Malicious Drive-By-Download Website Classification Using JavaScript Features

Files

Wang_Sam_MASc_2016.pdf (488.29 KB)

Date

2016-08-31

Authors

Wang, Sam

Journal Title

Journal ISSN

Volume Title

Publisher

Abstract

In recent years, Drive-by-download attacks make up over 90% of web-based attacks on web users. Many web users fall victim to this type of attacks due to its simplicity and less complex requirements to be compromised. They simply need to click on a malicious URL while having some browser vulnerabilities for the malicious attackers to compromise their machine and to obtain their sensitive information. To combat these attacks, proactive blacklists are used nowadays for preventing web users from accessing these malicious web pages. This report attempts to supplement the existing proactive blacklisting framework by introducing JavaScript feature vectors for classification. These feature vectors include the functionality of JavaScript in terms of JavaScript bytecode, as well as some string analysis properties for the classification of benign and malicious web pages. A few different classifiers are tested and compared to provide insight on the different JavaScript feature vectors defined.

Description

Keywords

Drive-by-download attack, Malicious Website Classification, Machine Learning, Web Security

Citation

URI

http://hdl.handle.net/1828/7512

Collections

Graduate Projects (Computer Science)
 
University of Victoria Libraries

We acknowledge and respect the Lək̓ʷəŋən (Songhees and Esquimalt) Peoples on whose territory the university stands, and the Lək̓ʷəŋən and W̱SÁNEĆ Peoples whose historical relationships with the land continue to this day.