Litcius/Paper detail

Malicious JavaScript Detection Based on Bidirectional LSTM Model

Xuyan Song, Chen Chen, Baojiang Cui, Junsong Fu

2020Applied Sciences35 citationsDOIOpen Access PDF

Abstract

JavaScript has been widely used on the Internet because of its powerful features, and almost all the websites use it to provide dynamic functions. However, these dynamic natures also carry potential risks. The authors of the malicious scripts started using JavaScript to launch various attacks, such as Cross-Site Scripting (XSS), Cross-site Request Forgery (CSRF), and drive-by download attack. Traditional malicious script detection relies on expert knowledge, but even for experts, this is an error-prone task. To solve this problem, many learning-based methods for malicious JavaScript detection are being explored. In this paper, we propose a novel deep learning-based method for malicious JavaScript detection. In order to extract semantic information from JavaScript programs, we construct the Program Dependency Graph (PDG) and generate semantic slices, which preserve rich semantic information and are easy to transform into vectors. Then, a malicious JavaScript detection model based on the Bidirectional Long Short-Term Memory (BLSTM) neural network is proposed. Experimental results show that, in comparison with the other five methods, our model achieved the best performance, with an accuracy of 97.71% and an F1-score of 98.29%.

Topics & Concepts

Computer scienceJavaScriptScripting languageUnobtrusive JavaScriptCross-site scriptingRich Internet applicationArtificial intelligenceWeb applicationConvolutional neural networkThe InternetProgramming languageNatural language processingWorld Wide WebWeb application securityWeb developmentAdvanced Malware Detection TechniquesSpam and Phishing DetectionWeb Application Security Vulnerabilities