Publication Type:

Conference Proceedings

Source:

Proceedings of the 6th International Conference on Advances in Computing & Communications 2016, Procedia Computer Science, Elsevier, Volume 93, p.768-773 (2016)

URL:

https://www.scopus.com/inward/record.uri?eid=2-s2.0-84985920148&partnerID=40&md5=89be912f335e62436fa334c40314bec7

Keywords:

Antivirus softwares, Codes (symbols), Computer crime, High level languages, Java programming language, Javascript, Malicious javascript, malware, Obfuscation, Plaintext attack, Static code analysis, Static detections, Substitution ciphers, Websites

Abstract:

JavaScript language, through its dynamic feature, provides user interactivity with websites. It also pose serious security threats to both user and website. On top of this, obfuscation is widely used to hide its malicious purpose and to evade the detection of antivirus software. Malware embedded in web pages is regularly used as part of targeted attacks. To hinder detection by antivirus scanners, the malicious code is usually obfuscated, often with encodings like hexadecimal, unicode, base64, escaped characters and rarely with substitution ciphers like Vigenere, Caesar and Atbash. The malicious iframes are injected to the websites using JavaScript and are also made hidden from the users perspective in-order to prevent detection. To defend against obfuscated malicious JavaScript code, we propose a mostly static approach called, AMA, Amrita Malware Analyzer, a framework capable of detecting the presence of malicious code through static code analysis of web page. To this end, the framework performs probable plaintext attack using strings likely contained in malicious web pages. But this approach targets only few among many possible obfuscation strategies. The evaluation based on the links provided in the Malware domain list demonstrates high level accuracy. © 2016 The Authors. Published by Elsevier B.V.

Notes:

cited By 0; Conference of 6th International Conference On Advances In Computing and Communications, ICACC 2016 ; Conference Date: 6 September 2016 Through 8 September 2016; Conference Code:131418

Cite this Research Publication

Pa Seshagiri, Vazhayil, Ab, and Padmamala Sriram, “AMA: Static Code Analysis of Web Page for the Detection of Malicious Scripts”, Proceedings of the 6th International Conference on Advances in Computing & Communications 2016, Procedia Computer Science, vol. 93. Elsevier, pp. 768-773, 2016.