Presentation | 2015-03-03 Link Structural Analysis of Drive-by-Download Attacks Yuji DAIRIKI, Masaki KAMIZONO, Masami MOHRI, Yoshiaki SHIRAISHI, Masakatu MORII, |
---|---|
PDF Download Page | PDF download Page Link |
Abstract(in Japanese) | (See Japanese page) |
Abstract(in English) | In analyzing Drive-byDownload (DBD) attack, it is basic and essential to analysis the link structure through tracking the redirect of the related website in multistage from the entrance site to the infected site with malware. However, construct the Web link structure included in packet captured data is not easy, because the DBD attack has various redirect means. Currently some techniques of tracking redirect are already proposed such as the analysis of HTTP header and HTTP payload described in JavaScript etc. But, all of these techniques are just applied to extract part of the whole link structure included in the communication data. In this paper, depending on combining HTTP header analysis and HTTP content analysis, a system is proposed, which could output the whole link structure. By the simulation using attacked communication data, the proposed system is confirmed to be able to output the link structure including nodes and edges that other techniques could not achieve. |
Keyword(in Japanese) | (See Japanese page) |
Keyword(in English) | Drive-by-Download attack / Web link structure analysis / URL redirect / HTTP header analysis / HTTP contents analysis |
Paper # | ICSS2014-70 |
Date of Issue |
Conference Information | |
Committee | ICSS |
---|---|
Conference Date | 2015/2/24(1days) |
Place (in Japanese) | (See Japanese page) |
Place (in English) | |
Topics (in Japanese) | (See Japanese page) |
Topics (in English) | |
Chair | |
Vice Chair | |
Secretary | |
Assistant |
Paper Information | |
Registration To | Information and Communication System Security (ICSS) |
---|---|
Language | JPN |
Title (in Japanese) | (See Japanese page) |
Sub Title (in Japanese) | (See Japanese page) |
Title (in English) | Link Structural Analysis of Drive-by-Download Attacks |
Sub Title (in English) | |
Keyword(1) | Drive-by-Download attack |
Keyword(2) | Web link structure analysis |
Keyword(3) | URL redirect |
Keyword(4) | HTTP header analysis |
Keyword(5) | HTTP contents analysis |
1st Author's Name | Yuji DAIRIKI |
1st Author's Affiliation | Graduate School of Engineering, Kobe University() |
2nd Author's Name | Masaki KAMIZONO |
2nd Author's Affiliation | Secure Brain, Corp. |
3rd Author's Name | Masami MOHRI |
3rd Author's Affiliation | Information and Multimedia Center, Gifu University |
4th Author's Name | Yoshiaki SHIRAISHI |
4th Author's Affiliation | Graduate School of Engineering, Kobe University |
5th Author's Name | Masakatu MORII |
5th Author's Affiliation | Graduate School of Engineering, Kobe University |
Date | 2015-03-03 |
Paper # | ICSS2014-70 |
Volume (vol) | vol.114 |
Number (no) | 489 |
Page | pp.pp.- |
#Pages | 6 |
Date of Issue |