Computer Science ›› 2016, Vol. 43 ›› Issue (8): 110-113.doi: 10.11896/j.issn.1002-137X.2016.08.023

Previous Articles     Next Articles

Study on Web-based Malware Detection Mechanism Based on Behavior and Semantic Analysis

LI Dao-feng, HUANG Fan-ling, LIU Shui-xiang and HUANG An-ni   

  • Online:2018-12-01 Published:2018-12-01

Abstract: How to improve the detection efficiency of Web malicious code has always been a problem to be solved in the research of Web security issues.A detection mechanism for Web-based malware based on behavior and semantic analysis was proposed to detect vulnerabilities in XSS,ActiveX controls and Web Shellcode in our paper.Behavioral characteristics was extracted and the detection engine was built to realize the correct detection of vulnerabilities in XSS,ActiveX controls and Web Shellcode,and the forensics of Shellcode attacks.Experimental results show that the perfor-mance of the new detection mechanism for Web-based malware has stronger detection ability and lower missing rate.

Key words: Web-based malware,Client attack,Detection,Behavior and semantic analysis

[1] Gu Xiao-dan,Yang Ming,Luo Jun-zhou,et al.Website Fingerprinting Attack Based on Hyperlink Relations[J].Chinese Journal of Computers,2015,8(4):831-845(in Chinese) 顾晓丹,杨明,罗军舟,等.针对SSH匿名流量的网站指纹攻击方法[J].计算机学报,2015,8(4):831-845
[2] Kolbitsch C,Livshits B,Zorn B,et al.Rozzle:De-cloaking internet malware[C]∥2012 IEEE Symposium on Security and Privacy (SP) .IEEE,2012:443-457
[3] Labuschagne W A,Eloff M M.Towards an automated security awareness system in a virtualized environment[C]∥European Conference on Information Warfare and Security.2012:163-171
[4] Lu G,Chadha K,Debray S.A simple client-side defense against environment-dependent web-based malware[C]∥2013 8th International Conference on Malicious and Unwanted Software:“The Americas”(MALWARE).IEEE,2013:124-131
[5] Borgolte K,Kruegel C,Vigna G.Delta:automatic identification of unknown Web-based infection campaigns[C]∥Proceedings of the 2013 ACM SIGSAC Conference on Computer & Communications Security.ACM,2013:109-120
[6] Chang J,Venkatasubramanian K K,West A G,et al.Analyzing and defending against web-based malware[J].ACM Computing Surveys (CSUR),2013,45(4):1-35
[7] Gu B,Zhang W,Bai X,et al.JSGuard:Shellcode Detection inJavaScript[M]∥Security and Privacy in Communication Networks.Springer Berlin Heidelberg,2013:112-130
[8] Khodaverdi J.Enhancing the Effectiveness of Shellcode Detection by New Run-time Heuristics[J].International Journal of Computer Science,2013,3(2):2-11
[9] Zhang Hui-lin,Zou Wei,Han Xin-hui.Drive-by-Download Me-chanisms and defenses[J].Journal of Software,2013,4(4):843-858(in Chinese) 张慧琳,邹维,韩心慧.网页木马机理与防御技术[J].软件学报,2013,4(4):843-858
[10] Invernizzi L,Comparetti P M,Benvenuti S,et al.Evilseed:Aguided approach to finding malicious web pages[C]∥2012 IEEE Symposium on Security and Privacy (SP).IEEE,2012:428-442
[11] Kapravelos A,Shoshitaishvili Y,Cova M,et al.Revolver:AnAutomated Approach to the Detection of Evasive Web-based Malware[C]∥USENIX Security.2013:637-652
[12] Nazario J.PhoneyC:A virtual client honeypot[C]∥Proc.of the 2nd USENIX Workshop on Large-Scale Exploits and Emergent Threats (LEET).Berkeley:USENIX Association,2009

No related articles found!
Viewed
Full text


Abstract

Cited

  Shared   
  Discussed   
[1] LEI Li-hui and WANG Jing. Parallelization of LTL Model Checking Based on Possibility Measure[J]. Computer Science, 2018, 45(4): 71 -75, 88 .
[2] XIA Qing-xun and ZHUANG Yi. Remote Attestation Mechanism Based on Locality Principle[J]. Computer Science, 2018, 45(4): 148 -151, 162 .
[3] LI Bai-shen, LI Ling-zhi, SUN Yong and ZHU Yan-qin. Intranet Defense Algorithm Based on Pseudo Boosting Decision Tree[J]. Computer Science, 2018, 45(4): 157 -162 .
[4] WANG Huan, ZHANG Yun-feng and ZHANG Yan. Rapid Decision Method for Repairing Sequence Based on CFDs[J]. Computer Science, 2018, 45(3): 311 -316 .
[5] SUN Qi, JIN Yan, HE Kun and XU Ling-xuan. Hybrid Evolutionary Algorithm for Solving Mixed Capacitated General Routing Problem[J]. Computer Science, 2018, 45(4): 76 -82 .
[6] ZHANG Jia-nan and XIAO Ming-yu. Approximation Algorithm for Weighted Mixed Domination Problem[J]. Computer Science, 2018, 45(4): 83 -88 .
[7] WU Jian-hui, HUANG Zhong-xiang, LI Wu, WU Jian-hui, PENG Xin and ZHANG Sheng. Robustness Optimization of Sequence Decision in Urban Road Construction[J]. Computer Science, 2018, 45(4): 89 -93 .
[8] LIU Qin. Study on Data Quality Based on Constraint in Computer Forensics[J]. Computer Science, 2018, 45(4): 169 -172 .
[9] ZHONG Fei and YANG Bin. License Plate Detection Based on Principal Component Analysis Network[J]. Computer Science, 2018, 45(3): 268 -273 .
[10] SHI Wen-jun, WU Ji-gang and LUO Yu-chun. Fast and Efficient Scheduling Algorithms for Mobile Cloud Offloading[J]. Computer Science, 2018, 45(4): 94 -99, 116 .