Paper Abstract and Keywords |
Presentation |
2014-11-28 10:45
A Study of Drive by Download Attack detection using the features of the obfuscation Hirotaka Fujiwara (NAIST), Gregory Blanc (TSP), Hiroaki Hazeyama, Youki Kadobayashi (NAIST) ICSS2014-60 |
Abstract |
(in Japanese) |
(See Japanese page) |
(in English) |
Drive-by download attacks usually redirect a user to a malicious webpage where vulnerabilities in the browser or its plugins are exploited in order to force the download of a malware. When such attack is planted in an advertisement frame used by legitimate sites, the efficiency of the attack is greatly increased. In this research, we surveyed obfuscation features such as the length of obfuscated script lines or the occurrence of specific characters, in particular characteristic differences between legitimate and malicious uses of obfuscation, the latter being a method to evade detection. Finally, we present a method to detect drive-by download attacks by combining obfuscation features with domain name information. |
Keyword |
(in Japanese) |
(See Japanese page) |
(in English) |
Drive-by Download Attack / Obfuscation / JavaScript / / / / / |
Reference Info. |
IEICE Tech. Rep., vol. 114, no. 340, ICSS2014-60, pp. 55-60, Nov. 2014. |
Paper # |
ICSS2014-60 |
Date of Issue |
2014-11-20 (ICSS) |
ISSN |
Print edition: ISSN 0913-5685 Online edition: ISSN 2432-6380 |
Copyright and reproduction |
All rights are reserved and no part of this publication may be reproduced or transmitted in any form or by any means, electronic or mechanical, including photocopy, recording, or any information storage and retrieval system, without permission in writing from the publisher. Notwithstanding, instructors are permitted to photocopy isolated articles for noncommercial classroom use without fee. (License No.: 10GA0019/12GB0052/13GB0056/17GB0034/18GB0034) |
Download PDF |
ICSS2014-60 |
Conference Information |
Committee |
ICSS |
Conference Date |
2014-11-27 - 2014-11-28 |
Place (in Japanese) |
(See Japanese page) |
Place (in English) |
Tohoku Gakuin University (Tagajo Campus) |
Topics (in Japanese) |
(See Japanese page) |
Topics (in English) |
Control System Security, Informatin and Communication System Security, etc. |
Paper Information |
Registration To |
ICSS |
Conference Code |
2014-11-ICSS |
Language |
Japanese |
Title (in Japanese) |
(See Japanese page) |
Sub Title (in Japanese) |
(See Japanese page) |
Title (in English) |
A Study of Drive by Download Attack detection using the features of the obfuscation |
Sub Title (in English) |
|
Keyword(1) |
Drive-by Download Attack |
Keyword(2) |
Obfuscation |
Keyword(3) |
JavaScript |
Keyword(4) |
|
Keyword(5) |
|
Keyword(6) |
|
Keyword(7) |
|
Keyword(8) |
|
1st Author's Name |
Hirotaka Fujiwara |
1st Author's Affiliation |
Nara Institute of Science and Technology (NAIST) |
2nd Author's Name |
Gregory Blanc |
2nd Author's Affiliation |
Institut Mines-Telecom, Telecom SudParis (TSP) |
3rd Author's Name |
Hiroaki Hazeyama |
3rd Author's Affiliation |
Nara Institute of Science and Technology (NAIST) |
4th Author's Name |
Youki Kadobayashi |
4th Author's Affiliation |
Nara Institute of Science and Technology (NAIST) |
5th Author's Name |
|
5th Author's Affiliation |
() |
6th Author's Name |
|
6th Author's Affiliation |
() |
7th Author's Name |
|
7th Author's Affiliation |
() |
8th Author's Name |
|
8th Author's Affiliation |
() |
9th Author's Name |
|
9th Author's Affiliation |
() |
10th Author's Name |
|
10th Author's Affiliation |
() |
11th Author's Name |
|
11th Author's Affiliation |
() |
12th Author's Name |
|
12th Author's Affiliation |
() |
13th Author's Name |
|
13th Author's Affiliation |
() |
14th Author's Name |
|
14th Author's Affiliation |
() |
15th Author's Name |
|
15th Author's Affiliation |
() |
16th Author's Name |
|
16th Author's Affiliation |
() |
17th Author's Name |
|
17th Author's Affiliation |
() |
18th Author's Name |
|
18th Author's Affiliation |
() |
19th Author's Name |
|
19th Author's Affiliation |
() |
20th Author's Name |
|
20th Author's Affiliation |
() |
Speaker |
Author-1 |
Date Time |
2014-11-28 10:45:00 |
Presentation Time |
25 minutes |
Registration for |
ICSS |
Paper # |
ICSS2014-60 |
Volume (vol) |
vol.114 |
Number (no) |
no.340 |
Page |
pp.55-60 |
#Pages |
6 |
Date of Issue |
2014-11-20 (ICSS) |
|