Automatic Detection System of Web-based Malware for Management-type SaaS
In management-type SaaS, user must be permitted to submit tenants business data on the SPs server, which may be embedded by the web-based malware. In this paper, we propose the automatic detecting method of web-based malware based on behavior analysis, which can make sure to meet the SLA by detecting the web-based malware actively. First, tenants update is downloaded to the bastion host by the web crawler. Second, it detect the behavior that tenants update is opened by IE. In order to break the malicious behavior during detecting, the IE has been injected in the DLL. Last, if the sensitive operations happen, the URL is appended to the malicious address database, and at same time the system administrator is informed by the SMS. The result of test is shown that our method can detect the web-based malware accurately. It helps to improve the service level of the management-type SaaS.
Management-type SaaS Web Crawler Behavior Analysis Web-based Malware
Jing Xu He Dongjian Zan Linsen Li Jianliang Yao Wang
College of Mechanical and Electronic Engineering,Northwest A&F University,China College of Informati College of Mechanical and Electronic Engineering,Northwest A&F University,China College of Animal Science and Technology,Northwest A&F University,China College of Information Engineering,Northwest A&F University,China
国际会议
2010 International Conference on Material and Manufacturing Technology(2010材料与制造技术国际会议 ICMMT2010)
重庆
英文
670-674
2010-09-17(万方平台首次上网日期,不代表论文的发表时间)