Return to search

Malicious Web Page Detection Based on Anomaly Behavior

Because of the convenience of the Internet, we rely closely on the Internet to do information searching and sharing, forum discussion, and online services. However, most of the websites we visit are developed by people with limited security knowledge, and this condition results in many vulnerabilities in web applications. Unfortunately, hackers have successfully taken advantage of these vulnerabilities to inject malicious JavaScript into compromised web pages to trigger drive-by download attacks.
Based on our long time observation of malicious web pages, malicious web pages have unusual behavior for evading detection which makes malicious web pages different form normal ones. Therefore, we propose a client-side malicious web page detection mechanism named Web Page Checker (WPC) which is based on anomaly behavior tracing and analyzing to identify malicious web pages. The experimental results show that our method can identify malicious web pages and alarm the website visitors efficiently.

Identiferoai:union.ndltd.org:NSYSU/oai:NSYSU:etd-0204109-163602
Date04 February 2009
CreatorsTsai, Wan-yi
ContributorsD. J. Guan, Chia-Mei Chen, Sheng-Tzong Cheng, Bingchiang Jeng
PublisherNSYSU
Source SetsNSYSU Electronic Thesis and Dissertation Archive
LanguageEnglish
Detected LanguageEnglish
Typetext
Formatapplication/pdf
Sourcehttp://etd.lib.nsysu.edu.tw/ETD-db/ETD-search/view_etd?URN=etd-0204109-163602
Rightscampus_withheld, Copyright information available at source archive

Page generated in 0.0014 seconds