Free Online Productivity Tools
i2Speak
i2Symbol
i2OCR
iTex2Img
iWeb2Print
iWeb2Shot
i2Type
iPdf2Split
iPdf2Merge
i2Bopomofo
i2Arabic
i2Style
i2Image
i2PDF
iLatex2Rtf
Sci2ools
WWW
2010
ACM
2010
ACM
Detection and analysis of drive-by-download attacks and malicious JavaScript code
JavaScript is a browser scripting language that allows developers to create sophisticated client-side interfaces for web applications. However, JavaScript code is also used to carry out attacks against the user’s browser and its extensions. These attacks usually result in the download of additional malware that takes complete control of the victim’s platform, and are, therefore, called “drive-by downloads.” Unfortunately, the dynamic nature of the JavaScript language and its tight integration with the browser make it difficult to detect and block malicious JavaScript code. This paper presents a novel approach to the detection and analysis of malicious JavaScript code. Our approach combines anomaly detection with emulation to automatically identify malicious JavaScript code and to support its analysis. We developed a system that uses a number of features and machine-learning techniques to establish the characteristics of normal JavaScript code. Then, during detection, the syst...
Real-time TrafficInternet Technology | JavaScript Code | Malicious Javascript Code | Normal Javascript Code | WWW 2010 |
| Added | 14 May 2010 |
| Updated | 14 May 2010 |
| Type | Conference |
| Year | 2010 |
| Where | WWW |
| Authors | Marco Cova, Christopher Krügel, Giovanni Vigna |
Comments (0)
Researcher Info
|
