JavaScript Malware Detection Using Locality Sensitive Hashing - ICT Systems Security and Privacy Protection
Conference Papers Year : 2020

JavaScript Malware Detection Using Locality Sensitive Hashing

Abstract

In this paper, we explore the idea of using locality sensitive hashes as input features to a feed-forward neural network with the goal of detecting JavaScript malware through static analysis. An experiment is conducted using a dataset containing 1.5M evenly distributed benign and malicious samples provided by the anti-malware company Cyren. Four different locality sensitive hashing algorithms are tested and evaluated: Nilsimsa, ssdeep, TLSH, and SDHASH. The results show a high prediction accuracy, as well as low false positive and negative rates. These results show that LSH based neural networks are a competitive option against other state-of-the-art JavaScript malware classification solutions.
Fichier principal
Vignette du fichier
497034_1_En_10_Chapter.pdf (288.65 Ko) Télécharger le fichier
Origin Files produced by the author(s)

Dates and versions

hal-03440842 , version 1 (22-11-2021)

Licence

Identifiers

Cite

Stefan Carl Peiser, Ludwig Friborg, Riccardo Scandariato. JavaScript Malware Detection Using Locality Sensitive Hashing. 35th IFIP International Conference on ICT Systems Security and Privacy Protection (SEC), Sep 2020, Maribor, Slovenia. pp.143-154, ⟨10.1007/978-3-030-58201-2_10⟩. ⟨hal-03440842⟩
86 View
279 Download

Altmetric

Share

More