| Presentation | 2015-03-03 Implementation and evaluation of Drive by Download Attack detection using the features of the obfuscation Hirotaka FUJIWARA, Gregory BLANC, Hiroaki HAZEYAMA, Takuji IIMURA, Youki KADOBAYASHI, |
|---|---|
| PDF Download Page |  PDF download Page Link |
| Abstract(in Japanese) | (See Japanese page) |
| Abstract(in English) | Drive-by download attacks usually redirect a user to a malicious webpage where vulnerabilities in a browser or in browser plugins are exploited in order to force the download of a malware. This research presents and evaluates a detection method against drive-by download attacks. The proposed method focusces on the transformation of strings that is the characteristics of the obfuscation. The proposed method employs obfuscated domain information of JavaScript as a trigger to detect drive-by download attack. The browser plug-in implemenation of the proposed method was able to detect obfuscated redirection correctly with 50% true positives, while it showed 53% false positives against legitimate sites. |
| Keyword(in Japanese) | (See Japanese page) |
| Keyword(in English) | Drive-by Download Attack / Obfuscation / JavaScript |
| Paper # | ICSS2014-71 |
| Date of Issue |
| Conference Information | |
| Committee | ICSS |
|---|---|
| Conference Date | 2015/2/24(1days) |
| Place (in Japanese) | (See Japanese page) |
| Place (in English) | |
| Topics (in Japanese) | (See Japanese page) |
| Topics (in English) | |
| Chair | |
| Vice Chair | |
| Secretary | |
| Assistant | |
| Paper Information | |
| Registration To | Information and Communication System Security (ICSS) |
|---|---|
| Language | JPN |
| Title (in Japanese) | (See Japanese page) |
| Sub Title (in Japanese) | (See Japanese page) |
| Title (in English) | Implementation and evaluation of Drive by Download Attack detection using the features of the obfuscation |
| Sub Title (in English) | |
| Keyword(1) | Drive-by Download Attack |
| Keyword(2) | Obfuscation |
| Keyword(3) | JavaScript |
| 1st Author's Name | Hirotaka FUJIWARA |
| 1st Author's Affiliation | Graduate School of Information Science, Nara Institute of Science and Technology() |
| 2nd Author's Name | Gregory BLANC |
| 2nd Author's Affiliation | Institut Mines-Telecom, Telecom Sud Paris, FranceInstitut Mines-Telecom, Telecom SudParis |
| 3rd Author's Name | Hiroaki HAZEYAMA |
| 3rd Author's Affiliation | Graduate School of Information Science, Nara Institute of Science and Technology |
| 4th Author's Name | Takuji IIMURA |
| 4th Author's Affiliation | / Graduate School of Information Science, Nara Institute of Science and Technology |
| 5th Author's Name | Youki KADOBAYASHI |
| 5th Author's Affiliation | |
| Date | 2015-03-03 |
| Paper # | ICSS2014-71 |
| Volume (vol) | vol.114 |
| Number (no) | 489 |
| Page | pp.pp.- |
| #Pages | 6 |
| Date of Issue | |