Malicious Drive-By-Download Website Classification Using JavaScript Features




Wang, Sam

Journal Title

Journal ISSN

Volume Title



In recent years, Drive-by-download attacks make up over 90% of web-based attacks on web users. Many web users fall victim to this type of attacks due to its simplicity and less complex requirements to be compromised. They simply need to click on a malicious URL while having some browser vulnerabilities for the malicious attackers to compromise their machine and to obtain their sensitive information. To combat these attacks, proactive blacklists are used nowadays for preventing web users from accessing these malicious web pages. This report attempts to supplement the existing proactive blacklisting framework by introducing JavaScript feature vectors for classification. These feature vectors include the functionality of JavaScript in terms of JavaScript bytecode, as well as some string analysis properties for the classification of benign and malicious web pages. A few different classifiers are tested and compared to provide insight on the different JavaScript feature vectors defined.



Drive-by-download attack, Malicious Website Classification, Machine Learning, Web Security