@inproceedings{oai:ipsj.ixsq.nii.ac.jp:00077976,
 author = {神薗, 雅紀 and 西田, 雅太 and 小島, 恵美 and 星澤, 裕二 and Masaki, Kamizono and Masata, Nishida and Emi, Kojima and Yuji, Hoshizawa},
 book = {コンピュータセキュリティシンポジウム2011 論文集},
 issue = {3},
 month = {Oct},
 note = {近年の不正サイトは，マルウェアなどにより自動生成されたポリモーフィックなJavaScriptが利用され，他のURLに誘導する手法が多くみられる．著者らはこのようなJavaScriptの動的解析システムを開発したが，条件分岐やタイマー処理による遅延処理，さらにはイベント処理などにより期待した結果が一部得られないという動的解析技術の課題も存在した．そこで本稿では動的解析技術を用いずJavaScriptを分析するための新たな特徴点として，抽象構文解析木を用いる手法を提案する．そして，本手法の検証として，抽象構文解析木を用いて自動生成されたポリモーフィックなJavaScriptの検知および分類を行う．, In the recent years, many hostile websites have been using polymorphic JavaScript in order to conceal its code. The author of this article had previously proposed and developed a system based on dynamic analysis to process and detect such types of JavaScript. However, a challenge often encountered with that approach is the mandatory preparation of very detail-oriented environments that may also require specific user-driven events for the hostile JavaScript to execute properly as it was designed to. As an alternative solution, this paper will propose the use of an abstract syntax tree based on structural analysis of polymorphic JavaScript to detect and categorize hostile JavaScript.  This paper will also elaborate on test results based on the proposed algorithm.},
 pages = {474--479},
 publisher = {情報処理学会},
 title = {抽象構文解析木による不正なJavaScriptの特徴点抽出手法の提案},
 volume = {2011},
 year = {2011}
}