SAB2: A NOVEL SYSTEM OF MALICIOUS WEBPAGES DETECTION
Nowadays, with the development of web applications, more and more cases of cyber attacks is found through the web, malicious web pages also spread on the Internet. These pages can disguise themselves easily through obfuscation or variation to escape. Furthermore, they also combine with rootkit, which makes the detection even harder. This paper presents a novel system named SAB2, which is a Static Analysis of Browser Behavior (SAB2) detection method for detecting malicious web pages. We can define the normal behavior through static analysis of the browser behavior and compare with the browser behavior visiting a malicious web page, then determine whether a web page is malicious or not. Experimental results demonstrate that our method can identify the abnormal behavior of the Internet Explorer browser and it is able to accurately detect the existence of malicious web pages.
static analysis malicious webpage program behavior system call
Jinxin Zhong Gengyu Wei Dongmei Zhang Yixian Yang
National Engineering Laboratory for Disaster Backup and Recovery,Beijing University of Posts and Tel National Engineering Laboratory for Disaster Backup and Recovery, Beijing University of Posts and Te
国际会议
北京
英文
733-737
2010-10-26(万方平台首次上网日期,不代表论文的发表时间)