Chameleon: Diverse detection of web malware
Malware is mostly hidden in JavaScript codes but there are existing tools that detects the malicious codes. Some features of the JavaScript code could not determine the behavior of a script e.g. obfuscated code. Obfuscated code is a source code which is difficult to read for human or machines. Machi...
Saved in:
| Main Authors: | , , |
|---|---|
| Format: | text |
| Language: | English |
| Published: |
Animo Repository
2012
|
| Subjects: | |
| Online Access: | https://animorepository.dlsu.edu.ph/etd_bachelors/11124 |
| Tags: |
Add Tag
No Tags, Be the first to tag this record!
|
| Institution: | De La Salle University |
| Language: | English |
| Summary: | Malware is mostly hidden in JavaScript codes but there are existing tools that detects the malicious codes. Some features of the JavaScript code could not determine the behavior of a script e.g. obfuscated code. Obfuscated code is a source code which is difficult to read for human or machines. Machine learning algorithms can be used to classify and detect the malicious code hidden inside the web page. In order to have a classifier, data sets are first needed to be gathered before training classifiers. These data sets are hard to come by and gathering them are more reliable, rather than relying already made data.
Chameleon is a plug-in which is capable to detect malicious web page. A trained classifier model is incorporated into plug-in installed in a web browser, Mozilla Firefox. Machine learning algorithms are applied to address unseen malicious threats and instances of malicious obfuscated JavaScript code. Classification algorithms are used for training and testing to build a classifier model. Random Forest is the classification algorithm used to train the classifier model. Data sets, composed of begin and malicious pages, are gathered using web crawler and malicious pages are analyzed with the use of detection tool. Benign web pages are gathered from the top list websites. Malicious web pages sort to repeat their types of attack and change the structure of their every code once in a while. Due to the changing of the attacks, frequently train classifier models with new data or better, to use adaptive learners. |
|---|