Sciweavers

ACSAC
2009
IEEE

Analyzing and Detecting Malicious Flash Advertisements

14 years 7 months ago
Analyzing and Detecting Malicious Flash Advertisements
—The amount of dynamic content on the web has been steadily increasing. Scripting languages such as JavaScript and browser extensions such as Adobe’s Flash have been instrumental in creating web-based interfaces that are similar to those of traditional applications. Dynamic content has also become popular in advertising, where Flash is used to create rich, interactive ads that are displayed on hundreds of millions of computers per day. Unfortunately, the success of Flashbased advertisements and applications attracted the attention of malware authors, who started to leverage Flash to deliver attacks through advertising networks. This paper presents a novel approach whose goal is to automate the analysis of Flash content to identify malicious behavior. We designed and implemented a tool based on the approach, and we tested it on a large corpus of real-world Flash advertisements. The results show that our tool is able to reliably detect malicious Flash ads with limited false positives...
Sean Ford, Marco Cova, Christopher Kruegel, Giovan
Added 18 May 2010
Updated 18 May 2010
Type Conference
Year 2009
Where ACSAC
Authors Sean Ford, Marco Cova, Christopher Kruegel, Giovanni Vigna
Comments (0)