Browse > Article
http://dx.doi.org/10.13089/JKIISC.2011.21.3.89

A Study on Minimizing Infection of Web-based Malware through Distributed & Dynamic Detection Method of Malicious Websites  

Shin, Hwa-Su (Korea Internet & Security Agency)
Moon, Jong-Sub (Korea University)
Publication Information
Journal of the Korea Institute of Information Security & Cryptology / v.21, no.3, 2011 , pp. 89-100 More about this Journal
Abstract
As the Internet usage with web browser is more increasing, the web-based malware which is distributed in websites is going to more serious problem than ever. The central type malicious website detection method based on crawling has the problem that the cost of detection is increasing geometrically if the crawling level is lowered more. In this paper, we proposed a security tool based on web browser which can detect the malicious web pages dynamically and support user's safe web browsing by stopping navigation to a certain malicious URL injected to those web pages. By applying these tools with many distributed web browser users, all those users get to participate in malicious website detection and feedback. As a result, we can detect the lower link level of websites distributed and dynamically.
Keywords
Web-based Malware; Distributed & Dynamic Detection; Webcheck Program; Javascript Deobfuscation;
Citations & Related Records
연도 인용수 순위
  • Reference
1 한국인터넷진흥원, "2009 정보시스템 해킹.바이러스 현황 및 대응," 연구보고서 KISA-RP- 2009-0014, pp. 63-66, 2009.
2 Niels Provos, Dean McNamee, and Panayiotis Mavrommatis, "The ghost in the browser analysis of web-based malware," Proceedings of the first conference on First Workshop on Hot Topics in Understanding Botnets, pp. 3-7, 2007.
3 World Internet Usage Statistics News and World Population, http://www.internetworldstats.com/stats.htm, 2010
4 Billy Hoffman, "Circumventing Automated JavaScript Analysis Tools," Black Hat USA, pp. 40-48, 2008.
5 심원태, "악성코드 은닉사이트 탐지시스템 개발과 운영 (MCFinder)," 제11회 정보보호 심포지움 SIS, pp. 13-16, 2006.
6 Microsoft. InternetExplorer Object, http://msdn.microsoft.com/en-us/library/aa752084(VS.85).aspx
7 Microsoft. Microsoft Security Advisory (961051), http://www.microsoft.com/technet/security/advisory/961051.mspx
8 한국인터넷진흥원, "웹사이트 보안수준 확인 시스템 구축을 위한 사전 연구," 연구보고서 KISA- WP-2007-0029, pp.35-37, 2007.
9 Zhi-Yong Li, Ran Tao, and Zhen-He Cai, "A Web Page Malicious Code Detect Approach Based on Script Execution," Natural Computation, pp. 308-310, 2009.
10 Free Javascript Obfuscator, http://www. javascriptobfuscator.com/Default.aspx
11 Ben Feinstein, Daniel Peck, "Caffeine Monkey: Automated Collection, Detection and Analysis of Malicious JavaScript,," Black Hat USA, 2007.