Free Online Productivity Tools
i2Speak
i2Symbol
i2OCR
iTex2Img
iWeb2Print
iWeb2Shot
i2Type
iPdf2Split
iPdf2Merge
i2Bopomofo
i2Arabic
i2Style
i2Image
i2PDF
iLatex2Rtf
Sci2ools
Publication
ADSandbox: sandboxing JavaScript to fight malicious websites
We present ADSandbox, an analysis system for malicious websites that focusses on detecting attacks through JavaScript. Since, in contrast to Java, JavaScript does not have any built-in sandbox concept, the idea is to execute any embedded JavaScript within an isolated environment and log every critical action. Using heuristics on these logs, ADSandbox decides whether the site is malicious or not. In contrast to previous work, this approach combines generality with usability, since the system is executed directly on the client running the web browser before the web page is displayed. We show that we can achieve false positive rates close to 0% and false negative rates below 15% with a performance overhead of only a few seconds, what is a bit high for real time application, but supposes a great potential for future versions of our tool. Categories and Subject Descriptors C.2.0 [Computer-Communication Networks]: General-Security and Protection; K.6.5 [Management of Computing and Informati...
Real-time TrafficApplied Computing | Approach Combines Generality | Built-in Sandbox Concept | Malicious Websites | SAC 2010 |
| Added | 19 Oct 2010 |
| Updated | 19 Oct 2010 |
| Type | Conference |
| Year | 2010 |
| Where | SAC |
| Authors | Andreas Dewald, Thorsten Holz, Felix C. Freiling |
Comments (0)
Researcher Info
|
