Search
Detecting malicious JavaScript
The increased use of the World Wide Web and JavaScript as a scripting language for Web pages have
made JavaScript a popular attack vector for infecting users' machines with malware. Additionally,
attackers often obfuscate their code to avoid detection, which heightens the challenge and complexity of
automated defense systems. We present two analyses of malicious scripts and suggest how they could be
extended into intrusion detection systems. For our analyses we use a sample of deobfuscated malicious
and benign scripts collected from actual Web sites. First, using our malicious sample, we perform a
manual analysis of attack signatures, identifying four distinct categories of attacks. Second, we use
existing research software to analyze certain function calls made by the malicious and benign scripts, and
compare the resulting distributions of function calls. Then we perform a classification analysis using
logistic regression to propose an approach for a host-based intrusion detection system.
Univeristy of Richmond Tag Cloud
alcohols
Alzheimer's disease
Alzheimer's disease.
Americanization
amyloid precursor protein
Chemistry
citizenship
Civil War
Confederate States of America--Religion.
criticism and interpretation
deportation
Deportation--United States--History--20th century.
estrogen
immigration
memory
Organic.
radicalism
Radicalism--United States--History--20th century.
Red Scare
study
terrorism
United States--History--Civil War
University of Richmond--Honors Theses.
University of Richmond--Masters Theses.
zinc bromide