sign-in/Register to view highlights & summary Talk to us
Join us for a 30 min session where you can share your feedback and ask us any queries you have
Schedule a callMore From: International Journal of Computational Intelligence Systems
Disclaimer: All third-party content on this website/platform is and will remain the property of their respective owners and is provided on "as is" basis without any warranties, express or implied. Use of third-party content does not indicate any affiliation, sponsorship with or endorsement by them. Any references to third-party content is to identify the corresponding services and shall be considered fair use under The CopyrightLaw.
