Using HTML5 to prevent detection of drive-by-download web malware
暂无分享,去创建一个
[1] Yi-Chun Yeh,et al. BrowserGuard: A Behavior-Based Solution to Drive-by-Download Attacks , 2011, IEEE Journal on Selected Areas in Communications.
[2] Angelos Stavrou,et al. PyTrigger: A System to Trigger & Extract User-Activated Malware Behavior , 2013, 2013 International Conference on Availability, Reliability and Security.
[3] Benjamin G. Zorn,et al. Zozzle: Low-overhead Mostly Static JavaScript Malware Detection , 2010 .
[4] Dong Hoon Lee,et al. JsSandbox: A Framework for Analyzing the Behavior of Malicious JavaScript Code using Internal Function Hooking , 2012, KSII Trans. Internet Inf. Syst..
[5] Christopher Krügel,et al. Mitigating Drive-By Download Attacks: Challenges and Open Problems , 2009, iNetSeC.
[6] J. Shane Culpepper,et al. Efficient and effective realtime prediction of drive-by download attacks , 2014, J. Netw. Comput. Appl..
[7] Zhenkai Liang,et al. Automatically Identifying Trigger-based Behavior in Malware , 2008, Botnet Detection.
[8] James Newsome,et al. Dynamic Taint Analysis for Automatic Detection, Analysis, and SignatureGeneration of Exploits on Commodity Software , 2005, NDSS.
[9] Christopher Krügel,et al. Detection and analysis of drive-by-download attacks and malicious JavaScript code , 2010, WWW '10.
[10] Zhenkai Liang,et al. Heap Taichi: exploiting memory allocation granularity in heap-spraying attacks , 2010, ACSAC '10.
[11] Christopher Krügel,et al. A survey on automated dynamic malware-analysis techniques and tools , 2012, CSUR.
[12] Benjamin Livshits,et al. Rozzle: De-cloaking Internet Malware , 2012, 2012 IEEE Symposium on Security and Privacy.
[13] Benjamin Livshits,et al. NOZZLE: A Defense Against Heap-spraying Code Injection Attacks , 2009, USENIX Security Symposium.
[14] Jose Nazario,et al. PhoneyC: A Virtual Client Honeypot , 2009, LEET.
[15] Martin Roesch,et al. Snort - Lightweight Intrusion Detection for Networks , 1999 .
[16] Eunjin Jung,et al. Obfuscated malicious javascript detection using classification techniques , 2009, 2009 4th International Conference on Malicious and Unwanted Software (MALWARE).
[17] Giovanni Vigna,et al. Prophiler: a fast filter for the large-scale detection of malicious web pages , 2011, WWW.
[18] Wenke Lee,et al. ARROW: GenerAting SignatuRes to Detect DRive-By DOWnloads , 2011, WWW.
[19] Christopher Krügel,et al. Escape from Monkey Island: Evading High-Interaction Honeyclients , 2011, DIMVA.
[20] P. Saxena,et al. The Emperor ’ s New APIs : On the ( In ) Secure Usage of New Client-side Primitives , 2010 .
[21] Thorsten Holz,et al. IceShield: Detection and Mitigation of Malicious Websites with a Frozen DOM , 2011, RAID.
[22] Andreas Dewald,et al. Cujo: efficient detection and prevention of drive-by-download attacks , 2010, ACSAC '10.
[23] Vinod Yegneswaran,et al. BLADE: an attack-agnostic approach for preventing drive-by malware infections , 2010, CCS '10.
[24] Hovav Shacham,et al. On the effectiveness of address-space randomization , 2004, CCS '04.
[25] Alexander Aiken,et al. Understanding the behavior of database operations under program control , 2012, OOPSLA '12.
[26] Aarti Gupta,et al. DTAM: dynamic taint analysis of multi-threaded programs for relevancy , 2012, SIGSOFT FSE.
[27] Wouter Joosen,et al. BuBBle: A Javascript Engine Level Countermeasure against Heap-Spraying Attacks , 2010, ESSoS.
[28] Laurent Mounier,et al. Offline taint prediction for multi-threaded applications. , 2013 .
[29] Christopher Krügel,et al. Pixy: a static analysis tool for detecting Web application vulnerabilities , 2006, 2006 IEEE Symposium on Security and Privacy (S&P'06).