Title:
|
A HYBRID SYSTEM FOR ANALYSIS AND DETECTION OF WEB-BASED CLIENT-SIDE MALICIOUS CODE |
Author(s):
|
Vitor Monte Afonso, André Ricardo Abed Grégio, Dario Simões Fernandes Filho, Paulo Lício de Geus |
ISBN:
|
978-989-8533-01-2 |
Editors:
|
Bebo White, Pedro Isaías and Flávia Maria Santoro |
Year:
|
2011 |
Edition:
|
Single |
Keywords:
|
WWW intrusion detection, JavaScript attacks, Information systems security, Dynamic analysis |
Type:
|
Full Paper |
First Page:
|
53 |
Last Page:
|
60 |
Language:
|
English |
Cover:
|
|
Full Contents:
|
click to dowload
|
Paper Abstract:
|
Malicious Web applications are a significant threat to computer security today. They are the main way through which attackers manage to install malware on end-user systems. In order to develop protection mechanisms for these threats, the attacks themselves must be carefully studied and understood. Several systems exist to analyze and detect malicious Web pages, but they leave much to be desired. In this article we propose a system that dynamically analyzes Web pages through a novel technique that combines machine-learning and signature-based identification to detect malicious Web behavior. Our tests show that the proposed system---Browser Attacks Detection (BroAD)---has a better detection rate when compared to existing state-of-the-art systems. The BroAD system also produces more information about the malicious code than those systems, therefore providing a better understanding of the Web malware. |
|
|
|
|