Back close

AMA: Static Code Analysis of Web Page for the Detection of Malicious Scripts

Publication Type : Conference Proceedings

Thematic Areas : Amrita Center for Cybersecurity Systems and Networks

Publisher : Proceedings of the 6th International Conference on Advances in Computing & Communications 2016, Procedia Computer Science, Elsevier,

Source : Proceedings of the 6th International Conference on Advances in Computing & Communications 2016, Procedia Computer Science, Elsevier, Volume 93, p.768-773 (2016)

Url : https://www.scopus.com/inward/record.uri?eid=2-s2.0-84985920148&partnerID=40&md5=89be912f335e62436fa334c40314bec7

Keywords : Antivirus softwares, Codes (symbols), Computer crime, High level languages, Java programming language, Javascript, Malicious javascript, malware, Obfuscation, Plaintext attack, Static code analysis, Static detections, Substitution ciphers, Websites.

Campus : Amritapuri

School : Centre for Cybersecurity Systems and Networks, Department of Computer Science and Engineering, School of Engineering

Center : Cyber Security

Department : Computer Science, cyber Security

Verified : No

Year : 2016

Abstract : JavaScript language, through its dynamic feature, provides user interactivity with websites. It also pose serious security threats to both user and website. On top of this, obfuscation is widely used to hide its malicious purpose and to evade the detection of antivirus software. Malware embedded in web pages is regularly used as part of targeted attacks. To hinder detection by antivirus scanners, the malicious code is usually obfuscated, often with encodings like hexadecimal, unicode, base64, escaped characters and rarely with substitution ciphers like Vigenere, Caesar and Atbash. The malicious iframes are injected to the websites using JavaScript and are also made hidden from the users perspective in-order to prevent detection. To defend against obfuscated malicious JavaScript code, we propose a mostly static approach called, AMA, Amrita Malware Analyzer, a framework capable of detecting the presence of malicious code through static code analysis of web page. To this end, the framework performs probable plaintext attack using strings likely contained in malicious web pages. But this approach targets only few among many possible obfuscation strategies. The evaluation based on the links provided in the Malware domain list demonstrates high level accuracy. © 2016 The Authors. Published by Elsevier B.V.

Cite this Research Publication : Pa Seshagiri, Vazhayil, Ab, and Padmamala Sriram, “AMA: Static Code Analysis of Web Page for the Detection of Malicious Scripts”, Proceedings of the 6th International Conference on Advances in Computing & Communications 2016, Procedia Computer Science, vol. 93. Elsevier, pp. 768-773, 2016.

Admissions Apply Now