Computer Science

Computer Science ›› 2016, Vol. 43 ›› Issue (8): 110-113.doi: 10.11896/j.issn.1002-137X.2016.08.023

Previous Articles     Next Articles

Study on Web-based Malware Detection Mechanism Based on Behavior and Semantic Analysis

LI Dao-feng, HUANG Fan-ling, LIU Shui-xiang and HUANG An-ni   

  • Online:2018-12-01 Published:2018-12-01

PDF (PC)

884

Abstract: How to improve the detection efficiency of Web malicious code has always been a problem to be solved in the research of Web security issues.A detection mechanism for Web-based malware based on behavior and semantic analysis was proposed to detect vulnerabilities in XSS,ActiveX controls and Web Shellcode in our paper.Behavioral characteristics was extracted and the detection engine was built to realize the correct detection of vulnerabilities in XSS,ActiveX controls and Web Shellcode,and the forensics of Shellcode attacks.Experimental results show that the perfor-mance of the new detection mechanism for Web-based malware has stronger detection ability and lower missing rate.

Key words: Web-based malware,Client attack,Detection,Behavior and semantic analysis

[1] Gu Xiao-dan,Yang Ming,Luo Jun-zhou,et al.Website Fingerprinting Attack Based on Hyperlink Relations[J].Chinese Journal of Computers,2015,8(4):831-845(in Chinese) 顾晓丹,杨明,罗军舟,等.针对SSH匿名流量的网站指纹攻击方法[J].计算机学报,2015,8(4):831-845
[2] Kolbitsch C,Livshits B,Zorn B,et al.Rozzle:De-cloaking internet malware[C]∥2012 IEEE Symposium on Security and Privacy (SP) .IEEE,2012:443-457
[3] Labuschagne W A,Eloff M M.Towards an automated security awareness system in a virtualized environment[C]∥European Conference on Information Warfare and Security.2012:163-171
[4] Lu G,Chadha K,Debray S.A simple client-side defense against environment-dependent web-based malware[C]∥2013 8th International Conference on Malicious and Unwanted Software:“The Americas”(MALWARE).IEEE,2013:124-131
[5] Borgolte K,Kruegel C,Vigna G.Delta:automatic identification of unknown Web-based infection campaigns[C]∥Proceedings of the 2013 ACM SIGSAC Conference on Computer & Communications Security.ACM,2013:109-120
[6] Chang J,Venkatasubramanian K K,West A G,et al.Analyzing and defending against web-based malware[J].ACM Computing Surveys (CSUR),2013,45(4):1-35
[7] Gu B,Zhang W,Bai X,et al.JSGuard:Shellcode Detection inJavaScript[M]∥Security and Privacy in Communication Networks.Springer Berlin Heidelberg,2013:112-130
[8] Khodaverdi J.Enhancing the Effectiveness of Shellcode Detection by New Run-time Heuristics[J].International Journal of Computer Science,2013,3(2):2-11
[9] Zhang Hui-lin,Zou Wei,Han Xin-hui.Drive-by-Download Me-chanisms and defenses[J].Journal of Software,2013,4(4):843-858(in Chinese) 张慧琳,邹维,韩心慧.网页木马机理与防御技术[J].软件学报,2013,4(4):843-858
[10] Invernizzi L,Comparetti P M,Benvenuti S,et al.Evilseed:Aguided approach to finding malicious web pages[C]∥2012 IEEE Symposium on Security and Privacy (SP).IEEE,2012:428-442
[11] Kapravelos A,Shoshitaishvili Y,Cova M,et al.Revolver:AnAutomated Approach to the Detection of Evasive Web-based Malware[C]∥USENIX Security.2013:637-652
[12] Nazario J.PhoneyC:A virtual client honeypot[C]∥Proc.of the 2nd USENIX Workshop on Large-Scale Exploits and Emergent Threats (LEET).Berkeley:USENIX Association,2009
No related articles found!
Viewed
Full text


Abstract

Cited
  Shared   
  Discussed   
No Suggested Reading articles found!
渝ICP备16013121号-4
Add:18# Honghu West Rd., Yubei ,Chongqing,China    Post Code: 401121
Tel: 023-63500828/023-67039612/023-67039623
E-mail: jsjkx12@163.com
Powered by Beijing Magtech Co., Ltd.