Detection of malicious web pages based on hybrid analysis

被引：19

作者：

Wang, Rong ^{[1
]}

Zhu, Yan ^{[1
]}

Tan, Jiefan ^{[1
]}

Zhou, Binbin ^{[1
]}

机构：

[1] Southwest Jiaotong Univ, Sch Informat Sci & Technol, Chengdu, Sichuan, Peoples R China

来源：

JOURNAL OF INFORMATION SECURITY AND APPLICATIONS | 2017年 / 35卷

关键词：

Malicious web page; Hybrid analysis; !text type='Java']Java[!/text]Script interpretation; Shellcode detection;

D O I：

10.1016/j.jisa.2017.05.008

中图分类号：

TP [自动化技术、计算机技术];

学科分类号：

0812 ;

摘要：

Malicious web pages have become an increasingly serious threat to web security in recent years. In this paper, we propose a new detection method that consists of static and dynamic analyses for detecting malicious web pages. Static analysis utilizes classification algorithms in machine learning to identify certain benign and malicious web pages. As a complement to static analysis, dynamic analysis mainly checks the unknown web pages to determine whether they have malicious shellcodes during their execution. Because of the combination of static and dynamic analyses, the proposed detection method achieves high performance, and it has a light weight and is simple to use. (C) 2017 Elsevier Ltd. All rights reserved.

引用

页码：68 / 74

页数：7

共 50 条

[1] Effective Analysis, Characterization, and Detection of Malicious Web Pages
Eshete, Birhanu
[J]. PROCEEDINGS OF THE 22ND INTERNATIONAL CONFERENCE ON WORLD WIDE WEB (WWW'13 COMPANION), 2013, : 355 - 359
[2] Malicious Web Pages Detection Based on Abnormal Visibility Recognition
Liang, Bin
Huang, Jianjun
Liu, Fang
Wang, Dawei
Dong, Daxiang
Liang, Zhaohui
[J]. 2009 INTERNATIONAL CONFERENCE ON E-BUSINESS AND INFORMATION SYSTEM SECURITY, VOLS 1 AND 2, 2009, : 6 - 10
[3] EINSPECT: Evolution-Guided Analysis and Detection of Malicious Web Pages
Eshete, Birhanu
Villafiorita, Adolfo
Weldemariam, Komminist
Zulkernine, Mohammad
[J]. 2013 IEEE 37TH ANNUAL COMPUTER SOFTWARE AND APPLICATIONS CONFERENCE (COMPSAC), 2013, : 375 - 380
[4] Detection of Malicious Web Pages Using System Calls Sequences
Canfora, Gerardo
Medvet, Eric
Mercaldo, Francesco
Visaggio, Corrado Aaron
[J]. AVAILABILITY, RELIABILITY, AND SECURITY IN INFORMATION SYSTEMS, 2014, 8708 : 226 - +
[5] Detection Method of WEB Malicious Code based on Link Analysis
Lu Zhiyong
Sui Sai
Huang Chengdong
Wang Xueyu
[J]. 2016 INTERNATIONAL SYMPOSIUM ON COMPUTER, CONSUMER AND CONTROL (IS3C), 2016, : 511 - 514
[6] Identification of Malicious Web Pages Through Analysis of Underlying DNS and Web Server Relationships
Seifert, Christian
Welch, Ian
Komisarczuk, Peter
Aval, Chiraag Uday
Endicott-Popovsky, Barbara
[J]. 2008 IEEE 33RD CONFERENCE ON LOCAL COMPUTER NETWORKS, VOLS 1 AND 2, 2008, : 910 - +
[7] The Scheme of Detecting Encoded Malicious Web Pages Based on Information Entropy
Liang, Shuang
Ma, Yong
Huang, Yanyu
Guo, Jia
Jia, Chunfu
[J]. 2016 10TH INTERNATIONAL CONFERENCE ON INNOVATIVE MOBILE AND INTERNET SERVICES IN UBIQUITOUS COMPUTING (IMIS), 2016, : 310 - 312
[8] An ensemble algorithm for discovery of malicious web pages
Sajedi, Hedieh
[J]. International Journal of Information and Computer Security, 2019, 11 (03): : 203 - 213
[9] Identification of Malicious Web Pages by Inductive Learning
Liu, Peishun
Wang, Xuefang
[J]. WEB INFORMATION SYSTEMS AND MINING, PROCEEDINGS, 2009, 5854 : 448 - +
[10] Identification of Malicious Web Pages with Static Heuristics
Seifert, Christian
Welch, Ian
Komisarczuk, Peter
[J]. ATNAC: 2008 AUSTRALASIAN TELECOMMUNICATION NETWOKS AND APPLICATIONS CONFERENCE, 2008, : 91 - 96

← 1 2 3 4 5 →