Microsoft Research creates a JavaScript malware scanner
Friday, 03 December 2010

Keeping JavaScript based malware at bay might just be a job for an AI-trained tool called Zozzle.

 

Banner

JavaScript is useful but the need to guard against malware hiding in deeply obsfucated code is a growing problem. Microsoft Research has invented a scanner that can detect malware using mostly static analysis - and has called it Zozzle.

Zozzle is a product of AI techniques. The researchers used a statistical classifier to scan millions of web pages for malware. The JavaScript has to be de-obfuscated first and then analysed for features that are characteristic of malware. The features are created using an abstract syntax tree. Zozzle hooks into the JavaScript engine to get the final expanded version of the JavaScript code the page contains.

MSR

At the moment the tool is in the research phase and there is no date set for release into the wild. Current performance is claimed as less than 1% false positive with a typical 2-5 millisecond processing time per Kbyte of code.

The researchers say that they can envisage it being used both within a browser context to protect against malware on the fly or in an offline context to classify and blacklist infected sites.

More information

http://research.microsoft.com/pubs/141930/tr.pdf

 

Banner


Python Tools for Visual Studio Gets New Focus
21/10/2014

PTVS 2.1 has just been released and now can be used for free with Visual Express. The more interesting news is that the PTVS team has become part of the Azure Machine Learning group and it PTVS2. [ ... ]



IBM Launches IoT Foundation
21/10/2014

Just about everyone you can think of wants a slice of the Internet of Things pie and now IBM has placed its best bet for securing its IoT profits in the future - the IBM Internet of Things Foundation. [ ... ]


More News

Last Updated ( Friday, 03 December 2010 )
 
 

   
RSS feed of news items only
I Programmer News
Copyright © 2014 i-programmer.info. All Rights Reserved.
Joomla! is Free Software released under the GNU/GPL License.