What is it about?
Accurate detection of JavaScript (JS) codes that masquerade as innocuous scripts is vital. This study performs Deobfuscation, Unpacking, and Decoding (DUD-preprocessing) for multi-layer obfuscated JS codes to facilitate feature learning by the FastText model. The learned feature vectors are passed to a classifier model that judges the maliciousness of a JS code. Our experimental results show that the proposed approach enhances feature learning and provides improved accuracy in the detection of obfuscated malicious JS codes.
Featured Image
Why is it important?
The proposed approach automatically learns feature vectors compared to other previous methods that learn a set of manually extracted features. Besides, features learned are of low dimensions hence ensuring faster detection.
Perspectives
The work is vital for machine learning and cybersecurity, particularly the detection of web-based attacks. A similar approach can be applied to other attacks that attempt to evade detection by camouflaging as benign files, scripts, or codes.
Samuel Ndichu
Read the Original
This page is a summary of: Deobfuscation, Unpacking, and Decoding of Obfuscated Malicious JavaScript for Machine Learning Models Detection Performance Improvement, CAAI Transactions on Intelligence Technology, June 2020, the Institution of Engineering and Technology (the IET),
DOI: 10.1049/trit.2020.0026.
You can read the full text:
Contributors
The following have contributed to this page
