| Presentation | 2014-11-28 A Study of Drive by Download Attack detection using the features of the obfuscation Hirotaka FUJIWARA, Gregory BLANC, Hiroaki HAZEYAMA, Youki KADOBAYASHI, |
|---|---|
| PDF Download Page |  PDF download Page Link |
| Abstract(in Japanese) | (See Japanese page) |
| Abstract(in English) | Drive-by download attacks usually redirect a user to a malicious webpage where vulnerabilities in the browser or its plugins are exploited in order to force the download of a malware. When such attack is planted in an advertisement frame used by legitimate sites, the efficiency of the attack is greatly increased. In this research, we surveyed obfuscation features such as the length of obfuscated script lines or the occurrence of specific characters, in particular characteristic differences between legitimate and malicious uses of obfuscation, the latter being a method to evade detection. Finally, we present a method to detect drive-by download attacks by combining obfuscation features with domain name information. |
| Keyword(in Japanese) | (See Japanese page) |
| Keyword(in English) | Drive-by Download Attack / Obfuscation / JavaScript |
| Paper # | ICSS2014-60 |
| Date of Issue |
| Conference Information | |
| Committee | ICSS |
|---|---|
| Conference Date | 2014/11/20(1days) |
| Place (in Japanese) | (See Japanese page) |
| Place (in English) | |
| Topics (in Japanese) | (See Japanese page) |
| Topics (in English) | |
| Chair | |
| Vice Chair | |
| Secretary | |
| Assistant | |
| Paper Information | |
| Registration To | Information and Communication System Security (ICSS) |
|---|---|
| Language | JPN |
| Title (in Japanese) | (See Japanese page) |
| Sub Title (in Japanese) | (See Japanese page) |
| Title (in English) | A Study of Drive by Download Attack detection using the features of the obfuscation |
| Sub Title (in English) | |
| Keyword(1) | Drive-by Download Attack |
| Keyword(2) | Obfuscation |
| Keyword(3) | JavaScript |
| 1st Author's Name | Hirotaka FUJIWARA |
| 1st Author's Affiliation | Graduate School of Information Science, Nara Institute of Science and Technology() |
| 2nd Author's Name | Gregory BLANC |
| 2nd Author's Affiliation | Institut Mines-Telecom, Telecom SudParis |
| 3rd Author's Name | Hiroaki HAZEYAMA |
| 3rd Author's Affiliation | Graduate School of Information Science, Nara Institute of Science and Technology |
| 4th Author's Name | Youki KADOBAYASHI |
| 4th Author's Affiliation | Graduate School of Information Science, Nara Institute of Science and Technology |
| Date | 2014-11-28 |
| Paper # | ICSS2014-60 |
| Volume (vol) | vol.114 |
| Number (no) | 340 |
| Page | pp.pp.- |
| #Pages | 6 |
| Date of Issue | |