Apparatus and method for detecting obfuscated malicious landing site using structure and token of abstract syntax tree

摘要

The present invention includes a method for receiving a JavaScript to be inspected, generating an abstract syntax tree for the JavaScript to be inspected, extracting a structure and a token from the abstract syntax tree, Determines whether or not the redirection code is included in the JavaScript to be inspected using the extracted token, and determines whether the extracted structure is obfuscated and the redirected code is obfuscated The present invention relates to an obfuscated malicious route detection apparatus and method for classifying a JavaScript to be inspected into an obfuscated redirection script if the JavaScript includes the redirection code.