检索规则说明:AND代表“并且”;OR代表“或者”;NOT代表“不包含”;(注意必须大写,运算符两边需空一格)
检 索 范 例 :范例一: (K=图书馆学 OR K=情报学) AND A=范并思 范例二:J=计算机应用与软件 AND (U=C++ OR U=Basic) NOT M=Visual
名 称:
注 释:
作 者:周磊[1] 余华平[1] ZHOU Lei;YU Hua-ping(Yangtze University,Jingzhou 434023,China)
机构地区:[1]长江大学,湖北荆州434023
出 处:《电脑知识与技术》2020年第7期42-43,49,共3页Computer Knowledge and Technology
摘 要:当前,Web服务已经被广泛应用,每天都会有大量的用户访问网页,由此Web安全也变得尤为重要。作为前端开发语言,JavaScript提供了丰富多样的功能,为用户带来便利的同时,也带来了安全隐患。若Web页面存在未被察觉的漏洞,则会导致恶意网页中JavaScript代码对客户端产生严重威胁。目前恶意代码检测技术有很多,基础的防御措施是通过黑名单、白名单机制对恶意代码进行过滤,但随着技术的发展,这种方式已经很难适用于当前的Web环境。除此之外,通过蜜罐技术研究代码调用系统函数的规律也是一种方式。该文结合机器学习,将其与恶意代码的检测技术结合进行探究。Web services have been widely used today, and a large number of users access web pages every day, so web security has become even more important. As a front-end development language, JavaScript provides a variety of functions, while bringing convenience to users, it also brings security risks. If there are undetected vulnerabilities in the web page, the JavaScript code in the malicious web page will cause a serious threat to the client. Now there are many malicious code detection technologies. The basic defense measures are to filter malicious codes through blacklist and whitelist mechanisms. However, with the development of technology, this method has been difficult to apply to the current Web environment. In addition, using honeypot technology to study the rules of code calling system functions is another way. This paper combines machine learning and explores it with malicious code detection technology.
关 键 词:JavaScript恶意代码 机器学习 WEB安全
分 类 号:TP393[自动化与计算机技术—计算机应用技术]
正在载入数据...
正在载入数据...
正在载入数据...
正在载入数据...
正在载入数据...
正在载入数据...
正在载入数据...
正在链接到云南高校图书馆文献保障联盟下载...
云南高校图书馆联盟文献共享服务平台 版权所有©
您的IP:3.142.244.250