Publications

Abstract : Over the past few years javascript has grown up and revolutionized the web by allowing user defined scripts to run inside a web browser. The application of javascript ranges from providing beautiful visualization to performing complex data analytics and modeling machine learning algorithms. However javascript are also widely being used as a channel to execute malicious activities by means of redirection, drive-by-download, vulnerability exploitation and many more in the client side. In this paper we analyze the lexical, structural and behavior characteristics of javascript code to identify malicious javascript in the wild. Performance evaluation results show that our approach achieves better accuracy, with very small false positive and false negative ratios. © Springer Nature Singapore Pte Ltd. 2016.