1 |
N. Provos, D. McNamee, P. Mavrommatis, K. Wang, and N. Modadugu, "The ghost in the browser analysis of web-based malware," in Proceedings of the 1st Conference on First Workshop on Hot Topics in Understanding Botnets, Cambridge, MA, 2007, pp. 1-9.
|
2 |
European Union Agency for Network and Information Security, "ENISA Threat Landscape 2012", Jan. 2013; https://www.enisa.europa.eu/activities/risk-management/evolving-threat-environment/enisa-threat-landscape/ENISA_Threat_Landscape.
|
3 |
F. Y. Rashid, "Department of labor website hacked to distribute malware," May 2013; http://www.securityweek. com/department-labor-website-hacked-distribute-malware.
|
4 |
J. Pepitone, "NBC hack infects visitors in 'drive by' cyberattack," Feb. 2013; http://money.cnn.com/2013/02/22/technology/security/nbc-com-hacked-malware/.
|
5 |
E. Protalinski, "A first: Hacked sites with Android drive-by download malware," May 2012; http://www.zdnet.com/article/a-first-hacked-sites-with-android-drive-by-download-malware/.
|
6 |
HAURI, "Malware analysis report of NateOn hacking" Aug. 2012; http://eyesray.tistory.com/attachment/cfile10.uf@1615E0564E3DDD17213F95.pdf
|
7 |
G. Cluley, "DarkSeoul: SophosLabs identifies malware used in South Korean internet attack," Mar. 2013; http://nakedsecu rity.sophos.com/2013/03/20/south-korea-cyber-attack.
|
8 |
ASEC, "Malware analysis report using 6.25 DDoS attack," Jun. 2013; http://asec.ahnlab.com/949.
|
9 |
K. Z. Chen, G. Gu, J. Zhuge, J. Nazario, and X. Han, "WebPatrol: automated collection and replay of web-based malware scenarios," in Proceedings of the 6th ACM Symposium on Information, Computer and Communications Security, Hong Kong, 2011, pp. 186-195.
|
10 |
J. Ma, L. K. Saul, S. Savage, and G. M. Voelker, "Identifying suspicious URLs: an application of large-scale online learning," in Proceedings of the 26th Annual International Conference on Machine Learning, Montreal, Canada, 2009, pp. 681-688.
|
11 |
J. Ma, L. K. Saul, S. Savage, and G. M. Voelker, "Beyond blacklists: learning to detect malicious web sites from suspicious URLs," in Proceedings of the 15th ACM SIGKDD International Conference on Knowledge Discovery and Data Mining, Paris, France, 2009, pp. 1245-1254.
|
12 |
N. Provos, P. Mavrommatis, M. A. Rajab, and F. Monrose, "All your iFRAMEs point to us," in Proceedings of 17th USENIX Security Symposium, San Jose, CA, 2008, pp. 1-16.
|
13 |
A. Moshchuk, T. Bragin, D. Deville, S. D. Gribble, and H. M. Levy, "SpyProxy: execution-based detection of malicious web content," in Proceedings of 16th USENIX Security Symposium, Boston, MA, 2007, pp. 1-16.
|
14 |
VirusTotal, [Online]. Available: https://www.virustotal.com/.
|
15 |
M. Cova, C. Kruegel, and G. Vigna, "Detection and analysis of drive-by-download attacks and malicious JavaScript code," in Proceedings of the 19th International Conference on World Wide Web, Raleigh, NC, 2010, pp. 281-290.
|
16 |
B. Genge and C. Enachescu, "ShoVAT: Shodan-based vulnerability assessment tool for Internet-facing services," Security and Communication Networks, 2015. http://dx.doi.org/10.1002/sec.1262.
DOI
|
17 |
B. Genge and C. Enachescu, "Non-intrusive historical assessment of internet-facing services in the internet of things," MACRo, vo. 1, no. 1, pp. 25-36, 2015.
DOI
|
18 |
J. H. Kim, "Understanding of Javascript obfuscation," May 2008; http://image.ahnlab.com/file_upload/tech/javascript.pdf.
|
19 |
S. Y. Choi, I. S. Kang, D. H. Kim, B. N. Noh, and Y. M. Kim, "Multi-level emulation for malware distribution networks analysis," Journal of the Korea Institute of Information Security & Cryptology, vol. 23, no. 6, pp. 1121-1129, 2013.
DOI
|
20 |
SpiderMonkey [Online]. Available: https://developer.mozilla.org/en-US/docs/Mozilla/Projects/SpiderMonkey.
|