Article Preview
Top1. Introduction
The web has become the most common software platform and is widely used billions of users every day. With the natural and popularity, the web has gained the interest of the malicious actors that try to influence the web as a vector to attract the victim’s computer. Generally, attackers try to abuse the JavaScript for exploiting the bugs in the browser and probe the system to vulnerabilities before susceptible to malicious content, like mine cryptocurrencies or flash plugins without the consent of the user (Konoth, et al., 2018; Fass, et al., 2019). JavaScript has a major role in the web services and applications that are used by the web pages to optimize the interface design, browsers version checking, validating form data, creating cookies, and so on. JavaScript is the cross-platform that can be dynamically executed and acts as the major vehicle in the web-based attacks, like cross-site scripting (XSS) (Weinberger, et al., 2011), drive-by downloads (Nappa, et al., 2013), and cross-site request forgery (CSRF) (Kombade & Meshram, 2012). However, these attacks steal the user information, create some self-replicating worms, and spread the malware among users (Wang, et al., 2017), (Sapna and Khatter, 2020) . Moreover, the malicious JavaScript code undergoes a huge threat in the security of user information. However, most of the users rely on antivirus software for detecting the malicious JavaScript (He, et al., 2018). It is considered as the ubiquitous technology, which allows the client-side script for interacting with the user and generates interactive and dynamic websites that lead rich interfaces, immediate feedback, and less server interaction. It is very difficult to detect malicious JavaScript codes, attack visitors of the web pages, and exploit vulnerabilities in web browsers without the knowledge of compromise. Hence, it is essential to detect the malicious JavaScript codes accurately to defend against JavaScript code attacks (Wang, et al., 2016; Fass, et al., 2019).
JavaScript is the scripting language introduced by Netscape, which is generally used in the webpages for providing enhanced dynamic functionality. However, JavaScript is included in email attachments, PDFs, and malicious webpages. Malicious JavaScript detection is significant to protect users against malware attackers (Stokes, et al., 2019). The malicious JavaScript detection approach is an integral part of web page detection and various researchers are analyzing at present. However, the two main factors present in the detection mechanism are feature extraction and construction of the detection approach. With the instance, six categories of malicious features are extracted from various layers, namely code statistic features, feature codes, graph features, sequence features, opcode frequency features, and code semantic features. However, the statistical characteristics of code specify the static analysis of keyword frequency, code length, special character frequency, and malicious code (Fang, et al., 2018). However, the traditional solution used in detecting malicious codes relies on expert knowledge. To detect the malicious codes results in complexity issues and even causes a time-consuming and error-prone task. To solve these issues, various learning-based techniques are developed to automatically detect JavaScript codes. In (Fang, et al., 2018), the V8 engine is used for generating the JavaScript byte code and trained the deep learning approach using the features extracted from byte code. In (Stokes, et al., 2019), deep learning approach is developed for processing the byte sequence to detect malicious codes. In (Hao, et al., 2014), the naïve bayes approach is used for detecting the malicious codes (Song, et al., 2020).