Digital Library

cab1

 
Title:      A HYBRID SYSTEM FOR ANALYSIS AND DETECTION OF WEB-BASED CLIENT-SIDE MALICIOUS CODE
Author(s):      Vitor Monte Afonso, André Ricardo Abed Grégio, Dario Simões Fernandes Filho, Paulo Lício de Geus
ISBN:      978-989-8533-01-2
Editors:      Bebo White, Pedro Isaías and Flávia Maria Santoro
Year:      2011
Edition:      Single
Keywords:      WWW intrusion detection, JavaScript attacks, Information systems security, Dynamic analysis
Type:      Full Paper
First Page:      53
Last Page:      60
Language:      English
Cover:      cover          
Full Contents:      click to dowload Download
Paper Abstract:      Malicious Web applications are a significant threat to computer security today. They are the main way through which attackers manage to install malware on end-user systems. In order to develop protection mechanisms for these threats, the attacks themselves must be carefully studied and understood. Several systems exist to analyze and detect malicious Web pages, but they leave much to be desired. In this article we propose a system that dynamically analyzes Web pages through a novel technique that combines machine-learning and signature-based identification to detect malicious Web behavior. Our tests show that the proposed system---Browser Attacks Detection (BroAD)---has a better detection rate when compared to existing state-of-the-art systems. The BroAD system also produces more information about the malicious code than those systems, therefore providing a better understanding of the Web malware.
   

Social Media Links

Search

Login