Detecting Web Based Attacks Based on Behavior Analysis

Date Issued
2012
Date
2012
Author(s)
Yen, Shin-Chen
URI
Abstract
In computer software, malicious software aimed at undermining computer systems security, or steal data. Transmission is also designed for different purposes and therefore a different attack or spread. In particular, transmission in recent years has been a simple file download spread into the act by Internet browsing. Web surfing web page containing malicious files or malicious hyperlink source. Most of the JavaScript commonly used malicious links. Because that is a common web development languages and enough to hide the link. JavaScript to use the network of malicious attacks, the last truly malicious file is downloaded to the end-host. Under the surveillance of the operating system disguised as a normal file .Finally reached a variety of malicious purposes. Web browser security is normally provided by the operating system and browser with maintenance. In order to provide users with safe browsing environment , as each browser providers to enhance their own security and performance. But the real security vulnerabilities often exist in operating systems and browsers. , such as buffer/Heap overflow . This vulnerability is anti-virus software is difficult to predict and control behavior, must be detected by other means. General anti-virus software detection technology is the stage of downloading the file, using the known sample of the virus signature database to determine whether it is malware, and they had no ability to detect malicious network attacks. Only in the file download to be able to detect when the local side , and finally the resistance and defense. This paper presents a framework for detecting Internet browsing malicious behavior and malicious files, such as providing users a secure Web browsing security. Technically, this architecture provides monitor to browse the contents of the Javascript and suspicious files. When the browser is infected with malicious attacks on web pages, web pages can effectively detect hidden malicious behavior or obscure the malicious file.
Subjects
vulnerability
malware analysis
behavioral detection
signature detection
Shell code
Exploit code
Malvertising
Malware
Type
thesis
File(s)
Loading...
Thumbnail Image
Name

ntu-101-R97943150-1.pdf

Size

23.32 KB

Format

Adobe PDF

Checksum

(MD5):66244005a589c403789f6c86deb11c0a

臺大位居世界頂尖大學之列,為永久珍藏及向國際展現本校豐碩的研究成果及學術能量,圖書館整合機構典藏(NTUR)與學術庫(AH)不同功能平台,成為臺大學術典藏NTU scholars。期能整合研究能量、促進交流合作、保存學術產出、推廣研究成果。

To permanently archive and promote researcher profiles and scholarly works, Library integrates the services of “NTU Repository” with “Academic Hub” to form NTU Scholars.

總館學科館員 (Main Library)
醫學圖書館學科館員 (Medical Library)
社會科學院辜振甫紀念圖書館學科館員 (Social Sciences Library)

開放取用是從使用者角度提升資訊取用性的社會運動,應用在學術研究上是透過將研究著作公開供使用者自由取閱,以促進學術傳播及因應期刊訂購費用逐年攀升。同時可加速研究發展、提升研究影響力,NTU Scholars即為本校的開放取用典藏(OA Archive)平台。(點選深入了解OA)

  • 請確認所上傳的全文是原創的內容,若該文件包含部分內容的版權非匯入者所有,或由第三方贊助與合作完成,請確認該版權所有者及第三方同意提供此授權。
    Please represent that the submission is your original work, and that you have the right to grant the rights to upload.
  • 若欲上傳已出版的全文電子檔,可使用Open policy finder網站查詢,以確認出版單位之版權政策。
    Please use Open policy finder to find a summary of permissions that are normally given as part of each publisher's copyright transfer agreement.

Built with DSpace-CRIS software - Extension maintained and optimized by 4Science