Free Online Productivity Tools
i2Speak
i2Symbol
i2OCR
iTex2Img
iWeb2Print
iWeb2Shot
i2Type
iPdf2Split
iPdf2Merge
i2Bopomofo
i2Arabic
i2Style
i2Image
i2PDF
iLatex2Rtf
Sci2ools
ACSAC
2010
IEEE
2010
IEEE
Cujo: efficient detection and prevention of drive-by-download attacks
The JavaScript language is a core component of active and dynamic web content in the Internet today. Besides its great success in enhancing web applications, however, JavaScript provides the basis for so-called drive-by downloads--attacks exploiting vulnerabilities in web browsers and their extensions for unnoticeably downloading malicious software. Due to the diversity and frequent use of obfuscation in these attacks, static code analysis is largely ineffective in practice. While dynamic analysis and honeypots provide means to identify drive-by-download attacks, current approaches induce a significant overhead which renders immediate prevention of attacks intractable. In this paper, we present Cujo, a system for automatic detection and prevention of drive-by-download attacks. Embedded in a web proxy, Cujo transparently inspects web pages and blocks delivery of malicious JavaScript code. Static and dynamic code features are extracted on-the-fly and analysed for malicious patterns usin...
Real-time TrafficACSAC 2010 | Drive-by Downloads | Drive-by-download Attacks | Security Privacy | Static Code Analysis |
Related Content
| Added | 10 Feb 2011 |
| Updated | 10 Feb 2011 |
| Type | Journal |
| Year | 2010 |
| Where | ACSAC |
| Authors | Konrad Rieck, Tammo Krueger, Andreas Dewald |
Comments (0)
Researcher Info
|
