Analysis of JavaScript-based Attack Classification Using Support Vector Machine Learning Approach

Abstract

A web application is a software or computer program which utilizes the web browser.JavaScript is an object-oriented scripting language that has experienced wide adoption as a client-side scripting language for web pages and makes websites dynamic and interactive which leading the less server interaction, immediate feedback as while as rich interfaces and it also provides a platform for attacks. Nowadays, JavaScript-based attack classification has essential significance, due to the high growth of Internet users. Javascript based attackers many times use obfuscation techniques to conceal their malicious content to avoid detection. And also, the dynamic nature and the syntax of JavaScript further increase the complexity of analysis.The goal of this study is to design the analysis of javascript-based attack classification using the support vector machines. To address the current challenges of the analysis and feature extraction process for classification behavioural and statical analysis methods were used.The cuckoo sandbox was used to obtain the behavioural analysis for our datasets and an abstract syntax tree was used to acquire the static analysis. The output of both behaviour analysis and static analysis wastext-based files. Hence, text-based feature extraction method such as TF-IDF, doc2vec, and word2vec has been used to extract the feature from the datasets. This experimental work was carried out using javascript dataset obtained from?��?javascript malware collection?��? and ?��?Alexa?��? which contains malicious as well as benign javascript respectively. The dataset extracted is splited into 70% and 30% for training and testing respectively. Besides, K-fold cross-validation was used to evaluate the score