MALICIOUS JAVASCRIPT CODE DETECTION METHOD BASED ON BI-LSTM MODEL

The traditional static detection methods of malicious JavaScript code rely heavily on existing malicious code features, which cant effectively extract the obfuscated malicious code feature, resulting in low accuracy of detecting obfuscated malicious JavaScript code. To solve this problem, a malicious code detection model based on bidirectional long short-term memory (Bi-LSTM) is proposed. This method transformed JavaScript code into syntactic unit sequence through abstract syntax tree, and used the Doc2Vec algorithm to represent the syntactic unit sequence with distributed vectors. The sentence vector matrix was sent to the Bi-LSTM model for detection. The experimental results show that this method has good detection effect and high detection efficiency for obfuscated malicious JavaScript code, with the accuracy rate of 97.03 % and the recall rate of 97.10 %.