ScriptNet: Neural Static Analysis for Malicious JavaScript Detection

Stokes, Jack W.; Agrawal, Richa; McDonald, Geoff; Hausknecht, Matthew

doi:10.1109/milcom47813.2019.9020870

Cited by 9 publications

(11 citation statements)

References 31 publications

Supporting

Mentioning

Contrasting

Order By: Relevance

“…Finally, the fused features are taken as an input on Deep LSTM, wherein the training of Deep LSTM is done in an optimal manner considering the proposed Taylor–HHO algorithm. The developed Taylor–HHO is devised by combining the Taylor series 17 and the HHO algorithm 18 . Finally, the output of the proposed Taylor–HHO‐based Deep LSTM is categorized into two classes, namely, normal JavaScriptcode and malicious JavaScript code.…”

Section: Proposed Taylor‐hho‐based Deep Lstm For Malicious Javascript...mentioning

confidence: 99%

“…Stokes et al 17 devised a ScriptNet system for neural malicious JavaScript detection using static analysis. The method utilized the Convoluted Partitioning of Long Sequences (CPoLS) model that processed the JavaScript files as the sequences of bytes.…”

Section: Motivationsmentioning

confidence: 99%

“…The discovery of malicious JavaScript is imperative for preserving the user credentials in opposition to malware attacks 3 . Due to the ability of automatic running on whole operating models, the malevolent JavaScripts are ill‐treated by attackers for infecting users and mobiles 4 …”

Section: Introductionmentioning

confidence: 99%

“…With a functional viewpoint, JavaScript provides the design of interfaces with sophisticated operations. With defense viewpoint, the JavaScript represents strong language, which is extensively employed by cyber‐criminals for developing the malicious exploits 4 . In contrast to other kinds of network attacks, the malicious JavaScript code is predominantly complex to discover in the webpages.…”

Section: Introductionmentioning

confidence: 99%

See 3 more Smart Citations

Taylor–HHO algorithm: A hybrid optimization algorithm with deep long short‐term for malicious JavaScript detection

Alex

Rajkumar

2021

Int J of Intelligent Sys

View full text Add to dashboard Cite

The security of information has become a major issue due to the development of network information-based technologies. The malicious script, like, JavaScript, is a major threat to computer networks in terms of network security. Here, the JavaScript allows the programmers not only to build advanced client-side interfaces for web-based applications but also utilized for carrying out attacks that may steal the user's confidential data.In addition, the attackers can easily induce malicious JavaScript into webpages for implanting attacks, like, phishing, spreading viruses, and Trojan horses. This paper devises a novel method, namely, Taylor-Harris Hawks Optimization driven deep long short-term memory (Taylor-HHO-based Deep LSTM) for malicious JavaScript discovery. Initially, the JavaScript is subjected as input to feature extraction in which certain features, such as time of execution, function calls, condition statement, break statement, loop statements, Boolean, number of lines, and number of O(N 2 ) loops, are extracted. The obtained features are fed to transformation, wherein log transformation is applied for data transformation. The obtained transformed features are fused using information gain and Deep LSTM. Furthermore, the proposed Taylor-HHO-based Deep LSTM is employed for discovering malevolent JavaScript. The proposed Taylor-HHO-based Deep LSTM provided enhanced performance with the highest accuracy of 0.955, minimal FPR of 0.059, and highest TPR of 0.967.

show abstract

Section: Proposed Taylor‐hho‐based Deep Lstm For Malicious Javascript...mentioning

confidence: 99%

Section: Motivationsmentioning

confidence: 99%

Section: Introductionmentioning

confidence: 99%

Section: Introductionmentioning

confidence: 99%

See 2 more Smart Citations

Taylor–HHO algorithm: A hybrid optimization algorithm with deep long short‐term for malicious JavaScript detection

Alex

Rajkumar

2021

Int J of Intelligent Sys

View full text Add to dashboard Cite

show abstract

“…To this end, existing work on JavaScript (de)obfuscation has mostly focused on detecting (and preventing) malicious JavaScript, often using machine learning [11,[20][21][22][23] or program analysis [7] techniques. Machine learning approaches (e.g., random forests, support vector machines) have been shown to be effective when combined with semantic features (e.g., control flow and program dependency graphs, as used by JSTAP [22]).…”

Section: Background and Related Workmentioning

confidence: 99%

Optimizing Away JavaScript Obfuscation

Herrera

2020

2020 IEEE 20th International Working Conference on Source Code Analysis and Manipulation (SCAM)

View full text Add to dashboard Cite

JavaScript is a popular attack vector for releasing malicious payloads on unsuspecting Internet users. Authors of this malicious JavaScript often employ numerous obfuscation techniques in order to prevent the automatic detection by antivirus and hinder manual analysis by professional malware analysts. Consequently, this paper presents SAFE-DEOBS, a JavaScript deobfuscation tool that we have built. The aim of SAFE-DEOBS is to automatically deobfuscate JavaScript malware such that an analyst can more rapidly determine the malicious script's intent. This is achieved through a number of static analyses, inspired by techniques from compiler theory. We demonstrate the utility of SAFE-DEOBS through a case study on real-world JavaScript malware, and show that it is a useful addition to a malware analyst's toolset.

show abstract

A Detector Using Variant Stacked Denoising Autoencoders with Logistic Regression for Malicious JavaScript with Obfuscations

Hwang

Chen

2022

Communications in Computer and Information Science

View full text Add to dashboard Cite

ScriptNet: Neural Static Analysis for Malicious JavaScript Detection

Cited by 9 publications

References 31 publications

Taylor–HHO algorithm: A hybrid optimization algorithm with deep long short‐term for malicious JavaScript detection

Taylor–HHO algorithm: A hybrid optimization algorithm with deep long short‐term for malicious JavaScript detection

Optimizing Away JavaScript Obfuscation

A Detector Using Variant Stacked Denoising Autoencoders with Logistic Regression for Malicious JavaScript with Obfuscations

Contact Info

Product

Resources

About