论文信息 - Information Security Applications

Information Security Applications

Malicious webpages are a prevalent and severe threat in the Internet security landscape. This fact has motivated numerous static and dynamic techniques to alleviate such threat. Building on this existing literature, this work introduces the design and evaluation of ADAM, a system that uses machine-learning over network metadata derived from the sandboxed execution of webpage content. ADAM aims at detecting malicious webpages and identifying the type of vulnerability using simple set of features as well. Machine-trained models are not novel in this problem space. Instead, it is the dynamic network artifacts (and their subsequent feature representations) collected during rendering that are the greatest contribution of this work. Using a real-world operational dataset that includes different type of malice behavior, our results show that dynamic cheap network artifacts can be used effectively to detect most types of vulnerabilities achieving an accuracy reaching 96 %. The system was also able to identify the type of a detected vulnerability with high accuracy achieving an exact match in 91 % of the cases. We identify the main vulnerabilities that require improvement, and suggest directions to extend this work to practical contexts.

[1] Erich Wenger,et al. Fast Multi-precision Multiplication for Public-Key Cryptography on Embedded Microprocessors , 2011, CHES.

[2] P. L. Montgomery. Modular multiplication without trial division , 1985 .

[3] Ilya Kizhvatov,et al. Efficient and Side-Channel Resistant RSA Implementation for 8-bit AVR Microcontrollers , 2010 .

[4] Paul G. Comba,et al. Exponentiation Cryptosystems on the IBM PC , 1990, IBM Syst. J..

[5] Hans Eberle,et al. Comparing Elliptic Curve Cryptography and RSA on 8-bit CPUs , 2004, CHES.

[6] C. D. Walter,et al. Distinguishing Exponent Digits by Observing Modular Subtractions , 2001, CT-RSA.

[7] Adi Shamir,et al. A method for obtaining digital signatures and public-key cryptosystems , 1978, CACM.

[8] René Mayrhofer,et al. Shake Well Before Use: Authentication Based on Accelerometer Data , 2007, Pervasive.

[9] Brent Waters,et al. Efficient Identity-Based Encryption Without Random Oracles , 2005, EUROCRYPT.

[10] Alfred Menezes,et al. Guide to Elliptic Curve Cryptography , 2004, Springer Professional Computing.

[11] M. Scott. Implementing cryptographic pairings , 2007 .

[12] Manuel Koschuch,et al. Smart Elliptic Curve Cryptography for Smart Dust , 2010, QSHINE.

[13] Tolga Acar,et al. Analyzing and comparing Montgomery multiplication algorithms , 1996, IEEE Micro.